Microsoft Claims Firms 'Hitting a Wall' With Linux

maxifez writes writes to tell us that Microsoft has released yet another independent study downplaying the viability of Linux at the enterprise level. The study claims that Windows is "more consistent, predictable, and easier to manage than Linux." From the article: "The study, commissioned by the software giant from Security Innovation, a provider of application security services, claimed that Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts." Vnunet.com has also provided a PDF of the original report.

Miller Light is claiming Bud Light tastes bad

[CrazyJim1]

How is this news?

Re:Miller Light is claiming Bud Light tastes bad

[StarvingSE]

You say Miller Light tastes like something as if its a good thing...

Re:Miller Light is claiming Bud Light tastes bad

[SeventyBang]

I thought it might be the start of a new campaign.

They're behind schedule for Windows Server 2003 Compute Cluster Edition.

It's been in the news over the previous few days and "rescheduled" for early 2006. Of course, they announced six months ago it would be out now.

They're just reminding everyone they're still in business.


And speaking of Microsoft vs. Linux, a guy at the local SQL Server user group meeting last night insisted it would be in Microsoft's best interest to come out with SQL Server Linux Edition.

I pointed out two things would have to happen first:

1) You'll hear someone point to the sky and say, "It's a bird! It's a plane! It's a pig!"
2) You'll see Bill and Steve walk naked, hand-in-hand, from coast-to-coast.

Translation

[suso]

Here is a translation from babblefish for those that don't read bullshit.

More consistent: It crashes the same way every time I press the start button.
Predictable: It will crash at least once a week
Easy to manage: There aren't any extra settings in the windows to set that confuse people.

With Linux, they couldn't figure out what they needed to press to make it crash and couldn't determine out when it would crash.

forgot the scare quotes

[ChipMonk]

Yet another "independent" study.

Re:forgot the scare quotes

[bhirsch]

And I suppose the pro-Linux studies are more valid?

Re:forgot the scare quotes

[frodo+from+middle+ea]

Well they don't claim to be independent...that's a start.

Re:forgot the scare quotes

[SatanicPuppy]

I think the flood of microsoft biased studies in the last year go a long way toward bolstering linux's claims. If they weren't to some extent true, microsoft wouldn't be trying so hard to discredit them.

I don't know why they bother honestly. My bosses bosses boss recently informed me that we use Microsoft almost exclusively. I just nodded and smiled, because it was easier to do that than explain that even our DESKTOPS are mostly Mac, and our infrastructure is 90% unix (Solaris, linux, bsd). The only people who really read those studies don't know what the hell they're talking about anyway.

I don't give a damn what microsoft's studies say. I've been using unix, linux, and windows for years, and unix and linux have ALWAYS been more reliable. I've got a 250,000 dollar machine hooked up to a brand new Dell box running 2003 that goes down as often as a nickel whore, and I am SICK of hearing from Microsoft that this is just my imagination!

Re:forgot the scare quotes

[superpulpsicle]

"As they attempt to increase business capabilities over time, customers are telling us that they are hitting a wall with Linux" said Martin Taylor, general manager of platform strategy at Microsoft.

I am sorry but this is the most sorry ass downhill marketing I have ever seen. It is like Pepsi hiring a guy to wear a Coca-Cola Tshirt and purposely choking. This guy changed title 3 times in a year. Just a couple months ago he was Microsoft's very own Linux strategist.

Re:forgot the scare quotes

[st1d]

Possibly, as they generally are put together by Linux fans, whereas MS seems destined to buy it's positive studies. From another standpoint, it's one thing to have "educated, well known, and well respected" fans produce a study, and a whole other thing to have to pay good money to get anybody to put their reputation on the line to back your product. As well, Linux studies tend to present considerable supplemental data for others to repeat their studies on their own, whereas MS's studies tend to do little more than announce a vague result the entire IT world is supposed to accept. Part of this is simply because the paid-for study house requires payment for detailed explainations of methods and results, but that's not very convincing (reeks of mail-order scams, to me, at least -- "Send in your money, and we'll make you successful!").

Part of the problem for MS, especially regarding studies, is that they are selling a "one size fits all" solution, whereas Linux allows numerous variations to best achieve your goals. MS is facing a tough battle, trying to convience everyone that they are the best solution for all situations (read as: easy to use for uncaring sheep), yet technically appealing to even the most distinct niche users.

As Mike Warnke once said as the moral of a long story: "If you try to please everyone, you're going to lose your ass." (How's that for an obscure reference?)

Re:forgot the scare quotes

[Danse]

So in other words, the fact that papers attempting to disprove intelligent design are starting to appear means that there's merit to intelligent design?

No, it means the papers attempting to disprove intelligent design are as moronic as those that are supporting it. You can't disprove intelligent design. You can only show that scientific theories adhere to certain rules. Intelligent design doesn't adhere to those rules, adn therefore even qualify as a scientific theory. That's why it should not be taught in a scienc class.

Re:forgot the scare quotes

[cbreaker]

It's not only the fact that some of the Linux claims must be true, but the fact that Microsoft continues to attempt to discredit Linux says one thing: It's a viable alternative to Microsoft.

They put Linux on the radar more and more with every one of these stunts. I'm with you - I really enjoy working with Unix systems. It's not because it's trendy to do so, it's because the Shit Just Works. I don't have to pour through vague event log entries on to fix problems with a clean install, I don't have to have a Microsoft tech come out and live with us for three weeks to address odd AD anomolies, and I don't have to use undocumented features to make something work.

The power of the Linux community simply can't be ignored. If you have a problem with just about anything with any OSS, you can always find a lot of information about it with a quick google search. The same is not true with Windows software - often times I get the dreaded "Sorry, no results found."

Nobody can honestly claim that Microsoft software hasn't improved in the last few years. It's a lot better then how things used to be. Unfortunately for them, it just doesn't matter anymore. They blew it. Linux is here, it's a lot more flexible, and it's not going away. It surrounds Microsoft from all sides (Very high end, embedded, very small (PDA's, cell phones)) and it's only a matter of time before it completely replaces Windows on core desktop and traditionally Windows based server environments.

It goes beyond the generic server arena, though. Have you have the chance to work with VMWare ESX server? It's awesome! Completely Linux based. Not only is the "service console" running Linux, the vmkernel itself is a customized Linux kernel which runs on top of it. VMWare ESX is so nice - you can really see what a Linux system is capable of: powerful, customizable, very easy to use.

That's the way I see it, anyways. And I do primarily Windows server work.

Re:forgot the scare quotes

[oliverthered]

You have to remember, Microsoft's customers use Windows, and it's a hell of a learning curve to go from a Windows GUI admin to a Linux one. I'm not surprised there 'hitting a brick wall' because there already standing at it's foot gazing to the stars.

I tried out Lindows the other day (just for fun) and it didn't setup dhcp on my wireless card, absolutely everything else worked perfectly! To a GUI Microsoft admin this would be like a brick wall, the GUI tool provided by Lindows did't let you setup dhcp from the boot cd, for a linux guy it's just a dhcpdc wlan0 away.

Nice to know

[nizo]

Microsoft products are easier to manage than Linux? On the Linux side, I simply rsync software to all our of workstations. I can even upgrade software people are using right at that moment (like rsyncing the newest thunderbird to /usr/local/thunderbird-1.0.7 while they use the thunderbird in /usr/local/thunderbird-1.0.6, and then moving the /usr/local/bin/thunderbird symbolic link to point to the new version). On the windows side, I wander around bugging people to take an early lunch or whatever while I install/upgrade software on their machine.

Also I am pleased to notice that the "independant company" that spewed out this "commissioned report" (see the microsoft page) lists Microsoft on their partners page, and from what I can tell no one who has even heard of Linux (with the exception of HP). Since it looks like their business depends on selling enhanced security products, I can see why they wouldn't be too keen on having people show an interest in Linux.

Security Innovation designed this study to be repeatable, and we believe that the results are consistent with what customers are experiencing in the real world.

And if I wander over and look at my main Linux file server, I see an uptime of 125 days (it had over a year uptime before I physically had to move the server to a different location). During that time the server's files were available 24/7 with absolutely zero problems. Needless to say we have had way fewer problems with the new Linux server; the old Microsoft server crashed or had to be rebooted on a regular basis; the people before me actually had a planned "weekly reboot every Friday evening". When it came time to replace the Microsoft server, Microsoft didn't fare so well, especially when it came time to pay big piles of $$$ to upgrade it: basically we could have bought two linux file servers for the cost of the Microsoft software upgrade costs alone. Hows that for a real-world example?

Re:Nice to know

[FidelCatsro]

The millions of Zombie PCs can attest to that

Re:Nice to know

[nizo]

I have yet to find a way to upgrade Microsoft Windows packages that people are using at that moment without interrupting their work. By all means if you are aware of one let me know (preferably one that doesn't require any type of Microsoft server and doesn't cost thousands of dollars).

Re:Nice to know

[swillden]

On the Linux side, I simply rsync software to all our of workstations. I can even upgrade software people are using right at that moment (like rsyncing the newest thunderbird to /usr/local/thunderbird-1.0.7 while they use the thunderbird in /usr/local/thunderbird-1.0.6, and then moving the /usr/local/bin/thunderbird symbolic link to point to the new version). On the windows side, I wander around bugging people to take an early lunch or whatever while I install/upgrade software on their machine.

There are plenty of ways in which Unix-style systems are easier to administer than Windows boxes, but this is not one of them. Windows actually has quite decent remote administration tools these days, including a fairly nice infrastructure for performing remote installations. Assuming you add some third party components (or are installing to a server with Terminal Services), ad-hoc remote access is also quite good.

I'm a big fan of Linux (I have seven computers at home; six run Linux, one runs OS X, no Windows, not even a dual-boot), and I'd probably drive a bus before I'd work as a full-time Windows sysadmin, but even I can't let this sort of FUD pass.

I suggest that you learn Windows first, then rant about it. You'll still have plenty to rant about, but you won't look like an idiot doing it.

