Dealing with Corporate FUD About Linux?

Lumpy asks: "After this morning's IT conference call, Linux was once again attacked here in the company by the upper management as 'a threat' to our company security. With articles, like the recent one from Information Week, fueling the Upper management with outdated information and half truths, how does an IT professional defend his position and educate upper managers to take those articles with a tiny grain of salt and trust their experts? Should we as professionals expect to be attacked for our decisions, even though Linux has prooven itself (time and time again), for over 5 years in our company? How do you deal with all of the baseless claims, that your superiors may read in the mainstream media?"

my advice

[kebes]

Be honest and matter-of-fact about it. Tell them the truth and hope that they are smart enough to realize how this will help the company.

You can say impressive things without lying. For instance, you can say (if it happens to be true): "I trust Linux for my home computer and all my important files." That alone means alot. Or you can say "if I were asked to place a $1000 bet on a computer OS that would run without getting infected with viruses or crashing for a whole year (while connected to the net!) I would place the bet on Linux instead of Windows."

Or, you can point out other projects/companies. For instance, according to top500.org, in 2005, 390 of the top 500 super-computers were using Linux. That means that 78% of super-computers run Linux. For instance, the world's most powerful computer is IBM Blue Gene, and it uses Linux for its I/O nodes (more info here). Also, Google's gigantic, powerful, and distributed search engine runs using over 60,000 Linux machines (more info here, here, and on Google's Research page). The fact that big, complicated, and highly successful operations use Linux shows what it can do. In the case of Google, it shows that they trust it to deliver the security they need.

You can urge them to get a second opinion. For instance, tell them to look over Secunia's report on Windows XP compared to Ubuntu 5.10.

Ultimately, however, all you can do is provide them with an honest assessment of Linux' strengths and weaknesses, and point out in what ways the media reports are wrong. If they respect your opinion, then they'll make the right choice. If they refuse to listen to reason, then there is nothing you can do. People who are more interested in media sound-bites than expert discussion are essentially impossible to convince of anything they don't already believe. Don't waste your time, and don't buy company stock.

Re:my advice

[Captain+Sarcastic]

That's pretty much what I tried. The down side is when the boss asks, "OK, so if it's free, how do the people who build the distro make money?"

This isn't quite as pointy-haired as it might sound. With some of the monkeyshines that went on during the dot-com craze, with various companies bragging about their respective cash burn rates, many managers want to have an idea that the company who is providing the software will be around in X number of years.

Of course, another approach is to point out that, "Well, you know, MS-DOS worked just fine, and nobody had complained about the 80-by-25 character cell screen... so how come we aren't still using it? Because [at this point you will want to sigh - DON'T!] Windows 3.1 did things well that MS-DOS was only marginally capable of doing."

Of course, depending on the manager, they might look at you funny when you mention "MS-DOS", but bear up...

Re:my advice

[PFI_Optix]

Or, to save time:

"Google uses Linux, and their stock price is $3xx."

Re:my advice

[THX8311]

They've all ready been indoctrinated with the "Linux is Evil" montra. Any sentance you have with the word "linux", they will just hear "Wha wha wha." Instead, get a nice laptop with Linux and KDE and let them play with it and don't tell them what software it is. Then after a few hours and they like it, tell them it's Linux and see what they say.

Re:my advice

Well, comparing to windows isn't necessarily convincing: believe it or not, some companies DO know that MS Windows is a pile of crap. But as far as they know, linux isn't necessarily much better. If you're used to the rock-solid guarantees an IBM or Bull mainframe hardware/software combo (i.e. not just running 200 linux VMs on the mainframe) gives you, linux may be considered just another mid-range unix. Sure, it's better than windows.

Re:my advice

[Saeed+al-Sahaf]

Be honest and matter-of-fact about it. Tell them the truth and hope that they are smart enough to realize how this will help the company.

Hahhaaaa... ha haaa... ha ha ha haaaaa.... Hahaaaha... ha haaaaa... haaha haaa ha ha ha... OH MY! Hahaha... Haaa ha haaaaaa ha ha ha ha...

Re:my advice

[NoMoreNicksLeft]

It is pretty pointy-haired after all. You don't say "Home Depot" may go out of business in 5 years, and then use it as a reason that you will no longer be able to buy 2x4s.

It's open, anything can be compiled for the version you use, even if there are no versions. Lack of a upgrade treadmill means your apps are safe, even if you have to use 2.6.x linux for the next 20 years. Computers always used we that static, at least until stupid people started using them.

Open source. If push comes to shove, hire a person or two to fix what needs to be fixed, even if Torvalds is gored to death by angry reindeer. Or more likely, as yours wouldn't be the only company that needs this, the costs can be spread out among lots of different companies, probably in the form of a vendor appearing to take over.

It's commodity parts people. Ford might go out of business, but we're always going to be able to buy parts to fix the engine and transmission. Linux is like that too. Microsoft is the one to be worried about, not because they will somehow die next year (I pray every night though), but because if they somehow did, we'd *ALL* be shit out of luck.

That anyone can spin things in such a way contrary to reality is incredible.

Re:my advice

[crimethinker]

The saddest thing is that this would probably work a lot better with a PHB than any amount of technical reasons about viruses, worms, security, cost of licenses, etc.

-paul

Re:my advice

[Captain+Sarcastic]

I agree with you. Managers, on the other hand, see the distro labels of "Fedora" vs. "SUSE" vs. . I tried pointing it out, and the response was, "they've got to be different - otherwise, how do they stay in business?" When I tried to explain, they rolled their eyes and said, "We've got Windows, it's easier to stick with that."

Of course, this was the manager (well, actually, business owner) who had only one computer hooked up to the internet for everyone's E-mail to come in through, citing the costs of anti-virus software.

Which may be why I'm not a manager.

Re:my advice

[inter+alias]

And this person gets money to pay you how? Must be very good at something else than IT....

If this is someones pet startup, the owner knows nothing about IT (and by the sound of it is _the_ PHB) and still makes all the IT decisions.. well.

I hope your boss realises his mistake and hires a good IT manager or tries listening to his employees (he trusted you enough to hire you). Dumb people deserve to fail.

Re:my advice

[Reality+Master+101]

To be honest, you're not really thinking like a businessman, you're thinking like a programmer.

You don't say "Home Depot" may go out of business in 5 years, and then use it as a reason that you will no longer be able to buy 2x4s.

That's because Home Depot doesn't support the 2x4s for the foreseeable future. A better analogy is using them for their contractor services -- if anything goes wrong with your floor installation, you know Home Depot will be around to complain to.

Open source. If push comes to shove, hire a person or two to fix what needs to be fixed, even if Torvalds is gored to death by angry reindeer.

OSS advocates bring this up a lot, but what a business person hears when this is said is, "Yeah, they're admitting this business will gone in a couple years, and then I'll have to go into the software business, and I don't freaking WANT to be in the software business. I want to sell my widgets. I'll go with someone that won't force me to be in the operating system business."

Business types understand business, which comes down to money. If you want them to buy into something, then express how it either saves money, or produces more money. If you can't make that case, then maybe your argument isn't as strong as you think.

Re:my advice

[Angostura]

Let's face it, your managers gave you a perfectly correct answer when they said: ""We've got Windows, it's easier to stick with that."

It *is* always going to be easier to stick with what you have already.

It sounds to me as if the management are quite happy with what they've got, it works well enough and they have some annoying techie lobbying to change half their infrastructure software. Naturally they are going to be floundering around to find ways to get them out of their hair.

So, what are your reasons for wanting the company to switch to Linux, really? Are you a groupie, or are there solid reasons that will translate to the company's bottom line that you can put to them.

The security issue can be defused fairly easily - present some research into .mil adoption of Linux, for example.

But the security issue is probably just a smokescreen. You need some damn good reasons that you can set out cooly and rationally, and hopefully with a spreadsheet attached that will convince them of the advantages. "But it's free" probably won't cut it. Factor in third-party support costs, or in-house support for them so that it is NOT free. That'll make them take you more seriously.

Re:my advice

[eno2001]

Unfortunately, it sounds like you're dealing with people who have already closed their minds to the option of Linux. I plan to implement a lot of Gentoo installations in our server room since I'm a bit annoyed with the big name, for profit distros myself. And if it came down to it, I'd even go the route of Linux from Scratch, because if a company isn't willing to employ people who can build their own distros, then they're not worth working for. :)

Re:my advice

There's also a hiring boom for Linux experts going on. Vote with your feet and short the company as soon as you're no longer an insider. If management is stupid about IT and stupid about people ... they're probably stupid at everything they do.

Re:my advice

[inter+alias]

I shorted google when they were at $440 :)

Re:my advice

[networkBoy]

I'm with paul on this.
Mod parent up.
-nB

Re:my advice

[grcumb]

"It *is* always going to be easier to stick with what you have already."

Damn, and I was going to mod this thread....

I think you're almost on target, but not quite. The easier decision is to stick with what you've got, and it's often much safer to avoid changing horses in mid-stream, but it is not always easier to stick with what you've got.

Case in point: A large government agency in the country where I live had incredible problems managing its Internet traffic, to the extent that sometimes messages would take over a day to cross from one department to the other. The delays were mostly due to a bottleneck caused by placing all the content, spam and traffic filtering on the same box. An acquaintance of mine quietly installed a(n experimental) Linux box on the network to take up some of the slack, and even though traffic problems were significantly reduced, the decision was made to spend USD 25,000 more to beef up the existing system, because 'That's what we know.'

In other words, a conservative viewpoint with regards to technology is good, but it can lead to situations where the well-trodden path isn't nearly as efficient as clearing a new one. As a wise man once said, 'A foolish consistency is the hobgoblin of little minds.'

Re:my advice

"Google uses Linux, and their stock price is $3xx."

Don't take this to mean I'm anti-Linux or pro-Windows, but Google uses Linux and their stock price is plummeting. No corrolation.

Re:my advice

Google's gigantic, powerful, and distributed search engine runs using over 60,000 Linux machines (more info here [wikipedia.org], here [wikipedia.org], and on Google's Research page [google.com]). The fact that big, complicated, and highly successful operations use Linux shows what it can do. In the case of Google, it shows that they trust it to deliver the security they need.

Uhh 60,000 servers? Google has 20,000 in my former data center; and they actually have 8 other locations within the same company. I also know that they have server farms with at least one other company; I could guess that it is just as large but that wouldn't be accurate.

Googles farms are larger than most people think.

Hugs and Kiss,
Ex-Data Center Tech

Re:my advice

[cybersaga]

Don't take this to mean I'm anti-Linux or pro-Windows, but Google uses Linux and their stock price is plummeting. No corrolation.

Well with their stock price what it is, it has nowhere to go but down.

Re:my advice

They should look at RedHat or any other Linux company.

The money made in Linux work is in SUPPORT costs and customization. Which is IMHO where it rightfully belongs.

Many people spend a few hundred dollars on a boxed-software like MicroSoft, then feel shafted later. It doesn't work right, it needs constant patching and attention. I don't understand how it work, can you help me? The support-tail cost usually far dwarfs the original cost of the box of software.

At least the Linux people are honest about it. You get the base system for free. You want support, you can buy a contract or just buy it by the hour. Simpler. And because there is not the same vendor lock-in you have more choices about who to get support from.

Re:my advice

[IceAgeComing]

OSS advocates bring this up a lot, but what a business person hears when this is said is, "Yeah, they're admitting this business will gone in a couple years, and then I'll have to go into the software business, and I don't freaking WANT to be in the software business. I want to sell my widgets. I'll go with someone that won't force me to be in the operating system business."

But proprietary widget vendors cannot guarantee they'll be in business either, so it's not an argument in favor of either open source or proprietary. It's not relevant to deciding which is better.

Re:my advice

[Reality+Master+101]

But proprietary widget vendors cannot guarantee they'll be in business either, so it's not an argument in favor of either open source or proprietary. It's not relevant to deciding which is better.

Come on. Which is more likely to be in business in five years, Home Depot, or Joe's Contractor Shack?

It's all about probabilities. Microsoft has a FAR higher probability of being around in five years than, say, Red Hat, which is the strongest player. How about Debian? Who knows? Manager Man sure the hell doesn't, and frankly neither does the OSS community.

That's why the whole "but the source will never die!!" arguments come up in the first place. The paid companies are so small that it makes people nervous.

Too bad IBM doesn't come out with their IBM-branded distribution that they promise to support forever. That would solve a lot of these problems. I'm not sure what kind of promises they make now on behalf of their Linux partners.

Re:my advice

[sparkz]

I'm with you on this one, Saeed.

An interesting and useful thing a headhunter told me recently about looking for jobs - don't tell them what you know and what you're good at, tell them how much money you have saved, and how much income you have generated, in your current/previous jobs.

If you can come up with figures, saying that (eg) "We spend $x per annum on Anti-Virus software for Wintel; we could reduce that to $y by moving to Linux", or "We lose x hours per annum with unscheduled downtime on Wintel servers, costing $XX; we could reduce that to y hours with Linux servers, costing only $YY", you are more likely to get the attention of the beancounters.

A Ferrari is faster than a Volkswagen, but it costs more. It's down to the beancounters to sign-off the outlay. If you can show that you need a Ferrari's speed, and the benefits justify the cost, then they'll get the Ferrari. If you can show that the Volkswagen is quick enough, and is cheaper to buy/run, then they'll get the Volkswagen. Note that I've not gone into any details about the technical differences between the two manufacturers, but I've sold them on whichever option best suits the need.

In some cases, the Ferrari is the best buy; in others, the VW is the best buy.

If I'm in the high-end chauffeur business, then a Ferrari could win on the prestige alone; If I'm in the taxi business, the VW will win on TCO.

I know - I'm using the traditional car analogy, and I am failing to specify which option is Wintel and which is Linux; sorry for going against the mould, but it doesn't work that way in the CEO/CTO/CIO mindset. There is no "best"... we all know that a Ferrari is "bettter" than a VW, but is it better in this situation? If the objective is security, *nix is likely to beat Wintel; If the objective is massive user-acceptance and low training costs, Wintel could beat *nix.

Whether the criteria are right or wrong is a different issue; you could say that it doesn't matter that the users don't need retraining to use the *nix solution, because the Wintel solution is riddled with flaws; again, you can put that into CEO language by costing the (Wintel flaws) vs the (*nix (flaws + training)) to show that training on *nix, whilst an extra expense, is overall lower than the Wintel solution.

If you cannot show that, then you are not actually benefitting the company.

As a simple example, if the proposal is a stand-alone workstation with no external I/O devices, does it really matter (for security) if it runs Windows 95? The security argument doesn't hold up as strong in this case, as compared to a publically-accessible web server.

Think about what it costs, and what it delivers. Don't bother telling non-technical people about technical details - they don't understand, and it's not their place to understand (if they did understand, we'd be out of a job!). We have to translate the technical details into costs.

So if replacing a Wintel server with a Linux server is "better", you have to define "better", even (especially!) when it's obvious. If it's better because the Wintel server was a security issue, then work out the total cost for keeping the Wintel server secure, and the cost to the company if it was breached, along with the likelihood of that occuring. Do the same costings for your proposal, along with any additional costs incurred (new hardware, licenses, training, etc). If it turns out that there's a very low risk if the Wintel server is compromised (eg, it's not connected to the internal network, contains no sensitive data, and is blocked by the firewall from doing anything nasty), and there'd be a large cost in migrating to Linux (eg, retraining, HW changes, etc), then Wintel is the right answer, and all the "but Linux is better than Windows" arguments are ignored, and your credibility is reduced. That reduced credibility will carry on to the next time you propose something, like the boy who cried "Wolf!".

Cost. That's all the business people care about. If they can spend $10k on a

Re:my advice

[lintux]

> That's pretty much what I tried. The down side is when the boss asks, "OK, so if it's free, how do the people who build the distro make money?"

I actually wonder, why does he care? But even then, he can buy RHEL or some other paid distro if he thinks it has to cost money...

Re:my advice

[Stephen+Samuel]

"OK, so if it's free, how do the people who build the distro make money?"

There are two answers:

1. They charge for support
2. In terms of how the support works, If I have an itch to scratch and fix an issue, I can then forward that fix to the people who maintain the 'cardinal copy' of that product. If they fold it into the official version, then I get free support for that improvement in the future. (( been there, done that, by the way ))
   If they don't fold in the fix, by the way, then I would still have to manually fold our improvement into any future version (( which is something you can't do with a closed-source product )).
   There are, of course, mondo tools for 'patching' your local fixes into open source products.

As Perens (I think) pointed out, if 10 companies get together and each donate an hours work to an Open Source project that they all use, they each get 9 free hours of development work done. Even if half of that work is on a feature you won't use, that's still 5 hours of productive development for free. That's why companies are willing to contribute to Open Source.
It's a model that's hard for a good capitalist manager to walk away from -- and as the numbers improve, so does the free-work ratio.

Re:my advice

[noamsml]

I'm sorry, but putting LFS in the server room is extremely irresponsible for a multitude of reasons. First of all, it will make upgrades extremely messy, and with no dependancy solving (or solid dependancy system, for that matter), you are going towards breakage hell. Not to mention that you will have to monitor all the security fixes yourself.

Re:my advice

[xenocide2]

Well, all you need to do is again answer with the TRUTH. Companies make their money in support contracts, and in assisting companies in migrating from their previous solutions. It's not easy to migrate from one UNIX to another, let alone from NT to Linux. Even if a company has human resources to run both Linux and Windows, migrating takes a specialized skillset, requiring you to know a lot about what people are doing with Windows, what the corresponding Linux architectures are, how to make up the gaps between the two and what can be added easily to improve over Windows. Companies do this because they're in the business of selling auto parts, or whatever. They don't get any benefits from having people on hand capable of patching whatever wierd things SAP convinced them to run, so asking for outside help allows them to get a leg up without having to invest dearly in it. Hopefully you haven't been saying migration was costless because it's not. Even without liscence costs, you've got opportunity costs and potential downtime costs, not to mention the extra work involved in migrating systems.

When asked for specifics, if you don't know, you've always got the option of telling them "I don't know, but you can look it up and get back on that." Redhat's earnings come from customer support fees. Ubuntu gets its money from Canonical, which does consulting services for firms in a variety of situations. Progeny does the same. Hans Reiser actually gets money from people who want to use his code _without_ having to say he made it. Redhat is profitable (and even have more cash on hand than total debt!), Progeny has been running for long enough that I'd imagine they would have given up if it wasn't. I have no idea if Canonical is making money (its site doesn't appear to have any sales pages, but Ubuntu is hiring), but I'd imagine Shuttleworth wants to give something back to the community that _lasts_ and turning a profit is one way to go about it.

In fact SAP makes a good deal of its money this way. Oracle also makes a good deal of money this way. Microsoft makes a fair bit of money this way, but it's mostly in training and certifying people capable of doing this work using their products. The one question I was unable to ascertain from browsing the 10-Qs was how much of product sales of Oracle or Windows were derived from consulting work versus the regular sales process. Certainly it would be impossible and useless to know how many corporate purchases were made with recommendations by MS Certified consultants, but it might be interesting to know that 50 percent or whatever of all Oracle liscences were purchased in contracts that specified payments for customimzation and deployment services etc.

Re:my advice

[Chaostrophy]

SAP says that Linux is their future, they are the huge ERP company, this means that they must think they can get the Fortune 500 to trust their most critical systems to Linux.

