Slashdot Mirror
Microsoft Claims Firms 'Hitting a Wall' With Linux
maxifez writes writes to tell us that Microsoft has released yet another independent study downplaying the viability of Linux at the enterprise level. The study claims that Windows is "more consistent, predictable, and easier to manage than Linux." From the article: "The study, commissioned by the software giant from Security Innovation, a provider of application security services, claimed that Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts." Vnunet.com has also provided a PDF of the original report.
Yet another "independent" study.
"Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts"
What the study failed to mention is that 86 per cent of the time to implement was spent convincing the executives and attorneys that using Linux was worth pursuing.
Trouble making decisions? Just flip for it.
--
Given enough personal experience, all stereotypes are shallow.
Interesting. Unpredictability and inconsistency were the reasons why I originally (way back) moved to Linux. I found that with Windows I always had to think about what the developers might have thought when making Windows and how it might try to outguess me this time. It seemed as if Windows applied some heuristic to guess what it was I wanted to do and did that instead of what I told it to do, often without asking me first.
Linux may have more implementation overhead but the results, I would argue, are generally superior.
M$ paid the Yankee Group http://www.yankeegroup.com/ to do research on the subject. From the Yankee site: "At the crossroads of opportunity and technology, Yankee Group Consulting provides customized solutions to help companies achieve success. ... that result in growth, leadership and profit. "
Would they be honest about it, if Linux was as fast or faster? No, they say what their client wants to hear, resulting in publicity on /.
Expressing the problems to the public will actually get them fixed. Why do you think bugs get fixed in Windows? Trust me- it's not Microsoft's good will. It's the customers bitching at them to fix the problems. Likewise happens with open source, except if you have the expertise to do it, fix it yourself and commit the patch. If the maintainers like it, everyone else who has hit your problems will feel the joy of someone fixing a common annoyance. If you can't fix it yourself, submit the idea to the forums or mailing list that is associated with the problem. Someone might fix it for you.
However, if you are just going to sit there and bitch to yourself about the problem but do nothing about it, that includes not even informing people that there is in fact a problem, you have no right to complain. You didn't try.
Proprietary (but for Linux):
I bitched for months to ATI repeatedly to get them to get suspend/resume to at least work a little and to make the video card stop sapping the power of my laptop like a vampire.
ATI 8.10.16: Initial suspend and resume support and power management. Huzzah!
[!] No, I can't see my comments. They are not worthy of +3 moderation.
On the Linux side, I simply rsync software to all our of workstations. I can even upgrade software people are using right at that moment (like rsyncing the newest thunderbird to /usr/local/thunderbird-1.0.7 while they use the thunderbird in /usr/local/thunderbird-1.0.6, and then moving the /usr/local/bin/thunderbird symbolic link to point to the new version). On the windows side, I wander around bugging people to take an early lunch or whatever while I install/upgrade software on their machine.
There are plenty of ways in which Unix-style systems are easier to administer than Windows boxes, but this is not one of them. Windows actually has quite decent remote administration tools these days, including a fairly nice infrastructure for performing remote installations. Assuming you add some third party components (or are installing to a server with Terminal Services), ad-hoc remote access is also quite good.
I'm a big fan of Linux (I have seven computers at home; six run Linux, one runs OS X, no Windows, not even a dual-boot), and I'd probably drive a bus before I'd work as a full-time Windows sysadmin, but even I can't let this sort of FUD pass.
I suggest that you learn Windows first, then rant about it. You'll still have plenty to rant about, but you won't look like an idiot doing it.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts.
And how long maintaining them afterward? How many flaws or deviations did their implementations have? How maintainable were the implementations?
I'm not saying that Windows automatically leads to that type of thing, but saying "hey, the implementation was done faster" is the most meaningless of statistics. I've had experiences where I took longer to implement a solution on the same platform as a competitor, but my solution was more complete, more fault-tolerant, and future changes took about a third as long. Which was the better solution? I suppose that depends on whether fast or good is more important.
This whole thing is a quantitative analysis without any consideration of qualitative differences, making it pointless as a basis for reasonable discussion.
This is why Microsoft gets accused of FUD: instead of comprehensively making their point about where Windows is a better choice than Linux, they produce pointless "flashy" studies like this that provide no real argument.
