Slashdot Mirror
Microsoft Claims Firms 'Hitting a Wall' With Linux
maxifez writes writes to tell us that Microsoft has released yet another independent study downplaying the viability of Linux at the enterprise level. The study claims that Windows is "more consistent, predictable, and easier to manage than Linux." From the article: "The study, commissioned by the software giant from Security Innovation, a provider of application security services, claimed that Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts." Vnunet.com has also provided a PDF of the original report.
How is this news?
God spoke to me.
Here is a translation from babblefish for those that don't read bullshit.
More consistent: It crashes the same way every time I press the start button.
Predictable: It will crash at least once a week
Easy to manage: There aren't any extra settings in the windows to set that confuse people.
With Linux, they couldn't figure out what they needed to press to make it crash and couldn't determine out when it would crash.
Yet another "independent" study.
Also I am pleased to notice that the "independant company" that spewed out this "commissioned report" (see the microsoft page) lists Microsoft on their partners page, and from what I can tell no one who has even heard of Linux (with the exception of HP). Since it looks like their business depends on selling enhanced security products, I can see why they wouldn't be too keen on having people show an interest in Linux.
Security Innovation designed this study to be repeatable, and we believe that the results are consistent with what customers are experiencing in the real world.
And if I wander over and look at my main Linux file server, I see an uptime of 125 days (it had over a year uptime before I physically had to move the server to a different location). During that time the server's files were available 24/7 with absolutely zero problems. Needless to say we have had way fewer problems with the new Linux server; the old Microsoft server crashed or had to be rebooted on a regular basis; the people before me actually had a planned "weekly reboot every Friday evening". When it came time to replace the Microsoft server, Microsoft didn't fare so well, especially when it came time to pay big piles of $$$ to upgrade it: basically we could have bought two linux file servers for the cost of the Microsoft software upgrade costs alone. Hows that for a real-world example?
I Am My Own Worst Enemy
"Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts"
What the study failed to mention is that 86 per cent of the time to implement was spent convincing the executives and attorneys that using Linux was worth pursuing.
Trouble making decisions? Just flip for it.
The study claimed that Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts.
yeah, maybe true. But how about maintaining them later, for years, with zero downtime?
#
#\ @ ? Colonize Mars
#
Predictable and consistant are not always good ;)
;)
I can predict Windows will consistantly crash more. Not sure how that is a selling point tho
It is fairly easy to manage, just press reboot every now and then. Ok, they probably have that point.
Easier to manage I would admit (Once you learn which window does what) but certainly not reliability and dependability, unless you're comparing with a newly released experimental distro.
try { do() || do_not(); } catch (JediException err) { yoda(err); }
If you take a bunch of bad examples and lump them together, anyone on the MS dime could come up with bad results against any free OS... 68% longer but hey, at least they didn't have to reboot after every update and buy per-seat licenses.
--
Given enough personal experience, all stereotypes are shallow.
Souldn't "independent" be set in quotes in the abstract? Or is that just assumed by all nowadays?
98% of the 68% was used to removed infected windows servers before installing Linux.
So, they claim that they won't use red hat enterprise linux 4 because they want to analyze 12 months of data (RHEL 4 was released on february IIRC) adn they use red hat 3
I just stopped reading there. Just because red hat enterprise 4 has been there for 12 months doesn't means you've to make a unfair comparison
Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts."
OK - so it takes %68 longer, but you only have to do it %10 as often...
You're still ahead =-)
"Murderer? Well, that's a harsh word. I prefer to think of myself as a Mortality Technician."
I honestly hit a wall around 2003 with Linux. I had been using Linux since '95 back in the old days, and to me Linux is just one wall after another unfortunately.
I would love to say this is all MS FUD, but it just isn't. Linux still has a place in a few server areas but not much more. When I check out a new distro in '05 TEN years later some of the same major issues still exist... even MS isn't this bad. It seems like the point was made with Linux btu that it just will never be viable outside of the back office.
I know many will be mad, but it's just my humble opinion.
http://teasphere.wordpress.com - A little spot of tea
The key, as always with these "studies", is to find the portion where it deviates from Reality. That is, where it uses some strange definition or where the sysadmins choose some bizarre action.
...
In this "study", that step into UnReality begins where all systems are required to stay on the same time-line for upgrades.
This means that what would otherwise be a normal upgrade from SLES 8 to SLES 9 instead becomes a strange mix of back-porting patches from SLES 9 to SLES 8. In other examples, the sysadmins are downloading code from the glibc and mysql sites and applying it to those server WITHOUT TESTING. So, over time, the SLES systems become unstable.
Meanwhile, no non-Microsoft supplied code is applied to the Windows boxes.
Of course, the one who commissions the "study" gets to choose the criteria
... an independent study commisioned by the Vatican demostrates that God exist.
68 per cent longer
First, quality, dependability, ease of long time administration, etc. are far more important than time to make new services available.
Second, another MS-purchased independent study showing linux being inferior.
Honestly, we all have better things to do.
I am putting myself to the fullest possible use, which is all I can think that any conscious entity can ever hope to do.
Hitting a wall isn't the worst outcome. If you have Windows, you might just crash right on through and go "Splat" on the pavement below.
"In a world without fences and walls, who needs Windows and Gates?"
Windows is "more consistent (to the expectations of someone who used Windows all their life), predictable (by people who spent the '90's studying for their MSDN cert), and easier to manage than Linux (by people who like masochism)."
If by that they mean you can tell when a BSD is a comin, then, yes, they are correct.
In other news, Windows was cracked 68% faster than Linux and didn't warn that it was happening at 40%....
:)
Shh.
Interesting. Unpredictability and inconsistency were the reasons why I originally (way back) moved to Linux. I found that with Windows I always had to think about what the developers might have thought when making Windows and how it might try to outguess me this time. It seemed as if Windows applied some heuristic to guess what it was I wanted to do and did that instead of what I told it to do, often without asking me first.
Linux may have more implementation overhead but the results, I would argue, are generally superior.
$someone_influenced_by_microsoft claimed that Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts.
Well, I'm not suprised - They're probably busy reading slashdot half of the time.
.....That tells us how many people have hit the wall with Windows?
This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
M$ paid the Yankee Group http://www.yankeegroup.com/ to do research on the subject. From the Yankee site: "At the crossroads of opportunity and technology, Yankee Group Consulting provides customized solutions to help companies achieve success. ... that result in growth, leadership and profit. "
Would they be honest about it, if Linux was as fast or faster? No, they say what their client wants to hear, resulting in publicity on /.
I looked at the report and I must have missed the list of the respective administrators skills and experience. Anyone got any pointers?
Slashdot: Where nerds gather to pool their ignorance
So we are even!
He who knows best knows how little he knows. - Thomas Jefferson
Biggest one: lack of coherent standards and framework. It must be remembered that it was designed to ape Unix and all the garbage packed in pretty packages that went with it. That means the core of the behaviors, the text interface, the X system on top, the more advanced graphical things on top of X, the helter skelter nature of applications and resource allocations... If I run eMule, Yum, and Nautilus under Gnome at the same time, it immediately causes one or more of them to slow down, eat resources, and grind the drive in swap file overdrive for a good fifteen to twenty minutes. The hype is that Linux doesn't have these drawbacks of clashing code and resources. It does.
At least Windows is consistantly going to do this without any illusions. I'd like a similar consistancy applied to Linux so no one expects anything approaching the pseudo-perfection that is claimed of it constantly.
If my grammar and spelling are off, I am [distracted/tired/careless] (take your pick)
According to Netcraft:
My Websites Hosted on Linux:
Last Reboot: 468 days
Last Reboot: 331 days
Last Reboot: 664 days
Other of My Websites Hosted on Windows:
Last Reboot: 3 days
Last Reboot: 9 days
Last Reboot: 11 days
Customers wanting to switch from Windows to Linux: 3
99.999% Uptime and 50% happy customers: Priceless
CP
But seriously I don't see the big deal, bit of a non-story. Obviously Linux and Microsoft advertisers are both going to say with their "reports" how superior their system is as that's their job. Maybe they have other personal thoughts, who knows ... but propaganda is meant to be propaganda , it's good for business.
I predict that our MS server will consistently be down between 4 and 5:30pm... without a doubt.
...I've downloaded and searched the report and can't find anything about "implementing new business requirements". The study seems to be mostly about totting up the Mitre CVE DB vulnerability reports for each platform.
The Army reading list
How pathetic is it when the only people who say nice things about you are the people you PAY to say nice things about you? That's like paying people to be your friend.
MSFT has the best friends money can buy.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts.
They forgot to mention that 67.3% of the windos counterparts did not solve the problem at all because they did not know of a vendor who had the software available, and those were not included in the statistics. Also, 23.1% of the windos projects were ten times over budget. 17.5% of the windos projects were fast, but in violation of on average 7 EULAs and 3 other license agreements. 55% of the Linux projects were slowed down by the requirement that no Free or Open Source software could be used, while 15.8% were limited by the requirement that no non-microsoft software could be employed, and Wine was specifically disallowed. Also, 97.5% of statistics are made up on the spot, including 87.3% of those who are conducted by so-called "independent institutes" for lots of money. Finally, 99.87% of studies paid for by someone surprisingly reveal exactly what the customer asked for.
Assorted stuff I do sometimes: Lemuria.org
... the University of Alabama in Huntsville, the network service was absolutely horrendous. Nothing worked right, packet loss across campus was obscene, registering for classes using their system didn't work, the webpage was often down, systems were clunky, etc.
The only things that weren't always broken on campus were the DNS server, the student webpages, and email.
All of these were hosted on one of the few UNIX machines they used, email.uah.edu. I used my shell account without issues for six years while I was there; the network often died around it (because the networking people were largely incompetent clods), but the UNIX administrators in charge of keeping email.uah.edu working always managed to keep it going.
Is it just me, or are the terms "microsoft" and "independant" intrinsicaly contradictory?
"microsoft" is to "independant" as "earthquake" is to "construction" or "tsunami" is to "dry"...
"We are all geniuses when we dream"
- E.M. Cioran
HTH. HAND.
Lacking <sarcasm> tags,
Miscellaneous anti-Windows/Linux argument!!!!
It's "PLOAF," not "P-LOAF." Ask about it.
heh.
must be n00bs running the linux boxen in that study.
I can download, compile, and install apache/php and everything associated with the web server in less time than it takes to verify the license for an xp box and download sp2, given a dual xeon.
I don't even need to hunt through all my crap to find a valid license that will work; )
My home workstation doesn't even have sp2 yet because it's work issued and the volume license got out to the world, now it no longer validates. I bought a licensed copy of windows for my own use, and can't even figure out where to put the valid license in on their site so I can get SP2.
I am not sure how that constitutes "easier to use". To patch the box, I need to uninstall what work put on it (violating the rules) and reinstall windows. Alternatively I could wait a few more weeks while my desktop support team figures out what to do.
what a joke...
I am considering taking it back to work and handing it to them because it's a security risk to my home network. It's already unplugged and sitting in the corner.
l8,
AC
MS don't seem to understand people/companies use Linux as their choice.
I dunno about everybody here, but I am getting fed up of all this 'my dad is bigger than your dad' business. Linux users DON'T care.
MS are getting mighty scared to keep financing rubbish like this.
"Pay (or manufacture) big names to repeat the same lies often enough, people will believe it."
ELOI, ELOI, LAMA SABACHTHANI!?
"The study compared two teams of experienced IT administrators running Windows Server 2000 and Novell SUSE Enterprise Linux 8, then monitored their progress as they upgraded to Windows Server 2003 and Novell SUSE Enterprise Linux 9."
But the PDF says:
"Specifically, for the database server role, we considered three configurations; Microsoft SQL Server 2000 on Windows Server 2003, Oracle 10g on Red Hat Enterprise Linux 3 and MySQL on Red Hat Enterprise Linux 3. In order to produce a meaningful comparison of platforms, the systems studied were manually installed and their configurations were verified."
Red Hat Enterprise Linux 3 is the only Linux distribution listed in the PDF. Also the fact that "the systems studied were manually installed" is probably why the upgrade was problematic. If you want your upgrade to be easy, install from the distribution, not manually. I also wonder why they did not test MySQL and Oracle 10g on windows. There are windows versions of these software packages. When you are comparing systems running different software, you are not just doing an OS comparison. You are also comparing the software packages. They might just as well have compared Red Hat Enterprise Linux 3 running Oracle 10g to Windows Server 2003 running Microsoft Access 2003.
Insert Generic Sig Here:
You tend not to hit the wall with Windows - as you approach it, it tends to topple over and crush you.
Where the wall is with Windows is kind of irrelevant - you should be more concerned with how far away the wall is, and how tall it is.
More consistent: it does, start button I press, same way crash.
Predictable: A week crash will once it at least.
Easy to manage: Extra Windows settings to confuse people it will, arent there?
I've been using Fedora for a long time now, but this report has given me some doubts. In the interests of fairness, I should probably give this "Windows" a go. Sourceforge doesn't seem to have anything - does anybody know where I can download it for comparison? ;P
Microsoft's trend of trying to discredit Linux can only say one thing: they're scared.
our exchange server "consistently and predictably" crashes every weekend.
Gyrate Dot Org - "Where high-tech meets low-life"
Tell that to Google, MS.
nice publicity in wrong website (/.)... go figure.
Weekly reboots.
Get a copy of Win2K3 on your box. Create a directory that's 3 directories below the root.
Put 200,000 files in that directory (size of each file does not matter).
Now, watch the application that reads and writes files to that directory get slower and slower over time. Until you need to reboot the box.
For an instant problem, open that directory in Explorer. All of your processor speed will be eaten by the "system" process. Even after you close Explorer. Rebooting is the only thing that will clear the problem.
M$ = BS Until everyone realizes this, we all will be slaves to the "500 ton gorilla" called Microsoft.