Re:Nice to know

[Whafro]

You don't put that on a resume... you detail that you performed routine maintenance on a Microsoft server, of course.

Re:Nice to know

[drinkypoo]

Windows actually has quite decent remote administration tools these days, including a fairly nice infrastructure for performing remote installations.

Too bad it doesn't provide a method for replacing in-use executables, nor can you run an executable with a new version of a DLL while the old one is still running because of the way windows handles shared libraries...

Re:Nice to know

[drinkypoo]

No no, you've got it backwards. Microsoft is more predictable - you can predict that Windows will fail early, and often.

Re:Nice to know

Windows actually has quite decent remote administration tools these days, including a fairly nice infrastructure for performing remote installations.

This is true. I remotely administer several Windows machines owned by people I've never met. The Windows infrastructure makes it trivial to remotely install FTP servers that I use to share Warez.

Re:Nice to know

[nizo]

Prior to our migration away from Exchange (and before I arrived), the mail server had failed and it took a week to get it back up and running again. After we had migrated, our linux server failed and I had it back and working in 8 hours (would have been faster but not everything was backed up so I had to recreate config files from scratch :-|) Luckily we had an extra machine in the case of the Linux server. Some people might call that cheating, but what they should realize is we had the extra machine because instead of spending a huge pile of money on upgrading our Microsoft server, we were instead able to spend it on extra hardware. Also it was reeeeeally nice not having to screw with Microsoft licensing while trying to get the mail server up on new hardware. If I had had time to mirror the mailserver on the backup, the restore would have taken minutes, for less than the cost of upgrading the old Microsoft Exchange server.

Re:Nice to know

[JustASlashDotGuy]

Microsoft products are easier to manage than Linux? On the Linux side, I simply rsync software to all
our of workstations. I can even upgrade software people are using right at that moment (like rsyncing
the newest thunderbird to /usr/local/thunderbird-1.0.7 while they use the thunderbird in
/usr/local/thunderbird-1.0.6, and then moving the /usr/local/bin/thunderbird symbolic link to point to
the new version). On the windows side, I wander around bugging people to take an early lunch or
whatever while I install/upgrade software on their machine

Seems aweful combersome either way. I help manage about 1000 end user PCs, I haven't touched a PC
for upgrades in about 4 years. With our setup, if an update needs to be applied, then we simply
write a script to install it and it gets pushed out at logon. For example, if a user happens to be
out of the office of a month and misses 16 updates, then the next time they come in their home office
the script will apply the updates in order and reboot where needed (be it ms patches/updates, adobe
updates, shortcuts, reg changes, or anything else). For those that use Windows, I would strongly
suggest you look at an app called Winbatch.

To me, what make a windows environment easier to manage nowadays is the AD domain infrastructure and
everything that comes with it. For those of you that claim to need to reboot your server every
week.. perhaps the problem is how you have the server config. In one of our offices, we have a 1U
pizza box doing file/print share and acting as a DFS/FRS real time replication hub of a 20 gig share.
We happened to check that server yesterday and it had been up for a year and a half.

I'm betting several people on her try to blame there windows problems on something that's not
windows' fault. For example, for those of you that may run Citrix and have to reboot your server
faily often.... you may want to say 'windows sucks because of it'. Well, not really. You may want
to look at the app you have installed to the machine. Heck, I bets there's "admins" out there that
allow users to have blank PW's or otherwise simple passwords and then blame windows because a hacker
got in using those simple passwords. Oh, and as far as complaining about if you put 200,000 files in
a single directory and then complain that windows puke's when you try to view that directory. Welp..
techinically, that would be a windows problem.. but if I were the boss I would smack around the
admin that's in charge of maintaining file structures standards. What kind of idiot admin would
allow that? I'm smelling either Paper MSCE or 'A+ certified' former compUSA joker.

Oh.. we tried rsynch too at time one, but it didn't work out. It doing byte level changes were
nice, but it doesn't scale well as far as being able to monitor it's activites easily (from 25+
sites), and also is all but useless if your network uses NTFS permissions. For those of you that are
thinking about doing replication via windows (and want to do it on the cheap), check out 'Windows
2003 R2' the new DFRS is nice. I can't wait to convert out FRS structure over to it. (FRSv1 is
file level, uhg).

Oh.. and our network does use linux as well. We have 2 linux boxes doing our virus/spam filter.
There were several times in the past where email got backlogged for hours because the linux boxes
couldn't handle the load. Should I start a ranting about how linux sucks because linux can't handle
the load? No... the problem wasn't linux.. it was the app installed into linux that was causing the
boxes to puke. That problem has since been fixed and now email is running great (so far). We have
since purchases 2 dual AMD 64bitters to replace our email spam/virus scanners. However, we are
having trouble getting them to talk to the EMC SAN. Should I join the over reacting bandwagon and
start s

Re:Nice to know

[swillden]

You just copy the files, move a link (guaranteed to be an atomic operation), and any new instances of the program are running the new code.

It's simpler than that, actually, if you don't mind the program being inaccessible for a few milliseconds. You just 'mv' the new file in place of the old one. New instances are running new code, old instances keep running old code. I never said Linux/Unix wasn't *better*, just that Windows wasn't as bad as the other poster made it out to be.

In Windows-land, you need to set locks, twiddle bits, edit the registery, God knows what. Sure, some "wizard" hides all this for you, but it's nothing like the simple equivalent Unix version. What happens if there's a power failure right in the middle of all this, for instance? Or if the computer runs out of RAM or disk? Yeesh. I just wouldn't trust it, no matter what the software author claims.

Actually, if they use the MS installer toolset, the installer will roll back the changes in the event of a power failure or other installation problem.

It's a prototypical Microsoft solution, actually. Compare them:

• Because Windows has traditionally been usable only from the console, Microsoft had to provide a sophisticated toolset for initiating and managing remote installations.
• There's no difference between local and remote access to a Unix system.

• Because Windows can't replace in-use files, Microsoft provides a system that allows the installer to register changes so they get applied at the next reboot. This registry is pretty sophisticated, and can do the right thing even if the power goes out at a bad moment.
• On Unix, you can replace an in-use file, so you do.

• Because Windows manages most all system configuration in one large, brittle, binary pile, Microsoft's installation system provides automatic rollback support, so that installations can be atomic. Just in case, Microsoft's OSes also provide a "revert to last known good state feature".
• On Unix, configuration info is in many small, human-readable text files, so you just tweak what you need to. If you break it, you can fix it with 'vi'.

Of course, some of the added functionality that MS provides, like the system for centrally managing updates of many machines through a simple GUI, really is nice, so it has been implemented for Unix systems as well. But a Unix admin can get a hell of a lot done with nothing more than some shell scripts and ssh, including things that the authors of the fancy GUIs never thought to implement.

Re:Nice to know

[swillden]

The reason Windows locks an executable file that is in-use is that it uses it as a kind of mini-swap file. If you need to swap part of that binary's code out to disk, windows doesn't - it just forgets it. If it needs that code back in memory, it reads it directly from the file on disk.

All modern Unix-type systems, including Linux, do the same thing. Yes, that means you can have a situation where:

1. Program 'foo' is executed.
2. Program 'foo' is swapped out (or perhaps just never loaded -- application code is paged in on-demand, so if there are big parts that were never executed, they were never loaded).
3. Program 'foo' is deleted, while the process is still running.
4. The running process needs to page in a portion of the deleted file.

What happens? Nothing much. It works just fine. How? Because when I said the program was "deleted" in step three, I wasn't being precise. What really happened was that the program was "unlinked". That removes the directory entry and makes it so no process can create a new reference to the file. But any running processes already have a reference to the file, and the actual file stays in existence until all references (both filesystem references and process references) to it go away.

This holds true for all files, too, not just executables. For example, it's not uncommon for me to start a download then, while the download is running, decide I don't like where it's being written. No problem. I just move it. As long as I'm not moving it to a different file system, the download process doesn't care, because it isn't writing to "/home/shawn/foo.tar.gz", it's writing to "the file handle referencing inode 274327". It doesn't matter a bit if that inode happens to get relinked into a different part of the file system.

No, there's no excuse for this particular bit of Windows braindamage. The Unix solution is better in every way.

Re:Nice to know

[drinkypoo]

think about it for a minute, Unix has the exact same issues with replacing in-use files as Windows does. At some point you have to stop using the old and start using the new, even with Unix, and you cannot delete the old until you've finished using it.

Uh, I think you're the one who needs to think about it. You can delete all links to the file, and while the inodes are not freed until the last reference to the file is closed, the file is for all other intents and purposes deleted. The only discrepancy is in the realm of free space. (Immortalized in the eternal brain teaser, "df vs. du")

Meanwhile, on NT, you can't even delete a file that is in use. You just can't do it! You can't rename it to move it out of the way either, like you [generally] could in DOS and Win9x. Finally, in the case of shared libraries, even if you could, Windows only allows a single instance of a DLL to exist, and the instances are identified with names.

Neither of these problems exist on Unix. Hence, Unix does not have the same problems as NT. Thanks for playing, though.

Re:Nice to know

[Trepalium]

I complained about this once, and someone directed me to a thread from Raymond Chen on his blog which explains the rational behind this design. The basic part of the argument is that there can be intercommunication between components, and replacing one could cause a running program to suddenly malfunction. For an example of this, try an online update of Firefox or Thunderbird without restarting the programs. The program will act very strangly (about window won't work, options may not work, etc) until you restart.

Now, I don't fully agree with his conclusions, because if you take the argument to it's logical conclusion, it's never safe to overwrite a file on the system without a reboot. Microsoft decided to be conservative in their approach to files in-use to protect the user from himself. In the Linux world, the ability to replace files that are in-use does cause some problems. Replacing glibc and/or PAM can cause authentication problems without a restart of certain services. Replacing mozilla products cause some of the problems I mentioned above. Replacing certain Gnome/KDE desktop components can occasionally cause failures to communicate between the old and new version. For every one of these that cause problems, there are dozens more that don't. Letting you replace files for most services (Apache, MySQL, Samba, etc) means you can limit your downtime to seconds rather than tens of minutes. Most desktop apps will continue to run the old version until you actually restart the programs in question.

