Slashdot Mirror
A Continued Look at Linux vs Windows
Rogier van Vlissingen writes to tell us Paul Murphy has an interesting writeup on his blog about the continued Linux versus Windows debate with regards to some of the recent insights provided by various groups. From the article: "Disinformation comes in three major forms: innocent mistakes, intentional disinformation (aka FUD), and (self) delusion. Delusions are easily the most dangerous of these. In the IT context the most common delusion is simply that what we know is right in general or applicable to some specific issue when, in reality, it isn't. We know, and we act accordingly - with frequently catastrophic results."
Out of curiosity, have you ever used Up2date? Red Hat has, for quite a long time now, included a tool that works rather like Windows Update -- notifying you via a tray icon (or email, if you prefer) when there are new patches to apply.
The difference is that Up2date will upgrade a lot more components -- any applications you've installed, other than manual builds and unofficial RPMS -- compared to WU, which tends to be only useful for the core OS, IE, and WMP.
Debian-based distributions have Synaptic and the other APT front ends, which, honestly, outstrip Windows Update in practically every way -- even including graphical tools for managing configuration changes needed when updates are applied.
yes. it's call up2date. duh.
Or YUM or YAST. Depending on your distro.
Let's also point out that most major Linux distros have faster patch cycles rather than a month (or two or three or more in Windows case)
Score another point for Linux. And at the buzzer it's Linux 3, Windows 0.
This is my sig. There are many like it but this one is mine.
Which distribution are you running ? If Slackware then look at swaret or apt-get.
Debian, Ubuntu, Mandrake, Suse and Redhat all have network update application built-in and far superior to Windows one - it is used to install and update all of the applications on the system and not just some OS dlls and web browser.
I am a paid Linux consultand/admin. If I would have read what they wanted me to do... I would have said no. Methodology in supporting a linux server is all wrong. Still one admin mangaged to pull it off. He probably didnt fully follow there rules.
I've mangaged to live update a server with Fedora core 1 all the way through each core release till 4 and kept it live and running.
security updates? 'yum check-update' 'yum upgrade $X'
If you run Linux like Windows, expect Linux to have the problems of Windows too.
Yes it is possible under many circumstances.... Your desktop has to fit close to the hard drive, memory, and processor requirements. If your database takes up a gig of ram, dont expect it to work good on a desktop with 256MB.
I copy the linux install from the server computer to the desktop computer and enable it to boot and setup the directories correctly. After that its as simple as compiling/installing the new software and running it. Load testing and border conditions are the hardest to test. After that I copy the install packages (normally rpms in my case) to the server and install them under low usage times.
Is there something like 'strace' for windows?, I have fixed problems countless times with that in Linux.
Since when do blogs represent news?
The Sony rootkit story came from a blog...
Fedora has a new yum based tool called pup (the joke being that it's a python program->pup.py). It does not have a notification icon (yet). It shows far less info then up2date and does not allow you to select repositories, supposedly to make it more suitable for endusers. Experienced users may prefer up2date (or running yum from the cli) but considering its purpose its a nice tool for people who just want to get regular updates installed without a hassle.
Is there anything out there equivalent to windows update? Windows wins this one
No it doesn't.
I have a shell script that runs daily on my servers that does:
apt-get -y -qq update
apt-get -y -qq upgrade
This updates all applications installed on that box. Windows update just updates windows.
Windows loses this one.
meh
the source of the information is not a blog. the blog is just a discussion of it. linked from the blog, the source of the information is here.
the author is herbert h. thompson, of securit innovation,
About Dr. Herbert Thompson, Chief Security Strategist Dr. Thompson is a world-renown expert in application security and is an adjunct professor at Florida Institute of Technology. He has co-authored or edited 12 books including, "How to Break Software Security: Effective Techniques for Security Testing" (2004, Addison Wellesley) and most recently, "The Software Vulnerability Guide." (2005, Charles River Media)
At Security Innovation, Dr. Thompson is responsible for the overall security and research efforts, along with training developers and security testers at some of the world's largest software companies including Microsoft, VISA, HP, IBM, Cisco, Symantec, ING and SAP
ya okay so now you are going to call his credentials into question. okay, go ahead. the point is, he does have credentials, and the source of this story is not some nobody with a blog and an opinion.
LWN.net has more comments on their link to the original report (http://lwn.net/Articles/160247/#Comments).
Linux is now going through what Mac OS has been going through for years:
People --including well-educated techies-- have misconceptions based upon things that happened in the past and keep those in mind for ever. For instance: about the Mac people still say "it's got weird connectors and you cannot exchange files with Windows". About Linux the same thing, people still say "you have to compile and tweak everything yourself before it works" and "no software available" for both.