We still have the Linux people at our office saying that Microsoft can't do enterprise environments either...
4 red hat 7.3 DNS servers. Have never required a reboot since installation.
1 red hat 6 machine that lasted 6 years without an OS related reboot (the hardware started to give and the box had to be decommissioned)
1 database/web server running SLES 8 has gone over a year and a half without a reboot.
1 webserver running debian stable no reboot since installation
1 proxy server running SLES 9 w/ squid that was set up in under a 1/2 hour under emergency conditions (old proxy hardware died unexpectedly) running 20 days under extremely heavy load until new server came in.
1 database server running SLES 8. A year since last reboot.
And those are all the ancient boxes. We've got many more linux boxen that are too new to have aquired a long uptime.
From the article:
experiencing significant reliability issues resulting in higher total cost of ownership
*shrug* I've had none of these issues they speak of. All of our installs are quick, stable and long lasting. In fact, I've never had a production upgrade break anything, and never had an install take longer than a couple of hours in even the most complex of setups.
This whole "get the facts" campaign is just silly. I don't know why they keep on with it. I've been working with Linux for years and never run into any of the problems they have "documented".
Hey Balmer, want an anecdotal story of Windows breaking? Our mapping department had a Windows 2000 installation with their mapping software. One day it just breaks. 5 people standing around the box scratching our heads. No one had any clue why. Random reboots, blue screens, the whole works. We reinstall many times. Nothing. Do all the upgrades, patches and fixes. Nothing. Sounds like hardware, right? Nope. Upgraded to 2003 and worked fine since.
The fact that the box could have run 2 years without major issue then break out of nowhere with 5 very smart people trying to solve the issue and can't makes me wonder.
Get the real facts.
If an officer ever threatens to taze you, say you have a pacemaker.
Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts.
And how long maintaining them afterward? How many flaws or deviations did their implementations have? How maintainable were the implementations?
I'm not saying that Windows automatically leads to that type of thing, but saying "hey, the implementation was done faster" is the most meaningless of statistics. I've had experiences where I took longer to implement a solution on the same platform as a competitor, but my solution was more complete, more fault-tolerant, and future changes took about a third as long. Which was the better solution? I suppose that depends on whether fast or good is more important.
This whole thing is a quantitative analysis without any consideration of qualitative differences, making it pointless as a basis for reasonable discussion.
This is why Microsoft gets accused of FUD: instead of comprehensively making their point about where Windows is a better choice than Linux, they produce pointless "flashy" studies like this that provide no real argument.
We may not imagine how our lives could be more frustrating and complex—but Congress can. – Cullen Hightower
Even if it took 68% longer, that could simply indicate that linux admins are more careful and cautious about what they are implementing.
microsoft booth at linuxworld expo germany -
in addition to giving away demo dvds for unix services for windows (stuff that belonged into the os, but wasnt there), they showed a study of how the county landkreis bergstrasse was switched off linux and windows to windows only, citing interoperability problems as the main cause. sure as hell you would not have a problem running windows services on other OS if microsoft gave out enough information to be usefull ?
how sick are they ?
independent
...
Try splicing (or, in advance inserting) an UPS slaved to a stand-by Honda (or, pick your make of) generator. Then, when you have to move the server, just put your hot-standby/failover on the line. (Check with your friendly electrician or other certified (but not "certifiable") types who can keep phase and other issues to a minimum or zero event.)
Move your main system to its destination, using the UPS to keep it running or in suspend mode (if you want to suspend); then when power is low, run the generator until you reach your destination (keeping mindful of the gasoline... unless you have another set of dry cells or other non-flammable (or, hheheh, "inflammable") power source.
Then, when hooked up to the LAN/WAN/SAN and reconnected to the power grid, switch the clients back to the main server. Then, move the backup server to its new (if necessary) location.
Now, your uptime is as good as your hardware allows, not being dependent upon physical moves to other rooms or buildings.
Of course, this is not at all a novel idea.
Others, feel free to prepend or append to this.
image word: trapped
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
The problems start at page 25. Here's the beginning:
Whitepaper location:
http://www.securityinnovation.com/reliability.sht
"Independent study" is an oxymoron if Microsoft funded, or otherwise is affiliated with, the company that generated the report.
This is nothing more than sabre-rattling by the Redmond Empire (yet again, I would add).
Bruce Lane, KC7GR,
Blue Feather Technologies
My 2000 Advanced Server uptime:
/help for more detail.
C:\Documents and Settings\wysoft>uptime office
\\office has been up for: 121 day(s), 0 hour(s), 39 minute(s), 23 second(s)
Estimate based on last boot record in the event log.
See UPTIME
Bite it.
hello dear sirs my name is jamesh i are india (bihar) can u guide me install red had linux 9?
Hogwash. It is easy to install software on a Windows user's PC while they are using it.
1) Package the software as spyware.
2) Upload it somewhere on the internet. Anywhere. Doesn't matter where.
3) It will inevitably find its way to all the Windows computers in your office within 20 minutes.
5) Profit!
If you are worried about the wrong people getting your software, add something to the package that detects the identity of the host and have it delete itself if not in your office.
-matthew
"THERE IS NO JUSTICE, THERE IS ONLY ME." -Death
FTA: Windows is "more consistent, predictable, and easier to manage than Linux."
Amen to that. Windows is the most predictable operating system on the market. At least twice a day I say to myself, "Hmm, if I click this it's surely going to crash." Wouldn't you know it, I'm right every time.
Finance tutorials and more! Understandfinance
...ever heard of Ghost? This does EXACTLY THE SAME THING, except by copying the entire hard disk.
Idiot.
Sorry, but just this morning one of my DCs decided that the SYSVOL directory needed to be in journal wrap state. No reason, no notice. And it wasn't fixing it. I had to take action to fix it, and it wasn't pleasant.
You'd never have this kind of crap in a linux enviroment.
The study is bought and paid for bullshit. I hope MS didn't pay that much, I doubt they'll get many suckers believing it.
On second thought, I hoped they paid through the nose.
Mod me down with all of your hatred and your journey towards the dark side will be complete!
According to the article they compared the following platforms:
Windows Server 2003 with SQL Server 2000
Red Hat Enterprise 3 with Oracle 10g
Red Hat Enterprise 3 with MySQL 3.23
They measure two items:
(1) The number of vulnerabilites reported over a period of time and
(2) The average number of days of risk
For each platform they record the number of security advisories reported
for the kernel, libraries and all related applications. These include
all low, medium and high risk reports.
The time period was between March 1 2004 and February 28, 2005, and only
included those vulnerabilities fixed in this period.
Unfortunately, they don't go into the exact details of each advisory.
But here is the summary count:
Windows = 63 (16 Internet Explorer)
RHEL/Oracle = 207 (Linux kernel = 38, Oracle = 30)
RHEL/SQL = 116
They then count the number of days until each security risk (low/medium/high) was fixed.
These get accumulated and then divided by the number of reports filed to give the
average number of days at risk:
Windows = 31.98
RHEL/Oracle = 38.73
RHEL/MySQL = 61.64
Obvious there is a bias here, as they don't explicitly list the security advisories listed,
and this is based entirely on the number of components that are considered to be needed for
each server.
Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
We're finding it very difficult use java with Windows in a production environment. We can't get a heap larger than 1GB without jumping through hoops. Even then, getting 1.5GB is about as good as it gets. For an application server environment with multiple integration points, this just isn't enough. On Linux or Solaris I can get just under 4GB just by flipping a switch. To get the 1.5GB or closer to 2GB on windows, you've got to disable all kinds of services and just hope you can get a contiguous region large enough.
WTF? It's not like the system will be available while on the road, will it? Why go to such efforts? Just to keep your high uptime which, among real administrators, rather indicates lack of updates than stability?
Uptimes are overrated.
We need to keep a record of all these people that published the "independent" studies for reference later. We can call it the "Flatlanders List." Don't any of them worry at all about the integrity of their objectivity? It's like they're selling their soul - eventually this has to catch up with them. Give it up, the IT professionals that are comfortable implementing non-MS solutions aren't suddenly going to forget their experiences and say, "Hey, you know what? These guys are probably right, I should start recommending MS solutions." It's beyond the point of hilarity and a sad statement regarding "journalism."
MSoft shit scared!
Scott McNealy to Michael: "Suck my Sun!" Michael Dell to Scott : "Lick my Dell!"
... is a relative term I could compile a report like this demonstrating that Linux admins take 68% longer to perform a set of cherry picked tasks you can do alot faster on a Windows machine that has a nice easy to use GUI management tool specially designed to do those same tasks. I could also demonstrate to you that Windows admins take 68% longer to perform certain cherry picked tasks because those same Windows GUI management tools (Windows command line tools tend to suck ass) simply don't enable you to perform those tasks as efficiently as you can by doing them with shell/perl scripts on the Linux command line. Comparing Windows to Linux/Unix is to some extent akin to comparing cats and dogs. The design philosophies of Linux/Unix are fundamentally different from those of Windows. The former are meant to be more flexible and targeted at better educated operators while Windows seems to be geared firstly towards corporations who want something that a relatively low skilled person, preferably without a high level of education (and thus a lower salary), can easily administrate and secondly it is geared towards the mostly clueless average consumer. Then there is OS.X which does an admirable job of being just as easy, if not easyer to use than Windows, (while still being more secure) but it still has all the power of Linux/Unix making it a nice compromise.
Only to idiots, are orders laws.
-- Henning von Tresckow
Personally I think the fact that linux admins took 68% longer is a good thing, perhaps because they tend to take some time for planning. Windows admins don't have to plan nearly as much (any these days...), they install their bread box product, and wait to be told what vulnerabilities it has. A (ok, GOOD) linux admin knows what liabilities there are and strives to secure the system before integration.
Windows adminning is easy, any monkey can do it (as long as they can click a mouse). Running a secure and stable windows server is far from easy. Linux is somewhere in the middle, and that's just fine.
... so that you see real uptime as opposed to wrapped 'uptime' resetting to 0:
/var/run/utmp runlevel
/var/run/utmp runlevel
runlevel (to lvl 3) Sun Oct 14 16:07 - 20:42 (1494+05:34)
utmp begins Sun Oct 14 16:07:40 2001
last -xf
e.g.
[nick@486Linux nick]$ last -xf
I said my customers' websites are hosted on them, I didn't say I owned them, genius.
"more consistent, predictable,.." ...and since the problem is not consistent or easy reproduceable it is not a problem... oh and btw. don't bother us if you have an OEM version...
You will see a BSOD sooner than later... and you will get "Application Error, memory could not be read/written"... and all this happens with applications from well known manufacturers (f.ex. Microsoft) and the standard answer is "this is temporary, reboot and it will work again" (wich is usually correct).
--
Microsoft Windows XP SP2 still crashes...
The link posted in the story is not correct.
m l
Just click through and don't give them any info. You can still download it.
http://www.securityinnovation.com/reliability.sht
Orders of magnitude? Jeez, you have to reboot every month for black tuesday at the least dude. Come on. Or, you are a participant in the Zombie Nation.
andy
"The study claims that Windows is more consistent, predictable"
They are right you can guarantee your system will be unstable and be insecure.
Firms using windows are banging their head against a wall.
Ceci n'est pas une signature.
I skimmed the 44-page report, and I saw a fundamental problem with their data. All data depends on the number of and severity of system updates. More updates of higher severity is worse. The implicit assumption here is that more updates of higher severity indicates greater system vulnerability, which is not necessarily true.
Keep in mind I only skimmed the report, so if anyone read it closely, let me know if I'm mischaracterizing their data.
Show me an "independant study" commissioned by Microsoft that says Open Source/Other Company X is better than Microsoft X and I might start giving a shit about sponsored studies.
Question everything
Generic counterpost implying that the parent is of low intellect.
USE HOT GRITS WITH STATUE OF NATALIE PORTMAN (NAKED AND PETRIFIED)
In the PDF speaking about RHEL 4 including selinux compared to RHEL 3 which doesn't have selinux...
"The data indicated does not seem to indicate drastic security vulnerability improvement for RHEL 4"
I usually don't get pissed off about these Microsoft studies, but this is more than FUD. It's a lie. They compared the security patches for RHEL 3 and 4 over a 2 1/2 month perdiod. RHEL 4 had more. They indicate that selinux did not make RHEL 4 more secure. The point of selinux isn't to lessen the number of security advisories. IT'S ANOTHER FUCKING LAYER OF SECURITY. It's akin to a firewall or antivirus. It's exactly like saying "the month after microsoft released Windows defender, 38 new viruses were detected in the wild. The month before only 30 new viruses were found in the wild. Windows defender seems to have little effect on spyware and viruses." There's no connection. selinux would make it so a vulnerable piece of software would have a harder time being exploited and an even harder time getting total system control. A hole is a hole. Whether or not it is easily exploited or not doesn't matter. It needs to be patched regardless. If sendmail has a buffer overflow that selinux is able to mitigate, sendmail still needs to be patched. Whether or not they will be able to successfully exploit it is another question. It doesn't stop the fact that sendmail has a buff overflow.
You'd think a "professional" security agency would have more sense than that, but aparently not.
k thx get the lies campaign.
If an officer ever threatens to taze you, say you have a pacemaker.
A few years ago (admittedly my Linux knowledge wasn't what it is today) I set up a dual boot system for my girlfriend. Windows 98 and Redhat 7. It took me 6 hours to get Windows 98 installed and configured with all the apps she needed (MP3 ripper, VNC server, MP3 player, IE, Outlook Express and her dial-up connector). I also took the time to set up a custom Quick Launch bar with simple one click access to applications so it really worked a lot more like an applicance for her. It took me 6 DAYS to get Redhat configured to do the same things and a host of extra things that I couldn't afford to set up in Windows. However, when I tallied up the cost of software to do the same exact things in Windows, I was looking at about $6000 for software alone.