We may not imagine how our lives could be more frustrating and complex—but Congress can. – Cullen Hightower
You don't put that on a resume... you detail that you performed routine maintenance on a Microsoft server, of course.
In the PDF speaking about RHEL 4 including selinux compared to RHEL 3 which doesn't have selinux...
"The data indicated does not seem to indicate drastic security vulnerability improvement for RHEL 4"
I usually don't get pissed off about these Microsoft studies, but this is more than FUD. It's a lie. They compared the security patches for RHEL 3 and 4 over a 2 1/2 month perdiod. RHEL 4 had more. They indicate that selinux did not make RHEL 4 more secure. The point of selinux isn't to lessen the number of security advisories. IT'S ANOTHER FUCKING LAYER OF SECURITY. It's akin to a firewall or antivirus. It's exactly like saying "the month after microsoft released Windows defender, 38 new viruses were detected in the wild. The month before only 30 new viruses were found in the wild. Windows defender seems to have little effect on spyware and viruses." There's no connection. selinux would make it so a vulnerable piece of software would have a harder time being exploited and an even harder time getting total system control. A hole is a hole. Whether or not it is easily exploited or not doesn't matter. It needs to be patched regardless. If sendmail has a buffer overflow that selinux is able to mitigate, sendmail still needs to be patched. Whether or not they will be able to successfully exploit it is another question. It doesn't stop the fact that sendmail has a buff overflow.
You'd think a "professional" security agency would have more sense than that, but aparently not.
k thx get the lies campaign.
If an officer ever threatens to taze you, say you have a pacemaker.
A few years ago (admittedly my Linux knowledge wasn't what it is today) I set up a dual boot system for my girlfriend. Windows 98 and Redhat 7. It took me 6 hours to get Windows 98 installed and configured with all the apps she needed (MP3 ripper, VNC server, MP3 player, IE, Outlook Express and her dial-up connector). I also took the time to set up a custom Quick Launch bar with simple one click access to applications so it really worked a lot more like an applicance for her. It took me 6 DAYS to get Redhat configured to do the same things and a host of extra things that I couldn't afford to set up in Windows. However, when I tallied up the cost of software to do the same exact things in Windows, I was looking at about $6000 for software alone.
On top of that, the Redhat installation ticked along for four years solid with not a glitch other than an occasional fsck due to a power outage. The Windows installation needed to be fixed and re-installed at least 35 times in that same period of time. And Windows still didn't have all the functionality that the Redhat install did. She ditched Windows once it was no longer a work requirement. She's now my wife and we have several Linux boxes (she's no techie) and one XP box that only I use for the occasional video editing foray. (I've recently rediscovered Cinelerra and will likely be losing the XP box within the next year)
The point here is which would you rather have your admins doing? Spending all their time fixing ailing boxes with multiple occurences of downtime over the years? Or... spending a longer period of time getting it "right" and not having to do much with it due to the LACK of downtime for the box? I think Microsoft loses yet again.
-"...bad old ideas look confusingly fresh when they are packaged as technology" - Jaron Lanier (Digital Maoism on Edge.o
In addition the article mentions upgrading SUSE Enterprise 8 to SUSE Enterprise 9 while the PDF talks about using RED HAT EL 3 using MySQL or Oracle. The PDF further states that RH was used because is the "current leading distribution." If it is the current leading distribution, why wasn't it used in the other study as well? Why weren't both used in both studies?
I took the time to look at the PDF because I was curious what the "new business requirements" were. Was it simply the time it took to update to the next OS, or were there other requirements such as installing MS Exchange? If the requirement included specific software, which software was used and why?
Great civilizations have lived and died on false theories. Don't mess up mine with a few facts.
I read that too and was shocked. Basically, they are rating the reliability of SLES 8 and 9 and RHEL 3 and 4 and custimizing it to the point where red hat and suse probably wouldn't support you anymore. Compiling your own MySQL you could get away with if it weren't a mysql related issue (however in this case since it's a database study it's very important). But Glibc!?!?! You have to be kidding me. Almost everything on a system depends on glibc and is arguably one of the most tested components on a system. Compiling your own Glibc on a whim would void any support you have with those companies. If done incorrectly it could render your system completely unusable.
If an officer ever threatens to taze you, say you have a pacemaker.
