Slashdot Mirror
The Hidden Cost of Using Microsoft Software
Glyn Moody writes "Detractors of free software like to point out it's not really 'free,' and claim that its Total Cost of Ownership is often comparable with closed-source solutions if you take everything into account. And yet, despite their enthusiasm for including all the costs, they never include a very real extra that users of Microsoft's products frequently have to pay: the cost of cleaning up malware infections. For example, the UK city of Manchester has just paid out nearly $2.5 million to clean up the Conficker worm, most of which was 'a £1.2m [$2million] bill in the IT department, including £600,000 [$1 million] getting "consultancy support" to fix the problems, which including drafting in experts from Microsoft.' To make the comparisons fair, isn't it about time these often massive costs were included in TCO calculations?"
For example: The State of Vermont's Agency of Human Services just went through a similar exercise and I'm sure it cost them a fortune. The state is suffering financially as it is and yet, we haven't heard a WORD (there really isn't any investigative news in VT) about the outcome or how much it is costing
"Oh my god, not this AGAIN!!"
Error reading device 'Signature'. (A)bort, (R)etry, (F)ail?
I don't want to sound like a detractor of free software (I actually favor FLOSS as much as I can), but it's not like Linux doesn't have any malware written for it. Sure, it's to a lesser degree, but it's still there and I'm not sure the costs of removing them are systematically calculated into the TCO either.
You might have a point.... except that Apache is far more popular than IIS and yet IIS is the one routinely attacked.
MS can't include these into calculations for obvious reasons. They must proceed as if such vulnerabilities don't exist in order to market their product. What's funny is they don't want you to either. They want to hold themselves up as either "just as good as" the next guy or make excuses for their lack of security.
In the long run this is a cost that need not be spent. There are alternative OS's and it's high time governments, of all entities, started using open alternatives. It's not just costing them in terms of being beholding to corporations like MS but in real dollars as well.
The question is not "Is Linux inherently as cheap as Microsoft". No. The question is, if we include all costs, including virus and other malware related costs, will Microsoft cost more than Linux.
Just as Microsoft is correct that when considering the real cost of 'free software', you have to include costs such as training, you ALSO have to consider the costs incurred due to malware.
excitingthingstodo.blogspot.com
The change of the user interface in Office 2007 is one huge hidden cost. It was done to make things "easier" with the result that old users instead have to re-learn the user interface completely and have a really hard time to do even the things that were simple before.
And some things that was easy in the old Office version is now really cumbersome. The style handling in Word is one example that can make the blood pressure rise.
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
Flame War; Didn't Read
But seriously, 2 MILLION to clean up some viruses? I need to move to Manchester and become a consultant!
No comprende? Let me type that a little slower for you...
What the hell were they doing paying $2.5 million to clean up a worm? Seriously? Hell, you could have paid the guys who wrote it 2 million to exclude your IP range in the fricking code, and saved 500k!
Governments have got to get their crap together on this stuff. When that worm hit corporate here, in luddite central, the number of effected machines was under 30...For the entire corporation! And that's with all properties connected by a corporate WAN.
That they had that level of infection is inexcusable. Shows that they're just wasting money right and left and getting nothing but a crap product.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
This story thread will have an extremely large number of posts which are highly moderated, but contain very little original or useful information.
#DeleteChrome
Yes, your complaint would apply if the entire world was considering switching from Microsoft to Linux. But when I advise my boss about the comparitive costs of using MS or of Linux, I would be foolish to refuse to include costs related to viruses simply because if in a mythical world where people used Linux more than MS then in that mysthical world the virus cost would be lower for Microsoft.
As a busineman, I must live in the real world and base my costs on reality, not your dream world. In reality, currently, Linux has lower virus related costs and I there MUST include the cost to deal with such problems when calculating the lifetime cost of software.
excitingthingstodo.blogspot.com
You might have a point.... except that Apache is far more popular than IIS and yet IIS is the one routinely attacked.
Citation needed? ;)
Seriously, some data would be nice.
I am not following your argument, since windows has a higher market share than FOSS solutions it is exempt from malware removal costs? I think the point of the article is that while CSS vendors tout that FOSS solutions are not 'free' in terms of TCO, they neglect this cost that affects them more heavily than the completion.