Now... articles such as TFA are NEVER going to take those prejudices away. They're just plain zealotry that focuses on the wrong things. Please stop "proving" that OS A is better than OS B by comparing them. Try and focus on taking away those old misconceptions that are in people's heads.
Slashdot is a blog of sorts. The people, such as cmdrTaco, that run it usually stick to recent news that is submitted to them. However they still put personal stuff as they see fit. Remember this? http://slashdot.org/article.pl?sid=02/02/14/143254 &tid=166
And you are right on one thing... they are often biased. For every good thing you find on Microsoft or SCO on slashdot, you will find MANY more bad things. If you don't like blogs or the way in which information is presented, stop reading it.
The part of this study calling the success of the Linux admin "unsupported" is ridiculous. It is supported, by the Linux admin and any other nix admin worth their salt. Almost every time I've had to call for support on Win and WinApps and yes even Linux, their first suggestion is the ever popular - uninstall & reinstall. Maybe the companies should hire real admins who know what their doing instead of installation jockeys who know how to use a touch tone phone. If I'm the admin of a system, all support stops with me. If I really need to call someone else in to fix MY system, I"m no longer an admin but just an operator.
l " distro of linux as opposed to something more generic and stable(the whole techie reason for linux) like gentoo? I was a staunch SuSE supporter until it started suffering from emessitis:).
On the use of SuSE......Why would you use the "use-to-be-great-but-now-has-been-ruined-by-novel
And finally my reason for linux versus windows------Applications Shouldn't Change the O/S or cause it's demise, hence different terminology "Applications" and "operating system". Windows O/S and also windows apps do way too much undocumented behind the scenes things that can go wrong. Perhaps it is not so much a problem with windows and win apps as much as it is the fault of their not fully-documenting exactly what different things(dll's, ini-files, registry entries, etc..) are, where they're installed. This info is so poorly lacking in the win environment that many times a marginally knowledgeable person knows more about a product than the people you call for support. Anyway...I digress.
--
L8R,
guitardood
For whoever cares: I've been programming(low-level machine code through current high-level langs) & administrating multiple systems on various O/S's for the last 20 years.
-- L8R, guitardood
how do you really count number of patches? microsoft sometimes combine multiple vulnerabilities into 1 patch. so, naturally, microsoft patches tend to be fewer than linux ones.
Applying updates directly on production ?! This should not be done on whatever OS. It's not the "Windows way", it's the "stupid way". That said, even under the hypothesis that the argument is not flawed then doing things the proper way would have taken too much time, leading Linux to a greater TCO anyway. What's missing from the entry is the only meaningful study : that there is no absolute best operative system, and every single case is a different story which should be deeply analyzed by itself.
No it didn't. Yes, technically it was a blog, but it was the blog of a highly respected and very competent person. And having seen his post about the sony rootkit on his blog, it was no ordinary 'blog' post. It was almost as rigorous as a peer-reviewed journal paper. So no, that's not what people have in mind when they think blogs. He's the exception, not the rule.
You've hit the nail on the head.
/usr} that all I really needed to do was reinstall the networking stack -- just extract some files from an archive and overwrite the corrupt ones. The trouble was, I didn't know where to begin looking for what files I needed to do that with! So I ended up having to reinstall all of Windows. What a waste! That's like having a whole new fitted kitchen installed, just because the sink waste pipe is blocked!
I recently had to fix a Windows machine {beancounters run some legacy app for compatibility with group HO, we've not hacked its protocols yet} that had been hit by a virus. Post-disinfection, the network hardware was undetected. I knew {from past experience with mucking up Linux boxes in various interesting ways -- let's just say, don't ever run out of space on
The thing is, I seriously doubt there are many Windows people who could tell me just what files I would have needed to replace. There are no doubt one or two gurus out there, but I'd stake money that they also know a little bit about at least one other non-Windows OS too. You could just about train a monkey to reboot a Windows machine, which is always the first line of attack and works just too often. I've seen people reboot Linux boxes and get surprised / disappointed / angry when the problem did not go away -- well, why should it? What did you change? In fact, I would say that if rebooting a poorly Windows machine is enough to cure it, then that indicates that Windows must be losing track of its own state somehow somewhere; and doing it in enough different ways never to be really sure which is the dominant one. In any case, with the Windows box, there probably would be only one service which would need restarting; if you could even do them separately, that is.