Re:my advice

[HangingChad]

Tell them the truth and hope that they are smart enough to realize how this will help the company.

There are offices where people are not content to merely not be interested in F/OSS, but outright hostile to it.

Having been in the same world as the original poster, sometimes you just have to face up to it that some companies are never going to come around. There's no point sticking your neck for a group that doesn't appreciate it. Such effort is pearls before swine. Find a shop more in line with your IT mentality. That's how I'd handle it, may not be practical for everyone.

Funny thing, I think sometimes the hostility is really more often directed at MSFT. The customer just got a big upgrade tab and you mention F/OSS and it sets them off. Like they're mad that F/OSS isn't good enough (in their mind), or maybe they feel like you're telling them that they're stupid for spending all that money. Which they are, but it's not your problem if they don't want to hear it.

I have to tell my customers the truth, whether they like it or not, but that's where my responsibility ends. I'm not going to fight to save them from their own ignorance. There was a group I went in to help after their tech guy left unexpectedly. They had this clunky ASP app slaved to this massive, horribly designed database with no table relations, no indexing, no stored procedures...it was a disaster waiting to happen. But the client kept going on and on about what a fantastic app it was and vital to their operation. I said, nearly exactly, "This application is so poorly designed that I'm amazed it functions at all. It violates every rule in the book of good application design and then adds new chapters."

You'd think I was attacking their children. They accused me of blaming the previous developer because I didn't like him and of lying and other unethical behavior. I tried to show them exactly where the design problems were and why it would suddenly slow down or stop working. Their answer, "It works for what we need it to do." It was like dealing with the Bush administration.

I found them a new developer. They're still limping along with that same old app and the new guy has to play an endless game of whack-a-mole to keep it running. But it's not my problem. They didn't want to hear any bad news and it's the same with F/OSS. If you're dealing with that mindset, wish them well in their MSFT world and move on.

Re:my advice

[tom's+a-cold]

That's pretty much what I tried. The down side is when the boss asks, "OK, so if it's free, how do the people who build the distro make money?"

The same way the people who build Apache, Bind, and other key parts of the Internet make money. That's not a pointy-haired question, it's just incompetent. Nobody in a position of responsibility over IT staff should be asking a question like that. Even five years ago, it was barely excusable. Now it's as sure a sign of clinical brain death as a flat EEG.

Update your resume. When you get an offer, talk to the pinhead's supervisor and make it very clear why you're leaving. You'll be doing the next guy a favor.

Re:my advice

[jc42]

Come on. Which is more likely to be in business in five years, Home Depot, or Joe's Contractor Shack?

Actually, 8 or 10 years ago I read a study by some economist (whose name I've forgotten) that tackled exactly this topic. It was a large "data dredging" study to determine what company characteristics were correlated with longevity.

One of the study's results, which the authors admitted was a bit of a surprise to them, was that the correlation coefficient for company size was zero. Size wasn't useful in predicting how long a company would last.

So Home Depot and Joe's Contractor Shack are equally likely to have disappeared five years from now.

Look back 10 or 20 years, and ask yourself what people back then would have thought if you'd predicted the imminent disapearance of Pan Am or Digital or any of the other giant corporations that are no longer with us. Then ask yourself how confident you are that familiar names like Home Depot or Compaq^H^H^H^H^H^HHP or IBM or Microsoft will still be around in 5 or 10 years.

Re:my advice

[Reality+Master+101]

Actually, 8 or 10 years ago I read a study by some economist (whose name I've forgotten) that tackled exactly this topic. It was a large "data dredging" study to determine what company characteristics were correlated with longevity.

I'd have to see that study to believe it. The failure rate for small businesses is incredibly high. It happens so often that we don't even blink at it. However, when a huge publically traded corporation fails, it's big news.

Re:my advice

[jc42]

A Ferrari is faster than a Volkswagen, but it costs more.

Not a good comparison re computer systems. If autos were like computers, the Ferrari would be both faster and cheaper than the VW (and would use less fuel). But most businessmen would still insist that the company fleet be VWs. In fact, they'd order a fleet of VW Golf convertibles to handle heavy shipping, and complain that they can't get a Golf with the capacity of a semi-trailer, while ignoring the suggestion that they talk to a truck dealer.

Aren't similes and metaphors fun?

Re:my advice

[rikkards]

You forgot to mention the fact that if it appears that someone is trying to make themselves indispensable, companies have a tendency to turf them before it is too late.

Re:my advice

[MrCreosote]

The down side is when the boss asks, "OK, so if it's free, how do the people who build the distro make money?"

How do any of the following make their money?

Doctors
Lawyers
IT Consultants
Accountants
Insurance
Banks

OTOH, when your company gives all that money to Microsoft for product, what are they really getting for their money? And are they paying a maintenance contract on top of that? What do they get for that money?

Re:my advice

[Jeff+Hornby]

That's because huge publicly traded corporations rarely go out of business. Usually they get bought out instead. Just another type of failure.

Re:my advice

[Reality+Master+101]

That's because huge publicly traded corporations rarely go out of business. Usually they get bought out instead. Just another type of failure.

Not all buyouts are because of failure, in fact, I'd say that's relatively rare. Usually you do have one that's stronger than the other. Neither AOL nor Time Warner were on the edge of bankruptcy, though AOL was especially strong because of the Internet bubble, and Time Warner was a bit down. The AT&T and Verizon merger wasn't because one was failing. Same with Daimler / Chrysler.

In fact, I'm trying to think of a recent case were a large company sold out or merged to stave off bankruptcy. I'm sure it's happened, but it's not coming to mind. SGI is certainly on the brink of that.

Re:my advice

[ndim]

I'd have to see that study to believe it. The failure rate for small businesses is incredibly high. It happens so often that we don't even blink at it. However, when a huge publically traded corporation fails, it's big news.

Assume that study is right stating that all companies have a probability of X% of surviving the next n years, depending on different factors, but regardless of the company's size. Now consider that the number of small(er) businesses is incredibly high compared to the number of huge publically traded corporations.

Then of course the number of small companies failing is "incredibly high" compared to the number of huge companies failing -- exactly in proportion. However, if you chose to depend on one particular company to be around in n years, you still cannot base your decision on its size.

The cited study's results still check out with your perception.

Re:my advice

[Reality+Master+101]

Now consider that the number of small(er) businesses is incredibly high compared to the number of huge publically traded corporations.

I don't think you realize just how many small businesses fail. The death rate for startups is that 90% fail within three years. Unless you think 450 of the Fortune 500 are going to fail within three years, I think it's safe to say that larger businesses are a bit more stable than that.

Re:my advice

[jibjibjib]

hard for a good capitalist manager to walk away from
Capitalist? It actually seems a bit communist to me.

Re:my advice

[freedom_india]

Best Insightful i have read in this thread.

Wish i had not wasted my mod points for the EFF thread...

Re:my advice

[riffenator]

.mil....totally...what about the NSA?

Re:my advice

[slazar]

Well M$ would be the most likely, because they have the most revenue, cash on hand, and an entrenched monopoly. But how long that will actually last, I have no clue.

Re:my advice

FUD. You can retro-fit LFS with package management easily if you know what you're doing. The LFS community itself seems to be moving towards package management. One could say that LFS is no longer really "Linux from scratch" but rather it's becoming a bare-bones distro.

If you have the skills and the experience then LFS is the finest install you'll ever use--I'd recommend using their 5.1 series for linux-2.4 and their 6.1 series for linux-2.6. If you don't have the skills and experience then, yes, go with a packaged distro.

Re:my advice

[LittleBigLui]

The saddest thing is that this would probably work a lot better with a PHB than any amount of technical reasons about viruses, worms, security, cost of licenses, etc

If you want your PHB to shell out money for a car so your techs can get around quicker, do you explain to him the inner workings of a combustion engine and the anatomical reasons for not being able to walk as fast as you could drive a car, or do you just tell him "we'll get there faster if we have one"?

Re:my advice

[Associate]

IBM does RedHat's support. Releasing their own brand doesn't help an established revenue stream.

Re:my advice

[Associate]

They need to improve the client then. Being back end only, Linux crazy does them a disservice in my opinion.

Re:my advice

[Omaze]

Following up on your own point... the first thing they'll notice is "Hey. This isn't Windows", and all they'll see is "Wha wha wha".

Re:my advice

[JulesLt]

People in senior management tend to be old enough to have seen several suppliers go under, so it is something they worry about.

Using the same system for the next 20 years also isn't acceptable - most of the time you are buying hardware to run software that will itself advance in versions. Your vendor may no longer want to support packaging it's system for the 2005 edition of Ubuntu. Your vendor might even be open source and say 'well, if you want to rewrite it to work without GLX then fine but we don't see any economic benefit for us' . . . which is great for those places with in-house developers and skilled staff.

Unfortunately, this is exactly the OPPOSITE of the trend in most companies IT. First thing to understand - if they could get rid of the IT department, they would. Many already HAVE. Even companies that have company cars, don't employ mechanics. Selling open source is like trying to sell a firm a fleet car for their staff, and telling them it's better because it comes with a fuill technical manual - 'so it doesn't matter if we go bankrupt, you can still fix the car'. They don't want commodity, they want service.

Second thing to remember, and it's a similar one : Microsoft made a lot of corporate sales by pointing out that firms could replace their expensive graduate educated Unix admins with cheaper spotty kids certified on Windows. Apart from massively expensive server software, the cost of software is largely irrelevant compared to the cost of salary. Many managers still don't like the word Unix because it implies more expensive staff.

The key point, I think, is to sell Linux where it is unassailably the right answer - on new systems, such as web servers, that may be loosely coupled to legacy systems, rather than proposing an expensive migration of existing systems. Don't try and appeal to your boss on the grounds that the software is 'free'. While they may be penny-pinching most of the time, they will be suspicious of anything that sounds to good to be true, and secondly any good manager does not object to spending money on something that makes their staff more productive. Perhaps even suggest a paid for distribution like Red Hat and call it a 'Linux based system'. What they don't want is a return to the situation in the 70s and most of the 80s where the IT department wrote everything, so telling them you can modify the system yourself isn't a good idea. The things YOU think are positives are most likely negatives.

Re:my advice

[NoMoreNicksLeft]

Many managers still don't like the word Unix because it implies more expensive staff.

They got what they paid for, didn't they?

Re:my advice

[mrchaotica]

Let's face it, your managers gave you a perfectly correct answer when they said: ""We've got Windows, it's easier to stick with that."

Unless sticking with what you have costs so much in maintenence and repair that it actually isn't easier to stick with it -- which is very likely the case if you're talking about Windows.

Re:my advice

Agree, don't argue. Then point out 15% year on year compound licence cost rises for Microsoft software, and ask that the recurrent budget 'vote' be raised 15%, because options have been shut out.

Its fun slipping in a slide titled 'Licence cost containment' overlaid with earnings per employee. The MS site does mention targets of double digit compound growth, and their 'cut' compares unfavorably with current trading conditions.

IT shops need to get real, and draw a line in the sand on costs just like any OTHER business division. Then point out google - where profits and share prices soared on these other 'options'.

Re:my advice

[NoMoreNicksLeft]

Failure as far as you should be concerned in the IT world. You can't continue to support your VAX or Alpha machines. When SGI gets bought or merges, your legacy IRIX on MIPS machines will equally be unsupported.

So, stay with Microsoft even though its size doesn't correlate with longevity and that its products are pieces of shit?

Or use something that is open, that someone will always be able to support for you, and which in the meantime just works?

Re:my advice

[bigman2003]

Did your acquaintence actually expect that a government agency would accept the solution that he 'quietly installed'?

Large organizations, and especially governments, do not work that way.

You need to work WITH the organization. Yes, that means meetings. Yes, that means you have to convince people who may not really know much about what you are doing. That means that you may need to convince the manager of a completely un-releated department who you don't think should be involved at all.

That is how decisions are made in big organizations. Microsoft understands that- and they are willing to make the effort. They know they need to be up-front and willing to meet with, explain to, and evangelize with anybody who holds decision making power.

To make inroads at a lot of these big organizations, Linux needs a public face that the organizations can relate to.

And no, Richard Stallman just won't cut it....

Re:my advice

[alienw]

That's great and everything, but you have to consider long-term support. What happens if the linux box starts crapping out? If the IT team does not have Linux-trained staff already, who is going to maintain it? Hiring another employee would have cost a lot more than $25,000.

Re:my advice

[indifferent+children]

Unless you think 450 of the Fortune 500 are going to fail within three years, I think it's safe to say that larger businesses are a bit more stable than that.

He didn't say that they fail at the same rate; he said the the correlation coefficient for size was near zero. This probably means that they have isolated all other factors. So for a small company that has positive cash flow, low employee turnover, and 3 years of positive profits, they may be no more likely to fail than a large company with positive cash flow, low employee turnover, and 3 years of positive profits. Most of those small business that fail are probably very young, rather speculative, heavily in debt, and managed by people who are excellent {bakers, carpenters, whatever} but have no experience running a business.

Re:my advice

[Cat_Byte]

What I always do is ensure I have something monitoring logfiles with email alerts enabled and clamAV running. This way I can state that I have the same defense mechanisms in place that all of the other non-Linux servers do. I always use antivirus on Linux. I would hate to be the one with a hive of infected files that infected a network via ftp/http/samba shares.

Re:my advice

[bigman2003]

Whoops, I need to add a little bit...

Yes, I know that Stallman is not 'the face of Linux'. But he is a very public figure that will NOT appeal to most businesses/governments. (Which he is undoubtably happy about.) But he does given the Open Source movement a lot of its 'hippy freaks' reputation.

Secondly, getting people involved in decisions is important. Hell, where I work they can't even move the water cooler without causing some sort of big uproar...and with good reason, because when they tried it, the new location didn't work for a couple of reasons that nobody anticipated.

While server software seems like something that only the IT group needs to worry about, businesses/governments are just used to getting a larger concensus for every decision. They have learned this through time as being an effective method of operation. It may not be as efficient, but it is far less risky.

If you want to really make inroads, you need to know how to play the game.

Re:my advice

[DCFC]

It is important politically to show that you've made a decision, not that you are an advocate.
You do not want to be seen as working for the open source community, any more than a decision maker wants to be seen as in the pockets of the hardware vendor.
Feel free to fight media with media, most of it is very O/S friendly, and even the MS centric press reports on Windows vulnerabilities pretty much daily. Also do not neglect PR here. Make sure you have some idea of what your key decision makers have on their home PCs. A quiet one to one warning that Winamp has a scary hole gains you points, and feel free to emphasise the Win bit of Winamp.
Also many managers are bovine herd animals, many of them even play golf. Saying "we're copying the strategy of Amazon", or a competitor scorese big points. Saying "we're going to pioneer Apache load balancing" would set off alarm bells.Also show your commercial skills, the game here is to push your agenda, which includes you personally.
If you show interest in O/S then Oracle, MS et al may well suddenly become more flexible on prices and licencing. When dealing with managment it's quite legitimate (and wise) to say "we pay $XXXXXXXX to MS, and although using O/S will only save $XXXXXXXX / 50 it means that when we negotiate with them they will know we can shift business away from them". Most decision makers will think better of both you and your views because of this commercial acumen. You can research tales of how the big vendors have marketing pools just for this purpose. Fact is that many non-IT managers perceive us to be in the pockets of vendors, not necessarily in a corrupt way, but worse on ideological views. A good % of us have paid money Linux/Apple/Intel t-shirts, toys et al, some of which we wear to work. I think it's a safe bet to assume that the finance director is unlikely to appear in a Price Waterhouse t-shirt. However, I must say I'm surprised at the basic issue here. Before I became a pimp I was an IT director, and non-IT management had if anything a higher impression of Linux et al than it merited for what we were doing. More than once I was specifically asked why we weren't using Linux. And yes at one point I over rode the people who wanted to deploy a horde of Linux desktops. My view of Linux is that in most practical ways the business perspective is much the same as for MS stuff. Although with my techie hat on the access to source is nice, fact is that it's usually not all that wise to screw around with it unless you know what you're doing, and most people don't. Thus with both open source and proprietary, you pay people to make it do what you want, and to nurse it when it gets sick. Thus the variable is the cost and quality of developers and support people. At the risk of being shot at, MS stuff is typically easier to drive at least 80% of the time. Ironically of course this means that anyone who can get past the occasionally quite grotesque open source interfaces is usually smarter, and often cheaper. Re-reading that, perhaps this is a candidate for the shortest sentence that will offend absoutely anyonne, but it's the way I've made decisions :) In an ideal world you have someone wise in the ways of each product you depend upon. Saldy real != ideal More than once I've told someone to go and look at a misbehaving system they're not familiar with, simply because they were the guy available, hell it's happened to all of us. Must say that as a manager I'd be less fearful of doing that with a MS system than most open source. Thus whatever solution you propose to your management, it needs to address risks, support and costs. Risks are things like not having a dependance upon one person, costs have structure and uncertainty, and support is often a function of the relationships you can build. DCFC The Pimp

Re:my advice

[quad4b]

Encourage your management to buy research from well-known and respected firms like Gartner and Forrester. Both organizations support the use of Linux for certain types of applications. If they don't listen to research and reason then try to understand what their hot buttons are. Is it security? Reliability? Prestige? Total Cost of Ownership (TCO)? Acquisition cost? Will you convince them with a presentation (for 'readers') or via a discussion (listeners) or a combination of both. You have to know your audience and what they care about and present the information in such a way that they will hear the message.

Re:my advice

[bigman2003]

As far as they know, they got LESS.

Less flexibility, fewer bells and whistles. The Unix shop I was familiar with previously was ANYTHING but 'nimble'.

When your IT department can't do the stuff people see on TV, they perceive it as a failure. Even if it is 100% rock solid.

Why do you think you've been craving after that new gadget? It isn't going to make your life better...and the damn thing is going to break down eventually....but you WANT it, don't you?

Re:my advice

[bigman2003]

Are you expecting them to look at the laptop, use the system, discover its features and finally exclaim, "Wow, this is fantastic, what version of Windows are you running!"

You are more likely to hear, 'Where is the Start button!?!'

Take a look at this screenshot.

Yes...NIIIICCCCCCEEEEEE tip there. 'Just hit alt-f2 and type in the program name'.

Yeah...that will go over real well with your average Joe-Non-Power-User.

Re:my advice

[Daytona955i]

Certain companies (like say Debian) don't make money, it's more of a community service. It would be like saying how do habitat for humanities make money. Well sure, there are some donations but largely it's a volunteer organization. The same goes for a large number of linux distros. There are companies such as red hat that offer their os for free but if you pay them, they provide services like phone support.

Also many of the developers work for companies that use Linux and have a vested interest. IBM is one such company. They have paid developers working on Linux because it is in IBM's best interest to see Linux thrive.

I think the Home Depot example is a bad one because you can still get 2x4s for other places. (Anyone still know what a lumber yard is?!?) Also a 2x4 from a lumber yard is compatible with a 2x4 from home depot. Thus you are not tied to Home Depot for your 2x4 needs. This is because 2x4s comply to an open standard. That is, everyone who makes 2x4s makes them roughly the same size. (Though interestingly enough a 2x4 is actually more like 1 1/2x3 1/2)

This is why I think that open standards are great. With linux, you have a variety of distros to choose from and for the most part, can be interchanged. (ie, putting a red hat box next to an ubuntu box isn't really going to hurt much. May not be as good of an idea as having all the same but it's not going to hurt anything or cause any real issues) However getting windows to intermingle with these computers often takes some tinkering.