Raymond Chen's blog is probably one of the best sources of information on why some things are done the way they are in Windows, especially when they seem completely illogical. He talks about why Windows uses Ctrl-Z to end files, complaints about people wanting more ways to hide files, etc. He has some interesting tales to tell, and if you deal with Windows on a regular basis, it can also be quite revealing.

68% of what?

[aborchers]

"Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts"

What the study failed to mention is that 86 per cent of the time to implement was spent convincing the executives and attorneys that using Linux was worth pursuing.

Re:68% of what?

[djbrums]

um, "68% of implementation time" has nothing to do with subsequent uptime. I would agree that implementing a new service on windows is considerably easier if for no other reason than there probably is a single product you can just install. On linux a single service may require cobbling together many different components. Go try and install something as simple as a calendar system in linux....you have to install ldap for authentication, a webserver for web access, the calendar software itself, the postgres database for data, etc. On windows you often just find a single app which does it all. For small to medium sized businesses, cobbling together doesn't make sense.

Re:68% of what?

[Nato_Uno]

"Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts"

That's what you get for actually thinking through what a sane implementation should involve rather than clicking "Install -> OK -> OK -> OK -> OK -> Reboot Now"...

speed

[Janek+Kozicki]

The study claimed that Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts.

yeah, maybe true. But how about maintaining them later, for years, with zero downtime?

Re:speed

[sedyn]

"Most IT guys would rather it take longer to set up, but run smoothly with low maintenance, than to have an easy setup and lots of maintenance."

Nah, most IT people would rather have jobs. Windows will keep the administrators going for years to come. Thanks windows, keep up the bad work!

All true

[hurfy]

Predictable and consistant are not always good ;)

I can predict Windows will consistantly crash more. Not sure how that is a selling point tho ;)

It is fairly easy to manage, just press reboot every now and then. Ok, they probably have that point.

One out of three

[ch-chuck]

Easier to manage I would admit (Once you learn which window does what) but certainly not reliability and dependability, unless you're comparing with a newly released experimental distro.

Warning: possible incongruity detected!

[Trelane]

"We invite other vendors, including Novell, IBM and Red Hat, to repeat their own independent analysis based on Security Innovation's methodology."

Umm, is not "their own independent analysis" rather oxymoronic?

It's all about the criteria.

[khasim]

The key, as always with these "studies", is to find the portion where it deviates from Reality. That is, where it uses some strange definition or where the sysadmins choose some bizarre action.

In this "study", that step into UnReality begins where all systems are required to stay on the same time-line for upgrades.

This means that what would otherwise be a normal upgrade from SLES 8 to SLES 9 instead becomes a strange mix of back-porting patches from SLES 9 to SLES 8. In other examples, the sysadmins are downloading code from the glibc and mysql sites and applying it to those server WITHOUT TESTING. So, over time, the SLES systems become unstable.

Meanwhile, no non-Microsoft supplied code is applied to the Windows boxes.

Of course, the one who commissions the "study" gets to choose the criteria ...

In other news....

[gmuslera]

... an independent study commisioned by the Vatican demostrates that God exist.

It seems to me that

[dheltzel]

Hitting a wall isn't the worst outcome. If you have Windows, you might just crash right on through and go "Splat" on the pavement below.

"In a world without fences and walls, who needs Windows and Gates?"

Predictable, consistent

[SLi]

Interesting. Unpredictability and inconsistency were the reasons why I originally (way back) moved to Linux. I found that with Windows I always had to think about what the developers might have thought when making Windows and how it might try to outguess me this time. It seemed as if Windows applied some heuristic to guess what it was I wanted to do and did that instead of what I told it to do, often without asking me first.

Well

[paranode]

I wouldn't discredit it completely. I think the conclusion is possibly quite true. Microsoft is generally easier and quicker to deploy, but then... what has that gained them over the past 5-10 years? A reputation of horrible security and systems that seem like they were thrown together by monkeys (again, because it is in fact so easy).

Linux may have more implementation overhead but the results, I would argue, are generally superior.

Re:Well

[SCHecklerX]

easier and quicker to deploy? Compared to what? Any shop using, say, redhat enterprise, can deploy a box in a few minutes, including a full lockdown, using kickstart. What similar technology even exists in windowsland?

Re:Well

[Karzz1]

What similar technology even exists in windowsland?
Not to be a MS fanboi, but sysprep works pretty well alongside Ghost.

Re:Well

[Golias]

They are not talking about the time to deploy the server itself.

From the Summary (because who bothers to RTFA anymore?):

"...claimed that Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts..."

That much is probably true. Implementing some new process on a Linux box probably does take a bit longer. But here's the thing: Once it's done, it's done.

I've seen enough gawd-awful in-house software and scripts in Microsoft shops to know better than to be impressed by how much "faster" it is to adapt their shit. If you count all the down-time and set-backs which can happen after implementation, you probably ultimtely save a lot of time by going with a Linux-based enterprise.

But then, I'm not some kick-ass consulting firm which a big astroturfing... er... I mean independent study commission to put in the bank.

Re:Well

[aztracker1]

Well, just a few things, Active Directory is integrated, vs. NDS or other directory services, the fact that file permissions are more fine grained in ntfs vs. unix permissions... the setup wizards for things like IIS configuration leave less time figuring out configuration files, and more time doing the work...

Now, on the flip side, I've seen unix gurus that can configure apache without blinking. And can configure a lot of the security and network settings with ease... network configuration is much more customizable in *nix. Each do have advantages, and disadvantages.. but the ease of use in windows servers is a definative advantage... red hat enterprise servers (as well as suse) are pretty close, and in some areas, getting better.

On broad desktop deployments, SMS is really nice to have... Where MS's tools really shine is on the developer tools, and deployment using windows based servers... Oracle compared to MS' SQL Server, or DB2 isn't a comparison on ease of use/administration. But hey, I like both.. I'm a pretty big fan of PC/FreeBSD and like Linux... I *use* windows though.. I do wish security concerns took more of a front seat though.

Re:Well

[BrookHarty]

Microsoft is generally easier and quicker to deploy, but then

To be fair, you normally choose the OS and Hardware for the job. Microsoft likes to point out OEM boxes that are hard to install linux on, but then, thats like trying to put XP on all those old beige boxes and saying Microsoft sux0rs because of bad driver support.

SSDD.

Re:Well

[metlin]

That much is probably true. Implementing some new process on a Linux box probably does take a bit longer. But here's the thing: Once it's done, it's done.

True, for the most part.

I've seen enough gawd-awful in-house software and scripts in Microsoft shops to know better than to be impressed by how much "faster" it is to adapt their shit. If you count all the down-time and set-backs which can happen after implementation, you probably ultimtely save a lot of time by going with a Linux-based enterprise.

Now I've a bone to pick with this point - the poor quality of code is by Microsoft shops, which is not really Microsoft's fault. I can point you to equally God-awful pieces of code by several "Open Source" shops, if you get my drift.

Sure, Microsoft encourages writing easy code, but don't blame them because some MS shop decided to hire an MCSE/D who learnt to write a few lines of ASP and VB code and called himself a "programmer".

Re:Well

[Golias]

Sure, Microsoft encourages writing easy code, but don't blame them because some MS shop decided to hire an MCSE/D who learnt to write a few lines of ASP and VB code and called himself a "programmer".

But MS is selling their product by telling you that you don't need those expensive, slow-poke engineers to write code for you. Just get a college drop-out who has been fully certified (by us) to whip out a quick VB script in the afternoon, and have it in place by the following morining when you come in to evaluate why your Help Desk budget has been running so high lately.

If following this advice leads to code which costs more time than it saves, I would agree that the blame doesn't lie entirely on Microsoft. It also lies on the CFO who actually bought in to that bullshit.

Re:Well

[FatherOfONe]

Active Directory is integrated but going with any type of directory service makes the overall desgin more complex. Does it help "some" organizations? Yes, but you pretty much have to use AD if you want to use Microsoft. Now could someone please explain to me why Microsoft still uses Domains with AD? Doesn't a true directory service not use Domains? Also can you have two people in different OU's on the same "domain" with the same exact name. Something like
ou=marketing,uid=myLogin
ou=hr,uid=myLogin

with only one server?

NTFS vs Unix file permissions. This use to be true but no longer, read up on ACL's in Linux and Unix, they have been around for a while. I would point to secure Linux and say that Microsoft doesn't have anything that competes in this arena. Granted this is somewhat complex and a lot of shops don't need it.

IIS is easy to configure, but then again using YAST or any of the webmin tools make Linux/UNIX a snap to configure. I would argue it is easier to admin a server with webmin than it is to learn all the Microsoft admin tools.

SMS is finally a decent package for Windows only shops. So is WinInstall and other products.

Oracle VS SQL Server. Oracle is free for one processor, 2GB of RAM and a 4GB database size. It runs on multiple platforms and it's target market is for higher end databases. It can mount XML, TAB delimeted and other files natively as tables. That is very very nice to developers. SQL Server has the DTS stuff. DTS is very nice for moving data around, but not as nice as actually mounting files as tables. Oracles Enterprise manager is very comparable to Microsofts, and at least with Oracles EM you can actually sort data after you view it AND you can see the SQL that is being generated by the query. I will say that the query builder in SQL server is very nice. I can't comment on DB2... All in all I would say that both are very friendly to developers, but one is free for small to mid size shops and one is not.