On top of that, the Redhat installation ticked along for four years solid with not a glitch other than an occasional fsck due to a power outage. The Windows installation needed to be fixed and re-installed at least 35 times in that same period of time. And Windows still didn't have all the functionality that the Redhat install did. She ditched Windows once it was no longer a work requirement. She's now my wife and we have several Linux boxes (she's no techie) and one XP box that only I use for the occasional video editing foray. (I've recently rediscovered Cinelerra and will likely be losing the XP box within the next year)
The point here is which would you rather have your admins doing? Spending all their time fixing ailing boxes with multiple occurences of downtime over the years? Or... spending a longer period of time getting it "right" and not having to do much with it due to the LACK of downtime for the box? I think Microsoft loses yet again.
-"...bad old ideas look confusingly fresh when they are packaged as technology" - Jaron Lanier (Digital Maoism on Edge.o
"Reboot" the VM, not the whole machine.
--- I wish I could hear the soundtrack to my life. That way I'd know when to duck.
In addition the article mentions upgrading SUSE Enterprise 8 to SUSE Enterprise 9 while the PDF talks about using RED HAT EL 3 using MySQL or Oracle. The PDF further states that RH was used because is the "current leading distribution." If it is the current leading distribution, why wasn't it used in the other study as well? Why weren't both used in both studies?
I took the time to look at the PDF because I was curious what the "new business requirements" were. Was it simply the time it took to update to the next OS, or were there other requirements such as installing MS Exchange? If the requirement included specific software, which software was used and why?
Great civilizations have lived and died on false theories. Don't mess up mine with a few facts.
Better than his Windows uptimes, or his Linux uptimes? Even if it's the latter (and I doubt that, see below), all that says is that you never apply updates to Windows. So you never update, yet you have the temerity to question his "fucking" windows admin skills?
As to "orders of magnitudes" higher uptime, that means at least one hundred times better - I am quite confident neither you nor anybody else has ever seen a Windows server with *tens of thousands* of days of uptime.
Maybe you should change your nick to everphullofshitski ?
My next sig will be ready soon, but subscribers can beat the rush
Security Innovation also claimed that the Novell SLES infrastructure required 4.79 times the number of patches.
Developers stop releasing fixes please. You fix things at the speed of Microsoft otherwise it's seen as being bad.
Shame Shame...
And shitload of money to buy those ways, eh?
"We invite other vendors, including Novell, IBM and Red Hat, to repeat their own independent analysis based on Security Innovation's methodology."
What do they mean "their own independent" ??? Was this study Microsoft's independent ? What is independent ? I'm sorry, I couldn't read the article past this line. Too bad, because, there could be serious scientific studies below... Ha !
Windows is "more consistent, predictable, and easier to manage than Linux."
<sarcasm>
Yep, I never know when I will need to reboot a Linux box. I never know when I will need to rebuild a Linux box. Windows is consitent enough with a two-month reboot and yearly rebuild. Managing my schedule therefore is tougher with Linux.
</sarcasm>
Click here or here.
I don't know if you RTFA, but I did...
/. Editors Here]
then I looked at the linked PDF and got confused,
because that PDF is about database security.
The correct Link:
MS Summary Page
The PDF
[Your Complaint About
[Fuck Beta]
o0t!
Holy shit! Believe me, Microsoft, you do not want to go there!
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
I've been a system admin for this company for 2 months, in that time period, I have managed to consolidate 3 windows servers into 1 linux server, with better speed, more reliability and stability than the other 2 windows 2003 servers I have as domain controllers. The 2003 servers tape drives disappear from device manager after 6 weeks or so, windows requires me to reboot every time I run windows update, which I NEVER had to do with my linux machine, which includes upgrades to Apache, PHP5, MySQL. The windows proxy server software expired, and wanted me to renew my subscription for $150? I saved my company the money by throwing squid and DansGuardian on the Gentoo server and we were up and running with 30 minutes. I couldn't do that with windows.
consistent
Crashes at the most inopportune times...check
predictable
Always crashes at the most inopportune times...check
and easier to manage
"Just reboot it"...check
For once, I think they got this study right!
-g.
> more consistent, predictable, and easier to manage than Linux.
;) (Same counts even more for paradigms and systems like sockets...)
Well, how hard is it to create such a system, if you can steal^Wadopt a huge top-quality codebase (OSS) and *additionally* throw kilotons of coders on it to make it better, while you don't give anything back?
Really... it's not *that* impossible for microsoft to realize that.
The sad thing about it is that i still pretty much can't imagine that microsoft archieved this, when i look at their systems... even if they are probably half bsd plus other oss under the hood...
Like in south park: the guest code is imitated. badly.*
* I don't know the english version, but in germany it would be "Der Gast-Code ist imitiert. Und das schlecht!"
P.S.: Of *course* this is only my opinion... by definition!
Any sufficiently advanced intelligence is indistinguishable from stupidity.
The story was "Heinie the Mule": If you try to please everyone, you're going to lose your Heinie.
the door. Just as he thought "time for for the LED water cooled boxer shorts". S.T. puts it on as the growls of a backdraft thunder through the building. "Do it now" he thinks to himself as he grasps the red hot handle and enters with the gasping sound of the regulator. He now has entered into the biggest flame fest ever at his old hangout at ash dot.
Gizmos Gagets For Ninjas
predictable at crashing. nuff said.
The study wasn't designed to measure the things that Microsoft is talking about. Microsoft is just using the Chewbacca defense.
68% of Windows admins are morons.
81% of Linux admins are elitist.
77% of Mac users know nothing but the Mac interface.
64% of the people reading this want to kick my ass.
The other 36% want to watch.
Web 2.0 == Giant Blogspam Circle Jerk
How many people have hit the wall with Windows?
Wouldn't they just smash through?
Just more FUD slinging like we are all too familiar with.
The title:
"Microsoft claims firms 'hitting a wall' with Linux"
Should read:
"Microsoft claims firms 'hitting a wall' with SUSE Enterprise Linux"
Typical FUD PR BS generalization of linux
"The study compared two teams of experienced IT administrators running Windows Server 2000 and Novell SUSE Enterprise Linux 8, then monitored their progress as they upgraded to Windows Server 2003 and Novell SUSE Enterprise Linux 9."
I like to see the same study upgrading from NT to Server 2003 with more than one doamin vs Gentoo for instance. Geeee wonder what the outcome would look like then?
Sig
It should read: Microsoft "Hitting a Wall" with Chair because of Linux.
I am less than 2 months from submitting my thesis, and I wouldn't trust a fucking thing a PhD says.
If the results aren't good, redesign the experiment is my motto.
One thing I noticed in the PDF was that a Linux server had Oracle on it. It takes 68% longer to do anything in Oracle because it's confusing and they keep changing things (like how to stop and start the database). Why don't they compare Oracle on both Windows and Linux?
...Its easier for Microsoft to manage Windows.
must be really hard to penetrate... (Judging by yesterday's super computer thread).
Oh well, what the hell...
But it simply is not true.
I am an administrator of small company networks. I tried to set up a windows server for one of my clients. Once. And I will never do it again if I have a choice, i.e. if my client does not require "windows" on the server. I spent 4 horrible days trying to persuade windows server to do just basic things like NAT, firewall and e-mail. The 5th day I gave up and installed Debian. I took 2 hours to try it on another computer, then 2-3 hours of the installation on the server, then 2 hours to configure it. That's all. Stable and secure. And extremely flexible, in a way windows cannot match by far. Every time I need to change anything, it's just a matter of minutes.
The fact, that people do not understand the configuration text files doesn't mean, that the system is worse. Actually, I started playing with those windows gadgets, but after learning Linux, I prefer Linux because it is much easier to configure!
Does anyone else besides me how Microsoft spends money to release reports on how bad their biggest competition is? Personally I am pretty entertained and its actions like this that doesnt suprise me how Microsofts Vista release could be the biggest waste of money. I could have told you that Linux is a more difficult to manage out of the box becuase its a NEW. This is the first big shift to linux that corporations and government agencies have seen and it takes time to get used to the linux interface, more than just a one week survey since most people have been using Windows based systems their whole life. It wouldnt suprise me if Microsofts research groups just couldnt find the start button and gave up.
Bryan
it probably takes me 68% longer to set up my home theater with separate components compared to an all-in-one box that has no interconnects. However, the real test comes when one small piece of the "easy" system dies... that's when we can really compare the time and/or $$$ it takes for a particular setup.
ART on dA
Predictable, as in easy passwords? Crashing? Getting viruses?
I read that too and was shocked. Basically, they are rating the reliability of SLES 8 and 9 and RHEL 3 and 4 and custimizing it to the point where red hat and suse probably wouldn't support you anymore. Compiling your own MySQL you could get away with if it weren't a mysql related issue (however in this case since it's a database study it's very important). But Glibc!?!?! You have to be kidding me. Almost everything on a system depends on glibc and is arguably one of the most tested components on a system. Compiling your own Glibc on a whim would void any support you have with those companies. If done incorrectly it could render your system completely unusable.
If an officer ever threatens to taze you, say you have a pacemaker.
They had a year to study this and came up with some unusual metrics to say the least. For those who did not read the 44 pages of PDF, let me summarize some of my observations:
- They appear to be more comfortable with Windows than Linux. There is nothing wrong with that except they do not account for it in the time to complete tasks.
- They compared a Windows box running MS SS against two versions of Red Hat running MySQL and Oracle. That the did not use the same data bases on both OS slants the numbers from the start. Even if they wanted to avoid MySQL, they could have selected an Oracle installation.
- They counted vulnerabilities at the component level. So a shared library that had a vulnerability, but was used by both the installed OS and the database is counted twice. One used by the OS, the GUI, and the database, three times, etc. They state this is fair, but this would automatically penalize a Linux distribution because MS does not get counted twice in any case.
- The Red Hat installations were done manually and minimal installations. They then had problems, and make commentary on the difficulty of the upgrades. I would be very interested in the detail of what they did for the install. This appears to be a self-inflicted wound claiming to be otherwise.
- They make an big deal about what ports are open in the default installation. They comment that MS continues to allow MSUpdate, a good thing, but that Linux left the port for up2date open, a bad thing. Again, as a minimalist install they should have secured the ports, but that is dumb argument regardless. Admins who leave a machine wide open deserved to be fired. Because MS now ships theirs with everything closed is a side effect of the number of complaints about bad admins leaving the server in its out of the box state.
- Days to resolve a vulnerability are dangerous guides. First, a vulnerability has to be reported, then verified. We are dependent upon the vendor (MS, Oracle, etc) to correctly reflect these. However, almost anyone can and does report one for OSS - and that is a good thing.
In general, they speak of vulnerabilities and the ability to respond to business requests. I would like to see the requests they specifically refer to. While 68% sounds like a lot, is it the difference between 12 and 26 seconds? I just cannot see in my day to day activities it taking me more than half again as long to do anything and it is far less to image entire boxes. I wonder if this is a familiarity thing.
It is really time someone from RedHat or SUSE took a study like this and dissected it for a comparison 1:1 with MS. None of this it counts twice or differing databases garbage, a real compare. The top 20 tasks an admin will perform in a year. If we loose at least we know what to focus our energies upon. (What does not kill us, makes us stronger)
Supporting a mixed (Windows/Linux/Solaris) environment, I just do not see a 68% difference anywhere for an experienced admin.
I love MS fud, it makes me literally LOL @ work (every day), and when all the .NET lamors that I work with here look at me and wonder why I am LOL'ing, instead of running around in circles trying to fix things (every day) like they do, I just look at them, point at my trusty linux cube goodies, and LOL even more. OMFGROFLMFAO
Seriously, though, Windows is good for morons. The last thing I want to see is the amount of spyware or viruses that affect windows, start affecting linux because of a large (lamor) user base.
Dumb People use MSN or AOL
Smart People use Google (or Yahoo, lol)
Dumb People use Windows
Smart People use Linux/Unix
Rich People use Mac
Long-Term Mission Critical Servers run on Linux/Unix.
Short-Term 'get the job done yesterday, who cares if it works tomorrow' Server run on Windows.
These are just my opinions, you can mod me, agree with me, or dis-agree with me, I really could care less what you do.
Peace!
the only permanence in existence, is the impermanence of existence.
FTA:
Acknowledgements
This study and our analysis were funded under a research contract from Microsoft
o_0
'Go for the eyes, Boo, go for the eyes, aaarrrrrrrr!' -- Minsc
Is it just me or are others sick of hearing about so called admins having really stable linux systems but thier windows systems always crash. There are PLENTY of windows server environments that don't crash, have AD configured right so that clients can't do stupid things, have automated features for antivirus/update/install roll outs. you just have to know what programs you need and how to use them, just like with linux. if your server is always crashing then you are a horrible admin or you installed bad 3rd party software. If your clients are always crashing then you didn't setup AD correctly or installed bad 3rd party software. I don't doubt that linux works well for many things. (though the thought of running servers with kde or gnome on is shocking) it love testing new linux distros too but you have to say that sometimes it's a pain to do things in linux that are easy to do in windows. support for hardware has gotten better but it's no where are good as windows. sure linux is better for somethings too but we all know this article isn't going to focus on that. let it rest at that instead of just showing us how badly you suck at being a windows admin.
My biggest problem with the article is the claim to "predictability and consistency". They probably haven't seen any of the past 20 AD implementations. I have seen AD, Windows 2000, and Windows 2003 show extreme unpredictability and terrible consistency. I have seen some crazy GPO get applied to users out of the blue, and I've seen some of the craziest errors ever. I think linux has the predictability and consistency, however, there is a little bit of upkeep required and a little more well trained tech staff, but hey, you get what you pay for. Deal with it.
YOU'RE WINNER !
Another lame blog
"Orders of magnitudes higher" Really? Like at least 100x? So, like 1,100 days of uptime? Maybe you should learn to realize what an order of mangnitude is. Oh, and fix your potty mouth.
... is the only thing you can do once you break Windows.
