Slashdot Mirror
Linux the Tortoise to Microsoft's Hare?
LukePieStalker writes "TheStreet.com is running a story by Ronna Abramson that makes a case for Linux cutting into Microsoft's server business and forcing Redmond to trim margins. A particular vulnerability is seen in overseas markets, but the heat should be turned up everywhere once Unix replacements are pretty far along by then end of next year. A quote from one CTO: [Linux is] "going to force Microsoft to spend more time on security and stability, and less time on adding new features.""
The penguin and the....uh.... abstract looking stylized flying window?
The mascot coolness factor alone makes Linux a superior competitor!
"Backups are for wimps. Real men upload their data to an FTP site and have everyone else mirror it." -- Linus Torvalds
Linux is worked on LOADS more than Windows, so how can it be a 'Tortoise to Microsoft's Hare'?
When anger rises, think of the consequences.
Confucius (551 BC - 479 BC)
No matter how many security researchers Microsoft get to look at their source there will always be more looking at linux. The reason: It's open source..
Microsoft can't compete against that so I suspect they'll lose their % of the server market quite rapidly in the next two years.
Simon.
... explain this title to me...is the implication that Linux is slow at innovating or something? Or are they focusing on the 'steady' part from the old fable? The analogy doesn't quite seem to fit since Linux is both 'fast' and 'steady'...Besides Microsoft could be better anologized to a 'retarded turtle' that is both slow and disoriented/unfocused whereas linux is much more like a determined 'rabbit' which is both 'fast' and steady/focused.
Some may not agree with me on the 'focused' point but that's ok, they probably are using the 'retarded turtle' anyways.
Even if I knew that tomorrow the world would go to pieces, I would still plant my apple tree. -Martin Luther
More security and stability? You're kidding right? Why would anyone want that in a server? Silly Linux forcing Microsoft to do jump through such unecessary hoops.
give me a break... the only reason microsoft may be a little damp from linux is because the tsunami has already passed by. microsoft is being left behind by linux and the hippies.
We've known since 1998 that Linux has server headway. Microsoft knows this too. They know they have to work on security (hence what's coming in SP2 and later on, Longhorn).
Summary of article--Linux is a good server, Microsoft has to make Windows more secure to compete (this despite the fact Linux was shown to be the most vulnerable OS on the net according to an article Slashdot posted a few months ago).
"Sufferin' succotash."
"Slow and steady wins the race"?
Sheesh. Don't people read Aesop any more?
Dlugar
Computer Go: Writing Software to Play the Ancient Game of Go
and Mac OS X is a panther, it can kill both of those.
What? And part with tradition?
Would this mean the new Microsoft ad taglines would be "Now, more secure and stable than ever!"
I can't see that, since they've already played that card and anyone with a lick of sense has seen the results. More likely they'll just trim their profit margins, try to lock down proprietary technology (to bar Linux from having it) and continue to spin marketspeak.
A feeling of having made the same mistake before: Deja Foobar
[Linux is] "going to force Microsoft to spend more time on security and stability, and less time on adding new features."
Not specifically linux, but the market. ANYONE who had come along providing that focus with good functionality would have had the same effect. Linux has rewritten a few rules with the GPL and the way the beast is created and mantained, but ultimately the reason why the market has accepted those is because they provide greater security and greater stability.
Microsoft would have also focused there if they had tried to meet their user's demands instead of telling them they should meet Microsoft's goals.
---- Take the Space Quiz!
Microsoft: Release First Patch Often
Linux: Release when stablish and patch when needed
Well IMHO anyway
Rus
Cheap UK and US VPS
This is a good start
Haryana(State in India) signs pact with Sun Microsystems
The Haryana government has signed a memorandum of understanding (MoU) with Sun Microsystems to adopt open source office productivity tool, the StarOffice 7, for departments and educational institutions.
Linux may carve out bigger niche in desktop PC market
On Feb. 4, it announced the sale of 10,000 copies of its StarOffice desktop suite to United India Insurance, one of India's largest insurers. StarOffice can run on Windows or Linux desktop PCs. Sun aims next to persuade United India to replace 10,000 Windows PCs with Linux-based Java Desktop PCs.
"They're not at all important in the next quarter," Lundstrom said. But "20 years from now, the global center of the software industry will be Asia."
I bet MSFT pays damned close attention to that line right there. Problem is, Asia is already more in love with Linux than nearly anywhere else on the planet, and that may be Linux' ultimate success... and MSFT's ultimate source of destruction.
Quo usque tandem abutere, Nimbus, patientia nostra?
For Microsoft, security and stability will be new features.
There are rabbits everywhere. Most tortoises are endangered species.
:::putting on flame-proof suit:::
Microsoft is an enormous innovator and will innovate in some manner to push back the threat of *nix. In fact, they may be one of the greatest innovators in the history of tech companies. They're just not innovating in an altruistic, philanthropic or technical way that most /. readers relate to.
From a business perspective, strategic marketing and business practices can and should be part of the innovation mix. If I'm Microsoft can package technology in such a way that it maximizes uptake, positions it as the de facto standard in the marketplace and raises the cost of entry for competitors, that's massive innovation, as long as you're defining innovation in a way that matters to the company's profitability and the financial success of shareholders -- and that is the only $DIETY Microsoft ultimately has to serve.
Microsoft makes some money when it technologically innovates. It makes one hell of a lot of money when it can innovate through changes in its business practices or (better yet) forcing changes in the business practies of most or all customers and competitors. This is where you'll see Microsoft working hard to combat erosion in its server market.
RMS can rant all he wants. We can wave the banner of free (Speech! Beer!) all we want. We can use the word monopoly all we want.
And Microsoft will still win.
Microsoft will win as long as they understand the whole war and we understand just one battle. The battle we're fighting is technological superiority, lower off-the-shelf cost and (in some cases) the principles of Free Software. Battles matter, but they're not the whole war. The war is market share and mindshare dominance, and "innovation" as simply a name for a whole range of tools that meet that primary business end.
In this war, it sometimes seems that we're using a gun and Microsoft is committed to using its whole arsenal. Can you win with just a gun? Yeah, if you're a good shot and take out a key leader. But the odds favor the person with more weapons.
"It was a summer's tale: Just a boy, his Linux, and a head full of dreams..."
what the hell is up with the stinking stats at the bottom? and why don't we have 2003 stats in there? give me a BREAK...
not only that, but the stats are based upon licenses SOLD... not number of installations.
this is ass.
This is no real surprise. Linux, even paying for support, is a lot cheaper. And, with blade servers, you can pack a lot more horse power in a lot smaller space.
Back in the Third Age, Sauron was in no danger of being defeated by an attack of an army of Hobbits, no matter how fierce Bandobras Took was. Yet, he fell because of some hobbits. Who'd have thunk?
At the risk of sounding like "I told you so", I for one have been saying this for years. With Microsoft being one to put things off in favor of press releases, it seems like Linux - or for that matter, anything in the open source community - tends to not waste time in getting anything like (say) security updates. Meanwhile, Gates sits on his laurels....
This sig no verb.
going to force Microsoft to spend more time on security and stability, and less time on adding new features
You would actually think that with the resources available to them, that they would be able to do both. Perhaps this is the reason for Longhorn's delay.
Microsoft is not a stupid company, by any means, I'm sure they have several linux labs so they can start gleaning ideas from it. They've never had any problem with seeing something as competition and coming up with their own version of it.
slashdot, news for crazed liberal socialist zealots
You mean Microsoft needs to stop adding features like:
1. BSOD
2. Microsoft Bob
3. Clippy
4. DMCA
5. Palladium
6. Outlook Express
7. Sharepoint
Their marketing focus has too much stranglehold of their development force (or lack thereof).
OOo is fighting an uphil battle here. Should they focus on 100% compoatibility or implementation of the next 'killer app' inside of an office SW suite?
I, personally, believe that adoption by businesses will come through adding of VALUE and USEFUL FEATURES vs. Compatibility. After all, we can always make a migration tool to migrate the documents into a new format, if the value delivered by the new suite equates to a dollar savings (or revenue generation).
When I started to use linux, people who worked with windows pretty much accepted that you'd have to reboot several times a day. This wasn't just because of the need to preserve backward compatitibility with DOS. Even NT 4 was pretty buggy before sp4 or so.
I remember telling people that sun servers often stayed up for years without reboots -- no one believed it. Computers crashed, that's what computers do. Microsoft, and to a lesser extent apple, convinced most casual users that's the way computers worked.
But obviously, this wasn't something that was caused by an immature level of technological development, because other companies, like sun, were shipping machines that didn't crash all the time.
I believe that linux is responsible for a huge percentage of the core improvements that MS made to windows. They never felt it was a problem to ship OSs that crashed until they saw an alternative that didn't crash, on the edge of their radar screen. An alternative that people could install on their existing PCs, an alternative that people running ISPs could use to do server work.
Linux's quality, for the most part, doesn't come out of competition. There are efforts to make linux better at doing certain specific things, efforts that are driven by benchmarks. Most of the time, these little competitions seem to be waged with FreeBSD. But it's a historical fact that people wanted to make linux more reliable way before windows had any stability at all.
Microsoft *needs* linux to push it. If linux wasn't out there, does anyone think they'd be trying to tighten up security? Does anyone think that they would have delivered stable versions of windows without the pressure of competition.
My point is that even if you don't use linux, you benefit from it in a big way. In fact, I would say that most of the real benefit that linux brings to the world comes in the form of competitive pressure on microsoft, and those benefits are seen by windows users, not by linux users. Who knows how much they'd be charging, what the net would look like, how often windows would crash, etc., if it weren't for linux.
It's hard to get this across, but every discussion of open source vs. commercial development ignores the effect that open source exerts on commercial developers. The discussions are simplistic for that reason.
If you were going to compare open source development vs. monopolistic commercial development in a realistic way, you'd have to talk about what a horrible job commercial developers did before open source developers started to hold their feet to the fire.
So I'm a pervert. Welcome to the Internet.
So MS is going to spend more time on security and stability, something every user needs, and less time on adding new features, most of which are hardly ever used.
Microsoft could be compared to a race horse. It's moving very fast in the only direction it can see, while those who are open source are moving fast, but in any direction necessary.
Ops, I shuld have usd the prevuwe but in.
The funny thing is, it really annoyed me. Not the being asked part, the being asked three times thing. But then I reminded myself that the alternative is insecurity.
So whereas Linux, et al, has focused on security, Microsoft focused on adding new features. MS is now in the dominant position (always was, really) and now will drag the consumer into security. Linux meanwhile wrestles with TCO, which is a result of Windows dominance, again due to lack of security.