Now I find the core difference in Windows and Linux is that most shops do a LOT more on one Linux/Unix box than one Windows box. Most Windows shops (ours included), have a Windows server for one specific task, perhaps two tasks. Most Linux and Unix boxes run many different tasks and as such you need far less of them. Perhaps this is just the attitude of Windows users to purchase more servers because they are "cheap" but I can say that every place I have been this is the case. Most Unix/Linux guys you talk to mention two things, their uptime AND the amount of crap that is running on their boxes. Most Windows guys I talk to mention the number of servers they manage. So in short this needs to be factored in as well. This issue may also come from all the DLL hell that has plagued Microsoft for years, or the fact that it was difficult to impossible to run different versions of SQL server on the same box.

You are correct in mentioning security as a major concern. The constant amount of patches and reboots needs to also be factored in. You start to really need tools like SMS when you have 100 to 500 Windows servers that need patched as often as they do. Now if you replace those servers with say 10-20 high end Linux boxes then the need for an SMS type of application starts to diminish. This is not to say that you couldn't use a product like E-Directory and Red Carpet to manage those boxes, but the need isn't as great.

Re:Well

[zariok]

Kickstart - http://www.tldp.org/HOWTO/KickStart-HOWTO.html

Welcome to the new world.

Re:Well

[Wudbaer]

But is this really so different from self-proclaimed college-drop-out "Linux gurus" who whip together sucky and insecure "solutions" in MySQL and PHP using the "powerful open Enterprise OSS LAMP-stack" ? You can write good as well as bad code both on Linux and Windows, and there are more than enough examples for both on both platforms.

Re:Well

[jimmyharris]

I don't have a lot of experience with Windows, but Kickstart is one of the most impressive pieces of Linux software that I've used.

Network PXE boot, enter a configuration file location and sit back while Kickstart configures and partitions your server, downloads and installs all your packages, runs post-installation scripts to install updates and start all your services, and finally reboots your completed server. All without any intervention.

Not to mention that if you ever need to re-deploy that server, or deploy a similar server, you can reuse the configuration file to guarantee the server is identical.

Re:Well

[SilverspurG]

So this explains why on my employer's laptop running WinXP SP2 I have the following problem:

Their login sequence includes loading the AV software and a few network IT notices. Sometimes this works, sometimes it doesn't.

Sometimes the volume icon appears in the tool tray. Sometimes it doesn't. I must then go to the control panels, Sound and Audio Options, disable the tooltray icon, apply, and then re-enable it.

Sometimes the Power Meter icon (userful for battery monitoring on a laptop) appears in the tool tray. Sometimes it doesn't. I must then go to the control panels, Power Monitor, disable the tooltray icon, apply, and then re-enable it.

Sometimes the icon for the automated network backup system appears in the tool tray. Sometimes it doesn't. I don't know how to cycle it if it doesn't appear.

Sometimes the icon for "Add/remove hardware" (aka hotplug) appears in the tool tray. Sometimes it doesn't. I don't know how to cycle it if it doesn't appear.

This is why Linux is both cheaper and better. Some things work and some things don't. But I have never had this "sometimes" bullshit on Linux.

Re:Well

I'm a 14 year experienced developer and didn't graduate from college. I think the bias's lie within the people and not within the infrastructures. The true difference between a good developer and a bad developer is their dedication and not their education. I spent 3 years in college and barely learned anything new. In fact by the time I was out of college most of the crap I was taught was outdated.

I had been programming software since I was 13 years old and maybe I'm an exception, but I run into idiots that make these same stupid comments everyday. I usually end up repairing their shitty code. That's why when developing software you shouldn't jump into any bed. The hardest part for most people is to realize the right tool for the right job. I'm not saying I would deploy a windows server, but I wouldn't deploy a Linux desktop in a work environment.

Re:Well

[rifter]

easier and quicker to deploy? Compared to what? Any shop using, say, redhat enterprise, can deploy a box in a few minutes, including a full lockdown, using kickstart. What similar technology even exists in windowsland?

It's called an unattended installation in windowsland. And they had it before redhat had kickstart. And yes you can apply a full set of patches and if you're wily enough you can get in lockdowns and such. The other people are touting Ghost because that is much more often the method used to deploy servers. This is because most of the things that make a windows machine useful are not and cannot be distributed with the operating system, even when they are free-as-in-beer things like acrobat or compression programs.

Ghost essentially does what dd does, with a few extra things thrown in that make it worth buying, like allowing you to change sids, compressing the images, etc, etc.. and it's an off the shelf product that works whereas to come up with an equivalent solution with free tools there would definitely be some cobbling to do..

But essentially kickstart == unattend.txt done the right way.

Re:Well

[einhverfr]

But is this really so different from self-proclaimed college-drop-out "Linux gurus" who whip together sucky and insecure "solutions" in MySQL and PHP using the "powerful open Enterprise OSS LAMP-stack" ? You can write good as well as bad code both on Linux and Windows, and there are more than enough examples for both on both platforms.

True.

But there are inherent differences that should not be overlooked.

Windows is not particuarly scriptable in the way that Linux is. Yes, you can do some basic things, but it is not a toolkit. It is a set of large blocks and if you want to put them together a certain way, you have to do real programming.

On Linux, one can often string a large number of components together with very light-weight scripting (i.e. nothing more than simple system commands and not even using anything as complex as sed of awk).

This study mostly whines about Linux being unsupportable. Given how frequently it is used in ecommerce apps, how likely is this? On average I have found that I can impliment new features *faster* on Linux than I can on Windows.

I was very disappointed in this study. The GetThe"Facts" campaign is actually going down hill when they have gone froms sponsoring surveys (as in the IDC document) to sponsoring simulations (as in this one). Well, at least they are up front with their bad methodology.

No suprises!

[MoogMan]

$someone_influenced_by_microsoft claimed that Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts.

Well, I'm not suprised - They're probably busy reading slashdot half of the time.

Honest?

[serveron]

M$ paid the Yankee Group http://www.yankeegroup.com/ to do research on the subject. From the Yankee site: "At the crossroads of opportunity and technology, Yankee Group Consulting provides customized solutions to help companies achieve success. ... that result in growth, leadership and profit. " Would they be honest about it, if Linux was as fast or faster? No, they say what their client wants to hear, resulting in publicity on /.

My servers . . .

[milkmood]

According to Netcraft:

My Websites Hosted on Linux:
Last Reboot: 468 days
Last Reboot: 331 days
Last Reboot: 664 days

Other of My Websites Hosted on Windows:
Last Reboot: 3 days
Last Reboot: 9 days
Last Reboot: 11 days

Customers wanting to switch from Windows to Linux: 3

99.999% Uptime and 50% happy customers: Priceless

CP

Re:My servers . . .

[dtfinch]

I think my XP Home desktop has been up longer than your Windows servers. But my experience is pretty much the same. Our Windows 2003 server wants to reboot any time updates are installed. Our Linux machines generally boot up the day they're born and shut down when their hardware fails. Services can be patched with less than a second of downtime. An exception is that we just upgraded all the hard drives in our file servers, reinstalling the latest CentOS on each, but I managed to do it with zero downtime.

Re:My servers . . .

[milkmood]

HA! Classic. What they fail to mention is that certain exploits have to wait for reboot before they can take effect. The fewer reboots, the longer an attacker has to wait to get what he wants.

Re:My servers . . .

[Malor]

Thank god you're not using the 2.6 kernel, eh?

I don't have the stats handy, but there have been a tremendous number of "oops!" patches to the, ahem, "stable version" of Linux in the last year. For instance, you may remember 2.6.14, the most recent release? That broke traceroute.

It looks like 2.4 had a patch released today, as well... 2.4.32 has today's date on the tarfile.

98% of MSFT Funded Studies Favor MSFT!

[HangingChad]

This headline just in from the really, really obvious department.

How pathetic is it when the only people who say nice things about you are the people you PAY to say nice things about you? That's like paying people to be your friend.

MSFT has the best friends money can buy.

oh yes...

[Tom]

Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts.

They forgot to mention that 67.3% of the windos counterparts did not solve the problem at all because they did not know of a vendor who had the software available, and those were not included in the statistics. Also, 23.1% of the windos projects were ten times over budget. 17.5% of the windos projects were fast, but in violation of on average 7 EULAs and 3 other license agreements. 55% of the Linux projects were slowed down by the requirement that no Free or Open Source software could be used, while 15.8% were limited by the requirement that no non-microsoft software could be employed, and Wine was specifically disallowed. Also, 97.5% of statistics are made up on the spot, including 87.3% of those who are conducted by so-called "independent institutes" for lots of money. Finally, 99.87% of studies paid for by someone surprisingly reveal exactly what the customer asked for.

Re:oh yes...

[dzelenka]

Let's say that Microsoft funded many fair and impartial studies and, let's say, 5% came to a pro-Microsoft conclusion. Which findings get published and advertised by Microsoft? Does that make the published findings unfair or impartial?

I'm not picking sides, but everyone is picking on the independent institute. Maybe they are independent.

ARGH!

[ploafmaster+general]

Miscellaneous anti-Windows/Linux argument!!!!

I don't get it

[krgallagher]

The article says:

"The study compared two teams of experienced IT administrators running Windows Server 2000 and Novell SUSE Enterprise Linux 8, then monitored their progress as they upgraded to Windows Server 2003 and Novell SUSE Enterprise Linux 9."

But the PDF says:

"Specifically, for the database server role, we considered three configurations; Microsoft SQL Server 2000 on Windows Server 2003, Oracle 10g on Red Hat Enterprise Linux 3 and MySQL on Red Hat Enterprise Linux 3. In order to produce a meaningful comparison of platforms, the systems studied were manually installed and their configurations were verified."

Red Hat Enterprise Linux 3 is the only Linux distribution listed in the PDF. Also the fact that "the systems studied were manually installed" is probably why the upgrade was problematic. If you want your upgrade to be easy, install from the distribution, not manually. I also wonder why they did not test MySQL and Oracle 10g on windows. There are windows versions of these software packages. When you are comparing systems running different software, you are not just doing an OS comparison. You are also comparing the software packages. They might just as well have compared Red Hat Enterprise Linux 3 running Oracle 10g to Windows Server 2003 running Microsoft Access 2003.