It sounds like you're hiring, perhaps? My Windows 2000 web servers only go down for security patch updates. Sounds like you have some grossly incompetent admins working for you. Can I forward a resume?
I don't respond to AC's.
Interesting how these experts always bring up all that shit over and overjust before the end of the year ...
... soo tired of it seriously ... then 10 more articles appear: no windows sucks, no linux sucks ....
.. oh we are an application security firm and we want to sell you security software for every powerhouse that sits on every secretary's desk... it is really needed there ...
...
.....
does it have to do something about closing next years budget plans in e.g. US companies of a certain size ?
Windows is superior, Linux sucks
Linux took 68 percent longer to implement.... it was more secure, and did not have hours of downtime, and had instant patches, but hey bill send me the check and we don't write about that
Bored of it....
Probably I will be flamed to hell by various windows admins... and maybe they are right, I am more bored of the subject itself than the always biased "facts in them"
It is like 2 kids in the sandbox fighting over who's dad is stronger.....
The sad thing is that companies actually read these, and then make decisions,
One company I was in contact with was pretty open about it: we sell the solution which costs more and the one we can charge more for service costs..... in fact we try to sell Linux + Windows + some proprietary crap, in case they have an admin for some we have a fair chance of billing them for the other
Oooh, I better go back and work, my real point was: are these effecting "end of the year" decisions and does anyone think that is a systematical way to purchase a few more boxed windows cds or servers in the last minute?
One virus outbreak completely flushes the study. I had a virus get into a Windows 2000 server and it worked me to death. That doesn't count what happens if the virus propogates through the network from my server. Explain that to your boss, especially is a VP was the one who infected the system because the boss insisted he have manly rights "just in case".
If you aren't part of the solution, there is good money to be made prolonging the problem
"Hey, ifa Goda doesn'ta exista, then, hey! I-uh lookina pretty stupida ina this hata, eh?" //editors note: Oh wait, the Pope's German now...
I am unamerican, and proud of it!
It's true, generally it's a lot less timeconsuming to implement project requirements in Windows, as opposed to Linux. But, I've also found it's true that it's much easier to make future changes, tweaks, etc using Linux. The norm in Windows is to get an inflexible, easy-to-implement installer package and wizard.
So, the ease is there, but the advantage of flexibility lies with Linux/*NIX. I think this is for both a cultural, as well as a technical reason. Normally, Windows users/admins want something thats easy to get up and running, and they don't have a particular desire for real flexibility.
Looking at the PDF linked from the original article, which is actually about RHEL3, not SLES, you can see that they start making the right noises about only installing minimal software for a database server, but when you reach the detail near the end on page 41, you find they have GNOME, KDE, Editors, Graphical Internet, Development Tools, etc. selected. The excuse is no doubt that that's what Oracle list in their "deployment guidelines", but so what. If the approach is to try and install a minimal system, in the face of what the vendors may say you can get away with using, then that's what they should do.
Given the funders of the study, I would expect the SLES study to be equally flawed.
Another potayto-potahto issue is that they go with following the severity risk in Mitre etc., but that doesn't mean that that severity is relevant to their database server installation. Something may be high priority on Linux if it allows a local user to become root, but a database server should not have any old users logging in, nevermind running any old application. In fact the whole class of security issues resulting in improper raising of local user privileges is something that Windows has not really begun to tackle yet, due to not really being a very good multi-user system. They've instead been dealing with the far more serious remote exploits.
So can you compare even "high" priority vulnerabilities on Windows and Linux? I think not.
They say: more consistent --- They mean: you can only do it our way
They say: predictable --- They mean: you don't know if Linux will ever crash
They say: easier to manage --- They mean: you have no control
now we need to go OSS in diesel cars
> The study, commissioned by the software giant from Security
> Innovation, a provider of application security services,
> claimed that Linux administrators took 68 per cent longer
> to implement new business requirements than their Windows
> counterparts.
Yeah, 68% longer to implement new requirements, eh? Assuming we believe that, it raises a question: are they also 68% less likely to then have to *reimplement* the same requirements six more times before the work *correctly*? And, once they do get things working, is it also 68% more likely that the implementation will *continue* working, without interruption, for as long as it's needed?
Cut that out, or I will ship you to Norilsk in a box.
Of course, the new systems are actually usable, as secure as I can make them, better integrated with the rest of the business environment, and much easier to maintain and expand.
It's easy to do things quickly when you get to skip the planning stage. Ask your stereotypical long-bearded Unix guy to implement web services and you'll be lucky to see the first draft during the same fiscal year - and no amount of pressure will make it happen any faster. Of course, it'll work correctly from the first day and will exceed the total workload of the quick-hack system within the first month, but that doesn't look pretty on this year's financials so a lot of managers aren't interested.
Dewey, what part of this looks like authorities should be involved?
Yeah, but after that, how many time did it GO DOWN vs. Microsoft? My guess is that THAT stat wouldn't be quite so favorable ;-)
LOL - I can just about imagine the "Business Requirements" document.
#1 Windows Server
#2 Crap software written to only run on Windows.
#3 Make it work on Linux, by spending weeks talking to the business unit, and figuring out that what they really wanted was a stripped down apache install on Linux.
The reason it takes longer to implement on Linux, is the fact that someone who manages a UNIX variant typically has to check out all software before it's loaded onto a server that is being used to server some number of other applications. That way, the admin will know whether or not the new software will cause a conflict with the old software.
Whereas the windows admin just goes out and purchases a new box, plops the software on it's own dedicated server and voila - instant mess to be dealt with by the firewall security managers.
Of course, I'm partial to UNIX variants (Linux included), and somewhat cynical, so YMMV.
Who is general failure, and why is he reading my hard drive?
Again, they try the thoroughly rigged "study" trick. Mindcraft pasted them, you'd have thought they'd learned from that fiasco, but noooooo... Ah well, more ammo to be used against them in the coming year- just like Mindcraft...
I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
How is MS going to sell you new widgets every year if it works great for years? Come on now be reasonable!
Well, if you can point to "pro-Linux studies", we can discuss them.
In any case, Linux isn't being adopted based on marketing, it's being adopted because of a genuine grassroots movement among technical personnell. Windows is being adopted because it's being marketed to the "decision makers"--high level managerial types who are swayed by white papers and studies. So, even if you can scrounge up some Linux studies, and even if it turned out that their methodology was flawed, the significance would be entirely different.
Misprint - The article header meant to read "ms hitting a wall with Linux"
sorry for any confusion
Decent remote administration tools? Nice infrastructure for deployment? Like what? SUS/WSUS? This still requires users sitting at their machines to do something which invariably will lead to woe because a few will do the wrong things. Nudging users to do system maintance is not a very good plan to do system maintaince.
I'm trying to not sound antagonistic but the tools to do enterprise wide Windows administration I have priced out are not cheap at all. Also many seem to ignore the cost of "the givens" like "corporate editions" of your favorite AV software. It all adds up to compared to the tools available for free or out of the box in many unix systems.
In any event, the "study" is somewhat misleading. I can bet that the setup for a Linux machine in a serving capcity is longer and trickier than a Win2k3 machine. But once it is done, this is shocking for some, it is done. The maintaince profile and impact is lower for Linux than Win2k3 by quite abit.
Back in my college, years I ran two computers at the same time. One with Sindows and one with Redhat Linux 7.(something). Both of these computers were setup as workstations with apache running one them. For my homework throughout the school year I would use each computer for equal amounts of time to do simular tasks.
The Sindows box over the course of 4 to 5 days would slow down (if not crash) to the point were I would have to restart. Then on the other hand, The Linux box would keep on running without a restart in the course of 8 months.
The Sindows box was running sindows 2000 on a 433Mhz Celeron CPU, and the Linux box was running on a 233 Mhz Pentium II slot A CPU.
Now I ask you which OS is more dependable?
But what about downtime due to maintenance, inevitable patches, etc.?
Our web site used to be on asp.net but with the weekly (or more often) security patches which all too often require a reboot and with the slow performance of asp.net we migrated our web sites to php, and although the development environments for php are NOWHERE near as good as Visual Studio, the end result performs better, even on much lower-end machines.
I really like Microsoft Exchange's feature sets and its maintenance tools are excellent, but again, maintenance requires bringing the information store offline, restoring from a backup (e.g., after spam filters go haywire) is a pain when Exchange decides to replay transactions you wanted to recover from, and defragging can take a while.
IIS? Want to tune it? Harden it? Have fun editing the metabase - you have to deal with the equivalent of PEEK and POKE statements for a ton of undocumented (or barely documented) settings, and hope you didn't mis-type anything because the settings are not readibly readable.
Let's not even bring the cost of licensing into the equation yet.
The end result? Windows/Exchange/IIS may be easier/quicker to set up but tuning and maintenance takes a heck of a lot longer, and introduces more downtime. Of course, Microsoft's downtime statistics don't include "scheduled maintenance" (read their analyses carefully).
Total cost of ownership? Combine more complex tuning, "scheduled maintenance" downtime, and now, client access licenses per connection, and you end up spending far more money than a slightly longer up-front implementation of a *nix (e.g., BSD, Solaris Linux, OS/X, foo) would take.
Aren't marketing literature and paid-for-by-vendor studies wonderful? They focus on a limited subset of variables (this goes for both sides, not just Microsoft) in order to tweak the end result however they see fit - and then they can make their claims on the resultant data without lying (based on the data set).
The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
Here I am with moderator points, but I can't mod the article down as flamebait. What a waste.
You never really know how close to the edge you can go until you fall off.
Notice that you said LOCAL. Only someone that has an account on a machine can do a local exploit. Not really an issue with a file, database, or squid server. I don't think they actual bother reporting local root exploits in Windows. The remote exploits are the killers. Yes you should update to fix them but they are not as critical as a remote exploit.
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
Last I checked, RIS used uni-cast to send a PC image. Whereas Norton Ghost Corp uses multi-cast. For anything more than a handful of PCs, RIS could seriously impact network throughput. I doubt anyone actually uses it outside of a certification mill.
Who will guard the guards?
How many millions has windows cost because of security flaws, and bugs, and blue screens that you most likly will not have with linux.. I personally think that 68cents is well worth the long running effect.
An old rule of advertising used to be, 'never mention your competitor's name'. So with these 'Linux this' and 'Linux that' attacks Microsoft continues to promote Linux.
More predictable? Sure. You can predict it will crash at least once a day....
The independent report, paid for by the Ford Motor Company, shows that 67% of GM customers hit walls.
"We feel that this incredibly accurate and indisputable information will demonstrate that GM is inferior, and that the only vehicle anyone with any brains of any kind should buy is a Ford." said Melvin R. Boarshyte, public relations representative.
The world's burning. Moped Jesus spotted on I50. Details at 11.
This attitude of "I'm not going to maintain my servers because I try to compensate for my tiny penis with a long uptime"
Okay, so the parent poster was CLEARLY flamebait. I think that they do have a point - the grandparent poster running "4 red hat 7.3 DNS servers" and "1 red hat 6 machine that lasted 6 years without an OS related reboot" does seem to be emphasizing uptime over security though. Either you take an hour or two to back up your data, set up redundant services, and upgrade according to your schedule, or someone might force you to update at a "less convinient" time.
"What do you think?" "I think 'What, do you think?!'"
"more consistent, predictable, and easier to manage than Linux.
Yes but I never can figure out just when Linux will blue screen...
Yeah, local root exploits don't matter at all. Its not like they completely remove all the benefit of having squid or mysql or apache or whatever running as a non-priviledged user. Nobody has ever been able to run a command on a server without direct shell access, that's just unheard of right?
i guess by hitting a wall microsoft means that because linux is slower, more expensive, has a terrible security track record with thousands of viruses, spyware, and malware, has closed source code so you can't modify the operating system to do whatever you want, and crashes more frequently, that windows is a great alternative to linux. they're making a good point, windows seems like a great deal at this point, i bet a lot of people will switch.
"yep he's dumb. But then again so am I. Dumb. I sent out a press release, but I ate most of them." -- meatwad
Autonomous Retard -- Is your camp safe? UnsafeCamp.com
Two of my Windows 2003 servers for this calendar year...
;-)
File server:
System Availability: 99.9786%
Total Uptime: 316d 14h:11m:34s
Total Downtime: 0d 1h:37m:29s
Total Reboots: 21
Mean Time Between Reboots: 15.08 days
Total Bluescreens: 0
Mail server:
System Availability: 99.9859%
Total Uptime: 319d 15h:45m:56s
Total Downtime: 0d 1h:4m:43s
Total Reboots: 13
Mean Time Between Reboots: 24.59 days
Total Bluescreens: 0
For a small biz, we'll take 99.97/98% uptimes and be DAMN glad about it!
I'm nobody's Windows fan either (OSX is my preferred), but the claims of wild instability need to be taken with a grain of salt, IMHO...
Remember all those "yet another local root exploit in the linux kernel" advisories?
What about them? Do you have the faintest clue what that means? I'm guessing not based on your flamebait attitude.
Hint -- in order to make use of a "local root exploit" you have to have access to an account on the box. So unless you can get on the box, the local root exploit is a complete non-issue. Based on the GP post, most of those boxes are well behind a firewall and have either no or limited interaction with the world at large. And while that doesn't mean you can ignore things, it does mean that you can worry more about certain attacks than others. In particular if you keep the external interfaces up to date and use good ID software then your threat level for a local root exploit goes to just about zero.
In fact, you can keep just about everything except the kernel up-to-date and not have to reboot. I wish I could say the same for XP (which has vastly reduced the number of "must reboot" scenarios, but hardly eliminated them).
Remote root exploits are a much bigger issue... and are fortunately quite rare on Linux nowadays. Again, I wish I could say the same for XP.
