Slashdot Mirror
Microsoft Claims Firms 'Hitting a Wall' With Linux
maxifez writes writes to tell us that Microsoft has released yet another independent study downplaying the viability of Linux at the enterprise level. The study claims that Windows is "more consistent, predictable, and easier to manage than Linux." From the article: "The study, commissioned by the software giant from Security Innovation, a provider of application security services, claimed that Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts." Vnunet.com has also provided a PDF of the original report.
How is this news?
God spoke to me.
Here is a translation from babblefish for those that don't read bullshit.
More consistent: It crashes the same way every time I press the start button.
Predictable: It will crash at least once a week
Easy to manage: There aren't any extra settings in the windows to set that confuse people.
With Linux, they couldn't figure out what they needed to press to make it crash and couldn't determine out when it would crash.
Yet another "independent" study.
Also I am pleased to notice that the "independant company" that spewed out this "commissioned report" (see the microsoft page) lists Microsoft on their partners page, and from what I can tell no one who has even heard of Linux (with the exception of HP). Since it looks like their business depends on selling enhanced security products, I can see why they wouldn't be too keen on having people show an interest in Linux.
Security Innovation designed this study to be repeatable, and we believe that the results are consistent with what customers are experiencing in the real world.
And if I wander over and look at my main Linux file server, I see an uptime of 125 days (it had over a year uptime before I physically had to move the server to a different location). During that time the server's files were available 24/7 with absolutely zero problems. Needless to say we have had way fewer problems with the new Linux server; the old Microsoft server crashed or had to be rebooted on a regular basis; the people before me actually had a planned "weekly reboot every Friday evening". When it came time to replace the Microsoft server, Microsoft didn't fare so well, especially when it came time to pay big piles of $$$ to upgrade it: basically we could have bought two linux file servers for the cost of the Microsoft software upgrade costs alone. Hows that for a real-world example?
I Am My Own Worst Enemy
"Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts"
What the study failed to mention is that 86 per cent of the time to implement was spent convincing the executives and attorneys that using Linux was worth pursuing.
Trouble making decisions? Just flip for it.
The study claimed that Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts.
yeah, maybe true. But how about maintaining them later, for years, with zero downtime?
#
#\ @ ? Colonize Mars
#
Predictable and consistant are not always good ;)
;)
I can predict Windows will consistantly crash more. Not sure how that is a selling point tho
It is fairly easy to manage, just press reboot every now and then. Ok, they probably have that point.
--
Given enough personal experience, all stereotypes are shallow.
The key, as always with these "studies", is to find the portion where it deviates from Reality. That is, where it uses some strange definition or where the sysadmins choose some bizarre action.
...
In this "study", that step into UnReality begins where all systems are required to stay on the same time-line for upgrades.
This means that what would otherwise be a normal upgrade from SLES 8 to SLES 9 instead becomes a strange mix of back-porting patches from SLES 9 to SLES 8. In other examples, the sysadmins are downloading code from the glibc and mysql sites and applying it to those server WITHOUT TESTING. So, over time, the SLES systems become unstable.
Meanwhile, no non-Microsoft supplied code is applied to the Windows boxes.
Of course, the one who commissions the "study" gets to choose the criteria
... an independent study commisioned by the Vatican demostrates that God exist.
Hitting a wall isn't the worst outcome. If you have Windows, you might just crash right on through and go "Splat" on the pavement below.
"In a world without fences and walls, who needs Windows and Gates?"
$someone_influenced_by_microsoft claimed that Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts.
Well, I'm not suprised - They're probably busy reading slashdot half of the time.
According to Netcraft:
My Websites Hosted on Linux:
Last Reboot: 468 days
Last Reboot: 331 days
Last Reboot: 664 days
Other of My Websites Hosted on Windows:
Last Reboot: 3 days
Last Reboot: 9 days
Last Reboot: 11 days
Customers wanting to switch from Windows to Linux: 3
99.999% Uptime and 50% happy customers: Priceless
CP
How pathetic is it when the only people who say nice things about you are the people you PAY to say nice things about you? That's like paying people to be your friend.
MSFT has the best friends money can buy.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts.