Re:I don't get it

[rpdillon]

There are actually a few errors, unless I'm gravely mistaken. First, the article talks about SUSE when the .pdf only mentioned RHEL3 in any meaningful way. You've already mentioned this.

Also, I never found any mention the 68% figure quoted in the article. In fact, there is no mention of the subject of upgrading in support of business needs at all; it deals only with deployment/use of a database server. Not to mentioned that the Windows system in the study is Server 2003, not Windows 2000, as is mentioned in the article.

In fact, now that I think about it, they MUST have linked to the wrong .pdf, because the study I read (linked above AND in the original article) have nothing to do with the statsitics quoted. (The link I followed is here.) Further, the .pdf was written in June 2005, but the article is from November...something is up...

Looking at the Microsoft site, they make no mention of those statistics either in regards to the linked report. Their summary page is here and links back to the study the article links to.

In fact, I did several google searches (and MS searches!) to try to find ANY study in the Microsoft whitepapers section that has any mention of upgrading from SUSE Linux 8 to 9, or a mention of "hitting the wall", or a mentioned on Linux taking 68% longer than Windows to upgrade to suit business needs. I found no results. In fact, there was only one result on the entire Microsoft site regarding SUSE Enterprise Linux 9, and it wasn't relevent. Oh, and Vnunet didn't provide a copy of the report as the submitter states...that link goes back to an (incorrect) page at Microsoft.

In short, can I read the study that this article is talking about? I'm curious to see what it says... =)

No, THIS is the babelfish translation:

[Ozymand+E.+Us]

More consistent: it does, start button I press, same way crash.
Predictable: A week crash will once it at least.
Easy to manage: Extra Windows settings to confuse people it will, arent there?

Maybe its time for a change...

[dbolger]

I've been using Fedora for a long time now, but this report has given me some doubts. In the interests of fairness, I should probably give this "Windows" a go. Sourceforge doesn't seem to have anything - does anybody know where I can download it for comparison? ;P

Re:Pot and Kettle... but...

[TetryonX]

Expressing the problems to the public will actually get them fixed. Why do you think bugs get fixed in Windows? Trust me- it's not Microsoft's good will. It's the customers bitching at them to fix the problems. Likewise happens with open source, except if you have the expertise to do it, fix it yourself and commit the patch. If the maintainers like it, everyone else who has hit your problems will feel the joy of someone fixing a common annoyance. If you can't fix it yourself, submit the idea to the forums or mailing list that is associated with the problem. Someone might fix it for you.

However, if you are just going to sit there and bitch to yourself about the problem but do nothing about it, that includes not even informing people that there is in fact a problem, you have no right to complain. You didn't try.

Proprietary (but for Linux):
I bitched for months to ATI repeatedly to get them to get suspend/resume to at least work a little and to make the video card stop sapping the power of my laptop like a vampire.
ATI 8.10.16: Initial suspend and resume support and power management. Huzzah!

yes, more consistent and predictable...

[gyratedotorg]

our exchange server "consistently and predictably" crashes every weekend.

"Linux administrators took 68 per cent longer"

Tell that to Google, MS.

Actually, it does.

[khasim]

Weekly reboots.

Get a copy of Win2K3 on your box. Create a directory that's 3 directories below the root.

Put 200,000 files in that directory (size of each file does not matter).

Now, watch the application that reads and writes files to that directory get slower and slower over time. Until you need to reboot the box.

For an instant problem, open that directory in Explorer. All of your processor speed will be eaten by the "system" process. Even after you close Explorer. Rebooting is the only thing that will clear the problem.

Re:Actually, it does.

[SatanicPuppy]

Yea, I've got a win2k3 box hooked up as a Raster Image Processor...Basically it processes a binary image, makes it suitable for highrez film printing, does color separation, stuff like that. It takes a moderate amount of traffic, and needs to be rebooted at least once a week. Sometimes it goes into crash cycles on Fridays when the traffic is highest, and needs to be rebooted hourly.

I've got three antiquated Solaris boxes running older versions of the same software, and taking MORE traffic, that need to be rebooted about once a month.

I've gotta say, the software must be brutal because I've never had a Solaris machine have that many problems. Even so, Windows shows it's true colors as usual. On new hardware, with new software and all the patches, it's much less reliable than much older machines running a better os.

Let me tell you our "independant study"

[porkThreeWays]

4 red hat 7.3 DNS servers. Have never required a reboot since installation.
1 red hat 6 machine that lasted 6 years without an OS related reboot (the hardware started to give and the box had to be decommissioned)
1 database/web server running SLES 8 has gone over a year and a half without a reboot.
1 webserver running debian stable no reboot since installation
1 proxy server running SLES 9 w/ squid that was set up in under a 1/2 hour under emergency conditions (old proxy hardware died unexpectedly) running 20 days under extremely heavy load until new server came in.
1 database server running SLES 8. A year since last reboot.
And those are all the ancient boxes. We've got many more linux boxen that are too new to have aquired a long uptime.
From the article:
experiencing significant reliability issues resulting in higher total cost of ownership
*shrug* I've had none of these issues they speak of. All of our installs are quick, stable and long lasting. In fact, I've never had a production upgrade break anything, and never had an install take longer than a couple of hours in even the most complex of setups.

This whole "get the facts" campaign is just silly. I don't know why they keep on with it. I've been working with Linux for years and never run into any of the problems they have "documented".

Hey Balmer, want an anecdotal story of Windows breaking? Our mapping department had a Windows 2000 installation with their mapping software. One day it just breaks. 5 people standing around the box scratching our heads. No one had any clue why. Random reboots, blue screens, the whole works. We reinstall many times. Nothing. Do all the upgrades, patches and fixes. Nothing. Sounds like hardware, right? Nope. Upgraded to 2003 and worked fine since.
The fact that the box could have run 2 years without major issue then break out of nowhere with 5 very smart people trying to solve the issue and can't makes me wonder.

Get the real facts.

Wow, what a pointless stat.

[Proteus]

Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts.

And how long maintaining them afterward? How many flaws or deviations did their implementations have? How maintainable were the implementations?

I'm not saying that Windows automatically leads to that type of thing, but saying "hey, the implementation was done faster" is the most meaningless of statistics. I've had experiences where I took longer to implement a solution on the same platform as a competitor, but my solution was more complete, more fault-tolerant, and future changes took about a third as long. Which was the better solution? I suppose that depends on whether fast or good is more important.

This whole thing is a quantitative analysis without any consideration of qualitative differences, making it pointless as a basis for reasonable discussion.

This is why Microsoft gets accused of FUD: instead of comprehensively making their point about where Windows is a better choice than Linux, they produce pointless "flashy" studies like this that provide no real argument.

Page 25 of their whitepaper.

[khasim]

Where did you find that information? The PDF at the website seems to be a completely different study.

The problems start at page 25. Here's the beginning:

For SLES 8, all required and recommended security patches were applied to the system. The same criteria was applied for Windows patches. These patches were applied in 1 month increments to the system. On the SuSE side, during the one year period under study, patches were released for the core components from multiple sources spanning package developers, individual contributors in the open source community, individuals and corporations. In this analysis, we only consider those patches issued by the operating system vendor (Novell/SuSE). From an enterprise management standpoint, this is the most common scenario given that the chief benefits of using an enterprise Linux distribution is the compatibility testing done by that Linux vendor on patches and the support extended to administrators. By going outside this channel for patches, both benefits are forfeited. In the period from July 1st, 2004 to June 30th 2005 there were 187 patches that were applied to the system. Of these patches, 13 affected the kernel. While kernel patches did not require an immediate reboot during installation, the majority of them need a system restart to immunize the system against a specific vulnerability. In general, patch application on SuSE proceeded well and most patches installed without error or conflict. Beginning at Milestone 1 however, some upgraded components were out of support from SLES 8 and updates for those components had to be obtained from the package distribution sites. As of Milestone 1, MySQL patches were obtained from the MySQL distribution site and as of milestone 2, glibc and directly related packages were maintained through manually applying SLES 9 patches. 3rd party component installations were performed according to the installation procedures specified by those vendors.

Whitepaper location:
http://www.securityinnovation.com/reliability.shtm l

LOL WINDOWS CRASHES

[Mancat]

My 2000 Advanced Server uptime:

C:\Documents and Settings\wysoft>uptime office
\\office has been up for: 121 day(s), 0 hour(s), 39 minute(s), 23 second(s)

Estimate based on last boot record in the event log.
See UPTIME /help for more detail.

Bite it.

Re:LOL WINDOWS CRASHES

[psbrogna]

Is this your MS uptime server or does it actually have a collateral duty? Many of us our curious.

Re:LOL WINDOWS CRASHES

[psbrogna]

My sincere apologies for misrepresenting. I took a liberty for the sake of sarcasm at the poster's expense.

Does advanced server not have to be rebooted for updates? Or is this noob running an outdated (read vulnerable peach ready for plucking) Windows server?

Re:LOL WINDOWS CRASHES

[Hymer]

I am sorry for you... especially if you REALLY think that 4 months of uptime is much for a server... I've (my place of work) got 5 AlphaServers with Tru64 wich has run for 3 years (that is OVER 1000 days) without a reboot... and that is considered NORMAL in UNIX/Linux, NetWare, Vax, AS/400 and S/390 environments...
--
anything is better than Windows... well allmost anything...

Hogwash

[misleb]

Hogwash. It is easy to install software on a Windows user's PC while they are using it.

1) Package the software as spyware.
2) Upload it somewhere on the internet. Anywhere. Doesn't matter where.
3) It will inevitably find its way to all the Windows computers in your office within 20 minutes.
5) Profit!

If you are worried about the wrong people getting your software, add something to the package that detects the identity of the host and have it delete itself if not in your office.

-matthew

Re:68 per cent longer

[funkelectric]

68 per cent longer

This reminds of certain types of spam I get

In summary...