Schnapple
Especially in development, Linux has seen way more speed than Windows. I don't think very much has happened for Windows lately that really matters much in it's usefulness... it only uses up more memory.
I couldn't come up with any better sign....
...great idea!
If they never added features like: 'XP Look', 'Windows Media Player', 'Windows Messenger', 'easy-to-use wizards' to windows, it would be a much nicer OS.
I've always been a Microsoft guy, but last year when I had to standardize on a single OS for our applications, I went with Linux. Not because it was better, but because it was free. It is that kind of decision made over and over again that is hurting Microsoft.
Who else are you thinking of, besides Linux and Microsoft? Ok, there's SCO, but they're a dying breed as they've given up innovation for litigation. There's BSD (not meaning to troll of inflame but I kinda wad together with Linux, sue me.) There's also Apple (which will no doubt be a major player by the year 3025.) Who else? A few scattered little proprietary or specialty things which will soon be replaced by Linux or Microsoft?
A feeling of having made the same mistake before: Deja Foobar
Enough with these stupid stories already!!!!! Seriously : i know this appeals to the slashdot audience (posting linux advocacy stories) but the reality is completely different. The day that the community focuses on real ways to reduce microsoft's monopoly will be the day that linux becomes sucessful.
People were writing these stories 3 years ago. Nothing has changed.
How is this an advantage. Everyone I know that is halfway technically savvy finds this a disadvantage about the Windows line of operating systems. People like having choices when it comes to the products and services they buy. Microsoft is going to shoot themselves in the foot with this line of thinking.
I think a lot of companies that depends on windows would happily buy a lot of boxes of linux and show the bills to Microsoft if that will make windows more safe and stable.
I think everyone confused about the title should go read the following fable: The The Tortoise and the Hare.
Tsunami -- You can't bring a good wave down!
Do what we do, skip the documentation and intergration.
They ought to be damn worried about the desktop and the consumer market as well. The Linux desktop as a drop in replacement for XP Home/whatever is still a ways away, but with advances in (the products formerly known as) Mozilla/Thunderbird, OpenOffice, and KDE/GNOME it's only a matter of time before it really improves to the point where a Linux desktop is truly accessible and does everything that 95% of the mass market wants to do.
Plus companies like IBM can afford to throw full-time devs at it in the hopes of avoiding millions of dollars of MS tax/Windows licenses a year.
Finally they're starting to get a taste of their own medicine (getting their market cannibalized by a free alternative).
-fren
"Where are we going, and why am I in this handbasket?"
show me how linux won't be able to fall to a virus like W32/Bagle.j@MM1 01071.htm
http://vil.nai.com/vil/content/v_
what security has been breeched when a home user on a stand-alone system has run a program they recieved over email (and even had to enter a password to unzip)
if grandma can follow a 5 steps to infect her windows machine, what is stopping grandma from following 5 steps to infect her linux machine?
even after windows is all secure, we will still have worms.
what i'm waiting to see sometime is a worm that has 2 parts, one for the windows users and one for the linux users. a mass mailing worm on linux shouldn't be too hard. the linux version could be in perl. after all, (nearly) every distro needs it just to install. cpan to fetch the missing modules for the 'virus' and away you go!
I disagree, I think Microsoft is just going to push their proprietary stuf harder, in the false name of security. Sure, they'll have to drop the prices, but Linux will have a tough time 'fitting in' when it can't authenticate against the existing Active Directory servers out there.
I'm already having trouble getting Macs and Linux boxes to play nice with Active Directory, who KNOWS what sort of proprietary encryption techniques they'll use to keep Linux and Apple boxes out of the core network.
I can easily see MS dropping support for pre-NTLMv2 logons, which would force Mac users to use MS-controlled authentication modules, that would be rough if they didn't maintain them properly.
Is there a way now to run an Apache/Linux box and have it authenticate web users against an Active Directory?
Is there an open-standard directory service that can replace AD, but windows machines can still connect to? Has anyone written an 'OpenDirectory -> pseudo-AD / NT Domains' gateway?
"Sometimes, I think Trent just needs a cup of hot chocolate and a blankie." -Tori Amos on Nine Inch Nails
going to force Microsoft to spend more time on security and stability, and less time on adding new features.
Doing so definitely cuts into their marketing ambitions. This is a big deal for any company looking to make money and continuing to do so.
The problem is, how do you achieve the balance between writing good code and making deadlines? I think this question goes beyond the problem MS is facing and extends to all of us in small shops too, where we are expected to write amazing code but are never given the time to do The Right Thing (tm).
CTO: [Linux is] "going to force Microsoft to spend more time on security and stability, and less time on adding new features."
(short-term) mission accomplished.
It is worth noting that somehow an operating system created just for the fun of it and never intended to take on Microsoft's product line is doing just that.
When was the last time one of your educational endevours resulted in taking on a major corporation?
I don't need no stinkin' sig!
"going to force Microsoft to spend more time on security and stability, and less time on adding new features."
That's exactly what Microsoft has been doing for some time now. We're 2.5 years out from the release of Windows XP; in this time there's been a fairly significant update to Windows Media Player, Movie Maker, and Messenger, and umm... that's it for features, folks! Pretty much everything else MS has released as updates to XP in that timeframe directly addresses security and stability. XP SP2 will be more of the same: all the binaries have been recompiled with stack corruption checking mechanisms in place, the firewall will be turned on by default, automatic updates will be pushed harder than ever, IE will get additional ActiveX security controls, there will be better integration with third-party AV solutions, RPC has been thoroughly worked over to improve security, etc. etc. Even Athlon 64 owners will get additional security in the form of the NX protection.
There's very little in the way of new features that aren't security-related. The closest one I can think of is the pop-up blocker, and that could even be considered a "job security" feature.
It's o this CTO's discredit that he has had his head in the sand for so long that he hasn't actually noticed this going on!
Seems to me Linux/Unix has the advantages of good fundamental design (SMB, anyone?) and pretty solid stability/security. Microsoft has flash and convenience. Given the lackings of both parties, who can fill in their gaps more easily?
What I really meant to say, though, is that all of Microsoft's innovations in business practices, bundling, contracts and price structures don't change the fact that they are trying to achieve customer lock-in to a mostly-inferior architecture. If they achieve that, congrats to them, but shame on their customers.
That's predicated on the assumption that Linux can offer an organization a competitive advantage. If not, what good are we?
John.
Getting lauded by thestreet.com is the kiss of death. They are an excellent contrarian indicator. When they say "buy", sell. When they say "sell", buy. That is the path to riches.
When they said to buy MSO @ 36, I sold short. Thanks guys!
One thing that's always driven me batty is the manic-depressive nature of Microsoft's feature development. On day, they announce some new technology with a commitment that seems more impressive than wedding vows, six months later they quietly kill it off in favor of another announcement of some other, newer, technology.
I'm not against new innovations, but this cycle should be more like 3-5 years, not 6-18 months, they shouldn't be unsupported and obsolete until 5-7 years, minimum. Between a new technology announcement and a real deployment can be 9-18 months depending on a business' needs and budgeting and planning cycles. Replacing it right when you want to deploy it is pretty insane (although I know they want you on the upgrade treadmill).
And their "new" innovations should in some way be improvements (with perhaps some backwards compatibility) so that they seem to have a coherent, long-term *strategy* and not just a short term marketing idea.
We'll see if they're capable of being that kind of company.
I'm listening, now. Had I known how easy it was to install Linux and use it, I would have done it a long time ago and had better hardware. I haven't paid for an operating system in quite a while, now. Windows has it's uses, but they are getting fewer and far between for me these days. If it weren't for my companies dependency on Outlook, I probably wouldn't even use it there.
Ops, I shuld have usd the prevuwe but in.
I thought this paragraph was most telling, the 1st one on the last page:
Taylor also said the company is countering Linux's unbeatable price tag by commissioning studies that show the total cost of ownership over the life of the software is higher with Linux than Windows.
Taylor is Martin Taylor, Microsoft's general manager of platform strategy.
Basically, they are admitting to paying for studies that show the results they want.
I'd love a direct quotation of his answer -- it'd be a great rebuttal when MS publishes another "Windows costs less" study.
Why do idiots^m^m I mean "industry analysts" like the writer of this article always quote insiders at Microsoft but never talk to ANYONE within the open source movement... not even someone like Linus Torvalds or the CEO or red hat? Why do they get ALL their information from the corprate world and NEVER even THINK about getting information from inside the open source world?
I am not going to take any of these types of reports seriously unless they can get outside of their little corporate biosphere at least once in a while and understand that there is a world outside. I am tired of seeing reports on TV and on bignamed media sites act like anything that is outside of corporate-think is odd, alien, and totally not worthy of mention.
Why don't you embrace your slashbotness instead of living in a dreamworld?
I always see people saying this, but it doesn't really seem to help. We've still had kernel vulnerabilities and exploits. How many people are really looking at the source? It's not like the whole world suddenly is poring through all the code--it's still a core group of hackers, just like at any company.
Microsoft licenses Windows source code out to many companies and universities. They have probably just as many "eyes."
"Sufferin' succotash."
A study that had no real statistical methodology and DISCOUNTED all viruses on the Windows platfom. Yeah that's a great study. Let's throw out all the MS breaches. Wow Linux is breached more than MS. Get a clue!
Thalasar
with both sides working to improve their product, hopefully the big winner will be computer users.
For this to be considered a 'race' you have to establish and end goal. So what's the goal here, smarty-pants? If your end goal is profitablility, the turtle lost a long time ago. Looking at the sheer amount of profits MS has created, it's doubtful Linux will EVER make up that margin. EVER. We're talking billions here. If your end goal is user-base, again MS has slaughtered Linux several times over. Unless they do something radically didfferent than what they're doing now, they'll never have the user share MS enjoys now.
Being a Tutrle implies that by a slow steady pace you'll beat the Hare's constantly distracted state. You may have noticed that MS has the focus of a freakin laser beam, regardless of how much you don't like them or how bumbling you think they are. When they fixate on soemthing, they tend to hammer away until it falls. So your saying MS has the speed (being a hare) while history shows they have focus against a focused, slower opponent (the turtle). So either you just pulled that parable out of your ass to sound smart/cool, or you're actually saying MS is a sure-fire win.
Which is it?
You need a FREE iPod Nano
Bill&Co. has something like $40 billion with a capital B in cash and liquid assets ready to put against the army of Linux programmers. Legend has it that the more programmers you throw at a late project will make the project even later, but what if you have more money to swim in than Scrooge McDuck ever imagined?
Bet on the money.