I don't think the reason behind them having the higher cost (higher market share) is relevant. It is a cost, and they have a disproportionately large percent of it, admittedly for a quite valid reason.
No one said Linux is "bulletproof". Don't try to change the topic.
TFA is saying that the closed-source software costs more when operating costs are included in the total price tag. How much does industry pay for malware protection, virus protection, trojan protection, downtime from infection, and loss of productivity as a result of closed-source software? Those costs are relevant to businesses and should be considered.
That would come out of a different Cost Center which requires pre-approval. The emergency CC is funded for..you know..emergencies and gets funded On The Fly when it is affecting the bottom line. You know what they say "It's easier to ask forgiveness than permission"
"A person is smart. People are dumb, panicky dangerous animals and you know it." - K
Probably because when the web server is IIS it's always the same operating system platform behind, which in turn means that as soon as a breakthrough occurs it's often easy to continue with the penetration.
On an Apache web server you can't tell what kind of platform it runs on, which means that an attack that works on one server may be completely useless on another.
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
Maybe the world still runs on Microsoft because the TCO difference just isn't high enough to justify the cost of switching. The cost of migration has to be figured into the TCO of the alternative, despite how unfair it sounds to do so.
Really? You are allowing an infected machine to remain on the network with only a free firewall protecting the rest of your corporate network? Pulling a stunt like that would probably get me fired. It's not a matter of how technically sound the solution seems to be - it's a very high ongoing risk factor to the stability of the rest of the network.
Just because I can hook a shark from a boat, I do no offer to wrestle it in the water.
Maybe it's a strength that Linux is used less. That results in a lower cost of ownership overall for organizations "right now". In the far future, this could change obviously, but nothing suggests that this cost will be larger than that of Microsoft implementations, not by any margin, not any time soon.
So, as fundamentally correct as your point may be, the story "beats" you because it points out that Closed Source is misrepresenting a lower TCO by not accounting for security issues with the entire solution.
Close source solution offers "skip over" the windows virus/malware problem, Open Source has a clear answer to it now, and likely in the future. Large contracts should be made evaluating these things thoroughly, and include a real assessment of the validity of these offers, and not just take Joe I.T. Contractor's word for it.
This is a good point that I hoped someone would make. What is not explained in the article is that "Windows" isn't exactly the cause of the problem, but "Windows XP." If systems were maintained and upgraded per Microsoft's recommendations, Conficker would not have been anywhere near as big a problem. Say what you will about Windows Vista, if Manchester had upgraded their systems to Vista on the client side (or at the very least, not allowed users to run XP under Admin credentials), Conficker would never have been able to install itself.
I'm a big promoter of Open Source, but I work in a Microsoft shop where we still have all our desktops standardized on WindowsXP, but we never allow standard users to run as Admin, and we never had any problem with Conficker.
Migrating to Open Source would help a lot, but Manchester just needs better IT support (or more likely, better IT management) all the way around.
How about patching your systems in a timely manner so you don't have to suffer through these reactionary costs? The patch for the exploit conficker used was released in Nov 08. When did conficker start spreading around, Jan 09? Just saying.....
Insert funny smart-ass comment here.
First, As soon as one leak is plugged, virus writers can look for the next. Commercially speaking, the virus writers get paid when they find holes to exploit. Anyone can take time to do this. The individuals working to prevent viruses keep their jobs by plugging holes, but Symantec/McAffee/Trend Micro/ESET/Kaspersky/Your Vendor Here only has so many spots on the payroll for leak-pluggers.
Secondly, it's becoming increasingly common to have viruses mimic security software. Some of the latest crops of malware look incredibly similar to Windows security warnings such that even a reasonably computer literate person would have to take a hard look to be sure that they're genuine. Faking someone else's security warnings is significantly easier than proving that one is original in an irreproducible form.
Honorable mention goes to the bean counters. If the network director/consumer sees two packages, and one is $20 more expensive (or $20/seat more expensive), convincing people to pay extra for it becomes difficult. Even if one can prove that it genuinely does a better job, given the number of people who have let their subscriptions laps for months or years, convincing them to pay for the added security proactively, instead of a specialist reactively, is quite a challenge. Just look at how many people balk at paying for a backup solution before their hard drive bites the dust.