[mikael]

According to the article they compared the following platforms:

Windows Server 2003 with SQL Server 2000
Red Hat Enterprise 3 with Oracle 10g
Red Hat Enterprise 3 with MySQL 3.23

They measure two items:

(1) The number of vulnerabilites reported over a period of time and
(2) The average number of days of risk

For each platform they record the number of security advisories reported
for the kernel, libraries and all related applications. These include
all low, medium and high risk reports.

The time period was between March 1 2004 and February 28, 2005, and only
included those vulnerabilities fixed in this period.

Unfortunately, they don't go into the exact details of each advisory.
But here is the summary count:

Windows = 63 (16 Internet Explorer)
RHEL/Oracle = 207 (Linux kernel = 38, Oracle = 30)
RHEL/SQL = 116

They then count the number of days until each security risk (low/medium/high) was fixed.
These get accumulated and then divided by the number of reports filed to give the
average number of days at risk:

Windows = 31.98
RHEL/Oracle = 38.73
RHEL/MySQL = 61.64

Obvious there is a bias here, as they don't explicitly list the security advisories listed,
and this is based entirely on the number of components that are considered to be needed for
each server.

windows not production for java apps

[texas_mustang]

We're finding it very difficult use java with Windows in a production environment. We can't get a heap larger than 1GB without jumping through hoops. Even then, getting 1.5GB is about as good as it gets. For an application server environment with multiple integration points, this just isn't enough. On Linux or Solaris I can get just under 4GB just by flipping a switch. To get the 1.5GB or closer to 2GB on windows, you've got to disable all kinds of services and just hope you can get a contiguous region large enough.

Independent ...

[Savage-Rabbit]

... is a relative term I could compile a report like this demonstrating that Linux admins take 68% longer to perform a set of cherry picked tasks you can do alot faster on a Windows machine that has a nice easy to use GUI management tool specially designed to do those same tasks. I could also demonstrate to you that Windows admins take 68% longer to perform certain cherry picked tasks because those same Windows GUI management tools (Windows command line tools tend to suck ass) simply don't enable you to perform those tasks as efficiently as you can by doing them with shell/perl scripts on the Linux command line. Comparing Windows to Linux/Unix is to some extent akin to comparing cats and dogs. The design philosophies of Linux/Unix are fundamentally different from those of Windows. The former are meant to be more flexible and targeted at better educated operators while Windows seems to be geared firstly towards corporations who want something that a relatively low skilled person, preferably without a high level of education (and thus a lower salary), can easily administrate and secondly it is geared towards the mostly clueless average consumer. Then there is OS.X which does an admirable job of being just as easy, if not easyer to use than Windows, (while still being more secure) but it still has all the power of Linux/Unix making it a nice compromise.

Here's the link for the REAL pdf.

[khasim]

The link posted in the story is not correct.

Just click through and don't give them any info. You can still download it.

http://www.securityinnovation.com/reliability.shtm l

Claims of security

[porkThreeWays]

In the PDF speaking about RHEL 4 including selinux compared to RHEL 3 which doesn't have selinux...

"The data indicated does not seem to indicate drastic security vulnerability improvement for RHEL 4"

I usually don't get pissed off about these Microsoft studies, but this is more than FUD. It's a lie. They compared the security patches for RHEL 3 and 4 over a 2 1/2 month perdiod. RHEL 4 had more. They indicate that selinux did not make RHEL 4 more secure. The point of selinux isn't to lessen the number of security advisories. IT'S ANOTHER FUCKING LAYER OF SECURITY. It's akin to a firewall or antivirus. It's exactly like saying "the month after microsoft released Windows defender, 38 new viruses were detected in the wild. The month before only 30 new viruses were found in the wild. Windows defender seems to have little effect on spyware and viruses." There's no connection. selinux would make it so a vulnerable piece of software would have a harder time being exploited and an even harder time getting total system control. A hole is a hole. Whether or not it is easily exploited or not doesn't matter. It needs to be patched regardless. If sendmail has a buffer overflow that selinux is able to mitigate, sendmail still needs to be patched. Whether or not they will be able to successfully exploit it is another question. It doesn't stop the fact that sendmail has a buff overflow.

You'd think a "professional" security agency would have more sense than that, but aparently not.

k thx get the lies campaign.

Actually that sounds a little generous...

[eno2001]

A few years ago (admittedly my Linux knowledge wasn't what it is today) I set up a dual boot system for my girlfriend. Windows 98 and Redhat 7. It took me 6 hours to get Windows 98 installed and configured with all the apps she needed (MP3 ripper, VNC server, MP3 player, IE, Outlook Express and her dial-up connector). I also took the time to set up a custom Quick Launch bar with simple one click access to applications so it really worked a lot more like an applicance for her. It took me 6 DAYS to get Redhat configured to do the same things and a host of extra things that I couldn't afford to set up in Windows. However, when I tallied up the cost of software to do the same exact things in Windows, I was looking at about $6000 for software alone.

On top of that, the Redhat installation ticked along for four years solid with not a glitch other than an occasional fsck due to a power outage. The Windows installation needed to be fixed and re-installed at least 35 times in that same period of time. And Windows still didn't have all the functionality that the Redhat install did. She ditched Windows once it was no longer a work requirement. She's now my wife and we have several Linux boxes (she's no techie) and one XP box that only I use for the occasional video editing foray. (I've recently rediscovered Cinelerra and will likely be losing the XP box within the next year)

The point here is which would you rather have your admins doing? Spending all their time fixing ailing boxes with multiple occurences of downtime over the years? Or... spending a longer period of time getting it "right" and not having to do much with it due to the LACK of downtime for the box? I think Microsoft loses yet again.

PDF does not match Article

[knarfling]

Has anyone else noticed that the PDF of the "original report" has nothing to do with the study listed in the article? The article mentions upgrading from one version of the OS to another, while the PDF compares vulnerabilities using different database programs.

In addition the article mentions upgrading SUSE Enterprise 8 to SUSE Enterprise 9 while the PDF talks about using RED HAT EL 3 using MySQL or Oracle. The PDF further states that RH was used because is the "current leading distribution." If it is the current leading distribution, why wasn't it used in the other study as well? Why weren't both used in both studies?

I took the time to look at the PDF because I was curious what the "new business requirements" were. Was it simply the time it took to update to the next OS, or were there other requirements such as installing MS Exchange? If the requirement included specific software, which software was used and why?

I'll bite

[Vainglorious+Coward]

[Linux uptimes : 468, 331, 664 ; Windows uptimes : 3, 9, 11]

My work machine and home machine both have better uptimes. And I've seen (laid my hands upon) windows servers with uptimes orders of magnitudes higher.

Better than his Windows uptimes, or his Linux uptimes? Even if it's the latter (and I doubt that, see below), all that says is that you never apply updates to Windows. So you never update, yet you have the temerity to question his "fucking" windows admin skills?

As to "orders of magnitudes" higher uptime, that means at least one hundred times better - I am quite confident neither you nor anybody else has ever seen a Windows server with *tens of thousands* of days of uptime.

Maybe you should change your nick to everphullofshitski ?

vnunet screwed up the pdf linkage

[TubeSteak]

I don't know if you RTFA, but I did...
then I looked at the linked PDF and got confused,
because that PDF is about database security.

The correct Link:
MS Summary Page
The PDF

[Your Complaint About /. Editors Here]

Re:Fanboi ALERT

[justsomebody]

Now simply answer this. When did MS provided Ghost with install CD?

And yes it is easier with kickstart than ghost.
You still have to change names, ip, etc... Kickstart option can be selective. Ghost not.

That alone makes study null

[porkThreeWays]

I read that too and was shocked. Basically, they are rating the reliability of SLES 8 and 9 and RHEL 3 and 4 and custimizing it to the point where red hat and suse probably wouldn't support you anymore. Compiling your own MySQL you could get away with if it weren't a mysql related issue (however in this case since it's a database study it's very important). But Glibc!?!?! You have to be kidding me. Almost everything on a system depends on glibc and is arguably one of the most tested components on a system. Compiling your own Glibc on a whim would void any support you have with those companies. If done incorrectly it could render your system completely unusable.

Bad Science

[Kefaa]

They had a year to study this and came up with some unusual metrics to say the least. For those who did not read the 44 pages of PDF, let me summarize some of my observations:
  - They appear to be more comfortable with Windows than Linux. There is nothing wrong with that except they do not account for it in the time to complete tasks.
  - They compared a Windows box running MS SS against two versions of Red Hat running MySQL and Oracle. That the did not use the same data bases on both OS slants the numbers from the start. Even if they wanted to avoid MySQL, they could have selected an Oracle installation.
  - They counted vulnerabilities at the component level. So a shared library that had a vulnerability, but was used by both the installed OS and the database is counted twice. One used by the OS, the GUI, and the database, three times, etc. They state this is fair, but this would automatically penalize a Linux distribution because MS does not get counted twice in any case.
  - The Red Hat installations were done manually and minimal installations. They then had problems, and make commentary on the difficulty of the upgrades. I would be very interested in the detail of what they did for the install. This appears to be a self-inflicted wound claiming to be otherwise.
  - They make an big deal about what ports are open in the default installation. They comment that MS continues to allow MSUpdate, a good thing, but that Linux left the port for up2date open, a bad thing. Again, as a minimalist install they should have secured the ports, but that is dumb argument regardless. Admins who leave a machine wide open deserved to be fired. Because MS now ships theirs with everything closed is a side effect of the number of complaints about bad admins leaving the server in its out of the box state.
  - Days to resolve a vulnerability are dangerous guides. First, a vulnerability has to be reported, then verified. We are dependent upon the vendor (MS, Oracle, etc) to correctly reflect these. However, almost anyone can and does report one for OSS - and that is a good thing.

In general, they speak of vulnerabilities and the ability to respond to business requests. I would like to see the requests they specifically refer to. While 68% sounds like a lot, is it the difference between 12 and 26 seconds? I just cannot see in my day to day activities it taking me more than half again as long to do anything and it is far less to image entire boxes. I wonder if this is a familiarity thing.