"The generation of random numbers is too important to be left to chance."
Oh, you're referring to the article that basically excluded data that referred to Windows breaches?
There was a great comment posted in reference to that story, that it basically said, "After discarding all evidence to the contrary,....."
Or did you actually read the article instead of popping up with blind fanboyism about your favorite overpriced OS?
Setting the security to not run "signed" ActiveX controls resulted in every spammer and spyware product getting "signed" with a timestamp signature, and allowed to run as if signed by a real certificate.
For now, I've just turned off ActiveX controls entirely. As a nice side effect, Flash ads no longer work. On the downside, neither does Windows Update via the browser.
Asking you three times didn't make anything more secure, it just annoyed the mouse-driver, who is often the least qualified to answer the question (not in your case).
Everybody's a libertarian 'till their neighbour's becomes a crack house.
The Windows logo is seen by hundreds of millions of people each and everyday they boot up.
/. joke here) but the rest of 'everybody else' has no clue about computers, much less Linux.
Are you actually suggesting that the Linux Penguin is a better known mascot/logo? Get serious. 95% of the world doesn't even know Linux exists.
Remember, if you read slashdot, you are in that educated 1% of populace that knows a lot about computers (insert obligatory
That won't happen until Mac OS is ported to other machines. Macs cost way too much and you have to buy one of their machines to run it. Do they even sell servors?
Ops, I shuld have usd the prevuwe but in.
Story about linux is posted, half say closed source is bad, half say it is good, we all agree to have a sexy party. I feel... I feel like I've experienced this somewhere before...
Because a Microsoft product will install on my hardware without kernel recompilation.
... but I have work to do.
Because a Microsoft product will work with a wider range of hardware.
Because there is documentation, training, certification of support personnel.
Because almost all written for Microsoft applications look and feel the same and I have no installation, navigation, etc user issues.
Becasue I can be sure I can exchange a file and not create problems at the other end.
Because it crashes so seldom as to be ignorable.
Because there is one button to push for support.
Because I don't have to worry about patch sets, Microsoft maintains my platform.
Because Microsoft just enables me to get my work done.
When Linux can say all that, I'll buy it and eben pay for support. Until then, it is a wonderful development environment and a wonderful server
There's a chart at the bottom of the article that shows Market share and sales....
I don't know how accurate it is, but if you look at the asterisk note, you'll see they say the statistics are based on sales for those years.
Can you really count sales when talking about Linux? What about all the people who download the software for free and implement it? I'm sure SuSE and Red Hat didn't count how many ISO downloads they had each year. Granted, most enterprises pay for their Linux distributions, but the fact of the matter is that many smaller organizations might not. And that's the market that's going to be most critical for Linux and Microsoft. That's where the growth is and that's where the trench fight will occur. You can't count $$ sales when talking about Linux. That's the hardest part for Microsoft to deal with. It can't actually measure the extent to which Linux has spread at this point, or at any point for that matter.
setting: secret hollowed-out volcano lair
... or is it the snake to my mongoose? I never was good with analogies."
Bill Gates, with pinky held up to lip: "Linux is the mongoose to my snake
I just notice that at the bottom of the article, where they 'inform the reader' about Linux's rising popularity, they measure it in the amount of money made. HAH.
Of COURSE our server revenue and PAID market share is lower. We're cheaper/free!
I [may] disapprove of what you say, but I will defend to the death your right to say it.
...the reality of the situation is thus:
;).
Either IBM/SUN/Other serious development companies step in and totally embrace Linux and commit to an acceptable Open Source policy that makes everyone happy, or Micro$oft can quite literally re-invent themselves to be Linux killers.
For example, and this is horrifying, imagine that M$ purchases SCO's 'rights' (whatever the hell those actually are) and produces a Unix clone and puts 20 THOUSAND engineers on it. Imagine they do it right. Everything written to be secure, everything modularized, the ultimate desktop, et cetera.
This is a REAL possibility. Sadly, I think Apple is the one who showed them the possibilities. OSX was a huge slap in Redmond's face and I bet many of them said "Why don't we have something like that."
Can you imagine a (borg like) future were Microsoft has (like it does now) two product lines, the client line and the server line. The server line is Unix based, the client line is (who knows what) based.
Linux in all this? Gets marginalized.
In essenece what I'm trying to say is "Do not count on Micro$oft letting us slowly chew away at their business. They will come out with guns blazing and the only way to beat them is to do it with their own game, the throwing of literally billions of dollars and tens of thousands of HIGHLY organized engineers at a problem."
Look how quickly they crushed Netscape when they really put an effort into it. It's, quite frankly, terrifying. 40 billion in cash, tens of thousands of (despite what many of you think) quality software engineers, a first class research group. They're some scary mothers.
I sure wish SUN and Oracle would just suddenly go ALL LINUX. That'd scare the piss out of old Bill
Loading...
Sure, Linux is the most breached system on the internet . . . discounting M$ worms, trojans, viruses, and other damning evidence against windows.
That "study" was highly flawed in it's approach.
--Tsiangkun
You haven't had a blue screen in 8 years? Damn, you must have switched to Linux, or Mac. BeOS?
Perhaps 2004 will not be the year when Linux makes it big. Maybe not 2005, 2006, or even 2007. But it is becoming clear to every honest observer that Microsoft is running out of time. Their business model sits smack in the middle of that part of the software ecology that has become commoditized. They are selling ice in an age of cheap refrigeration.
It's hardly even worth asking 'when'. Frankly, who cares whether it's next year or in 10 years.
The only interesting questions are, IMHO, (a) how can Microsoft survive (and it ain't gonna happen by producing TCO studies!), and (b) what will happen to the software world if MS does not survive. Open Source software is a threat only to some classes of commercial software producer, and it's a boon to every single software consumer.
Attempts to polarize this debate into "opinion" and "zealotry" miss the point: it's about technology curves and the way they change the economics of doing business.
Ceci n'est pas une signature
I guess it depends on how seriously you take Microsoft's "security" initiative. If you think it's for real, then yes, Microsoft has been focusing on security for two years. If you think it's just marketing nonsense, then Microsoft has been sitting on its ass for two years except when prodded forward by security vulnerabilities. It's a toss-up for many.
Take some of the things MS does to improve "security". Back in 199x, they had a problem with viruses being sent as attachments, because it's too easy to convince people to run foreign executables on Windows. So, do they fix the bug? No, they remove the feature. No attachments for you! Now it's 2004 and they have a bug in their HTTP URL parsing that allows people to phish. Fix the bug like Mozilla did? No, remove the feature--no usernames/passwords in URLs for you! It seems that Microsoft has learned nothing. Got a bug in a feature? Remove the feature, because fixing bugs is hard.
And then there's Oxymoronic statements, like "ActiveX security". You know what? ActiveX is a generic technology with no concept of program INSTALLATION with restricted user permissions. Using it as an Internet-exposed browser plugin technology was a quick and easy but extraordinarily insecure decision. The best Microsoft can do is throw up a lot of locks in front of the control, because once a user clicks "Yes" (and trust me, users do!) the show's over. The ActiveX control has complete control. Not so on Linux--I install plugins without root access, and they only apply to me, and can only damage my home directory. Home Windows users regularly run as administrators, not because they are dumb, but because they need to do things that Windows won't let them do unless they're administrators. Install browser plugins, fonts, change file associations. Linux users can do all of these things as unprivileged users.
Yes, I believe people at Microsoft believe they are working on security. I believe many Microsoft customers believe Microsoft is committed to security. And I also believe that the truth or falsehood of those beliefs is irrelevant. This is a PR blitz, nothing more.
This is largely because Linux administrators demand higher salaries than Windows admins, which is at least in part because Linux administrators usually have real experience actually adminstrating a system rather than simply having a certificate under their belt that one can get at any tech institute.
Feel free to mod me as -1 troll if you think the above is bullshit.
File under 'M' for 'Manic ranting'
Because a Microsoft product will work with a wider range of hardware.
i think you have that one backwords.
Because a wider range of hardware will work with a Microsoft product.
Because Microsoft just enables me to get my work done.
. . . as long as you remember to save often.
So I take it you "paid your $699 fee you cocksmoking teabagger"? ;) I mean you said you used the TM with permission... What else is there to assume other than you are a "$699 fee paying, cocksmoking, teabagger"? [Daffy Duck Sounds as I Bounce Away]
Un-news
Rather than post story after story speculating that Linux is going to kill MS, why doesn't Slashdot just wait until it actually happens and then it can be the first to break the news.
Windows would become more stable reguardless. The programmers at microsoft are all using it and the crashes would get old even for them eventually. It also increases call support costs such that it's worth fixing bugs to increase those margins. However the external competition certainly has sped this process up as seen by Gate's security initiatives.
Oh, you're referring to the article that basically excluded data that referred to Windows breaches?
Yeah--the one that excluded user-run executables, as it should have.
Or did you actually read the article instead of popping up with blind fanboyism about your favorite overpriced OS?
Witness the Slashbot--if I dare criticize Linux, I am somehow a Microsoft fanboy. This us-and-them mentality is keeping the community living in a juvenile mindset. I use whatever tool to get the job done, be it my Windows XP partition or my Gentoo Linux partition.
"Sufferin' succotash."
I sure hope that they (M$) have less time to spend on their features. Because as far as I'm concerned, when I saw Windows XP, and saw some of the "features" that they added (gosh-awful nasty blue theme, big bloated icons, clueless stupid puppy dog to help you search in files, a hundred billion built-in useless wizards, retarded file views, and completely meaningless 'helpful task list things' on the left side of folders, to name a small few), I was awe-struck...and not in the good way either. It was that kind of awe like "what were you smoking, and where did you find the clueless idiots who designed this piece of software"?
In my opinion, it's time for the tortoise to whoop some ass.
java guy, tech blog...
It can kill it. Actually, aren't all MacOS X names based on big cats? They will eat hare and tortoises easily if that is true. ;)
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
What you're missing is there will be a fix for this within 24-48 hours. If this was in windows the fix would be kept quiet for who knows how long and if the hole goes public then it would take 1+ months for MS to put out a fix.
How long did it take them to put out a fix for the IE URL Spoofing Vulnerability? Read up bud: IE URL Spoofing Vulnerability
Changelog:
2003-12-11: Linked to test. Added information regarding variant, which makes it possible to spoof URL in the status bar as well.
2003-12-14: Microsoft has issued a knowledge base article concerning the issue. This also reports that version 5.x is affected.
2003-12-19: Scams mails exploiting the vulnerability are now circulating the Internet.
2004-02-02: Microsoft issues patches. Added CVE reference.