This is also the same reason that you don't see as many windows problems in a corporate environment: Because the users aren't administrators.
I recently switched my entire home network over to AD, and started making people actual AD accounts that are not local admins on their machines, and the number of problems that they're having has gone WAY down. Sure, they have to ask me whenever they want to do something like install software, but for the most part their system configurations are fairly stable -- they just do the same tasks day after day, they're not highly dynamic users who like to experiment with new and exciting software / hardware like I am -- besides, them having to call me insures that I have a certain degree of oversight as to what goes onto their computer, allowing me not only to support them better later on (since I know exactly what happened to their PC), but also allows me to preempt problematic software etc.
The problem is that for every penny they contributed in direct labor costs to clean up, there's probably at least as much wasted in employee downtime while services are unavailable.
If it wasn't for the fact that it was preventing staff from getting their work done, I doubt anyone would have spent $2 million to clean up Conficker.
I didn't RTFA, but it sounds like their total cost includes both the direct cleanup cost, and some of the indirect cost of paying people to be unproductive during the cleanup.
I'm out of my mind right now, but feel free to leave a message.....
My company was hit pretty hard by the conficker virus. It took a lot of users offline for days. The cleanup effort included bringing in a small army of consultants to help fix the issue. After everything was cleaned up and ready to go, IT's response to the outbreak was to kick our Virus Scanner into some crazy ultra cautious mode. The end result of that is 50% of my cpu is being used up by my virus scanner constantly and opening an app or compiling something in eclipse takes substantially longer than it used to. The fact that virus scanning software decreases worker productivity by tying up substantial system resources should be part of the TCO as well.
Our bugs are smarter than your test scripts.
I am not following your argument, since windows has a higher market share than FOSS solutions it is exempt from malware removal costs?
Not that its exempt, its that should people target Linux as much, the figure would likely be the same.
Also, if you keep up with security patches (like you should, regardless of OS), it becomes a non-issue. This is really just FUD aimed at MS, using 2001 "MS is insecure" arguements which are no longer true today.
Parent poster is full of crap.
Make no mistake: if Linux were as widely used as Windows, there would be bugs galore to be a-cleaning in Linux land.
This is the same as stating: "If linux had the number of users that microsoft windows had, it would be victim to the same number of viruses, malware, and general script kiddies" which is complete bullshit.
I'm sick of hearing this argument, only a complete tool would believe it. *Nix systems are inherently more secure, due to its security model (file permissions, groups, no admin rights, etc), and to the fact that it literally forces you to not be a complete moron (security wise) while using it. Furthermore, because of the variety of software that can be installed on each box, only the most common programs (apache, nginx, ssl, ssh, etc) would be effective targets to attack, limiting the areas an admin needs to cover.
Due to the above, there are only certain attacks that would be effective to a *Nix system. Off the top of my head, this leaves: privilege escalation, man-in-the-middle, and social engineering (a problem everywhere, regardless of OS).
In short, a Linux machine that is run by a competent administrator is MUCH more difficult to infect or attack than a Windows machine, and the parent is a moron.
I don't think so.. Here's why.. users are lazy, and this is the biggest vulnerability.. With most Linux distributions, software is distributed by the "distro" (usually through repositories) .. This is the easy way.. The hard way is installing from outside this source and making it work.. the really hard way, is compiling from source... Now since most users are lazy, it's generally going to come from the distro repo where it has gone through many eyes and testing before it was available.. The other difference is executables.. If someone emails me something like a script, it requires extra effort to make it executable.. again laziness prevails in Linux's favor.
waiting for ad.doubleclick.net
You might have a point.... except that Apache is far more popular than IIS and yet IIS is the one routinely attacked.
Citation needed? ;)
Seriously, some data would be nice.
http://uptime.netcraft.com/up/today/requested.html
"Be prepared, son. That's my motto. Be prepared." --Joe Hallenbeck
not just that but it affects the services provided. For example, I know of a police force that was infected by conficker. It got everywhere. The consensus is that the company providing the mobile data interfaces was the original source of infection (but you cannot prove where conficker came from, its pervasive), and for a long while the officers on the beat had to use their handsets as mobile phones - no data, so no event updates and no communication with the CAD system.