I have a different issue in my workplace. We are a small company 5 employees and my Boss has a hesitation of moving anything over to linux because he fears that if I leave, no one will be able to maintain it because he doesn't want to take the time to learn it. Fortunately he finally got the idea to implement a bug tracking database (bugzilla) and he read that it was much easier to do this on linux than to try and get everything working on windows. Once he gave me the go ahead, I had things up and running that day. (Ok, I still needed to tweak the bugzilla pages to reflect our own company and that took a couple days but it was functional in one day)

Another hesitation of his is that none of our clients have expressed interest in running our product on linux. Of course I disagree with a lot of decisions my boss has made. (Like the decision to use Oracle just because it's a recognizable name, not because we need any of the features) Oh well...

Re:my advice

Saeed nailed that one on the head. I am the network admin here and if I had to answer HONESTLY about why we have problems I would have been canned a long time ago. Reason being is simple. The boss and his little mini me's congest the network with large file transfers, downloading music and movies from iTunes like it's going out of style, etc... Then when they wonder why the network is sluggish I tell them whatever springs to mind. If I were to tell them "It's because of you and your little cronies that the network is being brought to a crawl because all you do is fuck around and eat shit." I would be in the unemployment line. Ooh and yes this is a small business that makes a ton of cash so the boss feels he is entitled to do whatever the hell he wants.

Re:my advice

[MECC]

Not contending, but how are they using linux? Just fishing for good URLs....

Re:my advice

[NoMoreNicksLeft]

I think the Home Depot example is a bad one because you can still get 2x4s for other places. (Anyone still know what a lumber yard is?!?) Also a 2x4 from a lumber yard is compatible with a 2x4 from home depot. Thus you are not tied to Home Depot for your 2x4 needs. This is because 2x4s comply to an open standard. That is, everyone who makes 2x4s makes them roughly the same size. (Though interestingly enough a 2x4 is actually more like 1 1/2x3 1/2)

That's exactly why it's the perfect example. Because you can get linux anywhere. That was my whole point. You're not tied to Redhat, or Novell, or whoever. If you install Redhat Enterprise Linux on everything, do you think IBM will turn down the support contract, once Redhat is gone, or vice versa? And there are 1000 companies out there besides those two, who could manage it also. Instead, they'd rather stay with something (windows) that if microsoft does go belly up, will be dead and gone? WTF is the sense in that? They obselete their OSs every few years anyway, regardless if you have some custom vertical app that cost $250,000 to develop that will only run on the old version, period. With linux, you can still get backported patches, critical bug fixes and whatnot.

It's a nobrainer. Unfortunately, that's also the description of those who are in charge.

Re:my advice

Almost as much fun as analogies! ;)

Re:my advice

[lamp540]

You're talking in one breath about NEW businesses and then the next about SMALL businesses. They are two different things.

Re:my advice

[lamp540]

You're talking to this guy like he's a moron/little kid, but if you(or they) can't see how not having your servers crash, not getting hacked and getting it for free isn't better than constant crashing, constant hacking and losing hundreds of thousands of dollars then who's the moron? There's nothing to talk about. Stop pretending like executive officers are these perfect beings with rationality granted by the Gods, they clearly have their heads up their ass.

your house is burning down:

"Well, now wait a second, let's not start trying to put the fire out just yet. First lets look at the total cost of ownership of the house, then let's look at the cost to put the fire out... you have to factor in the cost of water, the cost of fuel, the cost to the environment of producing a large fire truck, possible disability payments to the fireman etc. If we can't come up with hard numbers about the total cost savings if we put the fire out then we aren't doing our jobs as homeowners."

Re:my advice

[lamp540]

Dude, it wasn't YOUR data center, you just worked there.

Re:my advice

[Saeed+al-Sahaf]

The boss and his little mini me's congest the network with large file transfers, downloading music and movies from iTunes like it's going out of style, etc...

As opposed to the engineers and other geeks downloading ISOs and other HUGE "torrents"? Basic bias against suites...

Re:my advice

[crimethinker]

If you want your PHB to shell out money for a car so your techs can get around quicker, do you explain to him the inner workings of a combustion engine and the anatomical reasons for not being able to walk as fast as you could drive a car, or do you just tell him "we'll get there faster if we have one"?

You make a very valid point, but I don't agree that it is applicable. Buying techies a car and getting them on-site faster (as compared to walking) have a cause and effect relationship. Google's use of linux has nothing to do with their stock price; I'm guessing they could have used BSD or a commercial unix.

-paul

Re:my advice

[turbidostato]

PHB's question: "OK, so if it's free, how do the people who build the distro make money?"

Techie's correct answer: That's *their* problem, not mine or my employer's. All I'm interested in is it's technical suitability. For "enterprise-related questions" all I can say is that if it is good enough for Google to rely their multibillion dollar income cow on it, it surely is good enough for us.

Re:my advice

"If you don't have the skills and experience then, yes, go with a packaged distro."

Bullshit. Just-plain-bullshit.

But then, you will turn 20 year-old and will learn quite a lot of things... or you'll demonstrate no brains and become just more flesh to the mill.

Re:my advice

[turbidostato]

"As far as they know, they got LESS."

Still, where "stuff that works" really matters (banks, nuclear plants, air traffic control...) too much of them still stand over the "thingies" those "expensive graduate educated Unix admins" created back in the 70's and 80's, and multimillion and even multibillion efforts to substitute them with those modern embelled & enwhisteled systems from the generation of the microsoftian "cheaper spotty kids certified on Windows" have been terribly sounded fiascos.

Maybe it's time for management and beancounters to rethink the situation a bit, don't you think so? (cheaper too usually means more expensive in the long run)

Re:my advice

[jo42]

I pointed out that Google and Yahoo use an Open Source OS. PHB just went "Oh."

Re:my advice

[reed]

Reality Master 101 wrote:

"Come on. Which is more likely to be in business in five years, Home Depot, or Joe's Contractor Shack?
"It's all about probabilities. Microsoft has a FAR higher probability of being around in five years than, say, Red Hat, which is the strongest player. How about Debian? Who knows? Manager Man sure the hell doesn't, and frankly neither does the OSS community. "

Any competent building contractor can fix your house. Your house is not "closed source". Similarly, any sufficently competent programmer can fix Linux (or other application). Nobody can fix Windows except Microsoft-- and they do it when and how they want to. Maybe they won't ever fix your problem.

If RedHat goes out of business, there are lots of consulting firms you can hire. If Windows decides to quit supporting Windows 2000 or NT or .NET or whatever, too bad, you have to upgrade, or work around it.

Debian is another animal entirely, and if you use Debian, you need to explain exactly what it is to your boss.

Re:my advice

Your friend is sawing down a tree with a blunt saw.

You advise him to sharpen the saw so it will go faster.

He replies that he has not time to sharpen his saw because he has to cut down that tree!

So: sometimes the investment in change pays of in the long run. The question is: how long of a run are we talking about?

Re:my advice

[jc42]

He didn't say that they fail at the same rate; he said the the correlation coefficient for size was near zero. This probably means that they have isolated all other factors.

Ah, someone else who knows minimal statistics. ;-)

What the study did, as I recall, was your basic multiple regression, using decades of data that they managed to collect on lots of businesses. There were dozens of measurable characteristics, and some of them had coefficients (positive or negative) that were significantly different from zero. The company's size was not one of those characteristics.

I also recall that one of the quantities was a company's age, which had a significant positive correlation with longevity. Probably no surprise, and also not very informative. This just means that the company is doing something right, but doesn't give you a clue what that something (or several somethings) might be.

Actually, the most interesting part of the results was that there wasn't any single measurable characteristic that accounted for a large part of the longevity. To survive a long time seems to require doing a lot of things right, and keeping them right for a long time. But this probably shouldn't come as a surprise, either.

Also, their equations could only account for about half the variance in longevity. The other half is probably things that can't be measured easily. Thus, if a significant factor is relationships with local political and/or mob powers, chances are that no economist can actually get the data.

Note that in 2004, Microsoft suddenly became one of the top contributors to the Republican party. By some coincidence, the Justice Dept's prosecution of Microsoft was settled shortly after the election, on terms highly favorable to Microsoft. The terms included indemnifying them for some kinds of future prosecution. How would you ever include things like this in a regression study?

I wonder if this study could still be found ...

Re:my advice

[Chandon+Seldon]

The reason the "the source will never die" thing is brought up is because it *proves* that in the *worst case*, the software can still be supported. This is something that is only possible with a source license.

Due to the possibility for misunderstanding, that probably shouldn't be the first point mentioned to non-technical types. The following points are probably more relevent for them:

• Novell was founded in 1983. They are one of only two major commerical Linux vendors.
• You may have heard of IBM or HP. They support Linux on their hardware.

Re:my advice

[jgrahn]

It sounds to me as if the management are quite happy with what they've got, it works well enough and they have some annoying techie lobbying to change half their infrastructure software.

Yes.

On the other hand, those managers should stop and think if it's really a good idea to lock yourself into an infrastructure -- just in case they will want to switch later.

There are good reasons to stick with one environment, and there's the "because we were foolish enough to get locked into a cascading series of proprietary software, file formats and protocols" reason.

Re:my advice

[eno2001]

And apparently all of you folks that just turned 20 years old have no experience. I'm nearly 40 and my Unix skills have served me well in understanding that many times you're much better off if you had a hand in compiling your OS youself. Prepackaged distros are simply a convenience and nothing more. If you really want your systems to hum, build from the ground up. If you can't, that's fine. But don't assume that prepackaged distros will give you the best of the best. They won't. They'll only give you good enough. And sometimes "good enough" isn't.

Re:my advice

[turbidostato]

"You can retro-fit LFS with package management easily"

Thus, it is LFS no more.

On the other hand, let's assume it is easy indeed to add package management to LFS. Then, "add" package management to a distribution that *already* has package management in place must be even *easier*. So, again, no place for LFS.

Re:my advice

"I'm nearly 40 and my Unix skills have served me well in understanding that many times you're much better off if you had a hand in compiling your OS youself."

Being able to deploy an OS yourself is indeed quite a useful ability.

"Prepackaged distros are simply a convenience and nothing more"

Truly enough... but what a convenience! Prepackaged software *is* the way to go and it is a costy bussiness. You can get them elsewhere or you can expend yourself the time and effort to properly package -and maintain, the beast. It is on VERY rare situations where maintain it yourself pays back enough. Yes: I know, since I work on one of these VERY rare situations.

If your 20+ year of unix experience didn't teach you that, then you are much much worse than being a teenager: you simply are beyond salvation.

"They'll [prepackaged software] only give you good enough. And sometimes "good enough" isn't."

On a corporation environment, "good enough" is The Measure Of All Things. Going just a bit further is nothing but a lame way to trash companie's money.

Re:my advice

[greenrd]

Microsoft is a special case though, because it's really cash-rich, and incredibly monopolistic - both of which will ensure that it survives in some form for at least 10 years, and probably at least 30.

Re:my advice

[eno2001]

I don't think so since it's not as hard as a lot of you seem to think it is. Once you've put the work into building your base custom distro it's a simple matter of keeping them up to date off of a central internal server. THAT box is where all the maintenance happens and the other boxes are simply slaves to it. The check for updates is a simple script that watches the source code base for the software I've deployed and when there are changes, I'm notified. Then it's up to me to decide if the upgrade is important or not. Contrary to popular belief this is NOT a full time job. Yes, there are busy periods when several packages may update simultaneously, but there are also other very slow times when nothing is happening. IT's not that hard folks. Don't let the naysayers scare you. Again, I use Gentoo to do all of this but if it were LFS, I'd only have to do a little more work initially. Once it's set up, it's very easy to maintain. The only thing keeping most people from doing this regularly is their lazy natures. Point and click is nice, but you really are p shit creek when something breaks and you have to call support. Support is almost NEVER staffed with competent people who can answer any question in a matter of an hour. I've almost never had a decent experience with any support company. They can sometimes take up to 24 hours to get an answer back to you. How much business sense does that make when your box can't be down any more than 30 minutes at a time. I don't care what level of support you buy with a big distro vendor, you always have to wind your way through the low level techs and waste the first few calls or conversations with the wrong people. I've gotten so used to dealing with it that I can typically tell the tech to get me someone else within five minutes into the call. And at the end of the day what really matters is that you keep your boxes running. While the Windows guys are running around like chickens with their heads cut off and people on Slashdot are griping about the latest distro license problems, I'm sitting here with working boxes, high reliability and enough time to post on Slashdot every so often.

Re:my advice

[JulesLt]

Yep. I think the same thing is happening today with .NET - companies being sold on the idea of faster cheaper development.

Anyway, I did want to add some further comment to my earlier point. The main thing is 'Be sure that Linux IS the answer to the question'.
You may be failing to justify it because it's the wrong answer, or you're just looking at a way to get Linux into the company - i.e. a solution looking for a problem.

Also, know the competition - actually investigate and compare proprietary products - many people familiar with mySQL can't tell the difference between Oracle, SQLServer and DB2, just that mySQL is THE open source database. Sell the product, not the ideology.

Re:my advice

"That alone means alot."

"a lot".

Re:my advice

[marcello_dl]

So, what are your reasons for wanting the company to switch to Linux, really?

Well removing malware from the company's workstations isn't fun... Anyway, why doesn't he speak with management about the huge productivity boost they can obtain with linux? (what productivity boost am I talking about? Try feeding the employees a Linux desktop without Solitaire and Mines...)

Juust prooove it to themm

Prrroooof is allllll you neeeed. If you can prroooove it iss reliabble, then they shouuld take you forr your wooord.

Re:Juust prooove it to themm

[afaik_ianal]

Hmm.. I think it's about time you cleaned the dried up coffee and lint out of your keyboard.

Re:Juust prooove it to themm

[after+fallout]

I believe the grandparent was making fun of the OP.

On that note, correct spelling and grammar couldn't hurt the cause (and it will probably help).

Re:Juust prooove it to themm

Yes, the OP is obviously loosing it.

Also on the conference call

[Profane+MuthaFucka]

These were the other topics on the conference call

-Reminder to keep up with the latest COBOL and FORTRAN standards. Sharpen those programming skills.
-A notice that the Data General minicomputer is going to have its batches put onto the new IBM System 36.
-A work crew is going to be on floor 3 pulling Arcnet cable through the walls. Since there's asbestos in the walls, it may be disturbed. Hint: a lint brush can take asbestos right off your suit if some should land on you.

Re:Also on the conference call

[filesiteguy]

Huh?

I assume you were trying to be funny, but I don't get the reference - how do DG, IBM and token ring relate to Linux?

Re:Also on the conference call

[AKAImBatman]

He's joking at how far behind the curve this company is. All the topics he's pointing to are what you would have expected to hear about in a company back in the 70's and 80's.

Sort of a, "Welcome to the new millenium, enjoy your stay" type of thing.

Re:Also on the conference call

I understand the sentiment, but some of us in numerical methods / HPC R&D enthusiastically learn and use the newest Fortran standards, since they can be the best tools for the job. And then we often run the codes on supercomputers powered by AIX, Linux or another *NIX.

Re:Also on the conference call

Wow Steve, I had no idea you were on slashdot! How is it up in the Executive offices?

One word...

[Ustice]

Powerpoint. Like it or not, if upper-management sees it in Powerpoint then it is the God's truth.

Re:One word...

Powerpoint?! Surely you mean Impress?!

Here's an easy way to sum it up...

[PFI_Optix]

Title from TFA: "A report warns of security vulnerabilities, raising the question of whether the open-source model can provide bullet-proof software"

What you might say: We get reports of security vulnerabilities on Microsoft products on a weekly basis, and there is unfortunately no such thing as bullet-proof software. Just recently Microsoft opted not to release an automatic update related to a virus before the virus went active, which would indicate that, contrary to what comes out of the PR department, Microsoft's commitment to security is not significant.

(I know the last sentence can be somewhat deceptive and there's more to the story, but if they're going to flap their lips when they're clueless, I doubt they'll catch it).

Wrap up with: No, Linux isn't perfect. There is a risk of vulnerability in every product. Microsoft, Apple, Unix, Linux, all of them carry some risk. It's our job to assess the risks and find the safest, most secure software that meets the company's productivity needs. It's what we do every day.

Re:Here's an easy way to sum it up...

[DutchUncle]

"You heard one discussion of possible Linux issues. How many news reports and articles have you heard and seen about big problems with Windows? How many emails have you gotten about viruses? In contrast, how many of those have had *any* effect on our Linux systems? Now, why are you believing this one report of *possible* problems more than you believe in the *real* problems we've already seen on Windows?"

Re:Here's an easy way to sum it up...

[geekee]

"Just recently Microsoft opted not to release an automatic update related to a virus before the virus went active, which would indicate that, contrary to what comes out of the PR department, Microsoft's commitment to security is not significant."

Hmmm, how did that work out?

Re:Here's an easy way to sum it up...

[Lifewish]

Didn't go too badly - at least to the extent that it was a completely different Windows virus that clobbered the Russian stock exchange, causing God knows what damage.

Re:Here's an easy way to sum it up...

"Just recently Microsoft opted not to release an automatic update related to a virus before the virus went active, which would indicate that, contrary to what comes out of the PR department, Microsoft's commitment to security is not significant."

ahhh yes fight fud with even worse fud, that really inspires credibility. they did not hold back any patch, they did update all the virus software (automatically). all they didn't do was provide a tool to remove the virus before the there monthly update. The FUD you are expressing here is the same if not worse bullshit than you are trying to fight.

Proove?

[The+Iconoclast]

Just how does one proove oneself?

Fight fire with fire

[egarland]

Hold your ground and respectfully disagree. Then seek out reputable reports backing up your position. If you are right and you respectfully, calmly and clearly explain why to others you will almost always prevail.

Re:Fight fire with fire

[vertinox]

If you are right and you respectfully, calmly and clearly explain why to others you will almost always prevail.*

*Offer not valid with uppermangment, stock holders, or Edward** in the supply room.

**Edward is a bastard.

Re:Fight fire with fire

[A+beautiful+mind]

I find it hilarious (and sad, but true indication about the subject) that as of now your comment is rated 5, Funny.

Re:Fight fire with fire

Agree without judging to do whatever your boss wants, even if it is wrong. Just be careful not to get blamed for the outcome.

Re:Fight fire with fire

[egarland]

Agree without judging to do whatever your boss wants, even if it is wrong. Just be careful not to get blamed for the outcome.

Of course you have to agree to do what your boss says but "without judging".... No. If you have an opinion, state it respectfully and back it up. You may know, instinctively, that something is a bad idea but that rarely convinces people unless you have worked with closely for a long time. Figure out how to explain why it's a bad idea. Stoop so far as to create a PowerPoint if you must, and communicate your objections clearly. People in the IT field are expected to be professionals. Simply agreeing to do something that you know is a bad idea without speaking up isn't professional.

Some interesting things will probably come out of this. First, you will find you probably aren't right as often as you think. Second, if you are often right, suddenly people take your advice much more seriously. Making a screwup once or twice against your advice is a mistake. Doing it 3 or more times is a consistent pattern and becomes actionable. If you have good evidence it becomes dangerous for them to ignore you. If you simply whine about the boss to co-workers, you haven't really done anything useful. Often though, you can find out if you have a good idea by bouncing it off of them. Then you have to make the hard decision of whether to act on it.