Almost 2 whole months for people to get exploites in the SPAM e-mail.
If grandma was running as root and open a console and type 'chmod a+x virus', maybe. Windows is broken by design, not because the users are stupid. I don't say it's entirely impossible but still it's highly unlikely.
Because of design decisions, MS can never compete fully on security and stability. All the have are features and marketing.
Linux is becoming a commodity OS, leaving vendors to compete on service and support. MS will always be behind. They just have a tremendous market share to wither away over a long time.
As far as mass mailers, I can see it now:
w or m.html
Hi! You've won "make big penis now"! Just follow the link below to retrieve your prize:
http://www.cpan.org/modules/INSTALL-massmailing
Or...
CPAN(3pm) Perl Programmers Reference Guide CPAN(3pm)
NAME
CPAN - query, download and build perl modules from CPAN sites
SYNOPSIS
Interactive mode:
perl -MCPAN -e shell;
Batch mode:
use CPAN;
autobundle, clean, install, make, recompile, test
DESCRIPTION
The CPAN module is designed to automate the make and install of perl
modules and extensions. It includes some searching capabilities and
knows how to use Net::FTP or LWP (or lynx or an external ftp client) to
fetch the raw data from the net...
----------
Sorry, but it would be a lot harder than an e-mail with instructions to do a mass mailing Linux worm.
Un-news
This is becoming less true as time moves forward. Linux is slowly creeping into the enterprise I work at, and the two people there with Linuz skillz (myself and one other guy) are also highly Windoze-skilled. The Linux machines are typically configure-and-forget about, they're so stable, so TCO is negligible.
You are not the customer.
Linux will never be able to catch up... The best it can hope for is is to be within .0000000000000001% of Microsoft.
if you think this is a flame, then you need to do some research
Microsoft to spend more time on security and stability, and less time on adding new features.
... let some apps developer write them!
... this is SlashDot, after all.
- from the article
Thank God! Thank God!
Windows does not need more features. It's got plenty of features already! Any "features" it doesn't have
No need for me to go on about "security"
-kgj
-kgj
Because a Microsoft product will install on my hardware without kernel recompilation.
Mandrake detected everything. No recomplilation, now driver downloads.
Because a Microsoft product will work with a wider range of hardware.
Mandrake saw everything I had. I had to get additional windows drivers for my scanner, printer and a whole software suite just to run my digital camera.
Because there is documentation, training, certification of support personnel.
man, apropos, various certs are all available. Most importantly, config files are easily user editable unlike the registry.
Because almost all written for Microsoft applications look and feel the same and I have no installation, navigation, etc user issues.
Gnome - no problem with this.
Becasue I can be sure I can exchange a file and not create problems at the other end.
I had a client using Word Perfect. Word butchered the doc completely.
Because it crashes so seldom as to be ignorable.
Yes if you reinstall every 6 months.
Because there is one button to push for support.
For support, I look in the mirror. And I don't pay exhorbitant per incident fees.
Because I don't have to worry about patch sets, Microsoft maintains my platform.
I maintain my platform. I know what's going on it. I don't have to worry about the ever changing EULA.
Because Microsoft just enables me to get my work done.
Linux does that for me. Microsoft eats my files.
When Linux can say all that, I'll buy it and eben pay for support. Until then, it is a wonderful development environment and a wonderful server ... but I have work to do.
Me too.
Open office is never being asked to accept changes when you haven't made any.
Wouldn't it be nice if OS designers realized what wonderful features stability and security really are?
UNIX is truth, the Console is life. Use Evolution to send e-mail and not virii.
Not to mention the XP T-shirts that say "Yes you can." (Thanks for the permission by the way ;)
The new slogan for Longhorn should read:
"Yes, you must."
-kgj
-kgj
people "inside the open source world" are just like you - abrasive, irrational jackasses.
Oh, you're referring to the article that basically excluded data that referred to Windows breaches?
Yeah--the one that excluded user-run executables, as it should have.
I'm afraid you're missing the point of the folks who are complaining that the study is biased.
On Windows, it is possible to write a user-run, user-mode executable that can function effectively as a rootkit; hide its own processes and files, open network connections to send itself to other targets, access your mail, address book and documents, and even run its own SMTP server.
On Linux, because of the large number of different kernel configurations and application distributions (distros) that people run, this kind of exploit must be tailored to each specific target. So Linux systems, by the very nature of their diversity, are not vulnerable to this kind of exploit.
That is why excluding user-run executables biases the study in favor of Microsoft products. Because it excludes a whole class of non-tailored viruses and trojans where Linux systems have significantly less vulnerability than Windows systems.
Funny, small but cute characters don't seem to be a problem in Japan.
Quit taking such a US-centric view of the market. Given the realities of the declining economy, and the increasing trend towards humanization of technology interfaces, perhaps a penguin is the right move after all.
"But always she's the spectre of uncertainty I first endured, then faded, then embraced..."
Yeah, and that happens much more often than it does with the Penguin.
No it doesn%@#^^^^++++++CARRIER LOST.
Why people shouldn't use Microsoft
Monopolistic software tactics (probably not important to a home users, but to software developers, this is a big issue)
Documentation is weak. Often I find a circular pattern when trying to resolve a problem (look at document A, points to document B, document B points to document C, document C points to document A, and none of these answered my question).
Microsoft patching is not a simple process. They've got the Update site, but if I have to patch hundreds of systems, this is not acceptable. I certainly don't want to put this burden on the end user and writing login scripts to handle this (like I'd want to have the local user with administrative rights for installations) or using applications like SMS (additional cost).
The Microsoft backup solution is to reinstall the operating system, create disk mirrors and break the mirror to create a point in time snapshot (XP does have the snapshot capabilities - guess they learned something from other companies), the internal backup software (and how can I access that without first reinstalling the OS to get to the utility?), or third party solutions (additional cost).
Applications (I know, this isn't the OS, but I'm including one's written by Microsoft) often require the accounts to have administrative rights.
The tight coupling of the browser and the OS is responsible for security holes.
Single process can bring the system to a stand still. Multi-tasking has improved, but still has room to mature.
Single user for the system (unless you are at a server with Terminal Services - additional cost).
Microsoft has enjoyed market dominance for a while and probably will into the near future. Unless they duplicate the functionality of some of the competitiors, they may find that the tortoise is in front of them.
Linux has a ways to go before it will take over the desktop market, but at the server, it's competing. Just like the Unix flavors started removing some of the "mystery" of system administration by duplicating functionality from it's competitors (GUIs, installers, etc...), Linux must learn from it's competition too.
If you've ever been invovled in hare coursing (hopefully as a sab) then you'll know that hares run in spirals to escape the snarling teeth of the hounds.
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
I don't believe that the press should continue to say whether Linux will win over Microsoft or hurt them. Both are good operating systems (shhh...Linux is better) but it will be the software that is available to the operating systems that may turn the tides. Right now, MSFT wins in the desktop space because you can go into any store, buy software, and it will work in Windows. However, in the server space, MSFT doesn't have that many good products. Besides products like SQL and ISA, the other server apps are really behind the times. CMS, Project Server, SharePoint - yeish. The open-source counterparts blow them away. I think organizations will begin to see that it won't be an OS war but organizations will want to use products like MySQL in which they can clearly save money and have high ROI. Bottem line: I feel it's not MSFT vs. Linux it is MSFT vs. open-source. Which is a battle they will not win.
Windows nothing else. Granted I never had a virus or worm on MY windows machine but spent plenty of time fixing other peoples machines.
Personally I have a hard time believing in statistics. I go from personal experience. Your personal experience will be different.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
Desktop and mobile apps, a little different story. Wait, I should say Windows apps. That's a breeze in DotNet. C# is nice, VB.NET should be outlawed. The downside is going from DLL Hell to DLL Version Hell.
MS can bite my butt. The strength of OSS is that it rarely feels the need to re-invent itself. It just gets better and better one generation to the next. I'm not sure it's complacency as much as a different philosophy.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
Yeah--the one that excluded user-run executables, as it should have.
Of course it should, because as long as it does, it supports their view (and yours).
Witness the Slashbot--if I dare criticize Linux, I am somehow a Microsoft fanboy.
This makes me wish there were irony tags in HTML, since I was basically using sarcism to show how the original "fanboy" comment sounded. Glad you agree that kind of comment does sound juvenile. (Funny how some things sound worse from another mouth -- or keyboard!)
There was evidence to prove that Overly Critical Guy is a lying cocksucker, but he deleted it. Think independently.
So while the Hare is out partying, the tortoise is approaching the finish line. Then this truck comes along, and the tortoise is too slow to get out of the way. SPLAT! The hare sends word, "I don't see why I should be made to finish the race, since the tortoise obviously can't win. Please send the prize money."
His prognostication is late.
IMHO, Linux is the single most important reason that Win2K was as good as it was relative to previous offerings to Redmond.
So good, in fact, that knowledgeable customers aren't convinced there are any valid technical reasons for migrating to XP or successors. The cost benefit ratio just isn't compelling.
In it's effort to stave off the force of commoditisation that Linux and free and open source software is bringing, Microsoft is working furiously to add features that make migration away from Windows less attractive.
The Outlook/Exchange orbit is a prime example of that strategy.
But this kind of feature lock-in is only a good strategy for existing customers that are already heavily invested in Microsoft's products. It's not a good strategy for growth of new customers, particularly cost-conscious customers.
And, even though the recession is over, the cost-cutting activities in businesses are not over, which really puts the spotlight on Microsoft's high-margin products that have "good enough" low-cost alternatives in the free and open source world.
"Provided by the management for your protection."
Remember when Microsoft helped commoditize hardware in the 90? IBM can now get their revenge by commoditizing the operating system.
love is just extroverted narcissism
"Back in 199x, they had a problem with viruses being sent as attachments, because it's too easy to convince people to run foreign executables on Windows. So, do they fix the bug? No, they remove the feature"
.exe file, how is the OS supposed to know if it's evil or not?
What "bug" are you referring to? If a user runs an
And they're off
Look at that Bob, the Apple panther rapidly overtook both the MS Paperclip and the Linux Penguin... this race is in the bag
But, wait... the panther is stopping. No, now it's crouching. It seems to be waiting for something. Ah, the paperclip is catching up and the penguin is right behind it...
Oh horror, the panther has attacked the paperclip. Look, it's biting and bending it. Oh, the poor paperclip. Meanwhile, the penguin is slowly but surely gaining ground.
The panther seems to be having some problems now... yes, the panther has eaten the paperclip, and now it's choking. It seems that the clip is just too much bloat for the panther to handle...