I don't know the cost there, but they had con-sultants in from Microsoft to help clear the mess up and they weren't cheap. The infection lasted for 2 weeks, and they had reduced service for several weeks after that.
That's just for Conficker. Remember storm, sql slammer, I love you?
Well, so long as netcraft confirms it...
Fast forward. MS only produces complicated behemoths. To this day MS Windows has not completely understood it is a network OS(perhaps 7 will do it). It is no longer the case that a part time person can keep 20 machines running. And when something does happen, it can be very difficult to fix. A single event can require a complete reinstall of the OS. I've made mistakes of going to a wrong web site and had this happen on a completely up to date machine. I have allowed untrusted parties to run my MS machines and have had significant damage caused within the hour. MS machines are the dependable work horses they once were. It now requires a significant infrastructure to keep MS machines a production. The best case scenario is to treat each machine as a RAID, keeping data off the machine, and using a standard HD disk images. Doesn't this sound like the pre-MS days of the so-called inefficient mainframe. MS is worried about this and has began a defensive campaign against IBM.
I would argue that MS machines are now, overall, as expensive and inefficient as the Unix machines were when ATT tried to save themselves with the introduction of this machine. This does not mean that MS does not have value, at least to legacy customers, but it may not be the best choice for startups, as Unix was the not the best choice in the late 1980's.
I can point to an exact time, around 2000, when MS became too expensive to use. It was a time whem MS would accuse paying customers of theft. Force customer to undergo intrusive and expensive audits. Require support staff to be redirected from supporting the customers need to make a profit, to the MS need to make a profit.
In light of this, I think we are going to see non-MS solution, just like we say non-ATT and non-IBM solutions. The biggest impediment to this is the easy supply of reliable naked PCs with full support to the SOHO owner. I think some companies, like Gateway, made a mistake in continuing to hook their saddle to the MS bandwagon instead of providing *nix solution for common business problems. In many cases, smart firms buy solutions, not an OS.
"She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
Windows has file permissions, too. Thats not the issue. The issue is more RPM/DEB and the fact that most users can install all they need through a trusted channel (yum/apt).
I don't get it, what prevents the attacker to try every recent vulnerability on that host, and he even guess some information about operating environment based on server replies it's not like this hasn't been done before. I suppose your criticism is valid but, if the attacker is serious about breaking into a system running apache he's probably got some exploits for more common operating system anyway, so this makes things a little bit difficult, but not by much.
Comment removed based on user account deletion
The company I work for tried switching. I really sucked. I submitted countless tickets to the IT department to fix printing and pdf. Yes linux can print some stuff. Yes linux can open some pdfs. But doing out of the ordinary things like trying to print an A3 pdf landscape apparently rarely gets tested. Not being able to set printing defaults across all applications really is stupid (ubuntu). I would have gladly paid the microsoft tax out of my own pocket just to get the satisfaction of actually being able to get some of the most basic functions of my electrical engineering job done.
No, it submits passively.
I expect your shop is 100% Windows precisely because you're too macho to accept the many good reasons why a shop that is 100% anything makes you vulnerable.
Your arrogance will be your downfall.
People who say "sheeple" have about as much sophistication as an AOL user, and in fact are probably actually AOL users.
waitasec... #4, www.bing.com, runs on *LINUX*? Man, the kool-aid in Redmond must SUCK.
"I guess the moral of the story is, don't paint your airship with rocket fuel." -- Addison Bain
You've done your part!
"hacked" and "infected" are worlds apart.
This is the difference between your personal server being
rooted and the entire internet being brought to it's knees.
It's like the difference between needing to go to the hospital
because someone decided to stalk you and then shoot you versus
getting some plague like disease for going out in public.
Being hacked generally requires personal attention on the part of ...and there is "anti-exploit" code in Unix. It's probably been
some conscious assailant rather than just some automated bit of
malware exploiting some fundemental design flaw in the software
you're using.
around longer than the comparable "code" in DOS and Windows. The
fact that Unix is a harder target and it's users are intolerably
smug doesn't mean they aren't thinking about the problem.