You have to know how and when to contribute and there are times when managers simply don't want input at all but you can usually get your point across without agitating them and with little risk to yourself. There are bosses that are severely allergic to advice (criticism) and get very annoyed when you bring up objections, especially in a public setting. Often a well written polite private email respectfully disagreeing is a good way to go on record with your thoughts. They can read the first 2 lines and close the email and move on if they feel like it but it's still there, it was still sent, and when you turn out to be right you can remind them of it and they'll probably go back and read it and swear and make a mental note to not be such a moron and listen to you next time.

It may seem like a waste of time to organize your thoughts, drum up evidence and compose a clear explanation of why someone else is wrong especially if they won't listen but if you take the time and make your augments clear you will probably find people listening to what you have to say much more often.

Superiors?

[ka9dgx]

I know it's all semantics, but first off, stop calling them your "superiors"... they might be your management, but YOU are the technical expert. All else derives from that course of action.

--Mike--

Re:Superiors?

[the+phantom]

Supior also means higher in rank. Anyway, the Whorf-Sapir Hypothesis has been largely discredited for years.

Re:Superiors?

[Brunellus]

YOU might be the technical expert, but THEY are still signing your paycheck.

How old is the information?

[jerpyro]

You can always play the "Yeah, Windows 98 was MUCH more secure than that!" if they're dealing with reports on Linux that are old enough to warrant it... Anything where Windows is reasonably secure (which is pretty much anything in the last three years) I'm willing to bet that Linux had good ratings as well.

not surprised

[slackaddict]

This happens a lot in corporate america. People that make the IT decisions aren't necessarily the ones who understand the technology.

If that were me...

I'd start by asking them where they were told this, what factual data they were shown to support this claim, and why they should trust the company presenting the claim instead of a company like IBM.

Of course all that sounds nice in theory but probably won't work IRL, but it's a start.

Ignore them

[Vellmont]

If your upper management is still believing FUD about linux after all this time, there's nothing you're going to say to them to disuade them. These guys just like believing garbage. You say you've been using linux for 5 years in the business, so someone must believe in it. Just ignore what the upper management is saying since it doesn't sound like they're micro-managing things down to the level of "we aren't using linux, period". Continue to make the right decisions about what OS to use and justify them with good evidence. Don't worry about the personal opinions of upper management, since they shouldn't be making those technical level decisions, and they should know that.

On a personal note, at one job I had the CTO once said "we'll never use Linux in the Enterprise". About one year later we were running ten low end linux servers to replace a single, very poor performing AIX machine. The CTO ate his words and admited the mistake. A lot of these guys just like to talk big just so people think they know what they're talking about.

Re:Ignore them

[thePowerOfGrayskull]

Don't worry about the personal opinions of upper management, since they shouldn't be making those technical level decisions, and they should know that.

Follow this advice, and also, don't worry about getting a bonus this year.

Re:Ignore them

[Vellmont]

If you work for really petty people I guess. But if the management is so petty they'll punish people for any minor dissent of believing, or not believing in a certain solution then you really should be looking for work elsewhere.

Re:Ignore them

[Billly+Gates]

I had a frined whose CIO told him we are the state of the art Microsoft shop. I supose he didn't kow that he was a linux and solaris admin for 15 out of 25 boxes in the server room.

Re:Ignore them

[Lumpy]

The fun part is they really cant. 2 of the linux servers are hosting applications that are absolutely critical and can not easily be ported to windows. Every time they have tried in the past I said, "sure! we will need $XXXXX.XX in expenses, licensing and will need a minimum of 24 months to design and test." They usually shut up for another 6 months. They ignore that the system tool 2 years to get in place and working as well as it does and that the solution is heavily relied on.

During the last merger, the new CIO went on a rampage demanding all non MS systems be disconnected. After being ordered to I disconnected it and by the end of the day I was ordered to put them back online as we had lost almost $20,000.00 in data because they were offline. The fun part was he had more egg on his face because all of the Solaris boxes were collecting data from the customers equipment were also turned off. we lost much more money in data that day where we could not bill for anything for over 12 hours. All that data was forever lost.

Sad part? That CIO is still with us.

Re:Ignore them

[thePowerOfGrayskull]

If management will believe all of the FUD out there, over what their [skilled & knowledgeable] employess tell them, then chances are that they are that petty.

Show the proof

[truthsearch]

Linux has prooven itself (time and time again), for over 5 years in our company? How do you deal with all of the baseless claims, that your superiors may read in the mainstream media?

Show them the proof within your own company. If it's proven itself within the company already, then don't direct them to outside reports showing how great Linux is. Gather data proving how great it's been within the company. If you can show remote breaking statistics, for example, and no one has ever gotten in, you can show it's great at preventing breakins. Management will care most about what's happening at their own company. Show exact proof that it's working there.

Re:Show the proof

But with nothing internally to compare it to, it will be easy for some Microsoft rep to come in and say, "Yes, that's what happened with Linux, but with XP, you would have also gotten x, y, and z, and not had such and such a problem." And of course, the boss who's non-technical won't be able to think of a reason why the Microsoft rep is wrong.

Believability of the media.

[AJWM]

Ask them if they've ever read a media story about something they knew a lot about. Ask them how much of it the media got right. Ask them why they think it would be any different with respect to IT.

Re:Believability of the media.

[Safiiru]

Ask them if they've ever read a media story about something they knew a lot about.

I can see some potential problems with this when "them" refers to "upper management".

Tell them the "efficiency consultant" is coming

[andy314159pi]

Go on the offensive! Ask them why the efficiency consultant still doesn't understand what they do here. Or you could point out that they should stick to making decisions in the area where they are experts.

Re:Tell them the "efficiency consultant" is coming

Sadly, not everything in the world is like Office Space.

Dealing with FUD

[db32]

Honestly I have never really had a problem with the FUD. There are so many articles and studies surrounding Linux that its fairly simple to dig up better studies, or facts showing why the biased ones are biased. Or you can simply do demonstrations. The tricky one for me is the more experienced/educated users. Windows admins that have been doing it for some years are much harder to convince of the merits of any *nix based OS. I know alot of /. folks don't like to think about it...but there really are some very sharp people that only use Windows. Most of the ones I run into latch on to one little gem of Windows knowledge and tout they are experts, but I have run into quite a few that really do understand the ins and outs of that operating system very well and can get it to impressive things through registry manipulations and other things.

Re:Dealing with FUD

[TheNetAvenger]

You pretty much are hitting the nail on the head. What information can any of us trust, when the security agencies and companies that we use to trust on matters of security themselves are either biased or use outdated methods of security reporting.

There has to be a way to set a 'required' reporting that breaks down security information that doesn't get lumped into any bias, just numbers.

When you look at security reports and see the 'experts' don't even properly discern the differences between OS level potential risks and risks in 3rd party software that run on the OS.

Why should Linux or even Windows get another mark for insecure by their name because a two bit programmer wrote an application that exposed the OS to attack.

It would be easier to show the strengths of every OS if a well defined secuirty body could accurate require all security information be reported.

The reports also need to discern between, potential exploits, and exploits used by viruses or hackers. For example OSX had more 'security' exploits patch last year than MS Windows, however, Windows was compromised via their exploits more often. Both points are important to the industry, and this is information we all need, and need to be accurate.

I, like you and many ohters here, have read reports saying Linux is great, Linux is horrible, blah blah blah... We can find these for every OS, and there is always some 'expert' noted in the article that you can tell knows less about the OSes than some of our Grandmothers.

A good step in helping this is to do our own part in killing perceptions of religion and ideal based OS allegiance in this industry.

Who cares if Joe likes BSD better than Linux, or if Sue likes OSX better than Windows, or Jane likes Windows better than Solaris.

We can't assume that each person that doesn't use the same OSes we use are stupid or ill informed, but instead approach the fact they may have valid reasons and positive points for their choice of OS.

As long as we let ideals and personal bias influnce the computing world, creating OS religions, we may never get accurate information.

Re:Dealing with FUD

[db32]

I think the difficult part is that MS bundles so much garbage with their OS. IE often gets counted in when the common folk count up errors, but IE often gets counted as non OS when "objectively evaluated". But then things like xterm problems get counted in with the lump "linux" vulnerabilites. Where the hell is the line for determining what counts towards the OS and what doesn't? It doesn't seem to matter how obscure the project is for it to count against the number of linux vulnerabilities either. Ok so what, you can use Firefox instead of IE, which "removes" Windows vulnerabilities...but Firefox vulnerabilities get added to the linux total? Where is the sense in lumping every project capable of running on linux together as "linux vulnerabilities". Hell, it seems like the solution is to port every OSS app to Windows and make it count against Windows too...not that it never gets counted on that side.

Re:Dealing with FUD

[TheNetAvenger]

I think the difficult part is that MS bundles so much garbage with their OS. IE often gets counted in when the common folk count up errors, but IE often gets counted as non OS when "objectively evaluated". But then things like xterm problems get counted in with the lump "linux" vulnerabilites. Where the hell is the line for determining what counts towards the OS and what doesn't? It doesn't seem to matter how obscure the project is for it to count against the number of linux vulnerabilities either. Ok so what, you can use Firefox instead of IE, which "removes" Windows vulnerabilities...but Firefox vulnerabilities get added to the linux total? Where is the sense in lumping every project capable of running on linux together as "linux vulnerabilities". Hell, it seems like the solution is to port every OSS app to Windows and make it count against Windows too...not that it never gets counted on that side.

You make a lot of valid points and a good place to begin a debate the security community should be having as a whole.

It is hard to determine what is part of what, and who is responsible for what, etc. I would like to see even levels of granularity beyond even just the OS or product.

For example, use Windows as an example. MS should report NT Kernel and Win32 Kernel vulerabilities separately, and as the OS is layered, so shall the security vulnerabilities be defined as well.

For example, IE is a part of the Windows OS, not so much Internet Explorer, but the IE HTML rendering engine that many applications not made by Microsoft utiilze. This should be classified as an OS level security issue, as we should also be tracking what are security issues and stability issues when patches are released as well.

The more we think about the need for this level of information the more we realize how and why we need it, and how complex it is to define initially.

Where do we classify a security hole in XWindows, that affect KDE,Motif,GNOME, and then where do we classify a security hole that exists only in KDE and GNOME but not other Desktop Managers?

Without this information, if a security hole pops up in a portion of code taht is shared by 60% of a particular ditribution, how do we or the distribution even know if they are affected, or if the company producing the distribution ever patches it.

The complexity grows...

Companies with single distributions are going to be easier to pin down, MS, Apple, Sun, etc. But even with them, what about BSD fixes, has Apple fully applied them to OSX and properly, and not exposed others through their closed Window Manager? Even Microsoft is once again shipping non-Microsoft components with Windows, Windows 2003 Server R2 has a full *nix subsystem, so a common *nix component flaw could come back and be a flaw in the Windows *nix subsystem as well.

We need to poke the 'security' people in our field to set some 'real' standards and require companies to report (even if automated) all patched and unpatched flaws and security holes. And this would work in the Open Source world as well, just as patches propagate through the community, reporting on the fixes could as well.

But until then... We only know what we know, and none of us can take any OS seriously for complete security, until we have real facts, we have to do our jobs and keep the word out and all our OS companies on their toes, and keep our OSes locked and patched, taking no chances.

Re:Dealing with FUD

[Shaper_pmp]

"Honestly I have never really had a problem with the FUD. There are so many articles and studies surrounding Linux that its fairly simple to dig up better studies, or facts showing why the biased ones are biased."

The problem I always run into is that your average Board-member (hell, even managers) would rather believe the FUD they read in their respectable paper Business trade publication from some highly-paid Microsoft PR shill, than the advice of a whole continent full of talented, educated "on-line technical types", or articles from "techie magazines".

The problem is that PR shills wear suits, write for prestigious (or prestigious-sounding) magazines and give incorrect but extremely simple answers. Technical types then have to politely but firmly disabuse their bosses of these beguiling-but-wrong misconceptions.

Many mangement types don't rate idea on a scale from good to bad, but on a scale from "this makes me happy" to "this makes me uncomfortable/fearful/confused". Thus, the PR shills make them Happy, because they get a simple, (incorrect) and understandable answer, which makes them feel like they've got a handle on the situation, and are therefore empowered and In Control. Technical types then have to explain some of the intricacies of the issue to demonstrate why this "solution" is wrong, causing Uncomfortableness. This process introduces details (which makes them Confused), and confronts the manager with the fact they've believed pretty stories which aren't actually true (which makes them Fearful - what else is wrong with their opinions?).

At this point they have a choice - either drop their opinion, knuckle down and learn about the subject (which requires effort and discomfort), drop their opinion and follow the advice of whoever is paid to know the stuff (which means they lose Control), or keep their opinion, stay In Control and mentally dismiss anything that doesn't fit with their position.

A depressingly large fraction of managers will therefore simply refuse to be proven wrong, even in the face of overwhelming evidence, because it's psychologically more comfortable for them to live in a warm, pink fluffy world of denial. Importantly, as long as they can justify this to another person in their own warm pink denial bubble with beguiling-but-irrelevant arguments (eg, "We should always use Microsoft/IBM, because they're the industry leader", "We avoid open-source because it's produced by amateurs and hobbyists") they'll get away with it forever - the only people who actually experience any problem as a result are the technical types who actually have to abide by the decision, and any resulting project failures can then safely be blamed on them. In fact, by passing on these wrong-but-comfortable memes to colleagues and superiors who don't know any better the denier also gives that person a false sense of being more in control, further propagating the process.

This often happens at the subconscious level - they aren't completely aware they're thinking emotionally instead of logically, so logical arguments will merely bounce off their bubble and leave nary a dent. Importantly, the act of having their beliefs challenged also makes them uncomfortable (since it pushes closer to their conscious mind the fact that those opinions are based in emotion rather than logic), and this discomfort is then automatically (and subconsciously) blamed on the technical type who tried to correct their opinion. Or even worse, on "all technical types" as a group - they're stigmatised (and hence ignored) as obstructive detail-obsessed nit-pickers, when in actual fact some of those details can determine the success or failure of an entire project.

And once you're identified as "a member of that group that makes them feel uncomfortable, fearful and confused" they'll automatically trivialise anything that comes from that group, allowing them to sink further into denial and making it harder to reach them next time.

Re:Dealing with FUD

[mrhartwig]

...and there is always some 'expert' noted in the article that you can tell knows less about the OSes than some of our Grandmothers.

My grandmother was Grace Hopper, you insensitive cad.

Don't argue - just tell them to get the facts

[filesiteguy]

Of course, the facts won't be found in your average MS website. Simply add to your blog, journal or whatever. Also, I'd suggest start hosting "open source" and "Linux" seminars during lunch. I've done it. In the past year or so, weve gone from zero linux servers (out of several hundred) to twelve full-time production RHE servers. I know it is a small amount, but it is a start.

Re:Don't argue - just tell them to get the facts

[natrius]

Small problem: What if when you tell them to get the facts, they actually Google for "get the facts"?

There is a reason they are not listening to you.

[khasim]

There are many reasons, but the one I've encountered most often is fear.

Upper management, usually, did not get there by taking big risks. They don't want to lead the herd.

They will take any excuse to avoid Linux until enough other companies and people they know are openly using it AND saving money.

Until then, no matter what you say, they will focus on whatever "facts" and opinions "justify" their fear.

You ARE the linux expert.

[Spy+der+Mann]

The so-called analysts are NOT. Plus, there's the SELinux distribution promoted by the NSA, and it's as secure as Fort Knox. (well that's what you can say. And certainly your boss can't contradict the NSA, can he? ;-) )

Re:You ARE the linux expert.

No.

-The NSA

Re:You ARE the linux expert.

[CaymanIslandCarpedie]

your boss can't contradict the NSA, can he?

Not on the phone, thats for sure! ;-)

Re:You ARE the linux expert.

"You ARE the linux expert"

That may be the situation. Regardless, the OP does not seem to have any reverance as far as the CTO is concerned. He does not seem credible enough to him for his opinions on FOSS to be worth anything ! _Maybe_ he sounds too zealous to the extent that he loses the argument regardless of what he has to say ? It's been done before, I'm sure.

Also, let me ask why nobody has so far done anything other than call the article FUD ? Surely the noted increase in kernel flaws has some value here ? Or does sometone KNOW that the figures are wrong ?

Someone else said that he can quote Gartner. Well, IIRC, it's not that long ago that Gartner had a downer for Linux as well in some report so all the guys round here were calling 'foul' !!

And no, just because I may say something that is not easy to accept round here, I'm not trolling !

Re:You ARE the linux expert.

[Wyzard]

SELinux is not a distribution, and it's not a total security solution. It's a component of the kernel that provides what's known as "mandatory access control", which basically lets you configure which roles are allowed to access which resources, so that an attacker who breaks one part of the system is prevented from accessing other parts of the system, regardless of conventional permissions or being root. It does nothing to prevent intrusions; that's left to other components of a security solution. It just helps limit the damage that can be done after an intrusion has occurred.

Give them reasons to switch

[danmart]

Fight the FUD with benefits to the company for switching to linux. Here is a nice list of 25 reasons to use linux in your organization from the linux information project. They also have a list of success stories with links for companies that successfully switched to linux.

Why did they attack it?

[dtfinch]

There's more to security than just using Linux. Did they see an example of something that was configured insecurely? Or are they truly just quoting stuff they read in magazines and on the internet? If showing them how they're mistaken doesn't work, maybe they'll shut up if you start tossing some FreeBSD servers into the mix. Or maybe you can just boldly state that Linux has given you far less trouble than Windows as far as security, flexibility, performance, scalability, and reliability are concerned.

"Could be..."

[techno-vampire]

From TFA:

Even that doesn't mean a business is completely out of the woods regarding Linux security. Customers could be using an unpatched Linux-based network-connected multifunction printer or have on their network an obscure tool that a programmer found on a Web site and is using unbeknownst to anyone, leaving the door open to problems. "All it takes is one mistake to open the entire enterprise up," warns Alan Paller, research director at the SANS Institute.

There's a lot here about how something "could be" going on that's a security hole on a Linux box, but no mention that the same thing could just as easily be a security hole on a Windows box. There's also not one, single word about all the other things that could be security holes on Windows that don't affect Linux, such as opening attachments from strangers, browsing to the wrong website and so on. FUD, and nothing else.

Another option - prove it

[no_pets]

At the company I used to work for there is no way any IT managers would mention Linux to their peers and no way that we would ever get any budget money for anything "Linux". But, as old servers were replaced or other PCs became available our department slowly started creating small, useful web apps, MySQL databases, etc. Eventually these apps made their usefulness expand beyond the IT department into the other departments.

As these users (managers, etc.) began to see the usefulness and robustness of these solutions eventually they learned that they were low cost, very stable and flexible solutions that helped the corporation. Oh, and BTW they eventually learned that they were Linux servers. They immediately gained respect.

Go back to the old days.

[LWATCDR]

Nobody ever got fired for buying from IBM.
Simple as that IBM is pushing it. Linux is so not fringe anymore that anyone with a brain knows that it is a viable alternative for servers.
Companies that sell Linux distributions and offer support.
RedHat
Novell

Companies that sell servers with Linux installed.
IBM
Dell
SGI
Sun

Companies that use Linux
IBM
Google
Oracle

The idea that Linux is some kind of hippie hacker commune is so 90s...