Zeno's Paradox requires that the quantity in question ("remaining distance" in the canonical form) be infinitely subdividable. An installed base of computers is necessarily discrete.
The point of the old fable is that rushing doesn't necessarily make you faster - consider that Microsoft rushed out a bunch of products in the 95-2000 period which really weren't properly designed, and now they're "out of breath" trying to fix all the problems with their previous products. In contrast, the Linux 'turtle' has been slowly puttering along and is now in some areas surpassing Windows. (Consider how long Linux was in development before it was ready for commercial systems, for example.)
What really makes Linux a 'turtle' is the whole "when it's ready" philosophy. The time between finished, *stable* versions of OSS products or Linux can indeed exceed the 'standard' commercial timeframe of 18 months. So from the perspective of a consumer who uses only stable products, Linux development is sometimes comparatively 'slow'. But, now that MS is "out of breath", Linux is starting to move ahead faster than they are. =)
For what it's worth, removing the username:password parsing from URL's, brings Windows in line with published RFC standards. It was never intended to be used as an authentication mechanism for HTTP URL's.
Section 3.3 of RFC 1738, which defines the format of HTTP URL's, explicitly states, "No user name or password is allowed."
Let me repeat that, in capital letters with bold, so that it is crystal-clear:
THE STANDARD STATES THAT NO USER NAME OR PASSWORD IS ALLOWED IN HTTP URL'S.
This what the standard says, and Microsoft is now adhering to it, at the cost of breaking sites that didn't follow the standard. Microsoft *fixed* Windows by removing this ability from HTTP URL's. Note that FTP URL's still support this feature.
If the day comes for that dream, I'll bet a lot of Slashdot people will be dismayed at how Linux became a GUI-centric OS with only one Windowing system (perhaps neither GNOME nor KDE) which played down the use of the CLI. Those are the kind of changes that will have to take place if Linux is going to make it on the desktop.
Maybe linux admins make more- I'm not sure. But I do know that a competent Linux admin can maintain hundreds of boxes - whereas a Windows admin probably can't...
Yes they are working on it in the worst possible way. Issuing patches, while nice, is still not a very good way to ensure security in software. How many patches do I have to install to make it secure? How many patches will break something else? How many people really care to install all these patches? In short, very few users, but hopefully more sysadmins.
Security needs to be designed into the software from the beginning, not as an afterthought, implemented in patches, which rely on people caring enough to install them.
BananaWare: Software which ripens after purchase.
chmod a+x isn't needed.
.bash_rc or .bash_profile to add it to the login. search in ~ for email addresses and start mass mailing out.
/home partition won't fix it either.
just something like
"perl virscript.pl"
in the perl script
use CPAN;
# batch mode cpan to install whatever modules
CPAN::Shell->install(...)
then after either verifing the modules are already installed, or installing them, spawn another shell with 'perl dropscript.pl', deamonize it, edit
no chmod needed, because perl is aleady a+x, virscript.pl is just a file it loads. same reason that a noexec
if the perl modules are already installed, then root isn't needed, there probably is a way around needing root to install perl modules for current user (not for the system)
there you have all the features of windows. perl will run any text you feed it. user can feed it any text. users can follow simple instructions (ie entering a 5 digit password to open a zip file illistrated by W32/Bagle.j@MM) and a user can make outgoing requests to the internet most of the time.
It's stupid... but true.
File under 'M' for 'Manic ranting'
oh, and i forgot, add junk to .bash_profile to alias su to either email root password or do nasty stuff on its own with the root password.
an alternative would be grandma
1) save attached file to your home folder
2) on the command line type: bash ~/infectbOx.sh
infectbOx.sh
perl -MCPAN -e'install smtp'
cat virscript.pl
***nasty stuff here***
EOF
perl virscript.pl
or just
infectbOx.sh
echo please enter root password to install:
***fill in the rest on your own.
Add a rolex to one of its wings and you would have a high rank professional :)
That much is true... but most businesses can't or just won't look at it that way... They only look at how much the employee is demanding for salary... that the more expensive guy can get 10 times the work done for only twice the cost doesn't matter to them if they don't feel they have enough work for that person to justify the expense in the first place.
File under 'M' for 'Manic ranting'
Fedora Core 2 release : 3 May 3, 2004
Windows Longhorn release : 2004^H5^H6^H...er, we'll get back to you. Meantime, try Windows XP-ME!
The question is, when they get around to releasing it, will we be blown away by its features and ease of use, or just the upgrade price?
Lets see yours...
And IANAGP, but I think that the grandparent was remarking that Linux seemed (to him) to be progressing faster, which would undermine the allusion.
Anyway, maybe you're right, if all the Slashdotters found your comment informative.
.NET applications are totaly invincible to security holes? .NET app use to render HTML?... the IE browser component... no security holes there at all. ;)
What does a
"We've also been very clear that the open source and free software model is a threat to all commercial software vendors. ... It's a threat to everybody."
I hear this a lot lately. How open source and free software will kill economics/capitalism/everything! What is being ignored is the fact that commercial software vendors make up only a small part of the economy. For the vast majority of business and people in the world, computers are not an end in themselves; they are tools that they use to get non-computer type stuff manufactured/distributed/grown/whatever.
What I think the popularity of open source software should be telling Microsoft et al is that the cost of doing business with them is simply too high! It is brought out in the article with the mention of customers using Linux to bring Microsoft's pricing down. Even company concerns with security are a reflection of this; recent Microsoft security breaches have probably cost companies more than the original software purchase price.
In very real sense, Microsoft has priced themselves out of the market. And it isn't necessarily all monetary; the costs of insecurity I've already mentioned and there is a very real cost to vendor lock-in in terms of forced upgrade cycles and incompatibility with existing tools. There is a cost associated with Linux even though it's free; it comes in terms of learning/training, more limited hardware support and longer, more complicated configuration.
Whatever the reasons, companies are now deciding that Open Source software may allow them to save money and be more competitive. Companies that do that will offer better products at cheaper prices to consumers. Surely that isn't a "threat to everybody"? No, the only threat I see is to commercial software vendors in general (and Microsoft in particular) and any chance that "business as usual" will continue to make tham scads of money. They will adapt or die.
Linux is more secure than Windows because Linux started out with a security model. Multiple simultaneous user logins were a criteria from the beginning.
Windows started out as a single user system, then, woah, let's add multiple user capabilities (although only one at a time) and then, woah, let's add multiple simultaneous user access (but still only one log in...and.....well, Citrix finally made multiple user logins viable around 98/99 I think, but a single bad app with a bad GDI call will still BSOD the whole damn system, or used to. And then wait, let's add some "security"
The cesspool just got a check and balance.
A quote from one CTO: [Linux is] "going to force Microsoft to spend more time on security and stability, and less time on adding new features.""
So... this is supposed to be a bad thing?
Assuming what you say is true, then we do at least have to commend Microsoft for *trying* to improve stability and security in their software. On the other hand, they still aren't providing the source code, so how am I supposed to be sure that it really is secure, since I can't examine it myself or find a trusted third party to do it? I'll stick with open source, thanks.
"Destroy science and religion. Science would re-emerge exactly the same; but not religion." - Penn Jillette, paraphrased
See here http://lkml.org/lkml/1998/7/28/161 ;-)
Paul B.
There was a long discussion on LKML if beer-drinking Tux on boot-up screen is 'politically correct'
There's also the fact that while the operating system might have stayed up for years, the application that was running on it crashed - causing an outage. End users don't care whether your Sun machine stays up for years - they care whether the application that runs on it is available. I worked in a VMS environment where the operating system was up for years, but the application would crash once every couple of months. Point of all that - applications and operating systems crash - and users can't necessarily tell the difference.
Not forgetting .NET, SQL Server 2003, tablets and smartphones. Microsoft have been doing plenty.
Now that Linux is Good Enough, here come the hanger-ons wanted to sell it under the premise it's something it isn't. Market it! Productize it! Rebrand it!
Fuck it - most of the people who did the grunt work to get it this far don't give a shit if some middle-aged exec in a random office thinks the boot logo is "unprofessional". Many of us don't have a vested interest in selling more systems. The Tux logo is part of Linux history and culture. If people have a problem with it, they need to change not the Linux community. And if a logo is enough to inhibit adoptance of a better system, then again that ain't our problem or our loss. Of course, you're free to go and produce your own penguin free distro, and to produce your own penguin free marketing material, but something tells me you won't go to all that work...
Rebranding is masterbation. If you want executive compatible "professionalism" that badly, go and use Solaris or something and stick a Gnome desktop on it. Except maybe that Foot is a bit cartoony too, eh?
Forget thrust, drag, lift and weight. Airplanes fly because of money.
Considering they sat on a known, serious security bug for 6 months, I'd say that it's mostly about lip service and self-protection.
You've just made my day. A Microsoft fan preaching the gospel of standards.
> That's exactly what Microsoft has been doing for some time now. We're 2.5 years out from the release of Windows XP; in this time there's been a fairly significant update to Windows Media Player, Movie Maker, and Messenger, and umm... that's it for features, folks! Pretty much everything else MS has released as updates to XP in that timeframe directly addresses security and stability.
I'm on a project this year that has me using Windows for the first time since my Windows95 days, and as for stability all I can say is What the f**k has Microsoft been doing for the past nine years???. I use pre-1.0 versions of free software that are more reliable than Microsoft's version 7 products.
As for XP itself, in the past two months there have been three times I've had to pull the plug on a system that was hung in such a screwball state that it wouldn't even shut down cleanly.
These people aren't interested in stable products; they're interested in maintaining their cash flow.
Sheesh, evil *and* a jerk. -- Jade
"EMACS isn't a great editor, but it's an excellent operating system" --RMS
Except the flaw in Xeno is that half the distance is covered in half the time, not constant time. Therefore you can catch up in finite time.
How inappropriate...however it would be cool if the parent post got modded "+5, Troll" as it is a masterful example of trolling.
.NET eliminate a "whole class of security vulnerabilities" from Windows. Are you referring to buffer overflows and such? Seems to me that lately that's been the LEAST of problems in the windows worm-fest (almost none involve security breaches related to overflows).
.NET except in that it seems to be "Java done right (according to Microsoft)". Pray tell me, what does the "integrated security environment" do to make Windows inherently more secure than anything else?
.NET applications. Do you mean that since it is a uniform system it will be easier to secure and as such more people will secure their systems. "Security by Simplicity" if you will--make it too hard and people will give up or incorrectly secure the system and leave it vulnerable, hence a simpler setup is more secure. Is that your argument?