A Pirate and a Puritan look the same on a balance sheet.
The answer is, is that it's because the IT staff obviously were not on top of the maintenance of the computers. Rolling out Windows Updates is not a difficult task, computers can be set to do it themselves, or you can use a centralized roll-out system like WSUS.
You've failed to address one of main reasons why "big shops" don't get updates out in a timely manner: The need for updates must be carefully balanced against the likelihood that updates are going to disrupt mission critical systems.
As an IT guy, you should probably know this. Maybe your systems aren't so critical, and you can afford to believe the absolutist tripe about how it's the IT staff's fault for not getting the update out in time. IME, the real world is rarely so black-and-white, and keyboard badasses that make grand pronouncements are rarely worth listening to.
People who say "sheeple" have about as much sophistication as an AOL user, and in fact are probably actually AOL users.
Further to that, bing.com has more views than google. Also, what the hell is tooooop.net?
Copyright 2010. All rights reserved. This comment may not be copied in any way including, but not limited to caching.
To claim that Window's insecurities aren't part of the true cost of Windows is genuinely dishonest. If you run Windows, and you DO NOT invest in security measures, you are a complete and utter fool. If you run Windows and you invest in inadequate security measures, then you are a mere run of the mill fool.
Any mission critical computer with sensitive information on it has to have expensive security software installed, and it must be supervised and monitored frequently. It is EXPENSIVE to keep a Windows machine "secure".
Only the basest of MS fanbois will say the same about *nix. Granted, only an idiot would set up a *nix machine without setting up a firewall, permissions, and other accepted security measures. But, an idiot can indeed manage to set a box up, and to run it for extended periods of time without problem, because *nix has a lot of security BUILT INTO IT. (Well, as long as our idiot doesn't run as root all the time - nothing can save an idiot from himself if he disregards ALL security measures.)
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
Douglas Adams' bowl of petunias thought "Oh no, not again". "Oh my god" was not part of the petunias' thoughts because it's widely known that petunias are, by and large, atheists.
I have no problem with your religion until you decide it's reason to deprive others of the truth.
Believe it or not, there are a whole lot of Microsoft users and some of them like their products. Automatically assuming someone is a shill because they speak positively about Windows is just plain retarded.
I believe that the majority of corporate bosses are too stupid to pick up on this meme for the foreseeable future.
I am sure that in 30 or forty years it may become a problem, but by that time I will have retired.
In addition, many of the "costs" Microsoft calculates are in fact dependent on Linux being less poopular than MS. If everyone is using Linux, then the costs to retrain etc. will NOT be present.
No, Microsoft is not allowed to put in tons of "Linux is not the primary system people know" costs and then exclude the "Linux is not the primary system people write viruses for" costs.
Not to me at least.
excitingthingstodo.blogspot.com
The "real world" cost I find most annoying in dealing with software licenses is the human bandwidth cost of dealing with software licenses. The fact that an expense is involved launches all sorts of machinery within the company, requiring input from accounting, legal, management, etc. to determine which is the best choice, are we wasting money here, etc. Compound this with vendor's menu of selections that have to be considered, explaining the menu options to each concerned player, etc. etc. Then, if it is a renewable license, there's the annual annoyance of paying for the update, do we still need it? do we have to do accounting to the licensor? sales calls from the vendor, etc. When it's free, it's free - use it, or not. Simple decision, tons of hours saved simply because money is not involved.
There are other factors involved in deciding which software is "best" for a particular need, but if a "free" software will do the job adequately, it is saving several man days per year to use a "free" software as compared to having to turn the crank on the money machine.
waitasec... #4, www.bing.com, runs on *LINUX*? Man, the kool-aid in Redmond must SUCK.
Microsoft doesn't want bing.com to get attacked by the same malicious entities everything else they run does?
Anything can be found funny, from a certain point of view.
that is run by a competent administrator
This would be the key to any secure system. It is also possible to run Vista securely, but nobody does because that would require "training" the users more than we are used to. Linux is more secure by default, Linux users are more accustomed to running in a secured environment, etc.