They forgot to mention that 67.3% of the windos counterparts did not solve the problem at all because they did not know of a vendor who had the software available, and those were not included in the statistics. Also, 23.1% of the windos projects were ten times over budget. 17.5% of the windos projects were fast, but in violation of on average 7 EULAs and 3 other license agreements. 55% of the Linux projects were slowed down by the requirement that no Free or Open Source software could be used, while 15.8% were limited by the requirement that no non-microsoft software could be employed, and Wine was specifically disallowed. Also, 97.5% of statistics are made up on the spot, including 87.3% of those who are conducted by so-called "independent institutes" for lots of money. Finally, 99.87% of studies paid for by someone surprisingly reveal exactly what the customer asked for.
Assorted stuff I do sometimes: Lemuria.org
"The study compared two teams of experienced IT administrators running Windows Server 2000 and Novell SUSE Enterprise Linux 8, then monitored their progress as they upgraded to Windows Server 2003 and Novell SUSE Enterprise Linux 9."
But the PDF says:
"Specifically, for the database server role, we considered three configurations; Microsoft SQL Server 2000 on Windows Server 2003, Oracle 10g on Red Hat Enterprise Linux 3 and MySQL on Red Hat Enterprise Linux 3. In order to produce a meaningful comparison of platforms, the systems studied were manually installed and their configurations were verified."
Red Hat Enterprise Linux 3 is the only Linux distribution listed in the PDF. Also the fact that "the systems studied were manually installed" is probably why the upgrade was problematic. If you want your upgrade to be easy, install from the distribution, not manually. I also wonder why they did not test MySQL and Oracle 10g on windows. There are windows versions of these software packages. When you are comparing systems running different software, you are not just doing an OS comparison. You are also comparing the software packages. They might just as well have compared Red Hat Enterprise Linux 3 running Oracle 10g to Windows Server 2003 running Microsoft Access 2003.
Insert Generic Sig Here:
More consistent: it does, start button I press, same way crash.
Predictable: A week crash will once it at least.
Easy to manage: Extra Windows settings to confuse people it will, arent there?
I've been using Fedora for a long time now, but this report has given me some doubts. In the interests of fairness, I should probably give this "Windows" a go. Sourceforge doesn't seem to have anything - does anybody know where I can download it for comparison? ;P
Weekly reboots.
Get a copy of Win2K3 on your box. Create a directory that's 3 directories below the root.
Put 200,000 files in that directory (size of each file does not matter).
Now, watch the application that reads and writes files to that directory get slower and slower over time. Until you need to reboot the box.
For an instant problem, open that directory in Explorer. All of your processor speed will be eaten by the "system" process. Even after you close Explorer. Rebooting is the only thing that will clear the problem.
4 red hat 7.3 DNS servers. Have never required a reboot since installation.
1 red hat 6 machine that lasted 6 years without an OS related reboot (the hardware started to give and the box had to be decommissioned)
1 database/web server running SLES 8 has gone over a year and a half without a reboot.
1 webserver running debian stable no reboot since installation
1 proxy server running SLES 9 w/ squid that was set up in under a 1/2 hour under emergency conditions (old proxy hardware died unexpectedly) running 20 days under extremely heavy load until new server came in.
1 database server running SLES 8. A year since last reboot.
And those are all the ancient boxes. We've got many more linux boxen that are too new to have aquired a long uptime.
From the article:
experiencing significant reliability issues resulting in higher total cost of ownership
*shrug* I've had none of these issues they speak of. All of our installs are quick, stable and long lasting. In fact, I've never had a production upgrade break anything, and never had an install take longer than a couple of hours in even the most complex of setups.
This whole "get the facts" campaign is just silly. I don't know why they keep on with it. I've been working with Linux for years and never run into any of the problems they have "documented".
Hey Balmer, want an anecdotal story of Windows breaking? Our mapping department had a Windows 2000 installation with their mapping software. One day it just breaks. 5 people standing around the box scratching our heads. No one had any clue why. Random reboots, blue screens, the whole works. We reinstall many times. Nothing. Do all the upgrades, patches and fixes. Nothing. Sounds like hardware, right? Nope. Upgraded to 2003 and worked fine since.
The fact that the box could have run 2 years without major issue then break out of nowhere with 5 very smart people trying to solve the issue and can't makes me wonder.
Get the real facts.
If an officer ever threatens to taze you, say you have a pacemaker.
My 2000 Advanced Server uptime:
/help for more detail.