.NET architecture seems to force all applications to rely on the integrity of the .NET framework and security environment. The apps are all .NET CLR "managed code" but low-level drivers and code in the .NET framework itself at some level are going to rely on C and assembly I would think. What happens if there is a vulnerability there? A security bug in the .NET Application Framework somewhere wouldn't just make IIS or Outlook or IE vulnerable, it could make EVERY DAMN .NET APP vulnerable! "Central" and "Intetgrated" security model seems to me to translate to "single point of failure".
.NET is the MS Saviour of security. About all I've seen is a change in philosophy to "services closed by default" etc but nothing MEANINGFUL. And we still have to wait at least TWO YEARS until Longhorn to see it working to it's fullest advantage (thatever that is). How is something that's realistically that for out on the horizon fix the very serious flaws in the platform that have to be dealt with today?
Sincerely, HOW exactly does
I am not extremely well versed in the underlying architecture of
Seems to me it's primary benefit would be to streamline the process and provide a common security layer for ALL
Seems like a good theory but one that can bite a gigantic chunk out of your ass if you aren't careful. The whole
Maybe I'm just missing something here, but I really don't see how
2GB RAM limits and /3GB hacks in Windows have reached their limit for a lot of server uses. When doing VM style systems or large databases...
How does Windows complete? To get 'official support' from Microsoft for more than 2GB of RAM you have to purchase the very expensive Server Enterprise Edition. We aren't talking $500 (Windows 2000 Server) vs. free, we are talking $1,500 vs free.
64-bit Windows is still 'beta'... I think Microsoft has already let the door open... They were ahead on Itanium but now behind on the AMD.
Giving up the 64-bit Alpha might proove to be the mistake that Microsoft made that lead to this...
Just some thoughts.
You forgot that they also didn't give any statistical percentages. They only used raw numbers and if you looked a little deeper you would find that it was only webservers, which are dominated more by linux than windows. So you have hard numbers showing more linux servers breached, while there are more linux servers to be breached out there. On top of that the explanation of the collection of evidence was pretty weak. So I would say you are the fanboy here.
Time makes more converts than reason
i didn't know the penguin had hair loss... better call avacor. ohhhhhh HARE! not H-A-I-R. duh... nevermind.
----
djzooky.com
I Like Cheese.
I think that the IT sector is overflowing with boring logos and stylised names. And if I see another logo with a meaningless eliptical sweep around the company name, I swear I'm gonna scream!
Drill baby drill - on Mars
THE STANDARD STATES THAT NO USER NAME OR PASSWORD IS ALLOWED IN HTTP URL'S.
Ooh look, he's shouting, he MUST be informative. Seriously, I'm trying to hold back the flames here, because I wholeheartedly think you deserve them as a representative sample of "loud, smug, abrasive and uninformed" that seems to dominate every time discussion of standards comes up. Oh, I guess I did flame, my bad.
RFC1738 is obsolete. In fact, it's obsolete by at least a couple revisions. Read RFC2616, then come back.
I've finally had it: until slashdot gets article moderation, I am not coming back.
...bases its IT infrastructure descisions based on what the product logo looks like then the world is clearly going straight to hell in a handbasket.
However, I'm sure that affixed to the handbasket in which we are riding will be a label with a slick, professional logo that was heavily tested by a leading marketing agency using a large number of diverse focus groups.
*whew* That makes me feel better...
"Most importantly, config files are easily user editable unlike the registry."
Minor nit but the registry is actually very editable. Maybe you don't like the registry on general principles - that's fine. Text files definitely have some advantages. But leave off the FUD please. The registry has a spanky edit UI plus you can import/export any keys you like via text files.
Be happy. Nothing else matters.
I think those in the Open Source community are ignoring this 64bit issue...
In many ways Microsoft outdid IBM by playing the platform change. Why? Well, because backward binary compatibility. It is one thing to do the API's, but thunking kills you.
In open source -- hello - the future of Linux is Gentoo. we are talking (on this Slashdot story) SERVERS HERE, people who are willing to compile... FreeBSD and OpenBSD have demonstrated that.
With open source you can recompile all you binaries and not have any need to mix modes. If you have to run 32bit combined with 64bit, do it over the network... not on the same machine.
Microsoft will have to support binary compatibility... and that will hurt...
A 64-bit native Linux running Wine as a 'compatibility box' sounds a lot like OS/2 2.0 'windows mode' was during the bridge to 32-bit. Too bad IBM didn't know how to market their product...
Linux users, are you listening?
While Microsoft is drawing lines from here to there, Linux is performing a flood fill.
Government of the people, by corporate executives, for corporate profits.
Can someone help out here? The following stats are provided in the article:
Market share*, 2002 23.1% 55.1%
Market share, 2001 22.4% 50.5%
indicating that MS has approximately twice the market share as Unix/Linux.
Netcraft's site says something different, however:
Apache 67.20
Microsoft 20.88
Here, Apache over has three times as many deployments as MS. Anyone aware of why there are differences between the two sources?
The Death Penalty: Killing people to show others that killing people is wrong.
The only way I would learn is if I could afford the machine. Since I can't, I won't. When I can run a Mac OS on my PC, then I will learn. As to the server thing, I was asking because I didn't know. You tell me to learn, but then I am flamed for asking.
Ops, I shuld have usd the prevuwe but in.
There have been Windows viruses that replicate without user intervention. Obviously those are freaking disasters.
But many of the viruses out there require a user to click on something and run a program. Running as admin or not really doesn't matter if all the virus wants to do is read your address book and mail copies of itself to your (also stupid) friends.
I'm not Linux expert but I assume:
- Linux mailers can present executable attachments to clueless users, and
- Linux mailers have address books
That's all that would be required to emulate the "clueless Windows user" type of virus. Most Linux users are not clueless, however, so there would be little point.
The fact that there are so many clueless MS users does not reflect badly on MS. In fact quite the opposite.
And yes, MS OSes in the past have been flakey as hell. But with Windows XP IMHO the problem is 100% solved. I have never rebooted an XP or Windows 2000 Server box to fix a problem(disclaimer: my server needs are not stressful). They reboot occasionally to apply patches and that's it. I believe I had my 2000 server up for over 8 months last year (got lazy, didn't check for updates for a while).
Be happy. Nothing else matters.
They threw out user-run executables.
Repeat after me: USER-RUN. User-run worms do not count as operating system security holes. Get a clue. This is typical of the selective memory that Slashbots have, and the hypocrisy--user-run executables = "NEW M$ HOLE!" while Linux being the most-breached on the net = "NO STATISTICAL METHODOLOGY!"
"Sufferin' succotash."
But it's not text based, and it's prone to corruption. If the registry is hosed, your system is hosed. Period. I can just add a new user, and the programs recreate what they need when they run under Linux. It's a much better operation model, much more stable and fault-tolerant.
My blog. Good stuff (when I remember to update it). Read it.
Now you've given MicroSoft the cute animal mascot it's been withering without in the battle against Tux: RetardoTurtle. Fine, just GIVE the battle away to Redmond, you quisling turncoat!
Windows XP SP2 told me to install third-party software that prevents viruses and protects stability... I chose Ubuntu
I'm afraid you're missing the point of the folks who are complaining that the study is biased.
No, I'm not. They are Slashdot fanboys who need Linux to be #1 so they can troll Microsoft IRC channels without shame.
On Windows, it is possible to write a user-run, user-mode executable that can function effectively as a rootkit; hide its own processes and files, open network connections to send itself to other targets, access your mail, address book and documents, and even run its own SMTP server.
Wow--that has ABSOLUTELY NOTHING to do with the security of the OS. Users are the ones running that program. When the user initiates the breach, what can you do? Hold a gun to their heads?
On Linux, because of the large number of different kernel configurations and application distributions (distros) that people run, this kind of exploit must be tailored to each specific target.
Not at all. It's just that Linux is not as widely used as Windows, but given Windows' popularity, you don't think virus authors would be using tricks involving, oh, the new kernel vulnerability listed in my sig, for instance?
That is why excluding user-run executables biases the study in favor of Microsoft products. Because it excludes a whole class of non-tailored viruses and trojans where Linux systems have significantly less vulnerability than Windows systems.
But Windows doesn't have the vulnerability either. The user is running attachment. Repeat after me--that has nothing to do with the security of the operating system and everything to do with the dumbness of the user. Is Linux insecure because you can get root without password with a simple option passed to LILO on startup?
This is to all the other replies below me. Maybe...just MAYBE...Linux isn't the 100% perfect golden OS you're making it out to be? BSD users are laughing and laughing.
"Sufferin' succotash."
Application crashes usually don't take a system offline for nearly as long though. An OS repair is like brain surgery, compared to getting an ingrown toenail taken care of in an application. Usually.
My blog. Good stuff (when I remember to update it). Read it.
RFC2616 is the HTTP/1.1 spec. It explicitly defines itself as an update to the original HTTP/1.1 spec, which clarified some issues.
Have a look at section 3.2.2. It defines the HTTP URL syntax as such:I believe that pretty clearly supports what I said in my earlier post. There is no mention of username or password here (or, as RFC2396 defines the term, 'userinfo').
RFC2396 , which updates RFC1738, and is pointed to by RFC2616 for the generic definition of URI's, indicates thatNote that it said "Some URL schemes". Also note where it says "NOT RECOMMENDED" and "security risk". This is a pretty clear message to implementers (e.g. Microsoft) that support for this should be as limited as possible.
Finally, the IETF has not declared RFC1738 to be obsolete. Go check their datbase at www.rfc-editor.org, and you'll see that I'm right.
"On Linux, because of the large number of different kernel configurations and application distributions (distros) that people run, this kind of exploit must be tailored to each specific target. So Linux systems, by the very nature of their diversity, are not vulnerable to this kind of exploit."
All you are saying is that Linux is not vulnerable because it has no market share and isn't standardized.
If it ever gets high market share it will be from the idiot users that click on the "click me to install mega virus" links. By then it will be standardized - idiots like things to be consistent.
You need to get a clue if you're saying this is Linux's only defense against the clueless user who likes to install viruses!
Be happy. Nothing else matters.
Oh, I guess a Japanese guy didn't come up with Mario, the mascot to beat all mascots?
People like to believe they are empowered. Most people do not use the best product, they use the product that makes them feel the best. So what if Excel is not a database. The last place I worked full time for had so many excel spreadsheet databases that two people sitting beside each other could not agree on what a property's address was.
MS has the market for dumb users at the moment. Unskilled users can be brilliant at other things (like marketing, real estate, contracts, etc.) but they have no clue (or worse, little clue) how to work with data. They use MS products though and can get a small thing going, so they think the next step is just another click and drag away. Linux lacks this fundamental smoke screen.