There might be good reasons for your company not to use Linux but security really isn't one of them. If it is you should probably be running OpenVMS or OS/400. I dare someone to hack that :)

Re:Go back to the old days.

[PCM2]

The idea that Linux is some kind of hippie hacker commune is so 90s...

Unless, of course, your rationale for wanting to use Linux in your business is straight out of the hippie-hacker playbook. I'm not saying this is necessarily the case in this guy's organization, but it's entirely possible that the strongest advocates for Linux within a company might not have the best reputation for professionalism, nor the strongest grasp on business needs and objectives. For example, if I wanted to raise the profile of Linux in my organization, I might start by not using the term "FUD" in business meetings.

Re:Go back to the old days.

[LWATCDR]

"I might start by not using the term "FUD" in business meetings."
FUD isn't that bad. I really wouldn't mention anything about RMS or use the term manifesto.

Re:Go back to the old days.

[sootman]

Great list, except I wouldn't mention SGI right now.

Re:Go back to the old days.

[Hosiah]

If it is you should probably be running OpenVMS or OS/400. I dare someone to hack that :)

Or a Plan 9 from Bell Labs server. Heck, I dare anybody to understand it!(-:

Keep Barnaby Jeans out!

[cdn]

and show them this http://management.itmanagersjournal.com/print.pl?s id=05/04/01/2112246

I tried hard at the windows shop i was at

[DaedalusHKX]

OLD NEWS
Enough time has passed, I can now freely say this out loud about my previous employer :)

Seems now, the fellow wanted me back, but was offering shitty pay, a few months ago that is.

Overall, man said he was switching to linux, and they got contracts, where I'd have to even have TS clearance. I'd love to help move an entire half of a state's government machines to Linux but sadly, I'm NEVER working for that outfit again. I fear being entangled by contracts far too much. I also have bills to pay, taking a pay cut to go back to all the stress is simply not worth it. He wanted me bad enough to offer a raise, but he still couldnt match or promise me guaranteed employment.

In regards to the topic at hand.

Let them know about security, let them also know that what you hear from M$ salesmen is not necessarily true. Also, remind them TWO KEY TOPICS.

TOPIC ONE
Closed Source vendors only reveal the holes they are FORCED to reveal because they've received publicity, via exploits or proof of concept exploits. Open Source projects see note1, on the other hand, publicize any holes and POSSIBLE holes and they usually have a MUCH faster turnaround for a patch and one that works, as we can all remember how well some of the M$ patches work.

note1 notice I said projects vs vendors, OSS ppl don't sell you anything, you CHOOSE to use it, and nobody takes your lunchmoney because of it.

TOPIC TWO
Remember that the biggest issue with windows is that it was a one user system, non network aware, and designed for absolute integration. You cannot remove a component easilly without breaking several (if not the entire system). Remind them also that the biggest issue with integration is that an attack only needs to target the lowest trusted component. This is why "userland" apps in linux behave differently than desktop apps in windows. Linux is, at heart, a Unix and so is BSD, and thus the apple os X, but that is another subject. Which means Linux is inherently a capable server, designed as such, and also designed to be modular, which means you can kill the front end, all of its subprocesses, and restart it, without rebooting the machine and killing any work any non front end users might have been doing via SSH or some other custom app you might have.

Since most users have to work as local machine administrator, as opposed to domain administrator, Windows automatically allows the user to install software and modify any non domain specific settings. As should be obvious to anyone, the moment a user runs a virus or trojan, or spyware and what have you, the local machine admin has been compromised. Windows XP, even after many "fixes" to the well known "Shatter Attack" see note2 STILL suffers from this vulnerability.

note2 a windowed program with even a guest account with NO privileges can hijack any root process running inside another window. To this day winlogon is a system/root process that still suffers from this problem, and you cannot disable it and STILL use windows, there are slipstreamed cds with NO graphics console, but they are pure servers, and have to be command or remote administered, no pretty front end for users.

In the end while Linux and BSD may have their flaws, at the very least they are more quickly fixed, the fixes are more than just a port block, like the Microsoft solution to Winnuke (which was a popular script kiddie port 139 icmp attack) or just plain lies (as is the case, apparently with the Shatter Attack. Granted for Shatter attacks to work, the user running the trojan must have guest access or better to the machine, or trick a legitimate user into running a compromised app but, heh, use your imagination. How often do foolhardy users run things they are not supposed to such look at porn, download "bonzi buddy" or "weatherbug" or any such crap? Spyware and trojans get around via users themselves since real hackers have better things to do, like write code for linux ;-)

~D

Re:I tried hard at the windows shop i was at

[sparkz]

Is a CEO qualified to understand any of these statements?

NO

S/He won't understand, it'll come across in the same way as the garage mechanic saying "... ooh, your Big End's gone, that's gonna cost ya". It's some mumble-mumble jargon with no real meaning, just a huge bill.

The CEO doesn't get that kind of stuff from the Wintel team, they just say "It's okay, MS produce patches, we'll check them out an install them".

The CEO, not understanding any of this, will have more faith in the Wintel team than in the *nix team. Because the Wintel answer is more understandable, acknowledges flaws, and has a plan to fix them (yes, I know it's just one sentence, but it does contain all that, if you have no knowledge of the underlying issues).

The CEO is busy doing many deals with customers, suppliers, potential customers and suppliers, internal management, etc. Your post would be chucked straight into the bin. Accurate and detailed as it may be, it's just so much jargon to the CEO. The CEO speaks a different language, and it's actually very easy to learn. There are only two questions to answer:

1. What does it cost me?
2. How does it improve my income?

Speak that language, and it's very simple. Speak any other language, and you are seen as just another back-street garage mechanic talking about big-ends.

The business are only concerned about money (it's called Capitalism, it's fairly common in the western world, you might have heard of it - it pays your salary). They don't care about "better", they care about "cost-effective". Show them that, make sure that you can deal with the details (because that's your job, and it's not their job (you know they'd fsck it up!)), and propose the best solution, in simple terms which the CEO will understand. That will improve your credibility, which is a virtuous circle. If you fsck it up, your credibility goes downhill, so be clear up-front about any assumptions, risks, worst-case-scenarios (as well as best-case-scenarios) for all options (your preferred option, as well as the one you are "resisting")

Re:I tried hard at the windows shop i was at

[DaedalusHKX]

The business are only concerned about money (it's called Capitalism, it's fairly common in the western world, you might have heard of it - it pays your salary). They don't care about "better", they care about "cost-effective". Show them that, make sure that you can deal with the details (because that's your job, and it's not their job (you know they'd fsck it up!)), and propose the best solution, in simple terms which the CEO will understand. That will improve your credibility, which is a virtuous circle. If you fsck it up, your credibility goes downhill, so be clear up-front about any assumptions, risks, worst-case-scenarios (as well as best-case-scenarios) for all options (your preferred option, as well as the one you are "resisting")

Okay, then do this.

Ask said CEO to FIRE EVERYONE... then, offshore to China, India, Ukraine and Romania all IT and production facilities. Retain sales in US. Support in Afghanistan as they now have newly trained, cheaper than indian, equally shitty english speaking "award winning support" teams.

By your standard, you've solved ALL your problems, AND you've served the true, amoral, uncaring, cold blooded nature of capitalism... and proven why it only works for those at the top who produce nothing but leech everything. Those who make the money and decisions are NOT those who improve the world... they just leech from those that do.

Einstein didnt' create massive corporate capital, but he did (through his contribution to physics and mathematics) improve the world. Point in case, the corporate bastards have retarded social and scientific advancement so they could shackle them to the profit making machine. Is it a great failure of humanity? Yes. Is it any different than the dark ages (from which we were pushed by our contact with the Arabs during the crusades, as they had preserved the stores of greek and roman knowledge destroyed in the dark ages).

That said, I agree with you, here in the west we always have entirely inappropriate reward systems. Man creates cure to AIDS. Man receives a 5 minute prop in his company, company takes all credit, makes all profit... man's job is cancelled to make room for the 5000 chinese workers who will manufacture drug. Long live capitalism (or better known as profitarianism at any cost). (Hint, corporatism and profitarianism taste differently when YOU are eating the shitty portion of the pill.)

~D

Re:I tried hard at the windows shop i was at

[sparkz]

I agree with the sentiment, but I'm not sure that it's as bad as that (or not yet, anyway) ... if someone proposes to the CEO that they offshore all staff, then the same argument applies - the "prove it's cheaper" is quite easy, but "prove that it will provide the quality of service we require" is not necessarily as simple. Sometimes, it does work (and helps to shift (some) Western cash to the less well-off countries, which must be a Good Thing, in that if we were not divided between "ultra-rich" and "ultra-poor" countries, there would be significantly less motivation for war), and sometimes it doesn't work (As someone who only speaks English (my limitation, I admit), have you tried getting tech support from Dell?!).

I could have added the moral aspect to my original post (it is something I feel strongly about), but I have to admit that in my personal experience, the people who are in power, are in power thanks to the status quo, and are therefore very resistant to changing that status quo (the ladder upon which they are standing).

If that gives you an unmanageable burden, there is (theoretically) the option of getting out of the capitalist system, but it is not easy (particularly for those of us in the Western world, where houses cost hundreds of thousands, etc, etc). Just because it's not easy doesn't mean that it's not an option, of course.

However, I feel that this is getting rather philosophical for a discussion that was originally about the choice between two operating systems :-)

The OP seemed to imply an implicit preference for Linux over Windows; all I was really trying to say (though, as often happens, I got over verbose) is that from a business perspective (and I was addressing it from the assumption that you have chosen to work for a capitalist business), the "technically better" solution is not necessarily the "business better" solution.

In a similar way, the "morally better" solution is not necessarily the "business better" solution, but that is really a different discussion.

Bad topic but good feedback.

[AnXa]

That is an exelent question we all should think about. Maybe providing real [facts] against microsoft's [facts] might help, thought it's not essentially good option.

Trying to tell them to do otherwise is bad thing, and with all respect they should be proven wrong with some real statistical information.

hmmm

[smash]

Point to google.

Ask them if they realise that most of the ISPs on the planet use it for various tasks, ranging from proxy servers, to DNS servers to authentication servers.

Or just quit and get a job somewhere where "management" listens to the suggestions made by the people who are paid to know this shit.

smash.

Give up, IBM mastered this tactic

it's the ol' "Nobody ever got fired for recommending IBM". That ploy secured decades of over priced support/software/hardware contracts. Bill has updated this technique for the PC industry.

If you want to play with cutting edge linux stuff find a friendlier shop because until the higher ups are gone you don't stand a chance.

FWIW

Extending parent's advice

You may have to tailor your response to your specific business - and phrase it in terms that they understand.

Most people are willing to spend a little more money for something that they feel comfortable with. I can only think of three ways to budge them off that position:

• to convince them that it really isn't a "little more money",
• to shake their confidence in the old, or
• to get them to feel comfortable with something new.

As a straw-man example, I do not go to the cheapest gasoline station in my town - I spend a few pennies per gallon at a different station. I know the faces of the staff, they know me, and I've never had a problem with them. It is more convenient for me to stop there, than it is to stop at the cheaper stations. I could move, however, if:

• they jack their prices up $0.50/gal more than everyone else,
• I get three tanks of bad gasoline in a row from them, or
• I get coaxed into trying a new station in town, and I find them to be just as friendly and just as convenient and provide just as good a product, I might shift my business.

As I was composing my example, I was luke-warm at best to the idea of trying something new - I said that "I might shift my business". Simply having Linux in-house and humming along safely falls into that luke-warm category, but it is still easy for upper management to decide that they want to head back to their comfort zone. Thus, it takes one of the other two items (cost or loss of faith in the old) to really get Linux deployed.

I recommend focusing on bottom-line cost. If you can show them just how much money they (can) save by having Linux perform certain tasks (say, 3000 machines x $100 per year in support contracts), then you have something tangible that they can focus on ... money that would otherwise be available to go into their own pockets.

I recommend against focusing on past security problems, as that is assuming that tomorrow's problem will be like yesterday's. Trend analysis is taking previous performance and projecting it into the future - effectively an educated guess about the future. However, much one says about the which OS has a better security record to date, the fact remains that both operating systems are under constant assault, and the next "I had to shut down my business because of the Q13 worm"-type problem could very well be for either OS. The worst-case price of clean-up will be the same, no matter where the problem occurs.

mod parent insightful

[Brunellus]

...although, as a true Linux believer, would you have to run powerpoint on WINE?

Re:mod parent insightful

[JTorres176]

OpenOffice runs powerpoint just fine on my Linux laptop.

Re:mod parent insightful

I think you mean, "OpenOffice opens and shows PowerPoint slides just fine on my Linux laptop."

Re:mod parent insightful

[JTorres176]

Whoops, my err. OpenOffice displays powerpoint presentations quite well.

Define "free".

[jd]

Local phone calls are free, but AT&T and Bell aren't exactly poor.

Google is "free" to use as a search engine, but any company that can "report revenue of $1.919 billion" for a single quarter can probably afford to pay the staff. I wouldn't advise asking your CEO when he last made almost two billion in a four month timespan, though.

Linux is "free" (as in price) if you get no assurance and minimal support. If, on the other hand, you want EAL4-rated Linux (certified for commercially-sensitive and confidential information for Government use in Europe and the US) with 24-hour support, fine-tuning of hardware and software, etc, then you pay a bit more. Same software, different parameters.

I'd argue that there are examples even the dimmest PHB can understand - some have been around long enough to just be accepted, others are so stinking rich that the arguments self-evidently don't hold.

Re:Define "free".

[TheQuantumShift]

Local calls are free? Then what was Qwest charging me for? A $30 "Long Distance Block"?

Re:Define "free".

line rental?

Re:Define "free".

can "report revenue of $1.919 billion" for a single quarter... I wouldn't advise asking your CEO when he last made almost two billion in a four month timespan, though.

A quarter is 3 months. - At least in the U.S. ;-)

Re:Define "free".

[olddotter]

I think you should ask your CEO when he last matched googles numbers..... But that is a bad comparision. The point is that IBM makes billions supporting Linux.

Last time...

[Hymer]

...it happened for me too... I asked them if I should take our brand new EVA 8000 to the junkyard 'cause HP are now using Linux as the engine in the SAN switches.
They instantly shut up and have been quiet since...
--
[Space intentionally left blank]

Submit your own monthly report

[SlashDev]

to upper management. Setup meeting where your manager meets with uppper management to explain what has been done in the last month to tighten security.

Gotta Love It

[korekrash]

You just have to love the fact that when it is an article on Windows vulnerabilities, you all jump on it and proclaim how terrible Microsoft is. But when it is on Linux it is outdated and half true.....

Re:Gotta Love It

[R3d+M3rcury]

...and your point?

Are you implying that articles on Windows vulnerabilities are outdated and half-true?

Re:Gotta Love It

It's called experience... ;)

Re:Gotta Love It

[korekrash]

NO just the opposite....I am implying that the Linux community acts like their OS is some impervious, gods-gift-to-computing creation....Elitists to the core...You guys love to throw stones and it gets annoying....Your little home brewed OS can't make it up the hill to relevancy so you incessantly try to make it seem better than it is. It is the anger and aggresive approach that so many Linux users (and Slashdotters especially) come across with that annoys me. If you want people to use Linux, convince them it is better WITHOUT even bringin MS into the discussion. Also, since I am ranting; I'm sick of the idea of "free" software that is not free. You all talk about how ware should be free and then make it so the thing is such a pain to configure or missing so many tools that you have to call PAID support. It's more like con-ware than opensource.....

Re:Gotta Love It

[korekrash]

Yes, the experience that too many geeks are way too insecure. The little OS that could, hasn't and they are crying because of it.

My Solution...

[CowboyBob500]

...I got the hell out of there.

Bob

Time to find a new employer...

[Lodragandraoidh]

Looks like it is time for you to find a new employer.

If they are completely clueless (believing everything your read or see on TV probably fits the bill), you are jeopardizing your long-term financial security by staying on with a company that is obviously moving towards bankruptcy.

Re:Time to find a new employer...

[Kjella]

you are jeopardizing your long-term financial security by staying on with a company that is obviously moving towards bankruptcy.

They may be clueless about Linux. They may also be very smart about their core business and make a ton of money. Look up any industry report and see how much they spend on IT. Yes, if you're on the edge it could tip the balance but in that case it was a mediocre business idea to begin with, or it was your core business which noone can afford to be clueless about...

It's all in the money

[maddogdelta]

Every business exists for one, and only one, purpose. To make money for the owner. (not as cynical as it sounds. Even in non profits, if they run out of cash, they go away.) In all my years of gainful employment, everytime I argued for something because it would be 'better quality' pretty much fell on deaf ears. If I framed the argument that 'we'll make more money' or 'we'll spend less money' ears perked up. Frame the quality argument in 'reduced support costs, reduced maintenance costs, greater server workload efficiency resulting in $xxxxx savings in the first year alone' and I immediately got a reply. I still may not have gotten what i wanted, but at least i was able to present my case. In your case you can add the point that the only company that makes money selling Microsoft is Microsoft. In linux, IBM, RedHat, Novell, and plenty of other companies make money selling Linux. Frame your argument by talking about what your manager is being evaluated on (how much money he/she is making/saving the company) and you will have a much better chance.

Try this

[SnarfQuest]

Ask them to install Windows on a machine while it is connected directly to the internet.

That should be fun.

You should let the numbers talk

[Efialtis]

I have had lengthly discussions with some of my old workmates at Microsoft, and my new ones here (at a "Microsoft zomby") and they always try to laud how Microsoft OS is so much better and more secure. We even have some Linux servers here.
When I start hearing about all this, I simply say, "See Secunia (http://secunia.com/) and then come talk to me."
Basically, Secunia breaks it all down to # of vulnerabilities. Then they break that number down to # of critical, etc.
While some versions of Linux have more vulnerabilities, they have far fewer CRITICAL vulnerabilities than Windows. And the Time to Fix the vulnerabilities in Linux is measured is in days, not weeks or months as it is in Windows.
All the reporting is done. Graphs and colors, enough to appease any "higher management" or "executive"...

Sounds so familiar...

[sit1963nz]

Isn't this exactly where Apple used to be ? Wasn't it the "experts" who pushed the windows line (on the basis that it ensured they stayed employed) Wasn't it the "experts" who derided the TCO studies showing Macs were a better financial choice ? Well congrats everyone, its all come back to bite you on the A$$ because all of the anti-mac FUD pushed by the "experts" is now being applied to linux, and all the reasons why the FUD is wrong is being dismissed by the management whom the "experts" have so successfully trained to be pro-windows.

Re:Sounds so familiar...

[Cal+Paterson]

Huh? What are you smoking?

Funny?

[karlto]

No wonder it's a losing battle...

Re:Linux

[PenGun]

You have a nice time making money and solving business problems.

    "Life in all it's rich variety
      Give a little take a little
      But by the inevitable law of the vampirific process
      They always take more than they leave"

  Bill Bouroughs

      PenGun
    Do What Now ??? ... Standards and Practices !

Prove it with what managers like best:

[guruevi]

STATISTICS!!!! They all love statistics, don't they.