The survey is actually pretty interesting to read. If they are right (and I don't think they are), then Microsoft is stealing GPL'd code. One gem of a quote:
"Both vendors provide support for a firewall by default. Both firewall applications are
basic and are based on IP tables. The firewall is installed by default on both platforms
and blocks all incoming requests when running. For Red Hat Enterprise Linux 3, the
firewall is on by default. For Windows Server 2003, the firewall must be turned on
manually."
Fortunately for MS, I think they are wrong about Windows Server's firewall being based on IPTables. Someone really should have corrected them about this though.
A close subsequent paragraph is even funnier:
"
The iptables software on the Red Hat server has a text-based interface ("Security
Level") that enables basic firewall configuration (i.e. turning the firewall on or off and
allowing connections towards a limited number of services). This interface also does not
allow changing the ICMP configurations (ICMP echo replies are allowed by default) or
monitor firewall logs. The most important feature is packet level filtering, which allows
the administrator to establish firewall rules based on any aspect of the packet. The
command line options also allow logging of the traffic based on the matching of packets
with a certain rule. "
Say what? Ok, I sort of understand what you mean but that has to be the least clear writing I have seen in a long time. Both these quotes are on page 29.
On the next page:
"Microsoft security bulletins contain information concerning the files that will be
modified, reboots and the impact of not patching. In addition, Microsoft provides tools
such as the Baseline Security Analyzer that determines if the update is required on the
system or not. However, the bulletins do not contain information concerning the amount
of time required for installation.
The Red Hat security advisories are vulnerability oriented; that is, the information
available relates to the cause of the vulnerability and the potential danger this
vulnerability introduces. The advisories do not contain any information concerning the
impact of the patching process, or required reboots. The only patch related information
available is the versions of the packages that are deployed in the patch. The precise
impact of a patch could be determined by examining the source code changes made
between releases. While this is impractical in many environments, it is an additional
possibility for systems that are critical. "
Ok.... So how many patches on Linux require a reboot? Show of hands? Right.... kernel updates.... The rest should be able to be handled by restarting services and processes. Sure maybe for a glibc rebooting might be prudent but maybe not too. You decide.
Finally I did not see anything about fast deployment except regarding security patches. So maybe I missed something. But this report largely amounts to whining that Red Hat doesn't hold your had as much as Microsoft wrt security patch management.
LedgerSMB: Open source Accounting/ERP
The more independent studies they do, the more afraid they are...
Only an incompetant admin who has no clue would think local root exploits aren't important just because you don't have people with shell accounts.
o ld=1&commentsort=0&tid=109&mode=thread&pid=1404747 5#14047525
http://slashdot.org/comments.pl?sid=168464&thresh
adn therefore even qualify as a scientific theory.
My typing apparently went wacko there. Should be "and therefore doesn't even qualify as a scientific theory."
It's not enough to bash in heads, you've got to bash in minds. - Captain Hammer
Well,
As a SysAdmin working at a small company, let me just say that Windows is more and more becoming a no-option for us. A small company like ours needs to be versatile and be able to adapt to a change very quickly, and in this case Windows is more of a stumbling block than a solution.
We're moving to Linux on the server side and we're seriously considering non-Microsoft offerings, such as Novell, for our office. Windows 2000 is a serious crap. The only decent release is Windows 2003 but its just too costly.
=Spike=
Ok, on some of my systems, I don't worry too much about local root exploits. These systems are extremely hardened and have very limited access to anything. Because of this, I don't worry about the local exploits too much. After all, if all your box is doing is filtering packets, and you can only log in with public keys from a designates system, and no other services are exposed, then the uptime may be more important than the marginal security gain of a reboot.
However, these are the exception rather than the rule. Once you have squid, apache, MySQL, PostgreSQL, BIND, or any other network service exposed then local exploits become important. Why? Imagine if I find a way to break BIND such that I can cause it to do something arbitrary. Now I can use the remote vulnerability in that service to attack the local root vulnerability and gain root access.
In other words, remote code execution in *any* service plus local root vulnerability == remote root vulnerability. If you must prioritize, fixing the local vulnerabilities might well buy you more security.
LedgerSMB: Open source Accounting/ERP
This may be a source of problems. If you have no way to get hit by a virus/worm, and you system is working... don't install the patches. There may be patches that you specifically want to install, but the bulk of them are only risking breaking what you've got. If reliability is important, then consistency is key!
If you want a vision of the future, imagine a youtube comments section scrolling - forever.
They said: "more consistent, predictable, and easier to manage"
I read: "will crash, will crash often, just reboot"
Obligatory karma-whore stating the obvious and then demanding that we all just get along.
As with any study, the same data can result in two (or more) different conclusions for the two parties looking at the information.
For instance, take a look at this sentence, "...Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts." What if the Linux systems had 68% more functionality or more responsibility than required by the Windows systems?
Also, consider that many Linux systems are more crucial than the functions held by Windows systems. Even if the Linux and Windows systems carry the exact same responsibility and functionality, it can be expected that the Linux systems will require less maintenance to keep the machines running and reliable.
Furthermore, if we accept as fact that Linux does require more time than Windows, does the extra time spent implementing the Linux systems go without worth? Is the extra time spent worth it in the long run? In my experience, I would say yes.
I upgraded our 3 Debian servers to Sarge "apt-get distro-upgrade" in about 2 hours. With the exception of the mail server we had no significant down time. The mail service was turned off during the upgrade to avoid any errors.
Every one of our WindowsXP machines (no servers) were virtually unusable after the Service pack 2 upgrade for most of a day.
Having to work for a living is the root of all evil.
Surly 'enterprisy' companys will have an R&D department.
No large company in there left/right mind will accept another company that has been convicted of 'criminal' offences.
Surly ?
Im only a two bit programmer and i tested many different OS before
Installing Ubuntu 'breezy' over the top of Windows 'xpoo' on my laptop
Davro on windows viability.
Windows makes me laught to much for me to take it seriously.
OK, it's time for me to repost what's involved installing a private certificate server on Windows 2000 via its "intuitive" point-and-click GUI. (You forgive me if I just link to it, not wanting to repeat slashdot's lameness filter hell for this kind of post.) It compares the Linux way and the Windows way. These were the actual procedures used, that I carefully documented, for two different projects that accomplished exactly the same goal. Here it is. (Scroll past the lameness filter stuff at the beginning.)
Part of the issue may be that some organizations picked Linux because the low cost of entry fit their budget. Enterprise-level budgets will definitely be a barrier for them.
org.slashdot.post.SignatureNotFoundException: ewg
Oracle 10g is a brand new piece of software while SqlServer 2000 has been out for almost 6 years. By simply taking the number of reported vunerabilities over the last 12 months, they are comparing a new version of a program with one that has had time to stablize. Will this hold up when SqlServer 2006 comes out next year?
The security problems of Oracle vs. SqlServer formed the central basis of their conclusions.
Ok, I'll buy that taking longer is quite possible(65% seems a bit high, but I havn'et actually done side by side comparisons or any polling).
However, what is the end result? Obviously, the specifics of the situation will impact this, but many companies will not mind waiting a bit longer if they get something that is sufficiently superior.
After all you are thinking of AD/GPO tools to manage application updates.
But there are two big problems.
The first is Windows is unable to handle renaming or overwriting files that are in use. This is the reason that Windows must be rebooted so many times when installing apps. This means that you can use GPO's to deploy apps but you still have to ask people to reboot their systems to avoid conflicts. This can create business disruption.
The second problem is that you can only really use this if you are using Windows Server for your AD infrastructure, so relying on these locks you into a Windows authentication environment.
Instead, with Linux, you can use shell scripts, ssh, scp, etc. to build a similar system, alter symlinks, etc. and the user doesn't even know the difference. No need to close applications. No need to reboot. Just when the user opens the app again, it is there. Building shell scripts that handle these requirements is a pretty simple project. Configuring a package to deploy is also pretty simple. You can even use yum/rpm/etc. while the user is using his/her system and not worry about rebooting it or disrupting his/her work.
Then you can even do something very Athena-like and manage your apps in AFS lockers centrally and use automounters to mount them on demand. This way you can upgrade all the Thunderbird users at once with almost no work at all.
Linux has actually had Microsoft beat in this area for quite some time....
LedgerSMB: Open source Accounting/ERP
dont you know FUD rhymes with dud?
Magnitude of 9 is 1.
1 order of magnitude is 10
Two orders of magnitude is 100
Yes, I have seen windows severs with uptimes in excess of 100 days. One I explicitly remember is the primary domain controller at my former place of employment back in the Windows NT 3.51 and 4.0 days...
-everphilski-
Well, the machines have been perfectly secure for years on end - so how much more secure would they be if they were constantly upgraded? I suppose this guy runs a proper shop with decent network configuration and protection in place. The results speak for themselves.
Oh well, what the hell...
The results of this survey shouldn't be surprising to anyone, regardless of who funded the study. MS SQL 2000 has been out for several years, and most of the big security holes have already been found, exploited (*cough*slammer*cough*), and patched. To be completely fair, the study should have compared MS SQL 2000 against the contemporary releases of MySQL and Oracle. It should be assumed that time-from-release has a significant impact on the rate bugs are found, and this study pays no attention to that detail.
On the SCOX board, we deal with the demented ravings of our pet troll, BIFF, with SBDD, ie, Same Biffshit, Different Day.
/., "SMDD", ie, Same Microshit, Different Day.
I propose for
It's not like we haven't heard all of this crap before. Whatever...
I tend to believe the report due to the fact that I had to work with a Linux advocate. Here is the story:
We needed a new server to host+share files for internal use and host Apache/PHP/MySQL for our intranet application. This guy I works with decided to go with Linux. Having played around with RedHat/Mandrake/Knoppix, I thought, yes that sounds good, the whole process should only take a few hours. However, this guy decided to install Gentoo and compile everything from scratch. Instead of a few hours install, it took one week to compile (and the server still has no GUI) and another week for this guy to learn about all the config files he has to alter to make things work!
Personally I have nothing against Gentoo, their goals, etc. However, when you are working in a business, downtime equates to lost time, which equates to money. Just yesterday, an emerge update that was interrupted by a power failure meant our web server was down for 3 hours. This is utterly ridiculous (I know we should have had backups, however we are talking about someone willing to spend two weeks to set up a server in a 10 PC network).
Contrast this to Windows Small Business Server (SBS) 2003. Install took a day, after some mistakes on my part, reinstall took another day, then by the third day we had remote access to Outlook, remote access to each users' desktops, a web server, a DNS server, active directory, incoming fax manager (that can route faxes to e-mail, intranet site, or print), print server, and more.
While the cost of SBS 2003 may have been about the same as Mr. Gentoo's two week salary, when you take into account the disruption to the business what works with minimal intervention wins. I just hope this story can help others going down the path with a similar network admin: DO NOT USE GENTOO FOR SMALL BUSINESS!
It's not stated if these boxes were facing the Internet. If not, then the risk of attack is somewhat reduced. And upgrades carry a risk too - the risk that they'll break something.
For sure they didn't interviewed Ernie Ball for this study.
Slashdot, fix your code or at least hire someone who is competent at it to do it for you.
I agree. With Windows we know we need to reboot the servers nightly. With Linux we never know if we will need to reboot after 300 days, 400 days, or 600 days. It is nice knowing that windows will fail daily.
"...Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts."
For values of business requirements that include Microsoft Sexchange. Miscrosoft Squeal 2000 Server, Microsoft IIS...
Than to hit the fan. One implies that you have plateaued, and that there is still room for improvement after dealing with dogging troubles.
The other, well, that implies that you are a piece of shit.
"The study, commissioned by the software giant from Security Innovation, a provider of application security services, claimed that Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts."
Yeah, that's 'cause we tend to do-it-right-the-first-time and have to much to do besides pointing and drooling. And WTF is this comming from a "security" firm? Why didn't they write that Windows boxen take 68 per cent longer to intall security patches?
Its pretty sad when a commercial OS ships a debugger with their system but no compiler.
Even Satan believes in God.
I think that they do have a point - the grandparent poster running "4 red hat 7.3 DNS servers" and "1 red hat 6 machine that lasted 6 years without an OS related reboot" does seem to be emphasizing uptime over security though. Either you take an hour or two to back up your data, set up redundant services, and upgrade according to your schedule, or someone might force you to update at a "less convinient" time.
AFAIK the nonmodule parts of the kernel are the only thing you can't upgrade on the fly, and how many kernel-level vulnerabilities have there been? I recall one that allows privilege escalation if someone gets a local logon. Perhaps his kernel wasn't vulnerable, or perhaps he decided the exploit risk was low given his environment.
Man!
I have been hearing this stuff since 1992-1994 or so, when Linux came out & the NT-based OS family was just a baby still as well (maybe 1-2 years on Linux as far as public release material & in production work of somekind).
I wonder if this will be going on 10 years from now, yet again? My money's on Microsoft personally. They've always come thru, & a long ways as well on MANY software fronts. Proof's-in-the-pudding, that you DO GET WHAT YOU PAY FOR, & this test proves some things... see my topic, RTFA, is all I can say.
Even a FREE software model cannot topple a paying one! Will wonders never cease...
Anyhow - It starts to get PRETTY OLD! I see this being a state-of-mind propogated here @ Slashdot QUITE A LOT! The "Mine's bigger than yours" b.s., when in some circumstances, on BOTH sides of the fence??
It's just NOT true, & pure "F.U.D." being spread - straight up propoganda.
Yes, Linux DOES do some things better than Windows (e.g.-> Clustering, for now) & it runs on MORE CPU platform types than Windows NT-based OS' currently do (although this was by MS' choice, the older models of NT circa 3.5x series, iirc, ran on FAR more than X86 Intel/AMD stuff).
Windows NT-based OS (NT/2000/XP/Server 2003), however, do shine in areas where Linux doesn't!
(One is the fact its smallest atomic unit of execution is a thread, & it blows away a process forking paradigm of execution when compared for efficiency (yes, Linux does do processes via less CPU cycles, but it was how it was designed & its forte - albeit, an inferior one definitely vs. threads usage), upon which Linux underpinning original foundations lie!