The reason this race analogy is so beautiful is that Linux is slowly creeping up on MS's GUI ease of use and unskilled user empowerment. The key really is to allow people to do damage to themselves easily, then it is their choice. As Linux develops the ease of use, and ease of getting stuck that Windows currently has, then the rest of the world will start to flock to it. After all, these are most of the same people who download music, games and movies without paying. Then, they will not have to pay for the OS or the Office software.
Microsoft might be able to compete with that, but I doubt they can through legitimate means. After all, GNU applications and Linux development do not have any of the marketing, h/r, accounting or other costs associated with running a company. Pure development without the taint of beancounters or marketers.
InnerWeb
Freud might say that Intelligent Design is religion's ID.
Fair enough - that's why I said that text files have their advantages. Personally I have not had a corrupt registry since I started running NT4. YMMV.
This is not meant to be a personal attack but when a Linux fanboi starts listing off specific reasons why MS sucks, you usually find that at least some of those reasons apply to the oh-so-crappy and now very old releases (98, 98se, ME). I find this very annoying. Do MS users critize 6 year old Linux releases? I don't think so...
Be happy. Nothing else matters.
It's the password part of userinfo that's been deprecated as a security risk, not the userinfo field. But there it is in the HTTP RFC, host and no userinfo. I'm developing a taste for crow.
I've finally had it: until slashdot gets article moderation, I am not coming back.
Of course you definitely can't say the same thing about *nix desktops...
Shift happens. Fire it up.
they want their flame war from 1997 back
The point that the vast majority of the flamers on both sides seem to have missed is that a respected business publication thinks linux has a chance.
Most of us that were around when Linus made his quip about world domination never in our wildest dreams expected it would really happen, and here is an article saying it might. And articles like this have actually become common!
We now return you to your regularly scheduled flame fest.
There was evidence to prove that Overly Critical Guy is a lying cocksucker, but he deleted it. Think independently.
If I had any mod points left over, I would +1 parent. It might be interesting to point out that almost all of my friends, yes, including those who do not necessarily know much about computers, do know what Slashdot is, and do know what Linux is. Having a large knowledge base in computers does not correlate participation (reading, commenting, etc) on Slashdot or knowledge of Linux. Of course, the result of my friends knowing about /. and Linux might just be because of me.
They are Slashdot fanboys who need Linux to be #1 so they can troll Microsoft IRC channels without shame.
They are pointing out a legitimate flaw which you have yet to refute. What is your basis for calling them IRC trolls?
given Windows' popularity, you don't think virus authors would be using tricks involving, oh, the new kernel vulnerability listed in my sig, for instance?
I have sigs switched off. Name a single Linux mail client that allows users to run executables. How often is that feature actually a useful thing, and how often is it a liability?
Repeat after me--that has nothing to do with the security of the operating system and everything to do with the dumbness of the user.
A properly-designed system takes the dumbness of the user into account. Like, for example, expecting people to run malicious payloads from email and making it more difficult to make that mistake.
This is to all the other replies below me. Maybe...just MAYBE...Linux isn't the 100% perfect golden OS you're making it out to be?
Please point out where somebody stated that Linux was perfect. Or are you attacking a straw-man argument again, troll-boy?
BSD users are laughing and laughing.
Weren't you the one that suggested a unified alternative desktop based on Linux? Oh, but it's a different article now, so you have to troll in the other direction, don't you?
difference!
An interesting analogy. But would American Revolutionaries, the Viet Cong, or Al-Queda agree with you? Even more appropriately -- would Gandhi (the man who won a war without ever firing a shot)? How about the Iraqis when Britian invaded them in the early 20th century?
The complacency of the superior power often nullifies its own advantage. I do not see Microsoft deviating from this venerable axiom.
======---=======
Together, we will drive the rats from the tundra.
You right about "resolv.conf" and "umount" commands... they look a little weird. :P
But the truth is than marketing and names don't care when you are looking for good software.
However... linux keep evolving... every time better... and free althought SCO vampires cry
My official title is 'SQL Server Guru' and I am responsible for 5 servers at a retail mega-corp. If I am not relearning how to create a better wheel in .Net (from having previously known VS6), I am preparing for countless migrations. SQL7 to SQL2K, WinNT to Win2K, IIS whatever to whatever, not to mention countless security patches that all seem to break more than they fix. Not to mention dll hell and what happens when MDAC gets replaced with an older version. All this crap masquerades under the banner of 'Windows Interoperability'.
Take in contrast the AIX box I have that runs Apache (IBM's flavor) and uses perl and php to connect to Amazon.com. Our admins load whatever they want, if it breaks they back out their changes. I have a cd with all my code that I can deploy to any system I want, tweak 2 files and I'm back in production. We even had to rewrite parts of Curl to handle nonstandard headers. This machine has to be available 98% of the time. It has been up since November. My mission critical Windows machine has been up since middle of February.
It is more important to me that with a text editor and an internet connection I can fix ANYTHING. Than to be sold on software components that have a 3 year lifecycle.
Wow, that rant was better than therapy. Back to my damn migration plan.
PS: It is easier to run an enterprise with no Microsoft components than it is to run one with nothing but Microsoft components.
It's several bugs, actually. Thanks for asking, by the way.
First, Windows hides file extensions by default, so executables can be made to be visually identical to known "safe" file types. Secondly, Microsoft's mail clients don't take advantage of NTFS's execute permissions to prevent executables from being run until they are marked as okay to execute.
Hope that helps. For what it's worth, try any other operating system on the planet. It'll give you a good perspective on how many ways things can be done differently than on Windows.
At the end of the day, you just have to face the fact that foo bar baz.
I haven't implemented it myself, but I *think* OpenLDAP can do what you want, in conjunction with Samba...
Important info:
http://www.lifeaftertheoilcrash.net
http://dieoff.org/synopsis.htm
http://www.peakoil.net
I say different versions use different species of penguin. Check this out. Tons of species with rather business-friendly names. King, Emperor (doesn't the middle one make you think "Godfather"?), as well as penguins with that corpate-ish look, like the Rockhopper, Erect-crested, Snares, and Fiordland. My personal vote is for the Rockhopper, or perhaps a more true-to-form (fatter, taller, and smaller head) Emperor penguin.
Of course, there is also the Jackass penguin, but I'm not sure anybody will go for that.
Well, I often read complaints about linux going something like: Last time I tried installing Linux bla bla...
And usually it's no longer an issue, installing linux is easy as hell. If you have a mainstream computer older than a few months, chances are everything will work out of the box.
You got that right. The cluetrain was ahead of its time.
I can't understand why people still think that "professional" must mean putting on a boring, impersonal face and communicating in corporate monotone; Google is proof otherwise. It's so sad to see small businesses -- who still have a soul -- attempting to emulate their souless idols.
--
Power to the Peaceful
And usually all of the unreliability issues with Windows are no longer an issue too.
(But security needs work...)
Be happy. Nothing else matters.
appleWare: it'll cost you an arm and a leg but it works pretty damn well.
(sorry, just wanted to continue on the fruit-topic thing)
"going to force Microsoft to spend more time on security and stability, and less time on adding new features."
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
That is a complete myth. Windows admins are not significantly less expensive to hire than Linux admins. Not even when you consider people of similar skill level (admins that are Windows-only typically are far less skilled than those that are Linux-only or know both). And especially not in this job market where there are loads of people applying for every admin slot that opens up. It is an employer's market, and employers can pretty much name their price, especially for highly desireable positions like a Linux admin.
If you don't believe me, you haven't been involved in the hiring process lately and/or haven't looked around on the job boards.
I remember when Japanese cars started becoming popular in the US. American-made vehicles were prettier and more comfortable, but the quality was terrible. Japanese cars were too small and full of unattractive plastic bits, but they ran well and had far fewer problems.
It only took a few years before the Japanese cars were also attractive and confortable, but it took at least a decade before Detroit even started to catch up in reliability.
Wow, lots of bad karma in the first couple posts.. [gossip]Anyway, so Microsoft fell asleep on the job.. [pipedream] Linux is surely going to take the purdy blue ribbon for rock-steady. I wonder when the optimal time to start teaching my friends' kids is.. [/pipedream][/gossip]
Read; Write; Execute
Wouldn't it be easier for Microsoft to simply re-brand Linux or *BSD by changing the icons for the window managers?
All you are saying is that Linux is not vulnerable because it has no market share and isn't standardized.
Come on, surely you aren't trying to get away with that tired old line? Which has the biggest market share, IIS or Apache? Which gets broken into on a regular basis and which does not?
Let's see if I can explain myself a bit better. See, the thing is that the market wanted more secure and stable software, but MS just ignored that (features FEATURES!!). Linux came along and changed that, but the same effect could have happened if someone else had decided to go for that same market, be it IBM with a new OS, someone taking over a new BSD variant, you name it.
Granted, as the AC said, the fact that Linux is gratis and free probably helped too (as well as the fact that the primary goal for the creators was not necessarily profit). But with MS ignoring the market like that it was just creating the opportunity.
---- Take the Space Quiz!
RTFP - we're talking about user-activated email "viruses", not OS/product vulnerabilities.
The quote *does* say that Linux is not vulnerable to this kind of thing because it's not standardized. Read it.
Be happy. Nothing else matters.
You mean like Reddy-Kilowatt, Mr. Zip-code, The Exxon Tiger, Ronald McDonald, the AOL man, the GOP elephant, the Demorcatic donkey, the Maytag repairman, Ask Jeeves, or any other persona or charicature?
I guess you don't quite understand what it means to market a product. For each of the examples, aside from the political parties, they are trying to market to end users, consumers. I can just see a multi-million dollar company signing up with AOL to be their sole provider of internet access and email. And I can absolutely envision that same company taking out their most important client for McDonalds. Don't forget about gassing up their LearJet at the local Exxon station. The subject of debate (the only one that it could be) is how to market to business professionals. Because it costs considerably more money to set up an office with the latest computer hardware/software than it does to by some freakin' batteries, the major decision makers want to know that they are dealing with a serious company. They do this because not only are their jobs at stake, but potentially the jobs of everyone else at the company, not to mention the money of their investors. It's called professionalism and I think that we all learned a little bit of it back in the dot com crash..at least, I'd like to think we did.
Those who can, do. Those who can't, go into business for themselves.
The only machine I've ever had to reboot more thanonce a day is a Mac (pre- MacOS X). I've used WinNT, Win98, and WinXP, and they've all been very stable, as is Linux and Solaris.
