Slashdot Mirror
IT Practice Within Microsoft
SilentChris writes "Good article over at CNet regarding Microsoft's internal IT practices. Some intriguing statements from the CIO, from the obvious ('It's an easy choice for me--to run Microsoft technology. We don't run Unix. We don't run Linux. We don't run Oracle.') to the not-so-obvious ('Our users are the admins of their machines. They can load whatever software they want on their machines, but we do audit the network continuously.') I wonder how much time is spent combatting spyware?"
If you follow blogs.msdn.com, you'll find that while many people are admins of their own machine, they rarely actually run as admin. I think all they are saying is that they don't take away the power of the user to be able to install their own hardware or software. But the vast majority of people working at MS seem to understand the risk involved as running as an admin at all time.
They can load whatever software they want on their machines, but we do audit the network continuously.') I wonder how much time is spent combatting spyware?
I am a software consultant. The first thing I usually need when I go to a new client is to have local admin to run various coding tools (app servers, for example).
Do those clients have spyware running rampant? No, because the people that have local admin aren't idiots. I'm sure MS spends time educating non-techies on what to d/l and what not to. Its not surprising nor do I necessarily think its a bad thing for people to have local admin on their machines.
Of course, if this wasn't about MS, I'm sure no one would care... but some people simply need someway to stick it to MS....
Good quote, too many chars. Seriously, the slashdot 120 char limit sucks!
If you read MSDN blogs you occasionally come across references to people using non-Microsoft software, including Firefox, Apache, and *nix. Hotmail uses UNIX tools running on Interix... which includes the "viral" GCC.
http://www.microsoft.com/windows/sfu/
Of course Interix or whoever MS bought the thing from probably paid the piper already, but knowing SCO's proclivity for lawsuits, I don't blame MS for doing it again.
Now before I get modded down, I be to remind whoever might read this that what I am saying is FACT. - bogaboga
Disclaimer: I'm a Microsoft employee.
I'm running FireFox right now on my dev box at MS. I use the google desktop search (though I'm thoroughly impressed with the MSN one and am migrating). I can't contribute to open source, nor have I looked at any OSS code since I started working here...I only run binaries. At Microsoft, you're more than welcome to call it as you see it. It's no secret that many of us use other browsers and state openly that the company's fallen way behind with IE. I'm not asked not to use the software, and I'm certainly not being fired.
Why is it that the proponents of "one nation under God" are so eager to get rid of "liberty and justice for all"?
Tell me you don't have root access to your workstation... If you do, then are you login as root at all time?
/devel/bin /devel/etc, etc. and give them full access.
/bin or /etc.
Regular users and developers don't usually need admin access to their workstations.
You can design the workstation in a way that lets a regular user install software, but still keeps the rest of the system protected. They can install software to their home directory, or you can create a special partition named '/devel', with
That way, they can install software without interfering with the critical utilities in
This works in most cases.
94% of Repubs and 21% of Dems voted to renew the Patriot Act
Check out (in the Group Policy editor) "Software Settings." You can set software up to either be available for the user to install through Control Panel|Add/Remove Software, or to push it so it installs for the user automatically.
I claim first use of "Error No. 0B" - or "No. 0B error." It'll be the new ID 10T!
Yes - If your clients are windows 2000 of better, and on a domain, you can use group policies to assign software to computers or users; software will install automatically at startup or login. Or you can publish apps to the add/remove control panel app (where the user can install them at their leisure)
or, on windows xp cliens, you can set group policies that restrict any software from running, except from locations that you specify (eg - c:\windows, c:\program files, and \\server\\withApprovedSoftware)
NTFS was first used in Windows NT 3.1... Its more like 10 years old...
None of those systems belong to Microsoft...you can see that clearly by looking at the Netblock column. Skip ahead until you get to systems that actually belong to MS and they are all running Windows variants.
Disks are duplicated on a variety of industrial strength, quality focused systems. Most of these systems are UNIX-based. The UNIX-based duplication systems used in manufacturing are impervious to MS-DOS-based, Windows- based, and Macintosh-based viruses. The few MS-DOS-based and Windows-based standalone duplication systems do not allow MS-DOS-based operating systems to access the duplication system. Virus protection systems used by these MS-DOS-based and Windows-based duplication systems strictly govern the duplication process, even when they are not running.
That KB article has since disappeared... smirk... ;-)
errr.. they do have unix boxes:
- 1.html)
t outs_unix/) they themselves state all sorts of advantages of unix, such as kernel stability, processing ability and complexity of windows.