Well, I proved it this way:
We were using el-cheapo boxes for serverhardware, I created a reporting feature for hardware breakdown with the possible reporting of OS, kind of hardware (Maxtor IDE disks of 40G or 80G) and RAID configuration.
The Software RAID-1 configuration for Windows had 200% more harddisk breakdown with permanent data loss (backup or no recovery) over the same period of time over the same amount of boxes. Actually only 10% of the Windows boxes had their RAID setup intact after a crash of a single harddrive while for the Linux boxes it was over 90%.

Then I pulled statistics of the ticketing system for trouble reports and it concluded that tickets connected to Windows servers were 500% higher and that the resolution time was about 60% longer compared to the tickets connected to the same amount of Linux servers.

Although results for your company might differ, it is going to be similar to my conclusions.

Learn Management Speak

[couch_warrior]

When selling Linux to corporate america, you just CAN'T do it using geek speak.
Managers use the same english words, but when you are a manager, your goal is to confuse and misdirect. NEVER take what a manager says literally, or try to respond to it logically. Managers make decisions based purely upon gut feeling and emotional reaction, then rationalize the decisions with vaguely related reports and misapplied studies.

Here are some simple translations:
        Management Speak(M) to Engineerish(E)
1M) I'm concerned about linux security
1E)I dont understand linux and it makes me feel insecure
2M) I've heard that linux has security problems
2E) A rival vendor's sales rep in an expensive suit told me linux has security problems, I need someone in a more expensive suit to tell me he was wrong
3M) No one supports linux
3E) If a linux server crashes there is no linux sales rep to yell at and blame it on
4M) I need more data
4E) I want the information reduced to powerpoint slides and presented by someone with a nice butt in tight fitting clothes(gender varies)
5M) Lets discuss the issues involved
5E) I'm afraid to make a decision until the whole industry stampedes in that direction
6M) Is this the right business decision?
6E) Can I be fired for doing this?

Re:Learn Management Speak

[Lumpy]

Here's my Answers that I have tried....

1M) I'm concerned about linux security
1E)I dont understand linux and it makes me feel insecure

1I) Linux is just like Unix and the government uses it for everything important

2M) I've heard that linux has security problems
2E) A rival vendor's sales rep in an expensive suit told me linux has security problems, I need someone in a more expensive suit to tell me he was wrong

2I) Where can I rent a really expensive suit to get your attention?

3M) No one supports linux
3E) If a linux server crashes there is no linux sales rep to yell at and blame it on

3I) If Any of our windows severs crash there is nobody to yell at and blame it on

4M) I need more data
4E) I want the information reduced to powerpoint slides and presented by someone with a nice butt in tight fitting clothes(gender varies)

4I) Redhat/Novell/IBM can be here in 24 hours with a CES bimbo if you like

5M) Lets discuss the issues involved
5E) I'm afraid to make a decision until the whole industry stampedes in that direction

5I) We did not get to be where we are by following the competition did we?

6M) Is this the right business decision?
6E) Can I be fired for doing this?

6I) Nope. You can blame it on everyone below you just as before.

Granted I used the managementspeak translator for my responses though.

Re:Learn Management Speak

Look, the reality is that 3E is compelling. If you want to run Linux, get a solution from IBM -- that way when it crashes you can say "Hey, I hired IBM. If they couldn't do it then what can we do?" If you want to know the alternative, see item 6E, above.

CERT Vulnerability Stats are BS

This was debunked quickly.
http://www.groklaw.net/article.php?story=200512311 42317870
They are using those numbers as the bases of their arguement that linux is becoming less secure. Those numbers are not just for linux but also AIX, Apple, FreeBSD, Solaris, Linux, and a few more OS. Also the list has a ton of flaws counted more then once.

ahh, the joys of "IT" departments & einstein m

[v3xt0r]

Chances are, anything you try to say, no matter how hard you try, will not matter to them.

They are of the 'spoonfed' corporate-mindset type, and will not listen to you, as you are on the bottom of the ladder as they see it, or a 'maverick' as I've been deemed. lol =p

I am suffering in a similar situation, and currently looking for a new job, and I suggest you do the same, as it will never get better, unless you become the manager.

Linux has made many independent contractors and small businesses very successful, not to mention governments, NASA, and big corporations like Google.

I know this move may sound like career-suicide, but if your boss wishes to flush money down the drain in software licenses (generally with the excuse of 'vendor support'), simply because he reads to much cnet or whatever, then you should perhaps consider going above his head (if possible), for 'the (financial) sake of the entire company/organization.

Re:Linux

[waferhead]

Linux(Score:-1)
by Anonymous Coward on Thursday February 09, @06:38PM (#14682898)
Its obvious most people here run Linux, just because it's Linux - not because they are trying solve any type of business problem or make money or anything. In the end they will spend hundreds of needless hours to have to learn how to do something in Linux compared to Windows, well, just because its Linux.
Get a life!

(wasting words on a troll, but I feel compelled to somehow...)

No, not JUST because it's Linux...
I only run Linux as I was exshausted from the self flaggelation of trying to keep a Windows box up.

I gave up in 1994...

Based on what I have seen on many many Win boxes over the years I have had to fix, it hasn't really improved THAT much (overall) on the Windows side of the aisle, some things better, some things worse.(PnP works, but now you have a regisrty... Ugh)

Linux has shown very steady improvement in most all areas, at a seemingly ever increasing rate.

Slightly different scenario

[Lord+Jester]

I recently started building up a server here. Our system network is predominantly Novell with a good portion of Active Directory. We have one RedHat server as a SPAM filter and this new box would have been only the second official Linux server.

There were cost concerns so I recommended Suse Linux 10.0 Pro as Novell owns Suse. The stakeholder in the project thought that was great, it allowed her to avoid a Windows licensing hit.

Well, I am in the Web Development area and not the Network Support area. I do work with servers, but predominantly the web servers. This box was to be a web authentication proxy, as such was given to me.

There was a lot of mis-communication during the process, but one of the things that came out of this was that our web services manager is saying that we need to install Suse Linux Enterprise Server 9 on this machine instead. I am fine with this except for the way she approached it. She quoted the Novell comparison page with "If you are a busness looking to deploy a hardened, supported operating system, ...then SUSE Linux Enterprise Server is the right choice. If however you are a Linux enthusiast looking to evaluate some of the latest "bleeding edge" Linux technologies (perhaps not quite ready for prime time) then SUSE Linux Professional would better suit your needs." This makes it sound as if only the Enterprise servers are secure and reliable enough for business applications, which is not the case.

So, in this instance, Novell (Suse) is misleading their customers as a marketing strategy.

Re:Slightly different scenario

[hweimer]

This makes it sound as if only the Enterprise servers are secure and reliable enough for business applications, which is not the case.

Novell is right. Take a look at the SLES life-cycle (7 years), which is extremely important in an enterprise environment. BTSTMT.

Re:Slightly different scenario

[ralf1]

Well - I'm not sure if I agree with 'misleading' but the real issue is that Novell Technical Support will not support SUSE Pro, only SLES. SUSE is community support (forums) only. If I am putting a distro in production in any kind of real application, I want a supported version. I also think Novell has a program where if you are paying maintenance on Netware you get some amount of SLES for free, so cost should not be an issue.

Re:Slightly different scenario

[Lord+Jester]

True, in our case cost is not an issue, but the only difference I really see is that there is a 1-800 number to call if you get stuck.

However, pretty much every issue I have come across has been solvable by community support channels.

It's Hopeless. Time to Move On.

[dacap]

Bosses make decisions based on relationships and trust. When they don't know a subject, they seek the advice of trusted experts to help them understand it so they can make an informed decision. If you have worked at developing your relationship with your bosses, if you have shown them articles and facts, if you have stated your expert opinion succinctly and they have rejected it, then they simply do not recognize you as a worthy technical authority. It is time to resign and move on. Your vision is just too different from theirs for them to trust you. I hope you can find a place where you will be happier.

I'm really loosing my temper...

[dcutting]

...about poor spelling on the Slashdot front page.

Tell them they're morons...

BUT...this isn't a good career move.

Mo Ron

(AC to avoid the deserved ridicule.)

You could...

[drolli]

design the most evil Windows virus ever, which combines all known techniques and some more, send it in a mail with a title like "free naked teens", but in a way that it has to be clicked on to infect to the management and watch the desaster. After all employes got this virus e-mail from the Management they can either admit that they clicked on the mail (admitting that they are stupid and incompetent) or they can say that this only happend due to the insecure Windows.....

I'd rather admin one than ten

[toby]

one year later we were running ten low end linux servers to replace a single, very poor performing AIX machine

I know it takes 10 times as many 'doze boxes to do the work of one UNIX server, but 10 Linux boxes? That must have been a heck of an AIX machine.

Re:I'd rather admin one than ten

[Lehk228]

I am thinking that is 10 linux PC/servers replacing one AIX mainframe

Re:I'd rather admin one than ten

[toby]

I am thinking that is 10 linux PC/servers replacing one AIX mainframe

Yep - and I was thinking, "what's the point?"

Re:I'd rather admin one than ten

[MooUK]

The original comment said that the AIX machine wasn't performing well enough.

It was presumably cheaper and easier to replace it with ten commodity boxes with linux than replace it with a more powerful unix machine.

Re:I'd rather admin one than ten

I know it takes 10 times as many 'doze boxes to do the work of one UNIX server, but 10 Linux boxes? That must have been a heck of an AIX machine.

The p595 supports up to 64 processors, 2 TB of memory and hundreds of PCI-X slots. AIX 5 supports both 2 and 10GB Fiberchannel interfaces as well as InfiniBand. The whole system can run 64bit from end to end. Multipathing works correctly. The VFS features in AIX work. JFS2 is reliable and offers decent performance. IBM's HACMP solution isn't pretty, but it works.

Linux doesn't offer any 64bit fiberchannel HBAs because the hardware isn't available. Multipathing on Linux is far from production ready. The core filesystem abstraction in Linux is incapable of addressing connectivity issues. EMC's PowerPath stuff looks like it might help with this, but it doesn't appear to completely solve the problems. None of the VFS solutions on Linux appear to really work as advertised. JFS on Linux is ok, but the other options suck. ext3's performance is lacking, xfs has known data-loss issues with large filesystems under crash conditions, and reiser4 is a long way from production ready. I'm not aware of any solution which provides HA failovers on Linux, although both Zen and vmware are talking about doing it in their next major release.

I guess it depends what you're doing with the boxes. We run highly available, high transaction rate, medium size (about 100GB) postgresql databases for OLTP. AIX on pSeries has helped us reach 4x9s availability. SuSE Linux on quad Opterons had acceptable performance for smaller databases, but we couldn't get it to deliver the availability.

That being said, I'd bet on Linux boxes for networking stuff or applications where you could use clustering.

Re:I'd rather admin one than ten

[goober1473]

What on earth is an AIX mainframe? Anyway, why was the AIX box running badly?

Re:I'd rather admin one than ten

Well ok its not free, but you can do all the things you mention very well if you use Veritas volume manager (which includes multipathing support), file system and cluster server. Should be as good or better than the AIX products IMHO as Veritas have proven themselves to produce good enterprise quality software that has very wide use, particularly on Solaris OS, in the area of storage management and HA softare....

Re:I'd rather admin one than ten

[ckaminski]

If Veritas' Volume Manager is as bad as their Netbackup software, which has been unable to restore an HP-UX 11 backup made to a Windows 2003 media server, than I would be worried about your data.

Re:I'd rather admin one than ten

[mrhartwig]

Given that there *is* no such thing as an "AIX mainframe", probably not. But according to the OP, it was an poorly-performing AIX box.

What I wonder is if the (possibly old) slow, poorly-performing AIX box could have been replaced with 1 or 2 newer AIX (or Solaris, or HP-UX) boxes for less overall cost than 10 Linux servers? We'll most likely never know....

Re:I'd rather admin one than ten

[mrhartwig]

Should be as good or better than the AIX products IMHO as Veritas have proven themselves to produce good enterprise quality software...

Yeah, that IBM company is such a newcomer at producing enterprise-class software, as compared to Veritas. I wonder if they'll ever be able to last long enough to start producing Real Software Products(tm).

Not that all of IBM's SW is great (it is SW after all) but to try and claim bolting Veritas on top of Linux might be a better solution than a fully-integrated AIX solution because Veritas produces enterprise quality software strikes me as a bit silly, at best.

Re:I'd rather admin one than ten

[Lehk228]

Yes there is

Re:I'd rather admin one than ten

President Clinton! Is that you?

Re:I'd rather admin one than ten

[mink]

"Linux doesn't offer any 64bit fiberchannel HBAs because the hardware isn't available. "

I call BS. On my driver CD for my LSI44929O I have a set of linux drivers.

Re:It's Hopeless. Time to Move On.

When they don't know a subject, they seek the advice of trusted experts to help them understand it so they can make an informed decision.

HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA

*ahem* Sorry. Just... doesn't work like that in big companies. None of the ones I've worked at, anyway. Yeah, Maybe I've just had a streak of bad luck, but that's my experience.

Don't use cold hard facts or sound rationale

[layer3switch]

It would be pointless. Don't waste your time and energy.

Throw some money around, preferably bundled in rubber band and post up some pictures with you and some hot chicks on the wall at your office/cubicle/basement space with desk.

If the above doesn't work, hit them over their head and sprinkle some crack/coccaine over their body.

You have to remember ...

[sfarber53]

no one ever got fired for buying M$.

"Gentlemen. We have to protect our phoney-baloney jobs."
                                                                    Mel Brooks, "Blazing Saddles"

Some people won't notice the truth even if it bites them on the ass!

Good luck!

Define the terms and you're halfway there

[Infonaut]

Winning the argument depends on first explicitly defining the terms in a way that is advantageous to your position.

Start out with a proposition that everyone can agree on, like, "We depend on our operating system to do the following things: Minimize support costs through superior uptime, minimize hardware costs by providing more computing power per CPU cycle, realize long term cost benefits by providing superior computing resources throughout the company at a lower cost per seat." This is just an off-the-cuff example.

Then use metrics from your own organization (if they're not available, guesstimate), comparing the cost of meeting each of those goals. Historical data presented in a before and after comparison format can be quite valuable in showing people that you're not advocating Linux because you have an ideological attachment to it, but because it does the same job less expensively. Arguments about quality will go right over their heads. Intangibles such as, "It makes us all happier to use Linux because we don't have to run around fighting fires all the time," don't register with most O-level folks. Stay focused on apples to apples comparisons, and always compare costs.

As many others have pointed out, some managers simply won't listen. However, giving up isn't the answer either. At least present your case firmly, without rancor, and in as broad a forum as possible. Don't go behind the manager's back, but try to get other people in on the meeting. That way even if this knucklehead doesn't listen to you, you'll probably convince a few people. When they run off to other companies after the knucklehead brings the company crashing to its knees, you'll have a decent chance of connecting up with one or more of the smart ones who listened to your pitch and understand what you were conveying. The way I look at it, you're playing a long-term game here. It's not just about convincing the knucklehead, or saving your company's IT department from waste and annoyance. It's also about clearly establishing that you know what you're talking about, and you're able to clearly and professionally articulate your knowledge.

Regardless of whose advice you take, I wish you good luck! It's never fun trying to manage up.

Read the definition of EAL4 recently?

[mikefocke]

Doesn't sound to me like I'd want to trust my precious financial or personal data to such a "pretty good" level of trust.

Look at why Linux can't get a higher rating....

But then neither can any other OS except one designed for security first and foremost.

Is it possible to get a higher rating? Yes. At an enormous cost. But yes it is.
What is the cost? Years and millions. And a committment to do security right from the begining ... design being the begining.

Giving back is the harder problem

[agony_zhou]

I don't think convincing the PHBs to use free software is as big a problem as a few years back; just show them the number (money saved). A bigger problem I can see is the management do not want to give anything back to the community; they just want to be a leech for as long as possible. For example, in where I work, we are not allowed to contribute the local mod we made to some free software back to the community.
Note: local private mod is permited in GPL.

Re:Giving back is the harder problem

[turbidostato]

"I don't think convincing the PHBs to use free software is as big a problem as a few years back; just show them the number (money saved)"

True.

"A bigger problem I can see is the management do not want to give anything back to the community [...] where I work, we are not allowed to contribute the local mod we made to some free software back to the community."

You should read yourself. Just show them the numbers. Show a guesstimate about how much money will cost you maintain your private mods as the "base" software evolutions, and how much will be the savings on returning the changes to "the community" so you no longer have to maintain them.

Simple solution

[WindBourne]

5 years ago, when Bush came into office, he shut down the FBI from giving out information about cracked system except where required by law (basically, if a customer's CC is stolen). Just before that, a friend and I were going to start a web site that tracked these and then showed the relative risk to users. Since 40% of the https space was windows, then you should expect somewhere around 40% of all the stolen CCs. But it turned out that Windows accounted for more than 99 % of all stolen CCs (and this was in 2002; I think that windows now accounts for about 1/3 of https space).

So, pick up the report from Netcraft that shows the % of OS on the https sites (you have to pay for it). Then go to news.com and look for all the past stories of stolen CCs. All of the ones that I check for the last couple of years, turned out were Windows (more than hundred over the last 5 years).

Here is one other interesting test. Look at the netcraft of all the major banks and CC shops. Then look at all the CC processing sites that lost 100's of thousands of CC's. A few of the processing sites that were cracked (one in arizona, Florida, and nebraska) were running MS. Yet the CCs companies run *nix. Says a lot right there.

Saving face

[Beryllium+Sphere(tm)]

Managers get promoted by being political competitors and impressing others. Sometimes it will happen that
>The CTO ate his words and admited the mistake
but don't count on it.

Maybe a good tactic is to leave them room to change their minds without having to admit error. You could say something truthful like "Linux is evolving almost too fast to follow and we might find a different landscape if we look again in six months". Or maybe schedule a review for when they're looking down the barrel of Vista upgrade costs.

Open The Firewall!

[codepunk]

Tell them ok let's open the firewall for 24 hours and see who is left standing.

Easiest Way to Defend Linux

[Captain+Lou]

Should we as professionals expect to be attacked for our decisions, even though Linux has prooven itself (time and time again), for over 5 years in our company? How do you deal with all of the baseless claims, that your superiors may read in the mainstream media?"

One of the easiest ways to defend the value of Linux in the enterprise is to just show how much Microsoft licensing for the same implementation would have been had you been using it instead of Linux.

I always have the same response

[Rohan427]

Whether it be my decision to use Linux, or my decision regarding anything else in falling under my job description or the tasks I'm given. I simply state that I was hired to do a job and trusted to make a decision or perforam a task. If you don't trust me to make that decision, or perform the task, if you don't trust my expertise, then get someone else to do it.

I have yet to be fired or let go because the powers that be either didn't trust me or decided I wasn't expert enough to make the decision or perform the task. In addition, I never make a decision without doing the proper homework to back up my decision, and I make the data to back up my position clearly available to those in charge before I implement the solution.

PGA

Keep upper management updated, business style...

Take note of all of his points and the points from the article and then email upper management your regular "security synopsis" making sure you address all those points. You could make him aware during the meeting that you have read that article and that your systems are already secured against the issues raised. But don't attack the credibility of the publication, story or author, it could be embarassing for him. The security synopsis shouldn't look like a rebuttal, but rather a professional and never emotional business document. You should let upper management slowly come to that conclusion themselves that the publication is hype, once they see that time and time again, you can show that the points of the stories do not apply to your setup.