C:\Documents and Settings\wysoft>uptime office
\\office has been up for: 121 day(s), 0 hour(s), 39 minute(s), 23 second(s)
Estimate based on last boot record in the event log.
See UPTIME
Bite it.
hello dear sirs my name is jamesh i are india (bihar) can u guide me install red had linux 9?
Hogwash. It is easy to install software on a Windows user's PC while they are using it.
1) Package the software as spyware.
2) Upload it somewhere on the internet. Anywhere. Doesn't matter where.
3) It will inevitably find its way to all the Windows computers in your office within 20 minutes.
5) Profit!
If you are worried about the wrong people getting your software, add something to the package that detects the identity of the host and have it delete itself if not in your office.
-matthew
"THERE IS NO JUSTICE, THERE IS ONLY ME." -Death
What similar technology even exists in windowsland?
Not to be a MS fanboi, but sysprep works pretty well alongside Ghost.
Beware of he who would deny you access to information, for in his heart he dreams himself your master.
... is a relative term I could compile a report like this demonstrating that Linux admins take 68% longer to perform a set of cherry picked tasks you can do alot faster on a Windows machine that has a nice easy to use GUI management tool specially designed to do those same tasks. I could also demonstrate to you that Windows admins take 68% longer to perform certain cherry picked tasks because those same Windows GUI management tools (Windows command line tools tend to suck ass) simply don't enable you to perform those tasks as efficiently as you can by doing them with shell/perl scripts on the Linux command line. Comparing Windows to Linux/Unix is to some extent akin to comparing cats and dogs. The design philosophies of Linux/Unix are fundamentally different from those of Windows. The former are meant to be more flexible and targeted at better educated operators while Windows seems to be geared firstly towards corporations who want something that a relatively low skilled person, preferably without a high level of education (and thus a lower salary), can easily administrate and secondly it is geared towards the mostly clueless average consumer. Then there is OS.X which does an admirable job of being just as easy, if not easyer to use than Windows, (while still being more secure) but it still has all the power of Linux/Unix making it a nice compromise.
Only to idiots, are orders laws.
-- Henning von Tresckow
In the PDF speaking about RHEL 4 including selinux compared to RHEL 3 which doesn't have selinux...
"The data indicated does not seem to indicate drastic security vulnerability improvement for RHEL 4"
I usually don't get pissed off about these Microsoft studies, but this is more than FUD. It's a lie. They compared the security patches for RHEL 3 and 4 over a 2 1/2 month perdiod. RHEL 4 had more. They indicate that selinux did not make RHEL 4 more secure. The point of selinux isn't to lessen the number of security advisories. IT'S ANOTHER FUCKING LAYER OF SECURITY. It's akin to a firewall or antivirus. It's exactly like saying "the month after microsoft released Windows defender, 38 new viruses were detected in the wild. The month before only 30 new viruses were found in the wild. Windows defender seems to have little effect on spyware and viruses." There's no connection. selinux would make it so a vulnerable piece of software would have a harder time being exploited and an even harder time getting total system control. A hole is a hole. Whether or not it is easily exploited or not doesn't matter. It needs to be patched regardless. If sendmail has a buffer overflow that selinux is able to mitigate, sendmail still needs to be patched. Whether or not they will be able to successfully exploit it is another question. It doesn't stop the fact that sendmail has a buff overflow.
You'd think a "professional" security agency would have more sense than that, but aparently not.
k thx get the lies campaign.
If an officer ever threatens to taze you, say you have a pacemaker.
They are not talking about the time to deploy the server itself.
From the Summary (because who bothers to RTFA anymore?):
"...claimed that Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts..."
That much is probably true. Implementing some new process on a Linux box probably does take a bit longer. But here's the thing: Once it's done, it's done.
I've seen enough gawd-awful in-house software and scripts in Microsoft shops to know better than to be impressed by how much "faster" it is to adapt their shit. If you count all the down-time and set-backs which can happen after implementation, you probably ultimtely save a lot of time by going with a Linux-based enterprise.
But then, I'm not some kick-ass consulting firm which a big astroturfing... er... I mean independent study commission to put in the bank.
Information wants to be anthropomorphized.