It is really time someone from RedHat or SUSE took a study like this and dissected it for a comparison 1:1 with MS. None of this it counts twice or differing databases garbage, a real compare. The top 20 tasks an admin will perform in a year. If we loose at least we know what to focus our energies upon. (What does not kill us, makes us stronger)

Supporting a mixed (Windows/Linux/Solaris) environment, I just do not see a 68% difference anywhere for an experienced admin.

Re:Bad Science

[Zathrus]

Days to resolve a vulnerability are dangerous guides. First, a vulnerability has to be reported, then verified. We are dependent upon the vendor (MS, Oracle, etc) to correctly reflect these. However, almost anyone can and does report one for OSS - and that is a good thing.

This is a huge thing, particularly if you rely upon the vendor to acknowledge the vulnerability. There are a lot of vulnerabilities out there that are known (and sometimes even "in the wild") that the vendor refuses to acknowledge for various reasons. Often they'll finally acknowledge it shortly before (or on the day of) having a patch ready for it -- that way they look like they're "on the ball" to management even if the IT geeks know better. This is not a purely MS problem, nor is it unique to commercial/closed-source software, but it certainly seems more prevelant in closed source than open source.

I just do not see a 68% difference anywhere for an experienced admin.

I think this is what it always boils down to -- familiarity with one platform over another. I certainly know how to do certain things in Unix/Linux better than in Windows, and vica versa. That doesn't necessarily mean that Windows is better than Linux for a certain task -- it merely means that I'm more familiar/comfortable with one than the other. And that is a significant factor to base business (or personal) decisions on.

OMFGROFLMFAO!!

[v3xt0r]

I love MS fud, it makes me literally LOL @ work (every day), and when all the .NET lamors that I work with here look at me and wonder why I am LOL'ing, instead of running around in circles trying to fix things (every day) like they do, I just look at them, point at my trusty linux cube goodies, and LOL even more. OMFGROFLMFAO

Seriously, though, Windows is good for morons. The last thing I want to see is the amount of spyware or viruses that affect windows, start affecting linux because of a large (lamor) user base.

Dumb People use MSN or AOL
Smart People use Google (or Yahoo, lol)

Dumb People use Windows
Smart People use Linux/Unix
Rich People use Mac

Long-Term Mission Critical Servers run on Linux/Unix.
Short-Term 'get the job done yesterday, who cares if it works tomorrow' Server run on Windows.

These are just my opinions, you can mod me, agree with me, or dis-agree with me, I really could care less what you do.

Peace!

don't bite the hand that feeds you.

[nubbie]

FTA:
Acknowledgements

This study and our analysis were funded under a research contract from Microsoft

o_0

Windows isn't as bad as many think

[Ontain]

Is it just me or are others sick of hearing about so called admins having really stable linux systems but thier windows systems always crash. There are PLENTY of windows server environments that don't crash, have AD configured right so that clients can't do stupid things, have automated features for antivirus/update/install roll outs. you just have to know what programs you need and how to use them, just like with linux. if your server is always crashing then you are a horrible admin or you installed bad 3rd party software. If your clients are always crashing then you didn't setup AD correctly or installed bad 3rd party software. I don't doubt that linux works well for many things. (though the thought of running servers with kde or gnome on is shocking) it love testing new linux distros too but you have to say that sometimes it's a pain to do things in linux that are easy to do in windows. support for hardware has gotten better but it's no where are good as windows. sure linux is better for somethings too but we all know this article isn't going to focus on that. let it rest at that instead of just showing us how badly you suck at being a windows admin.

Re:Windows isn't as bad as many think

[cyberscan]

Actually, Linux hardware support is better than that of Microsoft. Microsoft a low number of device drivers compared to Linux hackers. It is only because Microsoft is well connected to hardware vendors that vendors do free work for microsoft.

As far as Microsoft's installation technical support, it is virtually non-existant, so this blow a hole in Microsoft's statement about superior support.

My biggest problem with this article. . .

[MikeDawg]

My biggest problem with the article is the claim to "predictability and consistency". They probably haven't seen any of the past 20 AD implementations. I have seen AD, Windows 2000, and Windows 2003 show extreme unpredictability and terrible consistency. I have seen some crazy GPO get applied to users out of the blue, and I've seen some of the craziest errors ever. I think linux has the predictability and consistency, however, there is a little bit of upkeep required and a little more well trained tech staff, but hey, you get what you pay for. Deal with it.

End of year fear mongering!

[dindi]

Interesting how these experts always bring up all that shit over and overjust before the end of the year ...

does it have to do something about closing next years budget plans in e.g. US companies of a certain size ?

Windows is superior, Linux sucks ... soo tired of it seriously ... then 10 more articles appear: no windows sucks, no linux sucks ....

Linux took 68 percent longer to implement.... it was more secure, and did not have hours of downtime, and had instant patches, but hey bill send me the check and we don't write about that .. oh we are an application security firm and we want to sell you security software for every powerhouse that sits on every secretary's desk... it is really needed there ...

Bored of it....
Probably I will be flamed to hell by various windows admins... and maybe they are right, I am more bored of the subject itself than the always biased "facts in them" ...
It is like 2 kids in the sandbox fighting over who's dad is stronger.....

The sad thing is that companies actually read these, and then make decisions,

One company I was in contact with was pretty open about it: we sell the solution which costs more and the one we can charge more for service costs..... in fact we try to sell Linux + Windows + some proprietary crap, in case they have an admin for some we have a fair chance of billing them for the other .....

Oooh, I better go back and work, my real point was: are these effecting "end of the year" decisions and does anyone think that is a systematical way to purchase a few more boxed windows cds or servers in the last minute?

One virus outbreak

[AppyPappy]

One virus outbreak completely flushes the study. I had a virus get into a Windows 2000 server and it worked me to death. That doesn't count what happens if the virus propogates through the network from my server. Explain that to your boss, especially is a VP was the one who infected the system because the boss insisted he have manly rights "just in case".

True, but

[hkb]

It's true, generally it's a lot less timeconsuming to implement project requirements in Windows, as opposed to Linux. But, I've also found it's true that it's much easier to make future changes, tweaks, etc using Linux. The norm in Windows is to get an inflexible, easy-to-implement installer package and wizard.

So, the ease is there, but the advantage of flexibility lies with Linux/*NIX. I think this is for both a cultural, as well as a technical reason. Normally, Windows users/admins want something thats easy to get up and running, and they don't have a particular desire for real flexibility.

More patches? More software!

[jifl]

"Security Innovation also claimed that the Novell SLES infrastructure required 4.79 times the number of patches."

Looking at the PDF linked from the original article, which is actually about RHEL3, not SLES, you can see that they start making the right noises about only installing minimal software for a database server, but when you reach the detail near the end on page 41, you find they have GNOME, KDE, Editors, Graphical Internet, Development Tools, etc. selected. The excuse is no doubt that that's what Oracle list in their "deployment guidelines", but so what. If the approach is to try and install a minimal system, in the face of what the vendors may say you can get away with using, then that's what they should do.

Given the funders of the study, I would expect the SLES study to be equally flawed.

Another potayto-potahto issue is that they go with following the severity risk in Mitre etc., but that doesn't mean that that severity is relevant to their database server installation. Something may be high priority on Linux if it allows a local user to become root, but a database server should not have any old users logging in, nevermind running any old application. In fact the whole class of security issues resulting in improper raising of local user privileges is something that Windows has not really begun to tackle yet, due to not really being a very good multi-user system. They've instead been dealing with the far more serious remote exploits.

So can you compare even "high" priority vulnerabilities on Windows and Linux? I think not.

What they say, what they mean

[Skapare]

They say: more consistent --- They mean: you can only do it our way

They say: predictable --- They mean: you don't know if Linux will ever crash

They say: easier to manage --- They mean: you have no control

I worked faster when I was ignorant

[Just+Some+Guy]

When I was a novice, I could roll out a new production system with all the bells and whistles in a few days. Now that I'm more experienced, it often takes weeks or months.

Of course, the new systems are actually usable, as secure as I can make them, better integrated with the rest of the business environment, and much easier to maintain and expand.

It's easy to do things quickly when you get to skip the planning stage. Ask your stereotypical long-bearded Unix guy to implement web services and you'll be lucky to see the first draft during the same fiscal year - and no amount of pressure will make it happen any faster. Of course, it'll work correctly from the first day and will exceed the total workload of the quick-hack system within the first month, but that doesn't look pretty on this year's financials so a lot of managers aren't interested.

Re:Fanboi ALERT

Ghost is only "easy" if the machines are 100% identical. Ghost is a pain in the ass if there are subtle driver differences (chip sets, SCSI vs. SATA vs. IDE, etc). About 50% of the time I try to ghost configurations between 2 non-identical machines the system blue-screens and won't even boot to "Safe Mode"; "repair" doesn't even help. Give me kickstart over that madness any day.

No such thing as 'bad' publicity...

[seven+of+five]

An old rule of advertising used to be, 'never mention your competitor's name'. So with these 'Linux this' and 'Linux that' attacks Microsoft continues to promote Linux.

In Other News...

[MightyMartian]

Detroit, MI - An independent agency has produced a report for the Ford Motor Company showing how GM vehicles are inferior, cost more in maintenance and are less satisfying for drivers.

The independent report, paid for by the Ford Motor Company, shows that 67% of GM customers hit walls.

"We feel that this incredibly accurate and indisputable information will demonstrate that GM is inferior, and that the only vehicle anyone with any brains of any kind should buy is a Ford." said Melvin R. Boarshyte, public relations representative.

Re:I hope you get rooted like you deserve.

[Mad_Rain]

This attitude of "I'm not going to maintain my servers because I try to compensate for my tiny penis with a long uptime"

Okay, so the parent poster was CLEARLY flamebait. I think that they do have a point - the grandparent poster running "4 red hat 7.3 DNS servers" and "1 red hat 6 machine that lasted 6 years without an OS related reboot" does seem to be emphasizing uptime over security though. Either you take an hour or two to back up your data, set up redundant services, and upgrade according to your schedule, or someone might force you to update at a "less convinient" time.