Make sure you read what he reads and include those security issues in your regular security synopsis which you send well in advance (days) of these meetings which upper management attend. He will be less likely to address something as being an issue if you have already addressed it as being irrelevant. There will be less egg on face if he is the hysterical type and you won't be in a position where you have to get him to back down from something he said to the firm.

I should not need to mention regular updates to management, because it should be a given. Management needs the info so that they can manage the big picture. If you don't give them the info, then they go looking for it in the best places they know. And since they're not techie types, that's publications put out with advertiser interests. Microsoft advertises a LOT in the sorts of publications that management reads.

Local phone calls are not free.

[CFD339]

At least not on my planet.

They are not free like beer, and they are not free like speach. If anything, they are free like taxes.

Re:Local phone calls are not free.

[Associate]

Tell me about it. I'm one of those cell phone only people. Yet, I still have the landline in my house. The only people I can call for free is the operator and 911.

Re:Local phone calls are not free.

[Fred_A]

Same here, that's why I only date phone operators.

Re:Local phone calls are not free.

[Associate]

Oddly enough, I've gone out with a lot of emergency personel.

Ignorant Top Management ...

[constantnormal]

... will never listen to anyone beneath them in the corporate food chain.

Making a lot of obstructionist noise will only paint a bulls-eye on yourself, as a malcontent and troublemaker -- probably a security risk as well.

How to distinguish between ignorant top management and the clued-in variety

Good top management would have asked down the org chart to the IT group whether there was anything to the issues raised in those articles, and would have done so off-line rather than during a conference call. After all, they should have confidence in the abilities of their IT staff, and should reasonably expect them to know more about this area than they do. Ignorant doofus top managers assume that they are the ultimate in every regard, and have no need to consult anyone -- after all, that's why they're paid the "Big Buck$".

In the words of Roy Schieder (Chief Brodie in Jaws), "You're gonna need a bigger boat."

Go and get an IBM marketeer (or a pack of them) to educate your top management about the virtues of Linux in the corporate environment. They have credibility that you will simply never possess, and are well-trained in the fine art of "Account Control". Just ask your top management for an opportunity to bring in a representative from a Fortune 50 company to put on a small presentation about Linux, in order to get a "business perspective" on the matter.

The downside is that you will give up any voice in what kind of hardware you run. But that's not such a big downside, as IBM makes good stuff. And with the sort of management you have, any thoughts you might have about your influence is an illusion, anyhow.

I expect that some sales minions have already managed an end run up the org chart, and the source of all the anti-Linux FUD propaganda is either Microsoft, or some Microsoft-oriented consulting firm plotting to seize a firm grasp on your company's IT budget.

You need to fight fire with nuclear weapons. Bring in IBM.

Re:Ignorant Top Management ...

[jrumney]

Maybe in the next conference call, the OP should try giving the management team financial advice based on an article he read in Wired (or some other non-finance semi-technical magazine).

Bazillionaire behind Ubuntu

Mark Shuttleworth is worth hundreds of millions of dollars. He owns Canonical Ltd., the company behind Ubuntu Linux. So who cares how, or if, Ubuntu makes money?

What's sad/amusing is that some of the PHB's asking these questions, as if they were sharp business analysts, work for gigantic corporations -- BellSouth or other RBOCs, humongous insurance companies, etc -- that could easily support a Linux distro all by themselves if they only had a tiny spark of imagination and verve.

Re:Bazillionaire behind Ubuntu

[bigman2003]

Yes, and they could design their own landscaping equipment too.

But there are companies out there already who design the equipment, so why bother?

One word

[Omega+Blue]

That word is Google.

Tell your upper management that, if Linux is good enough for Google, which is one website that needs the ultimate in network security, it is good enough for your company.

Do the same (it'll be more)

[krray]

Do the same -- it will be much more in volume...

Every time you see a [Microsoft Windows] article telling of some new flaw found -- save it. Every time they release a bulletin [and a patch] -- save a copy of those too. I did this for years for just such a defense in "my logic". The sheer volume you throw back at them may make them think twice -- and do it diplomatically when you do. Even suggest going over their article to understand the half truths, lies, and it will help eliminate their FUD.

I've been doing this -- its a simple print/preview (save-as PDF -- you are using a Mac yourself, correct :). I can even remember some management being surprised when new services were always available instantly when needed. Email was brought in-house, DNS, ftp [virus updates for Windows clients], posting files to private web pages, so on and so forth. When questioned they were more happy with the cost ($0 for Linux based solutions) than the "how".

The show-down did come in the not too distant past over the companies 401-K plan -- I quickly used the same tactic to show them how insecure Windows was which is what they wanted to post our plan on (IIS). Allowing employees to make changes themselves online as necessary was their money-saving short sighted goal -- it SCARED THE HELL out of me as it was MY MONEY in play as well.

As head of IT I put my foot down and simply said "no" -- and if it was allowed to go through with upper management that 1) they have been warned and 2) I was no longer going to be in the 401-K plan. I also happen to know (as I did the audits) that I was ranked in the almost (but not quite) "top-heavy" equations and my pulled out would have cost them to not to be able to save quite so much. But I digress, and that is of another issue.

I would also question -- are there are Windows servers there now? How much time is spent maintaining them? How much down time? I know with a Linux based farm that the maintenance is easy and I've well exceeded 99.99% uptime every year. During normal business hours it's been easily 99.999%...

Look at the big picture

[slickwillie]

They are arguing against Linux (and for Windows) based on the fact that Linux is open source and *MIGHT* be open to vulnerabilities? Are they saying Windows IS secure?

Someone hit these guys with a cluestick.

Yep, as per Sun Tzu's Art of War

Always leave the enemy an escape route.

Otherwise even if you win it will be very costly - since the enemy will know there's no retreat and will fight to the end.

Don't talk "geek" to management.

[scherrey]

I think your approach is a lose-lose proposition. Its bad enough, but not untypical, that management is making inherently technological decisions without understanding their business ramifications. Making the debate with management on your technology turf might let you "win" a battle but you've already lost the war. An approach with a far better liklyhood of long term success would be to push those technical decisions down to the IT level with clear business directives that would help drive those directions (preferably with some objective metrics of how well those directives are being met). This way the technical staff can communicate the impact of technology decisions in business terms that management can more readily understand. Thereafter, management can impact technology decisions by altering their business directives rather than making specific product choices they have no concept of. If you can accomplish that then when a manager reads an article out of a magazine and gets a brilliant idea the tech staff can say "thanx for the suggestion".

Good luck!

An important variant...

[leonbrooks]

...might be, "If Linux is so bad, why do the NSA and US Army use it? Why are Intel shipping hundreds of millions of Farmer PCs based on it in China? Why are the Brasilian state bank's ATMs run on it? Why are Norway moving 100,000 students to it? Why is it used in Satellites and aboard Fred? Why are IBM and Novell switching to it across the board? Why is the European Union moving to Linux's most popular document standard (OpenDocument) across the board? Why is the $100 laptop project using it even though Microsoft offered them MS-Windows for free? Why do Google and Akamai, the biggest search and content-cache companies, utterly rely upon it? What's the matter, those organisations not big and important enough for you?"

On second thought, scratch that last sentence.

Re:An important variant...

The most popular document format is by far plain text. Everyone's so hyped up over these embedded functionality formats. They're featureware. That's all they are. For truly human readable information the standard is still plain text. That will never change unless the English language, as taught from mother to nursing newborn babe, begins including blinking text and hyperlinks.

An insightful observation is that there are decreasing numbers of "mother to nursing newborn babe". Everything's become so assembly line. You take the pregnant wife to the hospital, she gets an epidural and a C-section, she spends a few days with the baby, and then it's on to formula and day care before you can blink.

I'm writing the human race off as hopelessly lost.

my boss is a moron

This question comes up all the time.

"My boss is a total idiot and doesn't believe anything i say even though i'm the professional and he gets his information from cereal boxes."

The answer is always the same, you need to get a different job.

Then you will hear people complain, it is not possible, you can't do that, that is not realistic. They probably have a job just like you.

Other people who have not worked at such a place in many years just laugh. Because they figured it out a long time ago. What's taking you so long?

Disable their anti-virus

and send them a link to site that installs spy-ware. Then ask them if they are ready to convert the enterprise to Microsoft Windows.

I'm your competitor.

[NullProg]

By using Linux, I'm saving money on installation costs, CACLs and registration fees. I've trimmed down my development costs by using eclipse. No more helpdesk ADO/MDAC version issues that cost money to support.

I've also saved a boatload of cash by switching the sales/marketing team to OpenOffice. We output all our client documentation using the OpenOffice PDF print driver.

With the savings, we hired two new programmers and have doubled our marketing budget so more people know about our products. We have one Windows machine left in accounting for Quicken :(

Food for thought.
Enjoy.

Re:I'm your competitor.

[NullProg]

Moderated as Funny? Case point for /, going to the stupid people.

Re:I'm your competitor.

[Excelsior]

I'm curious if you have experienced improved developer productivity since switching to OSS. I've always suspected one of the unmeasured benefits of switching to an OSS stack is that developers love to work with it. They love to come to work every day, and they go home each night with a twinkle in their eye. They work harder, or so my theory goes.

Re:Linux

I gave up in 1994... based on what I have seen on many many Win boxes over the years I have had to fix, it hasn't really improved THAT much...

Windows is a lot different than it was in 1994. I'm calling bullshit. You simply haven't seen that "many". That's a fabrication.

Switch to Windows.

[JWSmythe]

    Well...

    I've played this game before. Twice actually.

    The first time, the boss wanted to convert from BSDi to WinNT. Bad choice, I said, but I was a lowly tech then.. I ended up leaving after the migration was done. Not too long afterwards, they started migrating back. The company, on the verge of failure, sold.

    The second time, we had a decent size network running Linux. I was happy with my happy network. It did it's thing very well.. One of the boss-type people wanted Windows. He likes Windows. We should have a Win2k AS network.. I refused. I refused. I refused some more. Luckly, I was in more of a position to refuse now.. It was a battle of wills. I gave all the reasons not to. I gave the few reasons to switch. In the end, I grew tired of the battle. "Fine, we'll switch over to Windows. Licensing will cost $xxx. We'll need x extra techs, and y more boxes, and z more space."

    You know, all those damed x's y's and z's add up. He was reconsidering.

    "We can have everything migrated over in a month, and stable sometime after that. I strongly recommend against it, but we can start the migration as soon as you get the licenses, and hire staff to do the migration and support the whole mess."

    It never migrated.

    Sometimes you just have to give them exactly what they want, and let them realize the mistake all on their own. If the company fails because of it, but you had given strong reservations against it, it's not your fault. When the company dumps, buy the machines from them for pennies, and start your own hosting company. :)

    Just kidding about the hosting company. Get on board with the next company, and see if they're any smarter. At very least, you can use your experience as a warning to them.

    "Oh, you want to migrate to Windows? That's why the last company I was at failed. Here's all the reasons....."

NO! Re:Define the terms and you're halfway there

[MZoom]

Winning the argument depends on first explicitly defining the terms in a way that is advantageous to your position.

Arguing with a superior is rarely a healthy career move. Positional Bargaining is rarely sucessful unless your position is overpowering ...

... because arguing tends to ruin working relationships and because overpowering positions tend to leave the other party feeling less than confirmed.

End Result: Potential unemployment or the potential glass ceiling to advancement.

It would be far better to find common ground and work from there without resorting to arguing from a position AND solidify the working relationship with one's own superiors. It's far easier to get what you want from superiors, who may not have the technical knowledge you have, when they actually like you!

Who should make IT decisions?

[jgardn]

The problem isn't that the upper managers are misinformed. They are always misinformed. Any upper manager that thinks somehow they are impervious to lies and half-truths are fools.

At our company, we let people make their own decisions. If they need more hardware or money or resources, they have to go to their managers and get the required resources. But if its new and it doesn't cost any more than what we are already spending, then you get to try it out.

Let me put it this way. Who should decide what kind of car you drive: Your boss, your wife, or you? Who is best suited to make that decision?

Then try this one: Who decides which algorithm you implement to solve some of the engineering problems you encounter? Your boss, your wife, or you?

And let's go one step further: Who decides what language you should use or what OS you should run on?

Point out other leading companies using Linux

[DeathBunny]

I'd suggest collecting magazine clippings and/or URL's about other major companies that have successfully switched to Linux and Open Source. Here's a few links to get you started.

Etrade:
http://www.eweek.com/article2/0,1759,1916119,00.as p

Amazon, Ebay, Wal-Mart, Dell, American Greetings:
http://www.forbes.com/2002/10/08/1008linux.html

Cendant:
http://www.cio.com/archive/070105/cendant.html

Merril Lynch and Credit Suisse First Boston:
http://www.forbes.com/2002/03/27/0327linux.html

Boscov's
http://www.forbes.com/2002/07/17/0717casestudy.htm l

The Chicago Mercantile Exchange:
http://www.baselinemag.com/article2/0,1397,1828002 ,00.asp

You know that Ziff Davis produces a ton of FUD

Make sure you let your manger know not to trust Ziff Davis Media for any information regarding computers as they are really good at making FUD. I've made it a personal policy to not pay for any of the FUD they make & to read any of it only when someone else posts about it on /.

Re:NO! Re:Define the terms and you're halfway ther

[Infonaut]

It would be far better to find common ground and work from there without resorting to arguing from a position

You're assuming an equal relationship between the parties. Most of the time you are not given the opportunity to seek common ground where the power relationship is disproportionate. I'm not suggesting that as a subordinate you should attempt to have disagreements with your superiors. Of course, you want to seek common ground and find ways to make everyone happy.

But in a situation where it's one OS or another, you do have to advance a set of reasons in favor of your position if you want to do the right thing for the organization. If your argument (that is, the rationale you have articulated) is disregarded, play ball and do your best to help the team, of course. Sniffling in the corner won't help anyone. But seeking common ground at every turn won't necessarily lead your boss to respect you, either.

They can have it one way or the other, not both

[Anonumous+Coward]

First they hire you as a professional, then they treat you as an ignoramous. This can't be. Tell the suit that if he doesn't trust your judgement, the very one he hired you for, he should resign giving his own bad judgement as the reason.

I just do my job.

Be realistic:
Few companies are willing to put Linux on the general desktop. The staff expects and is comfortable in Windows. Personally I can't imagine not having Excel in my toolkit just as I can't imagine not having bash et al.

Nonetheless, I maintain that every company can benefit from an appropriate Linux deployment. You may not need to develop a lot of expertise initially. File, publish, print servers and router/firewalls are available as OTS appliances. They're configured through a simple web interface so they don't need a monitor and keyboard. They are cheaper, smaller, easier to use, lower maintenance and more efficient than a Windows server of comparable performance. You can also benefit from hiring Linux. Contracting out for services that Linux does well (such as email, security and networks) could be another low risk way to save a bundle.

Oh yes they can - this is done by default..

[cheros]

Bad management is rife to the point of being the default. Especially when people with no IT background whatsoever get decision power over IT stategy, vendor selection and the choice of development model, applications, platforms and network infrastructure common sense leaves the building.

The problem is that you and I have to eat, that is used against you keeping you working on stuff that is suboptimal, wastes vast amounts of resources and is frankly a complete waste of time.

Worse, as far as I can see at the moment, consultancies then grab the good guys that are sellable - and make these guys write supporting docs for those managers. Reason? Money - if it goes wrong the IT staff gets blamed and guess who gets to fix the problem..

You don't need to look far either to see evidence of that. Look at many failed government IT projects, and look at how most banks operate (troll bait: and just look at how many still use Windows in the back end ;-)

The problem is that a clueless manager will need you to fail to look good so you're going to get a lot of 'advice' so *you* then 'have failed to improve' - and they'll get another victim.

[OT] proud about SUV?

[LittleBigLui]

From parent's sig: I drive an SUV -- and I'm actually pretty proud of the fact.

Why?

Not trolling, just a honest question.

Re:[OT] proud about SUV?

[Reality+Master+101]

Why? Not trolling, just a honest question.

Because I don't buy into the mindless "SUVs are eeeeevil" urban legend. It's an easy target by people who have no idea exactly where the true problems lie.

Effectively fighting FUD

[pelorus]

The biggest thing for PHBs and CxOs is to just get them out of the mindset that Computer ? Windows. There's only a single choice on desktop platform these days - it's either Windows or it's a UNIX-alike. One of these market shares is on the up[1], one of them is on the down. Where does a progressive company want to be?

[1] We know Mac OS X is on the up (great gains on the desktop, a slow burner on the server end). We know Linux is on the up (improving slightly in the desktop space and a powerhouse in the server space) and if neither of these float your boat then there's the Beasties (Open, Free, Net) and a couple of minor distros like Solaris, HP-UX, AIX...LOL

A strange disconnect

[jandersen]

There is a strange lack of cohesion in the way managers think. On one hand they trust the company's very future in the hands of their employees; but on the other hand they don't trust those very same people to be able to form a qualified opinion about something in their area of expertise. Is it a version of 'It's in the news, it must be true'?

What they should do, when they read that kind of article is to think 'I should ask my own experts about this before I put my foot too far down my throat'.

I have the opposite problem ...

[nickco3]

I work in the technical division of the largest financial groups in the world. Our upper management are big Linux fans. It can leap buildings in a single bound, write award winning operas, and is a cure for the common cold. Linux is to be used for everything except the desktop.

Consequently, our highly reliable RISC hardware has been ripped out at impressive speed, to be replaced by racks and racks of IBM blade servers. These things are basically vertically-aligned laptops and crash more or less continuously. Remember the old gag about how their were no French-made computers because they hadn't figured out how to make them leak oil? These ones do, from the hard-drive ball bearings.

In reality, the argument in favour was commoditisation. Replace the expensive, high-end hardware and software with off-the-shelf components that are nearly as good. This was sold to the management by IBM consultants. This is important, because it gives the management someone to pass the blame to. IBM can be blamed if the strategy is seen to fail.

Why Open Source is inherently more secure

[ajs318]

With Open Source, every blackhat and cracker has instant access to the source code; and can spot potential vulnerabilities and find ways to exploit them. And a bad guy who finds an exploit might choose to sit on it for a long time, milking it gently without wider discovery; after all, the act of revealing an exploit carries the very real threat that it -- and the exploiter -- will be dealt with. At the same time, every whitehat and Concerned Citizen also has instant access to the source code; and can spot potential vulnerabilities, alert the world to their existence and have them patched. {Sometimes the fix is obvious enough so as a patch can be deployed within a matter of minutes, but hours is more likely.}

The probability of an exploit being discovered by a good guy is greater than the probability of the same exploit being discovered by a bad guy, by the same ratio by which good guys outnumber bad guys.

With closed source software, all the bad guys are looking for exploits -- but most of the good guys aren't. And if the proportion of good guys who are actively probing for exploits is less than the ratio of good guys to each bad guy, then the probability of an exploit being discovered by a bad guy actually becomes greater than the probability of it being discovered by a good guy.

Re:Why Open Source is inherently more secure

[ficken]

I couldn't agree more. I have a coworker (I work in the gubba-mint) that is strickly pro-MS, despite whatever advantages Linux/Unix/Mac may offer. His main argument is that 'How can it be more secure if everyone can see the source code?'. Proving he has a lack reason, he cannot grasp the argument I give him which is the same as above. His other argument is that 'Whenever you want to install anything you have to compile it'. While this is true for some apps, its not true for all - there are things called package managers. He cannot grasp this thought either. Oh by the way, he slipped up one day and admitted he owned MS stock.