Microsoft is generally easier and quicker to deploy, but then
To be fair, you normally choose the OS and Hardware for the job. Microsoft likes to point out OEM boxes that are hard to install linux on, but then, thats like trying to put XP on all those old beige boxes and saying Microsoft sux0rs because of bad driver support.
SSDD.
They had a year to study this and came up with some unusual metrics to say the least. For those who did not read the 44 pages of PDF, let me summarize some of my observations:
- They appear to be more comfortable with Windows than Linux. There is nothing wrong with that except they do not account for it in the time to complete tasks.
- They compared a Windows box running MS SS against two versions of Red Hat running MySQL and Oracle. That the did not use the same data bases on both OS slants the numbers from the start. Even if they wanted to avoid MySQL, they could have selected an Oracle installation.
- They counted vulnerabilities at the component level. So a shared library that had a vulnerability, but was used by both the installed OS and the database is counted twice. One used by the OS, the GUI, and the database, three times, etc. They state this is fair, but this would automatically penalize a Linux distribution because MS does not get counted twice in any case.
- The Red Hat installations were done manually and minimal installations. They then had problems, and make commentary on the difficulty of the upgrades. I would be very interested in the detail of what they did for the install. This appears to be a self-inflicted wound claiming to be otherwise.
- They make an big deal about what ports are open in the default installation. They comment that MS continues to allow MSUpdate, a good thing, but that Linux left the port for up2date open, a bad thing. Again, as a minimalist install they should have secured the ports, but that is dumb argument regardless. Admins who leave a machine wide open deserved to be fired. Because MS now ships theirs with everything closed is a side effect of the number of complaints about bad admins leaving the server in its out of the box state.
- Days to resolve a vulnerability are dangerous guides. First, a vulnerability has to be reported, then verified. We are dependent upon the vendor (MS, Oracle, etc) to correctly reflect these. However, almost anyone can and does report one for OSS - and that is a good thing.
In general, they speak of vulnerabilities and the ability to respond to business requests. I would like to see the requests they specifically refer to. While 68% sounds like a lot, is it the difference between 12 and 26 seconds? I just cannot see in my day to day activities it taking me more than half again as long to do anything and it is far less to image entire boxes. I wonder if this is a familiarity thing.
It is really time someone from RedHat or SUSE took a study like this and dissected it for a comparison 1:1 with MS. None of this it counts twice or differing databases garbage, a real compare. The top 20 tasks an admin will perform in a year. If we loose at least we know what to focus our energies upon. (What does not kill us, makes us stronger)
Supporting a mixed (Windows/Linux/Solaris) environment, I just do not see a 68% difference anywhere for an experienced admin.
My biggest problem with the article is the claim to "predictability and consistency". They probably haven't seen any of the past 20 AD implementations. I have seen AD, Windows 2000, and Windows 2003 show extreme unpredictability and terrible consistency. I have seen some crazy GPO get applied to users out of the blue, and I've seen some of the craziest errors ever. I think linux has the predictability and consistency, however, there is a little bit of upkeep required and a little more well trained tech staff, but hey, you get what you pay for. Deal with it.
YOU'RE WINNER !
Another lame blog
Of course, the new systems are actually usable, as secure as I can make them, better integrated with the rest of the business environment, and much easier to maintain and expand.
It's easy to do things quickly when you get to skip the planning stage. Ask your stereotypical long-bearded Unix guy to implement web services and you'll be lucky to see the first draft during the same fiscal year - and no amount of pressure will make it happen any faster. Of course, it'll work correctly from the first day and will exceed the total workload of the quick-hack system within the first month, but that doesn't look pretty on this year's financials so a lot of managers aren't interested.
Dewey, what part of this looks like authorities should be involved?
The independent report, paid for by the Ford Motor Company, shows that 67% of GM customers hit walls.
"We feel that this incredibly accurate and indisputable information will demonstrate that GM is inferior, and that the only vehicle anyone with any brains of any kind should buy is a Ford." said Melvin R. Boarshyte, public relations representative.
The world's burning. Moped Jesus spotted on I50. Details at 11.
Active Directory is integrated but going with any type of directory service makes the overall desgin more complex. Does it help "some" organizations? Yes, but you pretty much have to use AD if you want to use Microsoft. Now could someone please explain to me why Microsoft still uses Domains with AD? Doesn't a true directory service not use Domains? Also can you have two people in different OU's on the same "domain" with the same exact name. Something like
ou=marketing,uid=myLogin
ou=hr,uid=myLogin
with only one server?