Now, though, Linux has viable thread models like NGPT etc., finally, & not just UserModeThreads, but kernel level ones - Still, here? Seems that the Penguin crowd bit off NT pretty largely here, & other OS', mainly imo for SMP!
(Another hurdle Linux had to overcome, & did... kudos to them, but imitation IS the sincerest form of flattery now, isn't it?)
The point I'm trying to make is: Don't people here get it?
No OS is "uber-alles" on ALL fronts, not yet... maybe, there never will be!
Still, I never count MS out of a ballgame. Ever. Seen them overcome tons of hurdles in the past 15 years almost, & they never fail. Hence, their market share on MANY software fronts.
Too many resources, tons of talent, & cash + connections - hard to beat.
Windows & the Win32 API have a HUGE advantage, & that's the fact that the monetary impetus to develop around & for them is there... & that's resulted in tons of apps for any known purpose, & drivers for more hardware support than ANY other OS out there, period... both are unbeatable apparently.
Else, why does a GOOD 95-99% (approximation) of PC's out there today run with Win32 based OS, & more and more shifting to 2000/XP/Server 2003 by the day because of those reasons above imo?
Nuff said on that account. Do the math, argue with the numbers on it.
APK
P.S.=> What I personally liked about this review was the outright fact that SQLServer 2000 (let alone the new 2005 release) + Windows Server 2003 fully patched/hofixed/service packed etc./et all, was MORE SECURE than Linux + DB/2 or Oracle... & MOST OF THE FLAWS FOUND WEREN'T DB-ENGINE RELATED, but instead, OS CORE/KERNEL RELATED!
How'd you penguins like that I wonder, since you always say Linux is "more secure" than Windows 2000/XP/Server 2003 (@ least out of the box, I KNOW it can be made as invulnerable as possible easily, 1/2 hour's work tops)?
apk
P.S.=>
Security is consistently lacking and it is easily and predictably compromised by worms (on a consistent basis I might add.)
Score 1 for MS being straight forward.
No sig for you!!
Just so you don't miss it: you can get MS' brand new SQL Server 2005 for free with limitations similar to Oracle's, see www.microsoft.com/sql/downloads/trial-software.msp x, Express Edition.
You could get a stripped down version of SQL Server 2000 (= MSDE) for free for quite a while, too.
How about this one:
Upgrade the security of my VPN tunnel to use an N-bit encryption, where N is some number that the OS vendor has yet to have seen in someone else's standard.
With Windows, I'm SOL. With Linux, I can write the plugin myself.
68% longer 100% doable
In my experience the business requirements include "interoperate with Microsoft products". So the windows people aren't having to deal with an organisation actively thwarting their progress. I find it quite quick to get to a standards conforming solution and then painful and frustrating trying to work around Microsoft's embracing and extending.
Backups are for wimps. Real men post their data in comments and have slashdot mirror it
Hmmm... This is getting a little heated and also way off topic, so I'll give brief examples rather than a complete exposition.
(1) Free assembly has been a problem, but I think that is more encouragement of selective enforcement than actual legislation. Free speech is a big problem in several ways, the most notable is the massive expansion of ITAR and EAR. I do not knowingly handle classified information, but it is now illegal for me to discuss certain aspects of my profession (solar physics) with many of my colleagues. If I do so, I can be sent to prison for more than twenty years. That is a result of actual recent legislation pushed by the current executive branch.
(2) Have you tried to buy chemicals recently? Small arms are not very regulated, but almost everything else is heavily regulated and reported. Small arms aren't very useful today anyway for the main point of the 2nd amendment -- which is to enable, as a last resort, armed revolution.
(4) Yes, the PATRIOT act is exactly what I am thinking about. Wiretaps, secret warrants, and tracking of motion and purchases. Seizure is not as obvious and this administration may not be as bad as the Reagan administration (which pushed using the RICO act to seize assets of accused drug dealers without benefit of trial)
(5) Here I am referring to people being accused of infamous crimes against the U.S.A. and being extradited elsewhere for detainment and torture by our government in locations that are not subject to our laws. Guantanamo Bay is one such location, and the popular press is rife with recent reportage of others that have been held in secret.
(6) Both gitmo and the acknowledged foreign torture camps feature here, but the real problem with this administration is how strongly they pushed (to the supreme court) to be able to try civilians by closed military tribunal rather than under a court of law. No star-chamber courts here in America, please.
(8) Torture. This is what inspired my "holy crap" in the grandparent -- our President has stated that he will veto any bill that contains a clause outlawing torture of prisoners held by the U.S.A.
(9) May not guarantee you "...the right to check out communist literature from public libraries..." but the point of this clause is to frame the intent of the constitution: it is not an exhaustive enumeration of all rights thought to be held by people, but rather an enumeration of the ones that were on the founders' minds. Secret searches of library history, bookstore records, and spending habits may not be specifically forbidden but they're against the spirit of the document.
My point here is not that the ruling party is stupid or corrupt or evil -- it is that they are not supporters of the freedoms and moral leadership that we love about our country. I was puzzled by your sig because the ACLU seems to me to be a very patriotic organization: our bill of rights is a huge part of what makes our country special and desirable. ACLU is devoted to defending those rights against elements in our government that would quash them.
Does this crap continue to make it to the front page every other day? It's an independent study commissioned by MS. Of course it's going to say stuff like
"According to the study the Windows platform was "more reliable as enterprise needs change over time". The Novell SLES solution experienced 14 critical breakages, while the Windows Server system experienced none, the report claimed.
Security Innovation also claimed that the Novell SLES infrastructure required 4.79 times the number of patches."
Disregarding that these were probably installed on machines with proprietary software specifically geared to Windows that hasn't even made it into the hands of the Linux community and 4.79 more patches is meaningless when they compare patches for single nonessential programs on Linux versus critical security aggregate patches on the MS side.
Next time, maybe you can have one of your auto-added AOL bots do the study for you!
Nah, they were probably just looking at U.S. Government shops. It takes them 68% longer to do everything.
Microsoft Products are really easy, I must admit. Even a person not familiar with them, or not so well qualified for the job is capable enough to deploy a working environment.
Unfortunatelly this is a major drawback for us, IT professionals. Microsoft sell the illusion that you don't need to invest on training and qualifing your professionals, you don't need to spend lots of money with highly trained people, with lots of experience. No, no, no, no... just upgrade your Microsoft products to the next great version, and you'll be able to keep you current underpayed employees.
With Linux, on the other hand, you must employ real qualified people, people with experience and that really knows "how stuff works".
Let's face it... most business won't invest on their employees unless they're forced to. And that's what Microsoft is exploring, saying that's cheaper to buy licences, than hire qualified professionals.
---- You know how some doctors have the Messiah complex - they need to save the world? You've got the "Rubik's" complex
Just installed Windows XP Pro at work. I'm not addressing technical issues here, just theoretical ones. The End User License Agreement lists twenty seven ways in which Windows leaks data by default just to the Microsoft servers
This doesn't mention the others... By visiting Windows Update, I have to press "I agree" to the ActiveX control which gives whichever website I'm connected to the permissions required to remotely administer my company's computers and remotely access our data.
Hope everyone at Microsoft has got security clearances authorised by the country I'm working for, otherwise it might technically be illegal to run Windows Update...
While some people value uptime/availability/reliability, and others value security, neither of those groups will be running Windows. Laughing at one or the other only makes it more clear that (a) Windows will fail, (b) Windows will fail your security policy, and (c) Windows will expose your organization to unnecessary risk.
Simply put, it takes longer to build a brick house than a straw one.
...then you just proved why Evolution is a reckless theory, much less a respectable Science like ID attempts to be...
/weak/ a force that the very structures it influences are capable of hindering (or even halting) it's progression, then at some point that force needed some /impulse/ to set it in motion. Oops. If you don't understand that subtle philosophical axiom, then you're merely applying assumptions /between/ both end points along that linear evolutionary scale, completing neglecting a body at rest in your equations.
If Evolution is so
you in the Church of Evolution might just wanna to rethink your religion there, partner...
It's entirely possible to do security upgrades without rebooting. The only kernel vulnerabilitys have been local exploits privelege escalation. On a DNS server, everyone able to log in at all will likely be trusted enough that it's not a problem. Bind has had a few issues calling for upgrade, but no need to reboot to fix those.
What really pisses me off is the ay people simply dismiss this out of hand because it shows bias. Every study which attempts to show one system as better than the other is going to exhibit this. There should be some objective truth here somewhere. What worries me is the people with the 'nothing to see here' attitude that come from an inability to obe moved from their religion, be it linux, windows or 'micillaneous.'
Now that I've insulted everyone (especially the Apple people for insinuating there machines aren't even contender), flame on. I will rest in the knowledge that those flaming me are probably even still, not interested in the truth.
You'll never be suprised by the performance of a windows box. It will crash each and every time, on time.
It seems all the 'analysis' posts so far have read a different PDF?
My summary would be:
1) They compared Windows Server 2002 with SuSE Linux Enterprise Server 8, the final step in the study was to upgrade / migrate to Windows Server 2003 and SuSE Linux Enterprise Server 9 respectivly.
2) Both systems were running a common e-commerce stack, MS-Everything for Windows, LAMP for Linux. the e-commerce software used was available for both Windows and Linux (they didn't say what the software was).
3) Both systems were patched each month - patches on both systems went ok, no major differences.
4) They set 4 tasks spaced through the year, involving adding additional features to the e-commerce site by applying additional modules from the software supplier.
5) The second module required a newer version of glibc. This is where it fell apart as they were not allowed to upgrade to SLES9. They attempted to upgrade glibc through three ways. One downloaded the latest version of glibc from a package distribution site, and ran into a large number of broken dependencies. One downloaded the glibc component from SLES9, and ran into the same problem, and the third downloaded individual files and replaced various components by hand, ending up in a working state but with RPM no longer reporting dependencies correctly.
6) Aside from the glibc issue, all milestone tasks were compleated more quickly on the Linux solution that the Windows solution.
So my analysis is that the conclusion drawn by this report is excessivly influenced by the requirement of the e-commerce software to have the glibc version updated at task 2, without allowing the upgrade of Enterprise Server. This is a major undertaking in most systems, the closest I can think of in the Windows world is a full OS upgrade, a very large number of packages are dependent on glibc. That one administrator was able to do it by hand shows their skill imho. There was no comparable task for the Windows admins.
Were I an admin faced with this situation, I would consider the following to be more suitable options:
1) upgrade to SLES9 (it supported the required glibc version)
2) use a different 3rd party tool - the authors of the report acknowledged that there were a wide range of alternatives
3) change to a different e-commerce suite
4) migrate rather than upgrade, provided that a version of SLES8 was available with the new version of glibc.
Did you guys *read* the paper ? I did as long as I didn't have to vomit.
On Windows they applied some normal patches; while the 'milestones' on Linux included real heavy stuff: upgrading glibc, upgrading mysql. Plus patches.
When I upgrade mysql and glibc I upgrade from W2K to Server2003; so to say.
Serious upgrading and normal patches cannot be compared.
So, to me, it is and remains FUD.
On purpose they would not use a period including an update from W2K to 2003; or XP. Even less one when you migrate Exchange from 5.5 to 2000 or similar.
They feel the pain and now spend some big money to some Herbert, PhD, to invent a useless situation.
Deception.
[ends]
... "Well they would, wouldn't they?"
WTF? Why'd this guy get slapped with a "Troll" tag?!
/. is becoming nothing more than a clique bloghole feedbag.
/. to it's purity...
CmdrTaco, your mod system is losing touch with reality, and fast. You know what moves even faster? A growing reputation on the net that
Please, fix the mod system. It's seriously fubar'd. Just remove the random nature and keep a few trusted mods online. f the others with agendas. Return
...an independent study commisioned by evolutionary biologists demonstrates that macro-evolution is true.
... and here is the main reason why!!
..... being free to integrate via compatability or the openness to make compatable ......
proprietary software comes with a given level of incompatability and constraints as to what you can do with it.
Speed of implimentation of something new doesn't mean the users will adapt it as quick as the implimentor installs it.
On the other end there is the company politics and red tape to get approval to impliment something new and cost considerations of purchase.
On the open software comparison side, the implimentation of something new
There are two completely different methodologies here dealing with the primary subject matter of software.
Microsoft has a reputation of being faster to market because they cut corners in quality to do so.
Open Source Software is in no big rush to get anywhere, but moves forward more so because those involved genuinely want to move it forward, Someone who is getting paid to get something to market fast will not only sacrifice quality but may also get a bit blind as to what people would really want if they were allowed to know better.
There was a time when MS ignored Open Source software such as Linux. Believe it or not. But today, its a historical provable fact that they are not doing that any more. Slow and stead has a stronger and more stable foundation.
On innovation? Maybe that's one of the reasons MS is doing this! Maybe they just want open source software developer to hurry up and innovate something that the great imitatior (not innovator) will imitate but get to mass market sooner....and again claim they did it first...
Someone really should teach MS how to count..... grounded zero comes before 1st level distortion.
If you kill the actual java.exe then how can it still hold on to memory?
If actually stopping, waiting, and restarting the JVM(s?) does NOT release the memory then something else is leaking. I saw one computer here that was leaking a small amount of memory because it was constantly refreshing a web page and losing about 4k a refresh (at 2 secs/refresh for 3 or 4 days it adds up).
You also might want to enable some logging on your JVM like -verbosegc or -Xloggc:[filename] to see what's happening related to the garbage collection.
--- I wish I could hear the soundtrack to my life. That way I'd know when to duck.
I trust this independent study completely
Because they have to be good at what they do to have MS as their number one partner.
"Microsoft. Security Innovation is a certified Microsoft partner for security services. We have both the Microsoft SWI and ACE certifications as an authorized professional services provider for Microsoft technologies."