:)
Although MS has replaced some of hotmail from bsd to win2k, for other portions, win2k is just not powerful enough to replace the Solaris UNIX back-end.
Quote:
(from http://www.freebsd-corp-net-guide.com/rejrev/pref
In the first section of the Preface, I cite the Microsoft-owned Hotmail service as an example of a major production facility that uses FreeBSD. Several reviewers pointed out that after Hotmail was purchased by Microsoft, they commenced a program to eliminate all usage of FreeBSD and replace it with Windows 2000, and that citing Yahoo as being entirely run on FreeBSD (which it is) would be a better cite.
I rejected this purely for political reasons. Most people aren't aware of this, but Microsoft itself extensively used BSD UNIX for years for Internet serving through the Windows NT 3.51 days. This continued well into the Windows NT 4.0 days, although during that time the company began hard efforts to switch away from BSD UNIX to NT. This was not done because NT was technically superior but rather because Microsoft wanted to "eat their own dog food" as the industry line goes.
The upshot of this is present even today. Microsoft uses Conexxion as their principal offsite FTP service to distribute upgrades of Microsoft Internet Explorer and other programs, purely for this reason. It is simply because NT 4.X and even Windows 2000 is not capable of serving such a large volume of files onto the public Internet. Other companies, such as Walnut Creek/BSDi and Sun, have no problems distributing just as large an amount of data because they use UNIX. Microsoft has mandated that this kind of file update only occur over NT/Win2K. As a result, it takes an entire plant stuffed to the gills with NT servers to accomplish the same thing that only a few UNIX servers are needed to do. After all, when the work is continually subdivided, eventually the limits of NT's abilities are reached. Because of having to involve so many NT servers, it turns what would be a simple task under UNIX into a giant task involving hundreds of people. In short, it cannot be done in-house anymore and must be turned over to an entirely separate company that specializes in distributing large quantities of files with Windows platforms. While every other major company that uses UNIX like Solaris or the FreeBSD operating system can distribute large numbers of files over the Internet without a lot of expense and effort, Microsoft--purely for marketing reasons--has to hamstring themselves and spend millions of unnecessary dollars. The fact that they admit this and were unable to redesign Hotmail into an Windows-only service deserves to be made obvious.
The final word on the Hotmail affair is this: FreeBSD is used as the "front end" mail processing part of the service. Sun's Solaris is used as the "back end" mail processing part of the service. Only the FreeBSD front-end has been replaced with Windows. Microsoft still cannot get Windows 2K to be powerful enough to replace the Solaris UNIX back-end.
end quote
Additionally, in their own whitepaper about the bds portion being migrated to win2k, (references here - http://www.theregister.co.uk/2002/11/21/ms_paper_
a good read
You're allowed to run whatever the heck you want as long as there's a business reason to do so. In fact, at one time I had a RedHat box under my desk and ran MySQL on it, and I used MySQL quite extensively on Windows as well, until I figured out the architecture that allowed me to do bulk inserts into MS SQL backend. I know for a fact that lots of folks run unix command line tools, emacs, firefox, etc.
Except that statement is no longer true. The back end migrated to Win 2K about two years ago. All the FreeBSD servers are long gone.
Obviously you don't spend 5 minutes with a customer and ask a customer, "hey, what do you want to do" and then go off and do exactly that. You figure out what problem it is they're trying to solve, and get an understanding of the core issues at play. Then you talk to more customers and repeat the process. From there you can organize that information to get an idea of how much need there is for a certain set of functionality. If one customer wants one feature, but 800 want another one, you start working on the solution to the problem 800 of your customers want.
This is customer oriented/focused development.
If you just go out and solve random problems that nobody has a need for, you risk losing focus on what really matters -- the people who buy your software. Nobody upgrades because a package does something new they don't care about -- they upgrade because it solves a problem they're having.
This kind of development isn't "catchup" -- it isn't "bug fixing". It's identifying what people need, and then coming up with a solution for them that solves the problem they're having; this doesn't mean that it solves only that narrowly defined problem. The thing is, when you do this kind of work, you ARE solving problems people have before they encounter them (in addition to solving problems some of your customers already have).
There is plenty of innovation that can occur by doing this, and I personally think you get a lot more useful innovation following this process. You'll certainly do better than copying the features in competing products.
Is it just me, or is the word "administering" being slowly replaced by "administrating"? Administrating seems to be the wrong tense to me.