NTFS vs Unix file permissions. This use to be true but no longer, read up on ACL's in Linux and Unix, they have been around for a while. I would point to secure Linux and say that Microsoft doesn't have anything that competes in this arena. Granted this is somewhat complex and a lot of shops don't need it.
IIS is easy to configure, but then again using YAST or any of the webmin tools make Linux/UNIX a snap to configure. I would argue it is easier to admin a server with webmin than it is to learn all the Microsoft admin tools.
SMS is finally a decent package for Windows only shops. So is WinInstall and other products.
Oracle VS SQL Server. Oracle is free for one processor, 2GB of RAM and a 4GB database size. It runs on multiple platforms and it's target market is for higher end databases. It can mount XML, TAB delimeted and other files natively as tables. That is very very nice to developers. SQL Server has the DTS stuff. DTS is very nice for moving data around, but not as nice as actually mounting files as tables. Oracles Enterprise manager is very comparable to Microsofts, and at least with Oracles EM you can actually sort data after you view it AND you can see the SQL that is being generated by the query. I will say that the query builder in SQL server is very nice. I can't comment on DB2... All in all I would say that both are very friendly to developers, but one is free for small to mid size shops and one is not.
Now I find the core difference in Windows and Linux is that most shops do a LOT more on one Linux/Unix box than one Windows box. Most Windows shops (ours included), have a Windows server for one specific task, perhaps two tasks. Most Linux and Unix boxes run many different tasks and as such you need far less of them. Perhaps this is just the attitude of Windows users to purchase more servers because they are "cheap" but I can say that every place I have been this is the case. Most Unix/Linux guys you talk to mention two things, their uptime AND the amount of crap that is running on their boxes. Most Windows guys I talk to mention the number of servers they manage. So in short this needs to be factored in as well. This issue may also come from all the DLL hell that has plagued Microsoft for years, or the fact that it was difficult to impossible to run different versions of SQL server on the same box.
You are correct in mentioning security as a major concern. The constant amount of patches and reboots needs to also be factored in. You start to really need tools like SMS when you have 100 to 500 Windows servers that need patched as often as they do. Now if you replace those servers with say 10-20 high end Linux boxes then the need for an SMS type of application starts to diminish. This is not to say that you couldn't use a product like E-Directory and Red Carpet to manage those boxes, but the need isn't as great.
The more I learn about science, the more my faith in God increases.
OK, it's time for me to repost what's involved installing a private certificate server on Windows 2000 via its "intuitive" point-and-click GUI. (You forgive me if I just link to it, not wanting to repeat slashdot's lameness filter hell for this kind of post.) It compares the Linux way and the Windows way. These were the actual procedures used, that I carefully documented, for two different projects that accomplished exactly the same goal. Here it is. (Scroll past the lameness filter stuff at the beginning.)
But is this really so different from self-proclaimed college-drop-out "Linux gurus" who whip together sucky and insecure "solutions" in MySQL and PHP using the "powerful open Enterprise OSS LAMP-stack" ? You can write good as well as bad code both on Linux and Windows, and there are more than enough examples for both on both platforms.
I don't have a lot of experience with Windows, but Kickstart is one of the most impressive pieces of Linux software that I've used.
Network PXE boot, enter a configuration file location and sit back while Kickstart configures and partitions your server, downloads and installs all your packages, runs post-installation scripts to install updates and start all your services, and finally reboots your completed server. All without any intervention.
Not to mention that if you ever need to re-deploy that server, or deploy a similar server, you can reuse the configuration file to guarantee the server is identical.
Did you guys *read* the paper ? I did as long as I didn't have to vomit.
On Windows they applied some normal patches; while the 'milestones' on Linux included real heavy stuff: upgrading glibc, upgrading mysql. Plus patches.
When I upgrade mysql and glibc I upgrade from W2K to Server2003; so to say.
Serious upgrading and normal patches cannot be compared.
So, to me, it is and remains FUD.
On purpose they would not use a period including an update from W2K to 2003; or XP. Even less one when you migrate Exchange from 5.5 to 2000 or similar.
They feel the pain and now spend some big money to some Herbert, PhD, to invent a useless situation.
Deception.
[ends]