Slashdot Mirror
Ask Slashdot: Why Not Linux For Security?
An anonymous reader writes "In Friday's story about IBM's ban on Cloud storage there was much agreement, such as: 'My company deals with financial services. We are not allowed to access Dropbox either.' So why isn't Linux the first choice for all financial services? I don't know any lawyers, financial advisers, banks, etc., that don't use Windows. I switched to Linux in 2005 — I'm well aware that it's not perfect. But the compromises have been so trivial compared to the complete relief from dealing with Windows security failings. Even if we set aside responsibility and liability, business already do spend a lot of money and time on trying to secure Windows, and cleaning up after it. Linux/Unix should already be a first choice for the business world, yet it's barely even known of. It doesn't make sense. Please discuss; this could use some real insight. And let's at least try to make the flames +5 funny."
The thing people like a lot of the times is that microsoft offers support, they have it stuck in their head that if you spend money on it, it must be better than a free alternative. Pretty simple really but that's human nature in this day and age, we are programed for it from commercials on tv to radio to Target and Walmart.
...is the major problem afaik.
Maybe it's because Windows' security isn't the rotting mess it was 10-15 years ago?
Simple, because upper management always wants more windows.
This has been discussed ad nauseum here over the last decade.
One big reason why things are the way they are, is that corporate types want somebody to blame when things go pear-shaped. There's not many linux companies of enough size to handle that. Just RedHat and SuSe.
Another reason is yes, the apps. The simply *must* have MS Access and integration with the whole Office suite. Anything that doesn't have this is likely a non-starter.
C|N>K
If you've got things to do, learning how to operate a Linux system is low on the priorities. If people start finding hiccups because of the differences between Linux and Windows they'll rapidly complain to tech. support, who will soon fold under the pressure of people not being able to meet their commitments due to not understanding their workstations.
Linux isn't the top dog because it's 'more secure' than Windows, it's not the top dog because it's not as well known as Windows. I see more people using Mac in the workplace now, and with the popularity spike in BYOD I would suggest that if Linux were to become more user friendly, Linux would be slowly be adopted anyway.
We should remember that >60% of servers run Linux, versus Windows.
Windows is easy and that's why they use it.
Office.
The formats are a de facto standard, Open/LibreOffice aren't completely interoperable 100% of the time, and no one ever got fired for using the solution that works best with the documents/spreadsheets everyone else is creating.
This is like saying: Some companies have prevented their drivers from parking their cars in the bad part of town (i.e. the cloud). These guys all drive Fords, but I drive a Chevy. So why not leave my Chevy in the bad part of town instead!
Oh wait...
I'm pretty sure DropBox runs its servers on Linux, but that's completely beside the point. Guess what's more secure? A fileserver that you own and physcially control that happens to be running Windows that's properly configured with strong ACLs and sits behind a VPN gateway... or a Linux powered PHP CMS setup that is leased from one of your competitors and is accessible to anyone who can guess a username/passwor combo?
Guess what: that example doesn't mean that "Linux is not secure" or that "only Windows is secure" either. Frankly, BOTH can be insecure and BOTH can be secure based on the usage and competency of the people who set them up.
AntiFA: An abbreviation for Anti First Amendment.
Must we really re-hash windows vs linux? Must we?
If I were a too busy to be bothered executive, my high level opinion of the hobbyist operating system would be that it's bound to be full of backdoors put in by the coders. What's worse, is when those backdoors cause my golden parachute producing institution serious financial harm, there's nobody to sue. At least if Microsoft were to do something dastardly, there's a few billion in assets to get the lawyers worked up over.
Enterprise management capabilities, genuine software (Office, in particular) as opposed to "compatible" or "capable" software, familiarity, upper management, vendor packages that require MS servers, and relative lack of people that can "fix things" along with their regular responsibilities, are just a few reasons why.
because the windoes security guys work for free!
One reason is because in many cases your system is only as good as your administrator. Bad linux admins are worse than competent Windows ones.
The security problems are from everything else you want to run on Linux.
Linux as, a complete platform, ends up just as exploitable as any Windows installation.
Or do you not recall the hacking of Kernel.org and Linux.com?
Linux servers/users are just as likely as Windows users to be running their OS & software without being fully patched.
[Fuck Beta]
o0t!
such as: 'My company deals with financial services. We are not allowed to access Dropbox either.' So why isn't Linux the first choice for all financial services?
Wait, what? What does one have to do with the other?