One virus outbreak completely flushes the study. I had a virus get into a Windows 2000 server and it worked me to death. That doesn't count what happens if the virus propogates through the network from my server. Explain that to your boss, especially is a VP was the one who infected the system because the boss insisted he have manly rights "just in case".
If you aren't part of the solution, there is good money to be made prolonging the problem
It's true, generally it's a lot less timeconsuming to implement project requirements in Windows, as opposed to Linux. But, I've also found it's true that it's much easier to make future changes, tweaks, etc using Linux. The norm in Windows is to get an inflexible, easy-to-implement installer package and wizard.
So, the ease is there, but the advantage of flexibility lies with Linux/*NIX. I think this is for both a cultural, as well as a technical reason. Normally, Windows users/admins want something thats easy to get up and running, and they don't have a particular desire for real flexibility.
Looking at the PDF linked from the original article, which is actually about RHEL3, not SLES, you can see that they start making the right noises about only installing minimal software for a database server, but when you reach the detail near the end on page 41, you find they have GNOME, KDE, Editors, Graphical Internet, Development Tools, etc. selected. The excuse is no doubt that that's what Oracle list in their "deployment guidelines", but so what. If the approach is to try and install a minimal system, in the face of what the vendors may say you can get away with using, then that's what they should do.
Given the funders of the study, I would expect the SLES study to be equally flawed.
Another potayto-potahto issue is that they go with following the severity risk in Mitre etc., but that doesn't mean that that severity is relevant to their database server installation. Something may be high priority on Linux if it allows a local user to become root, but a database server should not have any old users logging in, nevermind running any old application. In fact the whole class of security issues resulting in improper raising of local user privileges is something that Windows has not really begun to tackle yet, due to not really being a very good multi-user system. They've instead been dealing with the far more serious remote exploits.
So can you compare even "high" priority vulnerabilities on Windows and Linux? I think not.
Of course, the new systems are actually usable, as secure as I can make them, better integrated with the rest of the business environment, and much easier to maintain and expand.
It's easy to do things quickly when you get to skip the planning stage. Ask your stereotypical long-bearded Unix guy to implement web services and you'll be lucky to see the first draft during the same fiscal year - and no amount of pressure will make it happen any faster. Of course, it'll work correctly from the first day and will exceed the total workload of the quick-hack system within the first month, but that doesn't look pretty on this year's financials so a lot of managers aren't interested.
Dewey, what part of this looks like authorities should be involved?
An old rule of advertising used to be, 'never mention your competitor's name'. So with these 'Linux this' and 'Linux that' attacks Microsoft continues to promote Linux.
This attitude of "I'm not going to maintain my servers because I try to compensate for my tiny penis with a long uptime"
Okay, so the parent poster was CLEARLY flamebait. I think that they do have a point - the grandparent poster running "4 red hat 7.3 DNS servers" and "1 red hat 6 machine that lasted 6 years without an OS related reboot" does seem to be emphasizing uptime over security though. Either you take an hour or two to back up your data, set up redundant services, and upgrade according to your schedule, or someone might force you to update at a "less convinient" time.
"What do you think?" "I think 'What, do you think?!'"
Remember all those "yet another local root exploit in the linux kernel" advisories?
What about them? Do you have the faintest clue what that means? I'm guessing not based on your flamebait attitude.
Hint -- in order to make use of a "local root exploit" you have to have access to an account on the box. So unless you can get on the box, the local root exploit is a complete non-issue. Based on the GP post, most of those boxes are well behind a firewall and have either no or limited interaction with the world at large. And while that doesn't mean you can ignore things, it does mean that you can worry more about certain attacks than others. In particular if you keep the external interfaces up to date and use good ID software then your threat level for a local root exploit goes to just about zero.
In fact, you can keep just about everything except the kernel up-to-date and not have to reboot. I wish I could say the same for XP (which has vastly reduced the number of "must reboot" scenarios, but hardly eliminated them).
Remote root exploits are a much bigger issue... and are fortunately quite rare on Linux nowadays. Again, I wish I could say the same for XP.
Actually, Linux hardware support is better than that of Microsoft. Microsoft a low number of device drivers compared to Linux hackers. It is only because Microsoft is well connected to hardware vendors that vendors do free work for microsoft.
As far as Microsoft's installation technical support, it is virtually non-existant, so this blow a hole in Microsoft's statement about superior support.