I wounder why they didn't upgrade the server their web site is on during the study. Could have been paid for by MS.
netcraft.net toolbar results:
Performance Systems International Inc. 1015 31st St NW Washington DC US 20007 38.113.6.31 Windows 2000 Microsoft-IIS/5.0 24-Mar-2005
I lost my sig...
Well, that's what you'd expect. Take the set of companies that are/were running Linux but are now Microsoft customers: do you think they might have encountered a problem with Linux?
Companies that were Windows shops but are now Red Hat customers aren't likely to be thrilled with MS, either.
I should buy some cement.
In reply to the Question in the other reply.
:)
A Linux retard
Anyone that take 5 hours to put a Windows desktop together needs to find another job.
It does keep this brainless element from breeding at least, it takes them 30 mins to setup their box and 6 months to get half connected to any of the Corp systems, and the best part is they don't document how they did it and in 12-18 months time they have to do it again from scratch.
Linux users = a waste of money,a waste of space and air and just about everything.
Signed
A converted Linux user and supporter
Yea, I got my first crack rock free too. Actualy it was free the first couple of times. It wan't until i thought i really needed it before i was getting charged.
independent study downplaying the viability of Linux at the enterprise level.
It's really about Microsoft downplaying the visibility of Linux at the enterprise level. Something which, let's face it, is really bothering them.
The higher the technology, the sharper that two-edged sword.
I don't have Word installed on my computer, but if I try to open a .doc file, it starts the installer. Click cancel...and Word opens... Yeah Micro$oft, that's REALLY helpful...
So evolution works as long as a species doesn't evolve far enough to develop the abilities to thwart it? You're still not looking at the big picture though. What if our thwarting evolution is only a speed bump along the way. Maybe it will be our downfall, and we'll be replaced by a species that knows better than to fuck with mother nature. Too soon to say IMO.
It's not enough to bash in heads, you've got to bash in minds. - Captain Hammer
I got windows boxes, but they all have GRUB runnin on them tellin the operator to choose SuSE or Wonder$$$, or Mandrake or Wonder$$$. Even made SuSE, Mandrake, Ubuntu,WinME, and Win2000 all live on the same box. Its a challenge. Thats the trouble with new compoooter users, they are f**kin babies who never earned the technology they are using. They have it given them with a comic book, a crooked smile and a dirty deal on a clipped DRM box with all of two slots and a micro ATX board that could not make it in a white box builders open market; and are then told to prove Einstein right or some such. Sure, do an 'independant study', unattributable of course, statistically unsound, and with so many other unknowns and failed 't' tests for skewed data that if the intregrity was'nt blown just by its connection with Micro$$$, its naked fawning over Windo$$ would clinch it all by itself. Besides, while it may take a little time to set up a linux box, one can laugh all the way to the bank afterword. And another thing. The excuse for shirtstuffin that spewed out about short setup times probably was talking about setting up of the operating system only and not the applications for windows. In windo$$, the longest process is setting up the applications. In windo$$, one has to BUY EACH AND EVERY APPLICATION, while in linux they are all mostly open source and free as the air, like they should be. In windo$, one has to take much time setting up each application and its bloatware. For instance, try setting up micro$$ 'office' products in less than 30 minutes to an hour for each one. Just try! In linux, StarOffice sets itself up and all its parts all by itself in less than a minute or two during the system installation process. That is where those micro$ wankers live. They know this while the general public does not and they are deliberately misleading them by ignoring the fact that linux systems set up the complete system with what in the windows world would be thousands of thousands and dollars worth of software, thousands of applications and their automatic configurations; and linux does it all in one operation. This is not the figure that windo$ points to, the time to set up the whole box and all its applications. If the crooks like Balmer were honest, an oxymoron, windows true setup times would show their real numbers, about two to three man days or more if the hardware was strange. And proprietary DRM boxes are the heart and soul of strange!
I have seen windows installations crash and burn because one changed or installed something as small and inconseqential as a joystick. I speak from experience, long experience, as a windows installer on HUNDREDS of strange boxes from old DTK's to THE's (yes it existed
and worked out of Chicago on the late 80's) to PackHard
Ball [Packard Bell chipcount boxes weighed their motherboards on the same machines drug dealers use in order to get the smallest bare cost into the largest price they could], to Compaq boxes that were better but still small [dumb people were sold on the insipid idea
that 'small footprint' was somehow better....but they got what they paid for?....NOT]. This in the long years when Bill Gates was thought saving the computing world from the likes of power hungry IBM. Yep sports fans, we created the freakenstein monster that micro$ is today by flocking away from the PS/2 and OS/2 from IBM that was going to rule the world with a 100Mhz '486 and 64Meg of 140nsec ram! I still have my old OS/2 edition of Warp, the operating system that Gatesy rooked out of IBM. Yep, he let IBM do most of the work in their partnership of the cat and mouse, and like the cat and the can of fat: he made off with the goodies and told IBM....ALL GONE. Maybe ole Steve Balllllmer ought to go back to Lotus where he learned if you cant make a better product, then go to bribe enough courts or buy enough laws that your competition is ruled or legislated out of business while you and your bought and payed for mouthpieces laugh all the way to the bank over the bankrupt bones of your customers. Greshams law! Bad drives out good. But then no one will read this. The reviewers won't have the guts to post it!
You've completely missed the point (intentionally, I'd assume). We haven't hindered or halted evolution. Evolution is an adaptation to a creature's environment, and we've changed the environment.
But what they didn't mention is that the new features implemented by the "linux counterparts" also crash 68% less often.
windows is. qed.
Obligatory Simpsons reference, followed by gratuitous useage of the phrase 'Beowulf cluster', followed by the offtopic and manditory '3 steps to $$PROFIT$$' joke.
Understanding the scope of the problem is the first step on the path to true panic.
Windows is "more consistent, predictable"...
You KNOW it's going to hose itself, you KNOW it's going to be slow, you KNOW it's going to be insecure, you KNOW it's going to be complicated to manage...
Not much we don't KNOW about Windows.
Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
FSCK!!!!!!! Forgot to mention the 'I for one welcome our overlords' bit.
Understanding the scope of the problem is the first step on the path to true panic.
> So evolution works as long as a species doesn't evolve far enough to develop the abilities to thwart it?
/is/ part of evolution. You just took a philosophical u-turn. Try and stay on track here. Look, it's really a rather simple concept which most proponents of Evolution avoid (like the plague) when discussing such things, like you just did above. I'll try to illustrate in simpler terms...
/impulse/) unless either 1) /someone/ inside the car turns the key, 2) /someone/ outside pushes, or 3) some other force (such as another car) hits it from the rear. And from 1, 2, or 3 a progressive wave of influence is propagated in the car's environment as it's set in motion, running over mailboxes, hitting other cars, et cetera. At rest, it does nothing, and the world around it as well...
/sub/set and without knowing the impulse behind those numbers in your experiment (and entire sample set). Now, you must figure out number 3 above, since evolution relies upon it. To exclude the limits of that sample set and the impulse behind it, at best you have a theory limited in scope (to that finite sub set which is incomplete even today). So many gaps between genomes hierarchies. So, you need to ask yourself not "why evolution?" but rather, "when evolution?". I leave that to you as an exercise in philosophy. Ask yourself that question instead. It will aid you in your understanding...
No. No one ever said that. By your definition, that
You have a car. The car is a force which in turn exerts other forces (once in motion). A car does not move (have the
1 and 2 imply ID. 3 implies that linear path along the evolutionary scale. Unfortunately, the 3 is more like [3...], which is indeterminent, unfalsifiable, and without limit. Thus, without considering a point of reference (and completely omitting it for convenience sake), your application of similiar genomes along that linear scale is like a mathematical interpolation of unrelated sample points from an indeterminant finite sample
From the report: "This study and our analysis were funded under a research contract from Microsoft. As part of the agreement, we have complete editorial control over all research and analysis presented in this report. We stand behind our methodology and execution of that methodology to determine objective results that will be useful to customers, industry experts and analysts." (Emphasis mine) ... and the customer is Microsoft.
"Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts."
When you don't know what you're doing, it's easy to implement new business requirements.
What's hard is repairing them later - as in vendor lock-in, expensive upgrades, security breaches, ever-rising costs, etc, etc, ad nauseum.
Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
I don't think they actual bother reporting local root exploits in Windows.
Actually, Ballmer did mention something once about a HUGE local root (erm, LocalSystem) exploit in Windows. He mumbled something about a design problem, impossible to fix without breaking every Windows app out there, and then went on to say something about already having said too much...
If you're managing logins and such trivia, you generally bind them to an SSO solution like LDAP or maybe something more specialised. If you're literally administering thousands of identical servers, you choose one of half a dozen cluster management suites to suit your application.
I have seen AD take 11,000 servers off the air in about ninety seconds, so I'm not all that enthusiastic about it.
WRT uptime, I manage one commodity box running three services and with an uptime of well over 700 days. The customer has literally forgotten the root password over a year ago, so no maintenance would be possible without offlining it. I manage scores of other commodity boxes with typical uptimes of a year (I like to update the kernel about every year; I'm looking forward to two-kernel monte becoming common, so switching kernels will no longer require a reboot), and they're running at least 3, typically 7 or 8 Internet-exposed services apiece. Having a Linux box run forever is not a notable event.
OTOH, it took until something like 2003 for the first MS-Windows box of any kind to hit two years of continuous uptime, and that's really, really rare. You'd also have to either be running maybe one, at most two, really obscure services on it that weren't likely to throw any vulnerabilities in all of that time, or protecting the box extremely well. I'd be interested in finding out what your idea of "really great" uptime is.
As to management in general, I remote-install and distro-upgrade Linux boxes (imagine updating Win2k to Win2k3 on the run without physical access) routinely. I don't know of anyone who installs or upgrades MS-Windows that way. I don't know... could AD manage such a migration? I know a very few people who Ghost or SUS out one or a few standard installations and then manually adapt them, everyone else babysits each install and then each app from CD, and has a hard-won list of which applications are hostile to one another.
Linux admins just ask the package manager to install a short list of things they need "and anything required by them" and forget about it until it's done. If there are a big pile of identical or near-identical servers, you can orchestrate the execution of whatever commands you like on the whole lot in parallel (there are several different system available to choose from to do this), rather than being limited to whatever a particular management package thinks you'll want to do.
Got time? Spend some of it coding or testing
You Must Be New Here.(TM)
USE HOT GRITS WITH STATUE OF NATALIE PORTMAN (NAKED AND PETRIFIED)
I don`t know how they can claim linux is less consistent.. /dev/something, always accessible as a file.. /lib for libraries etc) contrast to windows where multiple types of files are stored in the windows and system32 dirs. /etc for system wide and your homedir for user-specific, windows usually uses the registry but often in inconsistent locations within, and sometimes windows will also use seperate files in differing locations.
Assuming you don`t try to run multiple distributions (which is effectively running multiple different os`s) there are lots of things which are consistent under linux but not windows.. For instance:
Access to devices - always
Package installation - consistent across the os, the entire os and your applications are installed and removed with the same package management tool.
File locations - files are sorted under descriptive subdirectories on linux (/bin for binaries,
Configuration - linux stores configuration in
Interface - commandline, the linux commandline is very consistent and flexible, you can manage the entire system from the commandline and it`s very similar to other unixes.. the windows commandline is nowhere near as flexible, and is different from anything else that exists.
interface - graphical, ok, windows wins here for consistency, but not by much if your using a complete environment like KDE and associated apps on the linux system.. there are still a large number of inconsistencies on both interfaces.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
A. Cost of Leon setting up server with 3 services (DNS, email, fileshare): 4 hours @AUD$120
B. Cost of Leon attending on site roughly once a year: 2 hours @AUD$120
C. Cost of Leon remote-adminning random stuff 4x a year: 0.25hr @AUD$120
Nett cost of Leon over 2 years: A + 2 x B + 2 x 4 x C == 480 + 2 * 240 + 8 x 30 == AUD$1200 (+GST)
D. MandrivaClub Silver membership, per year: EUR$120 == AUD$191.54 (x 2)
TOTAL: AUD$1583.08 (+ AUD$120 in GST) or AUD$791.54 pa or AUD$39.58 per user per annum
A. Cost of random MCSE setting up server as above: 4 hours @AUD$80
B. Cost of random MCSE attending site roughly monthly: 1 hour @AUD$80
C. Cost of random MCSE remote adminning roughly fortnightly: 0.5hr @AUD$80
Nett cost of random MCSE labour so far: A + 24 x B + 52 x C == 320 + 24 x 80 + 52 x 40 == AUD$4320 (+GST)
D. Cost of Windows 2003 Server (Standard, OEM): AUD$1105 (+GST)
E. Cost of 15 extra user seats: AUD$272.80 (+GST and x 3)
Cost of OS software: AUD$1923 (+GST)
F. Cost of virus scanner: approx AUD$80 (or may be seat-bound depending on vendor)
TOTAL: AUD$6323.40 (+GST) or AUD$3161.70+GST pa or AUD$158.09 per user per annum
That's going to be significant to one figure, maybe, so call it three grand a year vs eight hundred bucks a year and less downtime. Call it four times as expensive to install and run MS-Windows.
It also uses a free 3rd-party MTA for the MS-Windows solution. If you wanted MS-Exchange, the cheapest way to get that is SBS, which nudges the software cost up by AUD$1657+GST, or more than the entire Linux software and setup cost.
Also, I'm being kind to the MS-Windows side by assuming 20 users. The 21st user costs $272.80 (or for SBS, $635) extra, nudging the total cost by a further 10%.
On top of the facilities provided by SBS, the Linux server software includes a choice of SQL databases, a choice of webservers and wide choice of scripting launguages, several complete development environments, a virus scanner (for protecting the MS-Windows clients behind it), highly advanced routing/filtering/mapping/firewalling facilities (including Layer7), a range of VPN technologies, complete thin client support, failover support and assorted clustering tools, and too many other services and packages to list.