Is the Linux security model "better" than the Vista one? I think that's a 99% subjective question. Subjectively, I find it easier to run Linux securely than Vista, and more importantly, it is easier to do things securely in Linux than to do them insecurely, in most instances. In Vista the opposite is often true - far easier to run in Administrator mode than to hassle with reconfiguring something to work properly in a secure way.
But, if you have a competent administrator and well trained users (both as common as Blue Moons on Thursdays), then Vista can be run just as securely as Linux, but then, well trained Linux user/administrators are also quite rare, in the real world.
This is not a hidden cost of Windows, but a hidden cost of having ignorant admins and/or management. If you're spending $2.5 Million cleaning up a virus infection, you've done something terribly wrong along the way. Most machines in most places of business maintain the same software day-in and day-out. Those machines should either be booting via write-protected remote images or using something like SteadyState to keep everything running perfectly. The servers should have correctly created permissions and security which make viral infections nearly impossible. The rest of the machines should be locked down with policies, limited privilege accounts, and software providing protection from infections. They should also be regularly imaged (as in nightly to a SAN/NAS/etc).
That's just the common sense little stuff. There's plenty more that could be done as well, but just the above will all but guarantee you never see a multi-million dollar cleanup bill regardless of your choice of OS.
-- "Government is the great fiction through which everybody endeavors to live at the expense of everybody else."
yadda yadda MS has 90% market share so that's the reason it has malware yadda yadda
I absolutely hate this argument. It assumes such a simplicity, that the only consideration that people pick for coding a virus is marketshare of the target. Of course it's one consideration, but not the only. It,. more importantly, seems to want to wash Microsoft's hands of the problem, meaning nothing will get fixed. There are a lot of things MS can do to help the situation (and in their defense they have done some) but saying "it's because they own the desktop, nothing to see here, move along" doesn't help anyone. Including you, when your net is down because some Conficker DoS.
The problem with Microsoft is just how damn easy it is to write a virus, at least in the old days. Microsoft had a system (Windows + Explorer + Outlook) which:
This is the essence of all VB email viruses. This bad design had absolutely nothing to do with marketshare, just made the impact much more widespread.
Also, they allowed HTML email to hit activeX, which means an untrackable email can execute code just by you opening the mail. It's the Goodtimes virus, but for real.
I personally use windows, and prefer windows, and since XP came out have never had a problem with it myself. The biggest problem with computers is they're technical machines which lend themselves to needing to have technical knowledge in order to use one safely/correctly....which the majority of people do not have.
An analogy would be that "cars are complicated now, with computers and stuff, and people need to be expected to know all that tech stuff to operate safely, so we can let them explode or catch on fire if people are not paying attention 100% of the time, because it's really their fault if the car blows up when you cross the yellow line"
Again, simplicity in argument. YES stuff is complicated, but there are a lot of things you can tie down by default. MS is driven by checkbox marketing, the more features the better. This blows up when people have a financial incentive to exploit those features.
What is more likely happen if Linux comes out on top is that there will be several companies that will provide distributions that will all be different, but which all will function and (god forbid) interoperate. If such a thing comes to pass, the single attack vector for malware writers dissappears, and they will have to work significantly harder to get a smaller payoff. You know that little thing, free market? The one we almost got rid off in our desire to serve the corporate overlords?
Careful, your Microsft uniform is showing. Ratchet back the shilling for a couple posts, then try it again more carefully. Also, "Windows anti-exploit code is insane" is not an approved meme. We don't want people thinking Windows drools on itself, now do we?
Just another "DOJ fascist authoritarian totalitarian bootlicker" -- Zeio
Your post might give the reasons why there are more viruses for Windows (although I would dispute your explanation) but the reality is that for whatever reason, Windows has much more of a problem in this area. One of the things that it routinely done in TCO calculations is to factor in the cost of 'retraining' users to use a different OS than Windows and a different office package to MS Office. That retraining is only required because of the MS market share. If it's fair to factor in those costs (which wouldn't be an issue if MS didn't hold a dominant/monopoly position) then it's definitely fair to factor in the virus/malware costs (which you claim are also because of their dominant position).