The point of my ramblings is this: while the Upper Management may have strong arguments and numbers against open source, there may be underlying factors involved in their decisions - such as money.

Re:Why Open Source is inherently more secure

[ajs318]

What's so wrong with having to compile a package in order to install it, anyway? Most distros -- except gentoo -- have precompiled packages. But CPU time and disk space are cheap enough today that there is almost nothing to be gained out of not compiling locally.

NB, what I didn't quantify above was the ratio of good guys : bad guys. I have a gut feeling that a person's estimate of this ratio might provide a valuable insight into their personality.

Re:Why Open Source is inherently more secure

[ficken]

Nothing is wrong with compiling a package - the knucklehead just uses that because he is lazy and is more accustomed to point and click everything.

NB, what I didn't quantify above was the ratio of good guys : bad guys. I have a gut feeling that a person's estimate of this ratio might provide a valuable insight into their personality.

What personality? :)

Re:Why Open Source is inherently more secure

[ajs318]

This reminds me of a segment on Graham Torrington's radio show, "Late Night Love". The theme for a phone-in slot was "which is more important - looks or personality?" Anyway, one of the callers was a right mouthy southern wanker -- and even on the wireless, you could just tell his face was covered in pimples. He was bragging about how he didn't care about personality, it had to be looks everytime for him; he slagged off "ugly birds" and basically acted like the lesbo-femi-nazi poster child. As I said, the caller was a wanker; it was a pity his dad wasn't. GT had the ultimate put-down, though. "Do you think you're good-looking?" he asked politely. "Yeah, I fink I'm pre'y good-lookin'," responded the git. "That's good," said GT, "because you've got sod-all personality!" as he clapped the phone down and segue'd into another record.

That moment was the radio equivalent of Phil Jupitus doing the intro to Beyoncé's Crazy In Love on Never Mind the Buzzcocks. Priceless.

Nope

[jesterpilot]

But what is the death rate of companies who already survived those first three critical years? Few companies in fortune5h are younger than three years, if any. Most companies will die young, and few companies start big. Those 90% of companies simply never had the chance to become big or stay small.

So, compare small mature companies with large mature companies.

In my town there's a very small shop selling paint. It's 125 years old and still going strong. I don't think MS will be selling anything in the 22th century. About the paint shop, i'm not so sure.

He might be right

One thing which really should put to a halt IMO is people who play sysadmin and want to install Linux because... Its Linux! In my experience this is a display of incompetence in which case the upper management may be more right that you realize. However, then its not Linux which is the key of the problem... So do you want Linux or do you want Unix as a counterpart to Windows. If you simply want to ditch Windows (a motivation which, in itself, can also be dubious) you could broaden your search. Management wants business assurances? Try going Sun.

Some don't even know what Linux is...

[master_p]

It may be extremely surprising, but some people have never heard of Linux. I have personal examples of this: one time, at a meeting, there was a discussion about security and viruses and people spoke of Microsoft and Apple. When I brought up Linux, I was surprised to hear "Linux? I've never heard of such company. Where is it from?"...

Not your biggest problem ...

[gordguide]

" ... How do you deal with all of the baseless claims, that your superiors may read in the mainstream media? ..."

Well, a good manager might use what he reads in a magazine as a talking point; he read something that made sense to him as it was presented and wants your input.

Despite the language, which you may read as "foregone conclusion based on FUD", really means more along the lines of "people say this, I hear things. I think we need to stay on top of our industry and I have concerns about our future business, because that's my job. So, tell me again: why do we do [insert practice/policy/tools here], and isn't it time to take a look at [insert alternate practice/policy/tools here]? "

And he wants you to tell him, because he hired you to tell him stuff about your area of expertise, because that's your job. So, tell him.

Or, he may be a PointyHair, who dances with devils and wants everyone else to join in, and you need to look for a new job.

Hopefully, you already know the answer to that one.

Anyway, I'm not suggesting a Slashdot Question isn't a good start. But, don't panic. He's just asking questions; what happens depends on you and your answers, not what some clueless writer was able to sell for $ 150.

At a guess it was...

[aug24]

...one very poorly AIX box, presumably running the corporate FTP, File Server, Print Server, Intranet, etc etc.

Ten cheap, lightweight Linux servers is a fair swap.

J.

to all commentators of FUD in the company:

I loved nearly all of the answers. I loved the technical ones as they filled some of my own gaps. To sell FOSS to managers, make up a scenario and tell them what it will cost them to switch all your company already runs on FOSS to MS and what it will continue to cost. (Including security patch-work) Do a profit projection and compare with a (bypothetical if needed) competitor who switches/switched fully to FOSS. BR kubitus

Just tell 'em it's still microsoft

I've found that at the CIO level, the people are so
out of touch with reality you can tell them anything.
Just tell them that you have been buying all those
x86 machines with windows, and that is what they still
run. Tell 'em that openoffice is Microsoft's answer
to thier monopoly lawsuit problems, and KDE is a new
look for Windows Vista.

CERT uses Linux; Cisco as well

[MECC]

Anyone who bothers to actually read CERT's security advisories will notice, quietly, at the bottom (from their most recent advisory):

Version: GnuPG v1.2.1 (GNU/Linux)

While this doesn't mean all of CERT runs exclusively on linux, they don't ban it, and use it to authoratatively sign their official security advisories. Not an official endorsement by CERT, just an official adoption.

Cisco also has been signing their security advisories using linux as well (from a recent advisory):

Version: GnuPG v1.4.2 (GNU/Linux)

Again, not an official endorsment, just an official adoption. In both the examples of CERT and Cisco, I've yet to see them sign advisories using windows, even though GnuPG runs just fine on windows. How they're using linux, of course, isn't clear from just the sigs, but that they are using linux is, and they are clearly showing a preference when it comes to authoratative public announcements.

It's easy...

[Bobby_Dobolina]

Give you manager the Microsoft support number and have him/her try and get someone to help with that critical NT box I'm sure you still have(we all do). That should drive the point home.
Dobo

Few companies only use the OS

[Don_dumb]

There seems to be two things that no one seems to have mentioned and that would be the biggest problems in the organisation I am in (which is currently upgrading everyone from NT to XP).
1. We have many applications for different parts of the business, each of those applications has been procured, with a support contract. Most of these applications are only supported for runnning on Windows XP. Imagine the cost of not only replcaing the OS (even with a free one) but renegotiating the providers' support contract along with installing the linux-ported software. In many cases the application used is critical and has no Linux equivalent, so new business processes would have to be created (which is a massive task).
Having unsupported software wont work either as most large organisations have risk registers, disaster recovery plans etc and critical software that could break with no one to fix it would be too high up on any risk list to consider. Especially as the organisation I am in is the public sector and we are pretty much obliged to make sure that we are covered.

2. The other thing that would be massive to the cost of changeover for any business is training, not just retraining the support/IT staff to know which IP addresses to free up or anything technical, but the users many of whom are only IT literate enough to know how to do what they currently do, on the current software, changing to XP will cause them alot of trouble but not too much as most things are very much the same. And of course most people have Windows at home so familiarity is a large factor in training. Yes Linux may be easy to use and I would like it here, but I am IT literate and could learn to use a spreadsheet program that isn't Excel. Most people could not (at least fast enough for the business not to suffer).

The answer

Shunkworks... like its always been

Who's likely to be in business?

[QuestorTapes]

> Which is more likely to be in business in five years, Home Depot, or Joe's Contractor Shack?

Actually, the answer "Joe's Contractor Shack" isn't as dumb as it sounds. A few years back, before there was a Home Depot in my home city, it was DIY Home Warehouse that was going to put the "Joe's" out of business...right up until they failed and were bought out by Home Depot.

When I was growing up, you could count on three things: death, taxes, and AT&T will -always- be your phone company. And then they weren't.

> Microsoft has a FAR higher probability of being around in five years than,
> say, Red Hat, which is the strongest player.

Higher, no argument. Far higher, I might argue. Not because MS is likely to disappear, but because the same factors that make it unlikley MS will disappear work to make Red Hat stable. Not as strongly, but in the same way.

MS is solid; but it's also vulnerable in ways Red Hat isn't, just like AT&T was vulnerable in ways MCI and Sprint weren't; apples and oranges.

Re:Who's likely to be in business?

[Horatio_Hellpop]

//just like AT&T was vulnerable in ways MCI and Sprint weren't; apples and oranges//

Not the best example, MCI ... they're not around anymore, either. (Verizon) :-)

who cares?

[lamp540]

When will opensource pussys stop trying to suck up to the powers that be? Who gives a shit if they get rich off of your cool no charge software--it's them that will get rich, not some IT dork. These are the same people who sit around and talk emotionally about the direction of their company when the company(the executives and share holders) would fire them without a moment's notice if they thought it would make them an extra few dollars. Free Software Forever

I think vigilantism could solve this problem

[aminorex]

Just hunt down a few lying journos and kill their entire families. Ancestors, descendants, distant cousins. After all, it works for Microsoft.

Use examples that hit close to home

[macdaddy]

Upper management will eventually state that no one uses Linux. When they say that give them a couple thousand examples of major entities that publicly use open-source software. For example:

The US Library of Congress
http://uptime.netcraft.com/up/graph/?host=www.loc. gov

Google
http://uptime.netcraft.com/up/graph/?host=www.gogg le.com

Forbes
http://uptime.netcraft.com/up/graph/?host=www.forb es.com

Wall Street Journal
http://uptime.netcraft.com/up/graph/?host=www.wsj. com

New York Stock Exchange
http://uptime.netcraft.com/up/graph/?host=www.nyse .com

Ford Motor Company
http://uptime.netcraft.com/up/graph/?host=www.ford .com

Better yet, go through the Forbes 500 list and see just how many of those companies use Linux, Solaris, or any other *nix that is open-source or has had open-source underpinnings. Check the web servers, the MXs, etc. I see a couple that use Windows web servers but I'd be willing to bet that they have an open-source item somewhere that's publicly accessible.

Guess I'm lucky

[HonkOnBobo]

Relative to most people here, I guess I'm lucky/spoiled.

The company where I work (a large, telecom equipment company) has embraced Linux. Virtually all new designer desktops are Linux machines - Redhat 8, RHEL 3/4, etc.. In addition, most new-ish products coming down the pipe use a home-rolled version of embedded Linux on the target hardware.

We still require Windows, though, for e-mail, documentation, test-set GUI software, etc. For that, everyone has VmWare installed on their boxes.

Just refute the FUD

[shagan]

If what is said in the magazine articles is FUD, then just refute it. Show them the evidence (objective) that things in the article are incorrect. But be honest as well if there are items that are correct or have merit in the article. Tell your management about these things, but then let them know that you and your coworkers know how to deal with these issues or they can be dealt with by doing x.

But I fear from reading your posting, that you have an emotional attachment to implementing Linux in your workplace (using the word attacked) and believe they should not have an issue with Linux because you said so. Remember, your management's current pay and their future career are dependent upon the solutions that you implement and they fear that there will be no one to place the blame on if some worms ravages their environment because of some shareware (I know the difference, but many of your management don't) product was insecure. What is the saying, "No one ever got fired to choosing [IBM|Microsoft|Oracle|...]". There are people that your management can blame when something really bad happens, but telling the shareholders that the company lost $X millions because some coder in Hong Kong didn't fix the bug in his implementation of the network code you used to implement the accounting system won't cut it.

Be careful not to let your fondness for Linux cloud your judgement.

In the real world of technology, there is no perfect solution (read: every solutions has problems), there are just better solutions. Make sure that as a technologist you are recommending the best solutions, even if those might not be Linux. Business is a continual cost verse benefit analysis with a healthy shaking of risk in there. As a business person, if I can spend some money and buy what I perceive as an insurance policy for my company (or my career), then I want to transfer as much risk as I can.

my rebuttal

[pjgeer]

Major premise: Management has already fscked up everything they could get their hands on.
Minor premise: Linux is something management could get their hands on.
Conclusion: If management learns about Linux, they'll break, co-opt, nerf, and generally screw with it in such a way that you'll be made miserable.
Solution: Publicly opine that Linux is a passing fad while secretly doing all your best work thereon, including your private projects that keep you productive and employably mobile. But most of all, support the anti-Linux VP who's getting the kickbacks from Microsoft and join him in snorting coke off the bums of hookers in the champagne-filled jacuzzi.

Put it this way:

[metamatic]

"OK, so if it's free, how do the people who build the distro make money?"

"Offices all over the country provide free coffee. How do Starbucks make money?"

"Books are free to read at the local library. How do book stores make money?"

"Water is free, it falls out of the sky. How do the people who sell bottles of water make money?"

Car analogies...

[reed]

A Ferrari is pretty exotic to be a common computer, maybe it's more like a high-end Sun.

From Neal Stephenson's essay about computers, "In the beginning was the command line":

---

Imagine a crossroads where four competing auto dealerships are situated. One of them (Microsoft) is much, much bigger than the others. It started out years ago selling three-speed bicycles (MS-DOS); these were not perfect, but they worked, and when they broke you could easily fix them.

There was a competing bicycle dealership next door (Apple) that one day began selling motorized vehicles--expensive but attractively styled cars with their innards hermetically sealed, so that how they worked was something of a mystery.

The big dealership responded by rushing a moped upgrade kit (the original Windows) onto the market. This was a Rube Goldberg contraption that, when bolted onto a three-speed bicycle, enabled it to keep up, just barely, with Apple-cars. The users had to wear goggles and were always picking bugs out of their teeth while Apple owners sped along in hermetically sealed comfort, sneering out the windows. But the Micro-mopeds were cheap, and easy to fix compared with the Apple-cars, and their market share waxed.

Eventually the big dealership came out with a full-fledged car: a colossal station wagon (Windows 95). It had all the aesthetic appeal of a Soviet worker housing block, it leaked oil and blew gaskets, and it was an enormous success. A little later, they also came out with a hulking off-road vehicle intended for industrial users (Windows NT) which was no more beautiful than the station wagon, and only a little more reliable.

Since then there has been a lot of noise and shouting, but little has changed. The smaller dealership continues to sell sleek Euro-styled sedans and to spend a lot of money on advertising campaigns. They have had GOING OUT OF BUSINESS! signs taped up in their windows for so long that they have gotten all yellow and curly. The big one keeps making bigger and bigger station wagons and ORVs.

On the other side of the road are two competitors that have come along more recently.

One of them (Be, Inc.) is selling fully operational Batmobiles (the BeOS). They are more beautiful and stylish even than the Euro-sedans, better designed, more technologically advanced, and at least as reliable as anything else on the market--and yet cheaper than the others.

With one exception, that is: Linux, which is right next door, and which is not a business at all. It's a bunch of RVs, yurts, tepees, and geodesic domes set up in a field and organized by consensus. The people who live there are making tanks. These are not old-fashioned, cast-iron Soviet tanks; these are more like the M1 tanks of the U.S. Army, made of space-age materials and jammed with sophisticated technology from one end to the other. But they are better than Army tanks. They've been modified in such a way that they never, ever break down, are light and maneuverable enough to use on ordinary streets, and use no more fuel than a subcompact car. These tanks are being cranked out, on the spot, at a terrific pace, and a vast number of them are lined up along the edge of the road with keys in the ignition. Anyone who wants can simply climb into one and drive it away for free.

Customers come to this crossroads in throngs, day and night. Ninety percent of them go straight to the biggest dealership and buy station wagons or off-road vehicles. They do not even look at the other dealerships.

Of the remaining ten percent, most go and buy a sleek Euro-sedan, pausing only to turn up their noses at the philistines going to buy the station wagons and ORVs. If they even notice the people on the opposite side of the road, selling the cheaper, technically superior vehicles, these customers deride them cranks and half-wits.

The Batmobile outlet sells a few vehicles to the occasional car nut who wants a second vehicle to go with his station wagon, but seems to accept, at least for now, that it's a

WHOA!!!

[serutan]

[dials wife] Honey, I just read on Slashdot something about Home Depot going out of business. We need 2x4s and sheetrock for the new rec room! Meet me at Home Depot in the mini-van! Bring the tape measure! Wait. First I gotta go post this on Fark. Holy Crap!

PHBs consider tech-pop-media credible?

[walterbyrd]

They must be stupider than I thought.

I think you need to get the point across that any pop-media is not reliable, for several reasons. They pander to their advertisers, they sensationalize, their writers are just that *writers* they are not experts in technology - at least not anymore.

I don't care if the tech-pop-media is occassionally pro-linux, it's not reliable. You need to make the point that the company should make decisions only on *reliable* data, as opposed to that crap spewage.

Speak in their terms and provide facts.

[Geekrob]

I've been challenged many times by management with this type of issue, whether it be Linux, open source or even just a new product.

You need to get them away from the IT "RAGS" as their only source of IT information, they use "shock value" to sell an issue. You can almost always find an article by the same publication that contradicts a previous postion (sometimes event the same author).

Use your vendors to help back your position. For instance I got my Oracle, IBM and HP reps together to support our Linux push. All they had to say was x% of their growth was in the Linux space. Belive it or not, if you have a good relation with a vendor, your management will be very willing to hear what they have to say.

Also, take a look at this article, it really says it all. http://www.freesoftwaremagazine.com/free_issues/is sue_10/convince_management/.

Hope this helps and good luck. Just remember don't recommend a technology just becuase it is cool, management hates cool!

Show current use in the organisation

[|>>?]

You state that "Linux has prooven itself (time and time again), for over 5 years in our company". Perhaps you need to amplify that. For example, if it's providing email services find out how many emails Linux handled, or how much data it routed, or how much down-time there was, or how many server patches were needed, or how many reboots were required.

You need to communicate what it is that Linux does already and how it stacks up.

For all I know your pay-roll file server is a Linux box and a statement that reads like: "Well for one, you got paid yesterday because the Linux server was doing what it's supposed to do."

I should point out that you should not lie and make up stuff because it will come and bite you.

Re:NO! Re:Define the terms and you're halfway ther

[MZoom]

You're assuming an equal relationship between the parties. Most of the time you are not given the opportunity to seek common ground where the power relationship is disproportionate.

"Arguing with a superior is rarely a healthy career move." is exactly what I started my post with, so NO I am not assuming an equal relationship!

You wrote, "you do have to advance a set of reasons in favor of your position if you want to do the right thing for the organization", of course you are still saying that advancing the "position" is the thing to do ...well if that is true then the opposing side may do exactly the same thing as you and do as much as possible to "advance" their "position" which is exactly why positional bargaining is seldom successful in maintaining healthy relationships between a superior and a subordinate.

After all you do not want to alienate your boss so much that your zeal for arguing positions creates self-inflicted barriers to getting what you want in the next project or decision that needs to be made.

.NOT

[JulesLt]

Nah, not when they can do the same with programming as they did with hardware and OS!!

Stay calm...

[paj1234]

Remember, executive types don't want to think about complex technology issues. They want to think about golf.

Upgrade Time!

[Tinned_Tuna]

I think the best way to get Linux even thought about, is not to try to change OS 1 year after an upgrade. Wait a little until upgrading comes back onto the table (in the mean time, prepare your arguments), and then drop in Linux as a viable alternative, giving both technical and fiscal reasons why it is much a much stronger choice then any of the competitors

You can't tell the train where and when to stop, you've got to wait until the train stops where it wants, when it wants