Got time? Spend some of it coding or testing
Four to six times as expensive if you go the SBS route.
Got time? Spend some of it coding or testing
"It's the only thing I know, and I can remember one or two that didn't crash constantly, so it must be all good".
Got time? Spend some of it coding or testing
The rewrite also strips off leading w's-plus-dot, so http://www.fredsden.com/, http://ww.fredsden.com/ and http://fredsden.com/ all map to
I'd pay good money to see you implement that in any type of Microsoft GUI tool, other than as a special case (i.e. a facility which was coded into to a GUI to do specifically this one task).
It's a very simple change to do stuff like put the main website in
Also, if some MCSE hands you a website that's case-blind (e.g. links in the text say Data/ThisFile.htm but the file is called Data/thisfile.HTM) you can use a find-plus-tr one-line script to lowercase all of the actual filenames in the file tree, then change the second-last RewriteRule to also lowercase each incoming HTTP request (only up to the first "?" if there is one) to match.
Got time? Spend some of it coding or testing
If a GUI qualifies some TIBMIN who got little more than drool on their engineering exam to do airframe maintenance, then I'd rather walk than ride in a 'plane serviced by one.
Why, do you suppose, are Microsoft-based servers getting cracked so regularly when they're next to useless in terms of what can be done with 0wn3rsh!p of one? To put this in context, there are three times as many Apache servers out there as IIS, but IIS gets cracked more often. Are you prepared to admit that point-and-drip administration might be a significant contributing factor?
Got time? Spend some of it coding or testing
I've installed Windows DHCP server, which is not such a bad project compared to this. It can take a while to click all the "Next"-buttons. MS DHCP tends to bitch and moan about crap.
.conf file and change it a little". Cranted, you can probably do more shit from the MS DHCP, when you're using XP.
On Linux it was essentially "copy an example
Please tell us how someone would *remotely* exploit a *local*
root exploit then if they didn't have an account.
You see , if it could be exploited remotely via buffer overflow
etc it wouldn't be classified as a *local* exploit. Are you
following this simple logic? No? Well , the clue trains leaving
soon , I suggest you buy a ticket.
...does upgrading PHP require a reboot?
"would point to secure Linux and say that Microsoft doesn't have anything that competes in this arena" - by FatherOfONe (515801) on Wednesday November 16, @05:05PM
You should be better informed: Windows Server 2003 has the security configuration wizard, & it does a VERY good job of this, easily via a point-n-click GUI that has a decent amount of "intelligence", & especially in the area of cuttong off unnecessary services & yes, more.
This does an even BETTER job of it, if you take 1/2 hr. to apply its settings:
http://www.avatar.demon.nl/APK.html
Additionally, if you did not notice (on the topic of security here from this article)?
Did you note that a fully patched Windows Server 2003 SP #1 + hotfix/updates in combination with SQLServer 2000 (no less an older version, and I would wager SQLServer 2005 is even more secure because MS has put SO much stress on it) was more secure than BOTH Linux setups running IBM DB/2 & also Oracle??
So much for Windows being less secure - because if you read & noted that as I did? The problems weren't DB-Engine related, but rather OS core/kernel level problems in the arena of security!
That just illustrated (via a legit test) which OS core is more secure, & Windows Server 2003 won, hands-down, most of the time if not ALL of them in this test!
APK
Interesting analogy, except that it bears no relation to evolution at all. Why not compare it to gravity instead? Or a cheeseburger? When evolution? Always. When you think about it, nobody has to get out and push for the processes involved in what we call evolution to work. It's just the way things work. We're still trying to figure out all the hows and whys, but there's a method for that. A method that ID conveniently ignores. Talk about unfalsifiable. ID is what you get when you throw up your hands and say "Well, I don't know why things work this way. Let's just call it God's will."
it could be done with an internal debian repository, and a cronjob on each to run apt-get update && apt-get upgrade && /sbin/reboot at midnight.
Sounds like you've been scarred by Windows - poor you. With Linux you don't actually need to reboot unless you a) need to change hardware, b) need to change kernels, c) need to do some serious repair work (e.g. messed up partitions,) or d) something else that I haven't though of. ;-) This is why Linux geeks can brag about their uptime of hundreds of days and still have a fully patched system.
Granted, patched kernels do occasionally appear even in Debian Stable, but that does not mean you have to suffer the downtime every day. There are more eloquent solutions. For my Debian Stable boxes I use a package called "cron-apt" to notify me if there are any updates available and to download the updated packages. I can then SSH in and do "apt-get upgrade" and always know what exactly is being updated. Not that I claim this to be the best solution in the world, but it works for me.
Also, with remote reboots you are always taking a chance that these will fail. Yes, they never should, but sometimes they do. The more complex the setup the more danger there is (e.g. problem with some other device on the network,) although usually it's a "stupid admin" problem. You don't want to have to go out to the remote site just because your server hasn't come back up, whatever the reason.
... but I think "hitting" misunderestimates it: breaking would be more accurate.
yes, i was scarred by windows :(, but ive been using linux for about 3 years and freebsd for about 2 months now (my gf loves debian !)
the reason i say reboot at the end is so you can put a new kernel on your internal repository. it also means you dont have to write a shell script to restart any services that were updated. It also forces applications to reload any dynamic libraries that may have been updated.
updating using this method should be perfectly safe, presuming you properly test the packages on your internal repository before you leave at the end of the day (or dont put them in the repository).
i wouldn't do this if i was updating from the official debian repository, even for stable, as things are more likely to go wrong.
ssh wouldn't be useful in the situation i was suggesting a fix for, as it would mean doing each of 10000 machines individually.
Just to clarify, when i say internal repository, i mean one source in sources.list, pointing to an internal server, containing only packages which were placed there manually and properly tested. If all the machines are the same, there should be absolutely no problems (as i say, properly test for any differences in the machines).
...DDT is totally harmless to humans.
...asbestos is totally harmless.
...tobacco is totally harmless.
...cars do not pollute.
...computers are easy to use.
...cows do fly.
I pay, I say - you shut up and write!
If all else fails, pull the plug and get out...
The Life is out there...
Learn to read. Why do you think apache runs as a non-root user? So that when an exploit is found its not a big deal. But if you have a dozen local root exploits on your system, then suddenly ANY remote exploit at all in any software running as any user becomes a remote root. I suggest you use your fucking brain for a change.
Regarding your comment about remote administration and installations: I use a network-enabled KVM and do lots of full installs, upgrades, and updates over it from well over 300 miles away from the server. Even completely reinstalling with a full drive format and everything, so it is possible. I will admit, though, that I'd MUCH rather do this with a BSD or Linux than with Windows. Doing anything remotely with Windows takes 10x as long as it does on Linux. Looking at remote administration capabilities may be a good study if done objectively. I'm sure I'm not alone in the market of remote administration of a mixed environment of several servers scattered around the nation.
There are some limitations to SQL Express.. in some ways the older MSDE 2000 was better... The biggest limitation is lack of admin tools with sql express.. but afaik, there's talk of correcting some of that soon.
Michael J. Ryan - tracker1.info
The irony in what you point out, is this is these are the main reasons windows reboots on many updates... a lot don't *require* the reboot, even if they say they do, but managing anything using direct-x that may be runing before updating the libraries isn't so great, easier to reboot to effect the changes.
Michael J. Ryan - tracker1.info
At my old job we maintained over 40 servers where atleast half were windows (I was one of the windows admins but did minor NIX work and worked closely with the nix people since the windows and linux servers are setup to depend on eachother in several different ways, authentication, mail, fileservers etc etc etc). This system handled around 30.000 users that used the servers via LAN and internet access... There were actually seldom times when the windows-servers or the NIX servers crashed but I did notice one thing, when the NIX servers crashed they crashed far worse than the windowsboxes but at the same time it was not erally noticable for users not when the windows-servers went down either. Once in a blue moon a server needed a reinstall and that never took more than 30 minutes because all the servers could netboot any of our premade images (This was administred via the DNS-Setup btw so that you didn't actually have to touch the server more than press the powerbutton and hit F10 or F11 for net pxe boot and voila the server was back up freshly installed with every single piece of software and patch it should have (All securitypatches autoinstalled with the exception of those hotpatched into the image).
:P !
What I learned from that job was that the most tedious work was simply administrating windows clients, fixing the softwarepackages and fixing registryissues and simular with those packages (Wise can blow chunks at times). The servers had no real differences in administration. A disk broke? Raid + hotswap for the win. Server crashed? Reboot. Still not working -> netboot and voila fresh install.
One thing I DID notice though that I really can't accuse others for since I'm a master at it myself at times are hobby-solutions. I noticed a far larger amount of those on the NIX-servers than on the windows servers.... Not to mention actually administrating and finding every single path you put some script in, but at the same time very nice.
One thing few Windows administrators seem to either know about or bother with are WMI-scripts that remove a fuckload of work from your day to day schedual if you want it to, more time to read slashdot
You will always experience different problems with different servers. I saw a nix server corecrash due to a find in root, I got a windowsbox now crashing exchange daily (NT 4.0 tbh but still).
Also one thing that seem to be the issue in linux vs windows debates is the general lack of knowledge of the platform you are not primarily using... Seems most linuxadmins base their knowledge on Win NT 4.0 server or 2000 and have never seen how nice a 2003 server can be with policies, wmiscripts and what not. Same with windowsadmins, I'm no linux-guru and probably never will be. I can do basic stuff, I can play with iptables, I can do the basic administration necessary but I'm not gonna sit here and say "Oh laaawd windows can do XXXX soo much better when I've never fully administred linux-system from the grounds up... That would be ignorant.
Er...
Understanding the scope of the problem is the first step on the path to true panic.
i wonder if its possible to write a 'reload shared libs' app (i wouldn't beable to, but if its possible, somebody could).
It would be a very cool feature of the hurd, if they adopted it (as hurd can have more than one concurrent kernel)
I do not see any connection between business(!) requirements and
...) ...
...
specific operation systems.
The typical business requirements are
- team coordination (MS Office, Evolution,
- messaging
- document creation and management
- CRM
-
You are free to continue the list for Your own business.
And unless You need some special software that has no counterpart
on any other operating system, it does not matter if You use
MS Windows, Mac OS (X), Linux,
The interesting thing is that Microsoft is again comparing its software
to Linux. They do not mention Apple, BSD, Zeta and others.
It seems, that they are really concerned about linux.
IT experts had more trouble upgrading Windows than Linux. I'm just left wondering what "IT expert" means, someone who has worked in Windows for the last 12 years?? I've had hardly any trouble switching to SuSE 8 from Windows and then upgrading to SuSE 9 without any prior knowledge of Linux, somehow I don't see "experts" having a lot of trouble.
"I see undead people" Warcraft III - Necromancer
The is another way of saying "no scientific conclusions may be validly drawn from my study, but I am going to draw some anyway". Further, you no doubt knew Microsoft would tout such invalid conclusions whether or not you did yourself. Do you believe this behavior is ethical?
Remember all those "yet another local root exploit in the linux kernel" advisories? Maybe you should actually upgrade when that happens. Suddenly linux isn't so perfect.
Most people don't have to upgrade when there are local root exploits. Local root exploits are primarily an issue on multiuser systems. With XP, people don't even bother reporting these because XP's userland is so insecure.
This attitude of "I'm not going to maintain my servers because I try to compensate for my tiny penis with a long uptime" seems common amoung linux admins
Perhaps. But women tend to prefer reliable small-dicked nice guys to self-destructive big-dicked jerks. And even if they don't, hosting services do.
Dr. Thompson,
Though your study pits Windows versus Linux and claims Linux has a higher TCO, what is the actual marginal cost of implementing a Linux box versus a Windows box? Only three machines seems hardly determinant or significant. Implementing one Linux machine may be (although I don't believe it) more expensive, but several Linux machines may cost less than the same number of Windows boxes.
Also, with respect to updates, did you consider all of the upgrades in Red Hat's "up2date" as "patches" or simply as "upgrades" with a few being security patches.
Did your study favor GUI over command-line interface or vice-versa?
Did your study log each crash/reboot/system error thrown by each machine? Also, were you required to run any "system restores" on the Windows machine?
Did your study consider alternative operating systems with high security (such as OpenBSD)?
If you could "fix" Linux (or at least the distros you reviewed), what would you insert, update, or delete?
Would you consider running the same study with a very powerful package management system, such as APT?
Thank you,
Drew E.
At least they admitted they were funded by Microsoft, but I was interested to see exactly what their methodology was to try and prove Windows was easier to manage. So they have this table where as far as I can see, the Linux patches take about half the time to install than Windows. Except, as you mention, where they have the admins reinstall glibc!! Are they serious? Do they have any clue what that entails? That's when I stopped reading and assuming there was worthwile info in this report. Yes, yes, a serious linux hacker will update glibc, heck they might even recompile the kernel with different settings, or heck, they might even download the nightly sources for the linux, and recompile a new image, but you wouldn't expect some admins to do that, on a *production* system, that's insane - that's why they are using SuSE instead of the source. SuSE is ensuring that all the libs work together well.
How would you even make this an apples to apples comparison? "We need the new file system functionality from Windows Vista", so just, uh, feplace some of the core windows\system32 .dlls? Or what? Exactly...no sys admin in his right mind would do that, so either the Linux admins they hired weren't real admins, or they said "sure, I can do that, with Linux it is possible (and 1 admin in fact was able to successfully get it working), you're footing the bill, but it is *not* recommended in any way..."
The report was very ambiguous about the reasons for upgrading GLIBC. What sort of "Enhanced Search" feature requires a GLIBC upgrade? Moreover, how many serious linux admin's just download and upgrade glibc willy-nilly? How many of them do it with a package manager? No kidding everything broke.
Uptime is good! It gives the servers time to rest!