Re:like what?

[bhirsch]

Bullshit. Sun, IBM, and Novel are marketing Linux to the very high end of the spectrum. If you want pro-Linux studies, do a Google search.

Linux is a grassroot effort like the anti-tobacco movement -- both are backed by many millions of dollars.

Since we're playing the anecdotal evidence game...

[mfifer]

Two of my Windows 2003 servers for this calendar year...

File server:

           System Availability: 99.9786%
                  Total Uptime: 316d 14h:11m:34s
                Total Downtime: 0d 1h:37m:29s
                 Total Reboots: 21
     Mean Time Between Reboots: 15.08 days
             Total Bluescreens: 0

Mail server:

           System Availability: 99.9859%
                  Total Uptime: 319d 15h:45m:56s
                Total Downtime: 0d 1h:4m:43s
                 Total Reboots: 13
     Mean Time Between Reboots: 24.59 days
             Total Bluescreens: 0

For a small biz, we'll take 99.97/98% uptimes and be DAMN glad about it!  ;-)

I'm nobody's Windows fan either (OSX is my preferred), but the claims of wild instability need to be taken with a grain of salt, IMHO...

Re:I hope you get rooted like you deserve.

[Zathrus]

Remember all those "yet another local root exploit in the linux kernel" advisories?

What about them? Do you have the faintest clue what that means? I'm guessing not based on your flamebait attitude.

Hint -- in order to make use of a "local root exploit" you have to have access to an account on the box. So unless you can get on the box, the local root exploit is a complete non-issue. Based on the GP post, most of those boxes are well behind a firewall and have either no or limited interaction with the world at large. And while that doesn't mean you can ignore things, it does mean that you can worry more about certain attacks than others. In particular if you keep the external interfaces up to date and use good ID software then your threat level for a local root exploit goes to just about zero.

In fact, you can keep just about everything except the kernel up-to-date and not have to reboot. I wish I could say the same for XP (which has vastly reduced the number of "must reboot" scenarios, but hardly eliminated them).

Remote root exploits are a much bigger issue... and are fortunately quite rare on Linux nowadays. Again, I wish I could say the same for XP.

Well....

[einhverfr]

Ok, on some of my systems, I don't worry too much about local root exploits. These systems are extremely hardened and have very limited access to anything. Because of this, I don't worry about the local exploits too much. After all, if all your box is doing is filtering packets, and you can only log in with public keys from a designates system, and no other services are exposed, then the uptime may be more important than the marginal security gain of a reboot.

However, these are the exception rather than the rule. Once you have squid, apache, MySQL, PostgreSQL, BIND, or any other network service exposed then local exploits become important. Why? Imagine if I find a way to break BIND such that I can cause it to do something arbitrary. Now I can use the remote vulnerability in that service to attack the local root vulnerability and gain root access.

In other words, remote code execution in *any* service plus local root vulnerability == remote root vulnerability. If you must prioritize, fixing the local vulnerabilities might well buy you more security.

Windows upgrades easier.

[sgt+scrub]

Interesting.

The study compared two teams of experienced IT administrators running Windows Server 2000 and Novell SUSE Enterprise Linux 8, then monitored their progress as they upgraded to Windows Server 2003 and Novell SUSE Enterprise Linux 9.

I upgraded our 3 Debian servers to Sarge "apt-get distro-upgrade" in about 2 hours. With the exception of the mail server we had no significant down time. The mail service was turned off during the upgrade to avoid any errors.

Every one of our WindowsXP machines (no servers) were virtually unusable after the Service pack 2 upgrade for most of a day.

...Installing a private certificate server

[ortholattice]

...Linux admins take 68% longer...

OK, it's time for me to repost what's involved installing a private certificate server on Windows 2000 via its "intuitive" point-and-click GUI. (You forgive me if I just link to it, not wanting to repeat slashdot's lameness filter hell for this kind of post.) It compares the Linux way and the Windows way. These were the actual procedures used, that I carefully documented, for two different projects that accomplished exactly the same goal. Here it is. (Scroll past the lameness filter stuff at the beginning.)

Re:I hope you get rooted like you deserve.

[legirons]

Just installed Windows XP Pro at work. I'm not addressing technical issues here, just theoretical ones. The End User License Agreement lists twenty seven ways in which Windows leaks data by default just to the Microsoft servers

This doesn't mention the others... By visiting Windows Update, I have to press "I agree" to the ActiveX control which gives whichever website I'm connected to the permissions required to remotely administer my company's computers and remotely access our data.

Hope everyone at Microsoft has got security clearances authorised by the country I'm working for, otherwise it might technically be illegal to run Windows Update...

While some people value uptime/availability/reliability, and others value security, neither of those groups will be running Windows. Laughing at one or the other only makes it more clear that (a) Windows will fail, (b) Windows will fail your security policy, and (c) Windows will expose your organization to unnecessary risk.

Comparing apples and pears !

[udippel]

Did you guys *read* the paper ? I did as long as I didn't have to vomit.

On Windows they applied some normal patches; while the 'milestones' on Linux included real heavy stuff: upgrading glibc, upgrading mysql. Plus patches.
When I upgrade mysql and glibc I upgrade from W2K to Server2003; so to say.
Serious upgrading and normal patches cannot be compared.

So, to me, it is and remains FUD.
On purpose they would not use a period including an update from W2K to 2003; or XP. Even less one when you migrate Exchange from 5.5 to 2000 or similar.

They feel the pain and now spend some big money to some Herbert, PhD, to invent a useless situation.
Deception.

[ends]

Slow, steady, open tops fast, buggy & closed.

[3seas]

... and here is the main reason why!!

proprietary software comes with a given level of incompatability and constraints as to what you can do with it.
Speed of implimentation of something new doesn't mean the users will adapt it as quick as the implimentor installs it.
On the other end there is the company politics and red tape to get approval to impliment something new and cost considerations of purchase.

On the open software comparison side, the implimentation of something new ..... being free to integrate via compatability or the openness to make compatable ......

There are two completely different methodologies here dealing with the primary subject matter of software.

Microsoft has a reputation of being faster to market because they cut corners in quality to do so.

Open Source Software is in no big rush to get anywhere, but moves forward more so because those involved genuinely want to move it forward, Someone who is getting paid to get something to market fast will not only sacrifice quality but may also get a bit blind as to what people would really want if they were allowed to know better.

There was a time when MS ignored Open Source software such as Linux. Believe it or not. But today, its a historical provable fact that they are not doing that any more. Slow and stead has a stronger and more stable foundation.

On innovation? Maybe that's one of the reasons MS is doing this! Maybe they just want open source software developer to hurry up and innovate something that the great imitatior (not innovator) will imitate but get to mass market sooner....and again claim they did it first...

Someone really should teach MS how to count..... grounded zero comes before 1st level distortion.

Typo in the story

[ScrewMaster]

independent study downplaying the viability of Linux at the enterprise level.

It's really about Microsoft downplaying the visibility of Linux at the enterprise level. Something which, let's face it, is really bothering them.

Sure It Is

[Master+of+Transhuman]

Windows is "more consistent, predictable"...

You KNOW it's going to hose itself, you KNOW it's going to be slow, you KNOW it's going to be insecure, you KNOW it's going to be complicated to manage...

Not much we don't KNOW about Windows.

I budget it like this (20-user office)

[leonbrooks]

A. Cost of Leon setting up server with 3 services (DNS, email, fileshare): 4 hours @AUD$120
B. Cost of Leon attending on site roughly once a year: 2 hours @AUD$120
C. Cost of Leon remote-adminning random stuff 4x a year: 0.25hr @AUD$120
Nett cost of Leon over 2 years: A + 2 x B + 2 x 4 x C == 480 + 2 * 240 + 8 x 30 == AUD$1200 (+GST)
D. MandrivaClub Silver membership, per year: EUR$120 == AUD$191.54 (x 2)
TOTAL: AUD$1583.08 (+ AUD$120 in GST) or AUD$791.54 pa or AUD$39.58 per user per annum

A. Cost of random MCSE setting up server as above: 4 hours @AUD$80
B. Cost of random MCSE attending site roughly monthly: 1 hour @AUD$80
C. Cost of random MCSE remote adminning roughly fortnightly: 0.5hr @AUD$80
Nett cost of random MCSE labour so far: A + 24 x B + 52 x C == 320 + 24 x 80 + 52 x 40 == AUD$4320 (+GST)
D. Cost of Windows 2003 Server (Standard, OEM): AUD$1105 (+GST)
E. Cost of 15 extra user seats: AUD$272.80 (+GST and x 3)
Cost of OS software: AUD$1923 (+GST)
F. Cost of virus scanner: approx AUD$80 (or may be seat-bound depending on vendor)
TOTAL: AUD$6323.40 (+GST) or AUD$3161.70+GST pa or AUD$158.09 per user per annum

That's going to be significant to one figure, maybe, so call it three grand a year vs eight hundred bucks a year and less downtime. Call it four times as expensive to install and run MS-Windows.

It also uses a free 3rd-party MTA for the MS-Windows solution. If you wanted MS-Exchange, the cheapest way to get that is SBS, which nudges the software cost up by AUD$1657+GST, or more than the entire Linux software and setup cost.

Also, I'm being kind to the MS-Windows side by assuming 20 users. The 21st user costs $272.80 (or for SBS, $635) extra, nudging the total cost by a further 10%.

On top of the facilities provided by SBS, the Linux server software includes a choice of SQL databases, a choice of webservers and wide choice of scripting launguages, several complete development environments, a virus scanner (for protecting the MS-Windows clients behind it), highly advanced routing/filtering/mapping/firewalling facilities (including Layer7), a range of VPN technologies, complete thin client support, failover support and assorted clustering tools, and too many other services and packages to list.

Sorry, told a small lie

[leonbrooks]

Four to six times as expensive if you go the SBS route.