Microsoft's tech "support" costs are truly one of the largest hidden costs of ownership. Assuming you can get a human on the phone at Microsoft, you're frequently directed to the wrong person, the wrong automated telephone system with inappropriate choices, the wrong department, the wrong planet... Spent 3 hours this weekend trying to get my temporary Vista Enterprise software (temporary 30 day solution) downgraded to Home Premium, which I legitimately own without having to reinstall everything. I was trying to be honest. After 3 hours, I just gave up, got online and hacked the registry to turn off notifications. 3 hours, 4 tech "support" personnel in India, 5 different, useless phone systems and .....nothing. Microsoft's eventual demise will be their own fault, plain and simple. Windows used to make my life easier. Those days are long gone.
Please do not read this sig. Thank you.
I suppose people think that complexity is some how better or more indicative of truth... because why are we trying to battle on these obscure money-lenders' rationale of governing costs of software? It's simple, linux is downloaded for free, and to get Windows alone is what.. 199.95? Oh, and how much for Photoshop? Oh, maybe add Maya, and then perhaps some VM software? Because, we all know that Windows by itself, out of the box, is rather limited. Add in a full blown development environment... oh, yes and Microsoft Office I presume yes?
TCO is bullshit. Windows has a price tag greater than 0. No matter how complex or convoluted you get, no matter how many lawyers with fantasy rationale obfuscating the obvious, no matter what is said or how it's said... any price on Windows is always going to be more expensive than free.
Cost of operation? How much wasted time do you think has been put into trying to figure out mundane tasks in Office 2007? Might as well be a completely new product, Open Office which clearly is a different product is more familiar to a previous Office user than 2007 is. TCO accounts for "training" as their defense? They are shooting them in the foot. I mean, you always have "training" with new software. Sometimes you have it with just bug-fixes or upgrades. Some of us, it might only be "familiarizing", but others who are so dead set in a routine to complete a task will struggle for sure.
What is it, about TCO, is relevant, useful.... real? Keep that to yourself, I've read all the garbage. Bottom line is there's really nothing governing this bullshit "TCO" philosophy, any more in favor of Microsoft than any other software or product for that matter. The real fact is the real numbers. 199.95 for retail Windows. And then tally up all the numbers that would make your "Windows" installation, and all the third party software, "legal". There's your real cost, there's the obvious cost.
How much do you think it would cost to have a legit Windows box? 5,000 USD total in software costs?
No, better yet. How much would a Windows box cost, purchasing all of the commercial software available that would enable the Windows user to do what the typical Linux installation can do? I mean, I have photo editing software, 3D renderers galore... office suites, every server imaginable, VM software, conversion tools... jesus my box is Linux... nuff said. My Windows box would break the bank paying for and installing only a fraction of the capabilities in commercial software.
Now, site wide licenses, think organization size... thousands of desktops... niche market functionality... dear god. TCO is the least of your worries it seems.
Permissions, primarily. As I sit here in front of my Debian/Ubuntu machine, my user name is "guy". I can do nothing outside of my home folder. I can't infect another user's files, can't touch any system file, can't touch root's folder. There is no C:\Program Files - meaning that I don't have write permissions to ANYTHING outside my home folder. If I wish to install a program on this machine without becoming root, I can install it to my home folder. In such a case, the program has no write permissions outside my home folder. Using any programs that root has installed doesn't give me write permissions even to that program's folder - any data that the program needs to save to my profile, history, or whatever is written inside my own home folder. In fact, I don't have access to all the programs that root has installed. I have to become root to use things like Wireshark properly, or to use the package manager.
With Windows, a limited user has to ActiveX among other things. A limited user can save files to various places outside his home folders, unlike *nix. While the Windows Administrator can lock down a lot of Windows system files, he can't prevent even a limited user from making changes and/or writing files that might be booby traps lying around waiting to be executed by a more privileged user.
While NT variants of Windows are vastly superior to Win9.x in that they actually HAVE a security model, that model doesn't compare with that of any *nix system.
Until I type in my password for sudo or root, I have fewer privileges on Debian than I would have on a limited account on Windows. I can't even open an internet connection - root does that at bootup with a script.
And, to be perfectly honest, I don't NEED privileges very often. I could probably run this account for the next year without becoming root, and manage to do everything I wanted to do, except for testing new programs and updating.
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br