I upgraded our 3 Debian servers to Sarge "apt-get distro-upgrade" in about 2 hours. With the exception of the mail server we had no significant down time. The mail service was turned off during the upgrade to avoid any errors.
Every one of our WindowsXP machines (no servers) were virtually unusable after the Service pack 2 upgrade for most of a day.
Having to work for a living is the root of all evil.
Days to resolve a vulnerability are dangerous guides. First, a vulnerability has to be reported, then verified. We are dependent upon the vendor (MS, Oracle, etc) to correctly reflect these. However, almost anyone can and does report one for OSS - and that is a good thing.
This is a huge thing, particularly if you rely upon the vendor to acknowledge the vulnerability. There are a lot of vulnerabilities out there that are known (and sometimes even "in the wild") that the vendor refuses to acknowledge for various reasons. Often they'll finally acknowledge it shortly before (or on the day of) having a patch ready for it -- that way they look like they're "on the ball" to management even if the IT geeks know better. This is not a purely MS problem, nor is it unique to commercial/closed-source software, but it certainly seems more prevelant in closed source than open source.
I just do not see a 68% difference anywhere for an experienced admin.
I think this is what it always boils down to -- familiarity with one platform over another. I certainly know how to do certain things in Unix/Linux better than in Windows, and vica versa. That doesn't necessarily mean that Windows is better than Linux for a certain task -- it merely means that I'm more familiar/comfortable with one than the other. And that is a significant factor to base business (or personal) decisions on.
You just copy the files, move a link (guaranteed to be an atomic operation), and any new instances of the program are running the new code.
It's simpler than that, actually, if you don't mind the program being inaccessible for a few milliseconds. You just 'mv' the new file in place of the old one. New instances are running new code, old instances keep running old code. I never said Linux/Unix wasn't *better*, just that Windows wasn't as bad as the other poster made it out to be.
In Windows-land, you need to set locks, twiddle bits, edit the registery, God knows what. Sure, some "wizard" hides all this for you, but it's nothing like the simple equivalent Unix version. What happens if there's a power failure right in the middle of all this, for instance? Or if the computer runs out of RAM or disk? Yeesh. I just wouldn't trust it, no matter what the software author claims.
Actually, if they use the MS installer toolset, the installer will roll back the changes in the event of a power failure or other installation problem.
It's a prototypical Microsoft solution, actually. Compare them:
Of course, some of the added functionality that MS provides, like the system for centrally managing updates of many machines through a simple GUI, really is nice, so it has been implemented for Unix systems as well. But a Unix admin can get a hell of a lot done with nothing more than some shell scripts and ssh, including things that the authors of the fancy GUIs never thought to implement.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Microsoft Products are really easy, I must admit. Even a person not familiar with them, or not so well qualified for the job is capable enough to deploy a working environment.
Unfortunatelly this is a major drawback for us, IT professionals. Microsoft sell the illusion that you don't need to invest on training and qualifing your professionals, you don't need to spend lots of money with highly trained people, with lots of experience. No, no, no, no... just upgrade your Microsoft products to the next great version, and you'll be able to keep you current underpayed employees.
With Linux, on the other hand, you must employ real qualified people, people with experience and that really knows "how stuff works".
Let's face it... most business won't invest on their employees unless they're forced to. And that's what Microsoft is exploring, saying that's cheaper to buy licences, than hire qualified professionals.
---- You know how some doctors have the Messiah complex - they need to save the world? You've got the "Rubik's" complex
Did you guys *read* the paper ? I did as long as I didn't have to vomit.
On Windows they applied some normal patches; while the 'milestones' on Linux included real heavy stuff: upgrading glibc, upgrading mysql. Plus patches.
When I upgrade mysql and glibc I upgrade from W2K to Server2003; so to say.
Serious upgrading and normal patches cannot be compared.
So, to me, it is and remains FUD.
On purpose they would not use a period including an update from W2K to 2003; or XP. Even less one when you migrate Exchange from 5.5 to 2000 or similar.
They feel the pain and now spend some big money to some Herbert, PhD, to invent a useless situation.
Deception.
[ends]
I don't have Word installed on my computer, but if I try to open a .doc file, it starts the installer. Click cancel...and Word opens... Yeah Micro$oft, that's REALLY helpful...