The article was good in that it recognized that commercial linux figures were only the tip of the iceberg of total linux usage, but it failed to realize that this means Linux is not playing the same game as Microsoft (or any other vendor).
Comparing revenue growth is meaningless. Even the effect on MS's bottom line is secondary to MS. They're more frightened about the mindshare. People don't want to upgrade to XP. People have lost faith in the Software Assurance program (if they had any to begin with). There's no serious money in PC hardware at the moment, but people are seriously revising their upgrade needs for when the time comes.
I'm still wating for the killer web-based tax/accounting application (eg postgres+php). That would give the tortoise a wriggle-on.
insecurity asks the wrong question irritation gives the wrong answer
A quote from one CTO: [Linux is] "going to force Microsoft to spend more time on security and stability, and less time on adding new features."
Actually Microsoft's previous lack of focus on security is going to make Microsoft spend more time on security. Too late to shut the barn door that horse is long gone.
There's no shame in being a pariah. -Marge Simpson
Nice point indeed.
I think this is more of a matter of Microsoft just gradually slowing down other than sleeping though. And maybe, just maybe, the tortoise has a rocket pack!
"Instant gratification takes too long." - Carrie Fisher
(goes to bottom of page and clicks to "PLAIN OLD TEXT" immediately)
4000? Strange... I remember MS press releases saying two factoids: that they took 500 man-years to create win2k, and that they had a staff of over 200 developers on the win2k team. Now, keep in mind this is strictly developers, not support, admin, QA or etc.
4000 for IE, vs 250 for the whole OS?? If anything, what you're saying PROVES Brooks' theorem. Incidentally, you obviously haven't read the Mythical Man Month. His examples involve companies like IBM and GE. They've occasionally done some big projects, I hear. Had microsoft existed when he wrote the book, he'd have mentioned them. Read the book. Really.
Back to your 20,000 number: if Microsoft hires 20,000 *developers* on an OS and doesn't fall victim to the flaws resulting from an infinite committee (unlike the infinite monkeys concept, an infinite committee results in a black hole of productivity, where NOTHING ever is created again... like that? I just made it up!) they'd be spending a third of their manpower on engineers. That's a bunch of nontechies that'll be out of work, considering the balance at Microsoft is nowhere near 30% engineers right now. Also, at 100k apiece, not counting overhead, Bill Gates would be seeing 20,000 x 100,000 = 4 BILLION a year spent on crushing a free alternative that admittedly hasn't caught up with microsoft yet on most issues.
After a few years of spending like crazy and seeing the Linux realm keep up... it'll start to look like a poor investment.
After a decade, they'll have spent a sizeable chunk of Microsoft's market cap. If they stop, linux will still catch up. Press on!
After another decade, the money's run out. Let's say Microsoft's still in the lead in this ficticious scenario. But they've gotta stop. Once they do, linux advances again.
Don't underestimate Microsoft? Indeed. Apple, Oracle and Netscape all needed a profit motive to win. Linux just is. And twenty years from now, it'll still be just as free, just as flexible. And anyone that wants to lend a hand is free to do so. That's the concept that shouldn't be underestimated.
Do you notice that all these things are done in India. The result will be that all people in India will be unable to work with Windows, whereas the rest of the world will be.
The endresult will be that it is impossible to outsource to India and we all have to pay higher prices. The prices that Microsoft will dictate. It is all a scam from Microsoft, I tell you. All a scam. Don't trust them.
(It's a joke, now mod me down)
Don't fight for your country, if your country does not fight for you.
If I said "what product brand is Penguin" to almost anyone in the UK, they would say "a chocolate biscuit" (they used to have a massive ad campaign with the slogan "P-P-Pick up a Penguin"). I think very few people would name the book publisher, if only because Penguin Books don't advertise nearly as much as McVities/United Biscuits do.
You don't look like you are a Microsoft sysadmin, or you would know
* to use MSDN and Technet for documentation, with microsoft.* newsgroups on groups.google.com for the hard stuff,
* to use SUS for patching,
* to use NTBackup for backups,
* that no MS application requires you to have administrative rights to use it,
* to use Task manager to kill hung tasks. Yes, including explorer.exe. It's a bit like kill in Linux/unix. Give it a try.
Evidently since you need to have multiple users using consoles simultaneously (note, not processes running as different users, or users accessing the server under their own credentials) you have very specific needs, and I expect you are probably running a VAX with VT100 terminals.
And no, the tight coupling between the browser and the OS has very little to do with most security holes. They are just holes, with local code execution, and would be just as bad if the browser was not so integrated.
NO ID: BEING FREE MEANS NOT HAVING TO PROVE IT
RTFP - we're talking about user-activated email "viruses", not OS/product vulnerabilities.
So? Whining about market share to excuse vulnerabilities is stupid when it is completely contradicted by the abundant evidence that attacks do not correlate to market share.
to use MSDN and Technet for documentation, with microsoft.* newsgroups on groups.google.com for the hard stuff
This is what I was refering to when I said cyclic documentation that leads nowhere. This doesn't happen for all documents, but it sure seems like the docs I need are in this category.
to use NTBackup for backups
I haven't tried using NT Backup on the newer OS's (XP, 2003) so maybe I'm wrong on this one. My experience with the backup utility that comes with the OS is that you really only use it for backing up data. My understanding is that you'd have to reinstall the OS just to be able to access the restore utility.
to use SUS for patching
I'm not familiar with SUS so I'll check on that shortly. My initial check in the MS Help didn't return any results so either it's an add on application or it's an undocumented feature.
that no MS application requires you to have administrative rights to use it
The standard work applications don't require it, but several games produced by MS do (Age of Mythology is one example). The limitation is mentioned in some of the KB articles (I researched this because I didn't want my children to have administrative rights to play the game).
to use Task manager to kill hung tasks. Yes, including explorer.exe. It's a bit like kill in Linux/unix. Give it a try
I'm well aware of the kill command on UNIX, the task manager on MS Win32, and the kill.exe available for MS Win32. What I originally was refering to was not a "hanging" task, but one that simply "hogs" the CPU. The most common CPU "hog" that my coworkers complain about is McAfee taking 99% of the CPU, but it certainly isn't limited to anti-virus software. We also find that compiling on a single CPU system can also bring it to a halt. That's where I was going with the immature multi-tasking.
Evidently since you need to have multiple users using consoles simultaneously (note, not processes running as different users, or users accessing the server under their own credentials) you have very specific needs, and I expect you are probably running a VAX with VT100 terminals.
As for the multiple users comment, we develop integrated software solutions for various server environments. We also prepare multi-vendor/developer demonstration systems for potential customers, generally to a tight deadline. Usually find ourselves in a fight for access to our MS Win32 servers for software installations. In these cases, we do need to access the server authenticated to individual user accounts to have accountability. Because most of the applications we deal with have a GUI for configuration, we either need to do the equivilent of setting a DISPLAY variable or a remote desktop (terminal services - additional cost, and apparently available on servers, not desktops - believe XP has something here, but haven't played with it yet).
Looks like you'll need the following:
MBSA - Microsoft Baseline Security Analyzer
SUS - Software Update Service
MS IIS (required for IIS vulnerability checks)
MS SQL Server (required for SQL vulnerability checks)
MS Office (required for Office vulnerability checks)
Looks like this product could be useful for pushing updates to the desktop. I'd certainly be much more careful on the server environments as the applications may have problems with some of the updates.
Does using SUS get around the repeated rebooting when setting up a new MS Win32 based system and applying the numerous patches? (And YES, I'm aware that I could make an image and base all clients on that image, but in many cases, I deal with a variety of hardware configurations - dealing with the "latest and greatest" solutions).
McAffee runs at high priority. Applications running at high priority are *supposed* to hog the CPU. How else can you ensure that critical applications can always run? McAffee needs to run at High to ensure it scans the files as soon as possible. There is nothing immature about this. I suspect you just don't have an on-access scanner on your Linux boxes, or you would discover that the problem is that on-access scanners are really invasive and CPU intensive, and is not to do with Windows.
If you want your builds in the background, drop the priority of DevStudio. Look for "start" in the help for how to do this when it runs, or use Task Manager to reduce it to BELOW_NORMAL.
"Because most of the applications we deal with have a GUI for configuration, we either need to do the equivilent of setting a DISPLAY variable or a remote desktop "
Since it is a server application, you could just separate out the configuration application from the server application. Like I do. Like MS does (Ever noticed how all the tools have a "Connect to Computer..." option?). Like everybody who knows what they are doing does. Invisible service with separate configuration application is The Microsoft Way. This is very easy to do.
Here are some strategies:
* If it's a DB application, you can just have your application connect to the DB remotely, and edit the configuration there.
* If the config is in files, any user with admin priveleges can access the files through the default shares \\$, which have access to local admin only. If you want other users to be able to administer the application, you can create a share for this purpose. ACLs can be used to secure the files and the share itself.
* If configuration is in the registry, you can use the registry functions to access the remote registry. The user will be accessing the registry with their own credentials, so the Registry ACLs will only give them the same access they would have when logged on locally.
* If you have a combination of the above configuration, use a combination of the strategies.
* And of course you can use RPC or DCOM to provide a remote administration API, and connect to that. Just ensure you secure the object with the appropriate ACL. (No-one has access by default).
NO ID: BEING FREE MEANS NOT HAVING TO PROVE IT
First off, I don't have any LINUX systems. My background involves UNIX (Solaris, IRIX) and MS Win32 (NT, 2000, XP (to a lesser extent)). The development we do rarely involves MS Studio as we can't be locked into a single platform. Our customer base still utilizes a variety of operating systems and hasn't commited to migrating to a single OS platform.
I can understand an application running at high priority, but it shouldn't cripple the system until it completes. I should be able to move to another application while a process is running. I'll still consider the multi-tasking to be immature if a single process can essentially freeze the system.
The applications that I need to access via GUI are not always internally written applications so assuming that they will have an administrative or configuration console can not be done. I am very happy that MS added the feature to allow remote administration to many of their components, but it's not a global concept yet.
Some of the strategies you list work fine and we've used them where we can, but something as simple as an installation often requires running an "installer" application with user input. An administrative console would be nice, but I'm not sure that we can wait until everyone adopts the MS way.
It's true that I'm more of a UNIX person than MS, but I find that a simple telnet session piping the display back to my system would make my life much easier than all the work arounds.
Basically I see the advice your offering as working well with a "vanilla" workstation/server environment. If I put out a single baseline in my environment, I'd find most of the systems to be fairly unique in a few weeks, and I shouldn't have to lock the systems down to keep a simple environment.
Linux is the Torvalds to Microsoft's whore.
Message from the meta-moderator: Check the links!