But I don't think closed-source software vendors particularly like the idea of low-level field maintenance tools. It's like electronics manufacturers who would rather have you replace a whole PCB just because one fusible resistor has gone open circuit {like it was designed to, but it costs a few pence to unsolder it, solder in a new one and see if it was caused by a real fault or just unlucky}. These people want us to have to install a whole new kitchen for a blocked pipe, and maybe they'll try and sting us extra for their fancy KlogPruf(TM) technology while they're about it. But not too clog-proof for the plumbers and the manufacturers of drain-cleaning products {evil bodges though they be} still to turn a profit on the deal, obviously.
Je fume. Tu fumes. Nous fûmes!
'ifconfig' generally, from the command line, is not used to write changes anyway on any OS - they will be lost the next time you reboot. Generally, each OS has a permanent store for IP configuration (such as /etc/hostname.interfacename on OpenBSD, or /etc/sysconfig/network-scripts on RedHat). Generally, ifconfig is used read-only on any modern unixalike.
Oolite: Elite-like game. For Mac, Linux and Windows
Yes, I understand that, but on most Unix systems changes made by ifconfig stick around until the next reboot (e.g. adding an additional IP address to an interface, or activating an interface). On Mac OS X, changes made by ifconfig can be overwritten at any time by configd, and generally will be overwritten at the least convenient and most difficult to debug time.
--Paul
But almost everyone I talk to who complains about the "architecture" is really complaining about tools, like shells and programs (e.g., PHP, Perl, etc.), and is relatively clueless about the OS architecture (disclosure, I think the modern NT kernel is pretty well-designed, even if the default tools are sub-par.)
.NET, etc.) and data sharing layers (OLE, COM, etc.), and the only philosophy I've seen to it is "make it easy to put data on the screen for the user". Hence spawning a process in Windows is almost as complex as firing up a full-blown GUI application with menubar, dialogs, etc. (yet spawning a thread is as fast as Unix). However, getting the GUI OUT is a harder problem. Did Microsoft finally ship a Windows server that didn't require a graphics card?
/dev, /var, and data directories were read-write, all else was read-only, so that in the event of power failure the system would be able to reach fsck at least. The first such system was put to sea and lasted over 8 months with zero reboots until Katrina knocked it out, all the while continually notifying a hardware watchdog circuit at 0.5 second intervals that it was still alive. The system configuration part took roughly three weeks, including testing, mainly due to IRQ issues with the proprietary hardware (USB, ethernet, PCMCIA, wireless, 12 serial ports, A/D, DIO, hardware watchdog).
I'll try a stab. As others pointed out, the "Unix architecture" is still a debated term, despite various books on the subject. Fundamentally, Unix is the POSIX-like C API (fopen(), brk(), fork(), etc.). However, many Unix purists I know say the tools are also part of the architecture, e.g. sh, passwd, chsh, ls, rm, etc., since the "philosophy" of the architecture is simple processes doing their one thing well and the system making it easy to string the tools together. From this base the other layers can be stacked on -- but they remain optional to the functioning of the computer.
The "Windows architecture" seems to be less philosophical and more pragmatic (in a commercial sense.) We have the WinAPI with layers above it including programming languages (MFC, VB,
I recently had a project that I think illustrates the difference in "philosophies" on a more technical level. I had two "embedded" computers that would be deployed on a sea platform: one was a PC/104 (100MHz 486) running TinyLinux in 32MB RAM and the other was a embedded Pentium 266MHz board running Win2k workstation in 64MB RAM. Yes, apples and oranges, absolutely. The vendor who supplied the Windows-based instrument had never put one of their instruments underwater OR under external automation before; they actually thought adding an entry to the Startup folder would be sufficient to make it all work.
On the Linux PC, I already had an image from the vendor that included a kernel and BusyBox and essential filesystem (16 MB). The system would boot and drop me to a shell on COM2, with ssh server listening on eth0. I compiled separately and added to the system just the utilities I needed: rsync, rsh/rlogin, inetd, Perl, crond, etc. I also recompiled the kernel, shaving 1MB off the memory use. Last, I re-partitioned the system such that only the
The Windows PC was already set up and needed only a "little" software to integrate with the Linux PC. Like I said, the data acquisition software had never been designed for automation. I used Kermit95 to manage the serial port link between the two systems (best $50 we spent by far). However, I had to write programs in C to start the program asynchronously (it would hang Kermit95's remote host command otherwise) AND stop the program by sending a specific series of key presses and mouse clicks (because it couldn't respond to anything else like a signal or status file). I also had to download third-party software to list and kill processes (PsList, PsKill). Testing was a royal pain and getting around the vendor's naivete ultimately cost us another three weeks.
You aske