To answer the question - based on my own time served working in the financial industry - it comes down to support. They want the security of the big-time support contracts. Sure, there is Red Hat and others - but frankly, Red Hat's marketing machine isn't nearly as good as Microsoft's.
That being said: we upgraded to Windows 2000 on employee desktops from OS/2 Warp. At that time, enterprise Linux didn't have the same maturity that it does now. By the time we looked again, we had built a very involved application ecosystem using VC++ and MFC. The cost of porting it (or replacing it, which would have been better) was in the tens if not hundreds of millions. There's no way anybody was going to make the call to do that - better to go with the flow.
More importantly - Windows XP (finished upgrading a couple-few years ago) and even 2000 simply did not present us with major security flaws in any way that put our business at significant risk. All of our users had locked down non-admin privileges, and were tightly restricted in what they were allowed to do. The vast majority of these users (and we're talking 10s of thousands) didn't even have email access. Internet access was to a small list of whitelisted sites.
Windows, like Linux, is secure when properly managed. And until recently, Windows provided better tools for easily managing a secure installation on an enterprise scale.
1) Trying to run away from good security practice by going to something you perceive to be less targeted or better able to save you from yourself isn't a good idea. Hate to break it to you but really Windows itself is pretty good security wise these days. If you are having trouble the question to be asking yourself is what is wrong with the way things are set up. To me it is like having your house robbed and moving to a new neighbourhood, rather than locking your door at night. We run a mixed environment at work, and we don't have many Windows security issues, despite it being our big OS. Reason is we have a good security setup that provides defense in depth. We have real proactive security, not ostrich security.
2) Because often the products businesses need aren't available for Linux. People will point to half-assed alternatives because said half-assed alternatives are the best they can find. "Just write your own," is completely unfeasible to many companies, and uneconomical to others. If you'd save $X in terms of security issues and licensing but spend $X*10 to develop and support your software that does what you need, it isn't a good move.
3) Because Linux doesn't always, maybe even not usually, have a lower TCO. In our environment it requires a hell of a lot more fiddling than Windows to make it work. Our Linux lead spends a lot of time hacking around with things to make them work right, and dealing with customized setups (which we do a lot of being a research university) is a pain. I spend way less time fiddling to make Windows work, and not because I'm smarter to better than him. He's damn good. It just seems to be more trouble to get Linux to do what we need, the enterprise support tools aren't as robust.
Remember that security is only one facet of cost, and also remember Linux doesn't provide perfect security. You can argue if it is better or not, though many of the better arguments are just arguments of less targeting. Things like malware that the user has to download and run, an OS can provide no defense against that short of trusted computing or the like.
So you have to look at what it would cost and save in total.
Also as I said, really security talk needs to be about defense in depth and how to prevent problems, not about trying to run away from them. Security failures WILL happen, anyone who's done physical security know there's no such thing as a perfect defense, everything is fallible, and you have to have layers and you have to monitor and adapt to maintain good security.
I would rank a place high security that runs Windows but does things like: Have regular users run deprivileged and not hand out admin accounts. Have a good, but sensible password policy and use two factor authentication. Have all systems patched regularly and quickly and monitored. Run a host based firewall on all systems. Run an on access and on download virus scanner on all systems, centrally monitored. Run a network based firewall and IDS, maybe even more than one. Segments servers from workstations and only allows the access needed. Proactively monitors for problems. And so on.
I would rank a place low security if they just run Linux, give local users sudo, and say "Have fun, Linux is safe!"
Linux could potentially help with security, that would need to be evaluated by someone competent case-by-case. Linux does not give good security, it is layers and a process, not a magic bullet.
2001 called, they want their "get the facts" back....
C|N>K
It's stories like this that make me wonder why IBM isn't laying off people instead of HP. (Truth: HP wouldn't need to lay off so many people if they could tell people how to swap the crappy batter on the HP Touchpad. Then again, Meg Whitman is Carily Fiorina 2.0 now with Romney cues.)
But IBM has has also rejected allowing anyone from using an iPhone at office meetings over concerns that Siri may be spying on the company.
Also, remember a few years back how IBM was so eager for businesses to switch to Linux? Clearly they're not following their own advice considering they were hacked last week according to The Hacker News.
We can't move forward if everyone is taking steps backward.
The Rapture is NOT an exit strategy.
These days Windows is no less secure than Linux. May be even more secure, for the gung-ho attitude of Linux enthusiasts towards security issues doesn't make any good. Microsoft, on the other hand, takes security quite seriously.
Linux doesn't come close to Windows in the choice of business applications. I myself am a long time Linux user: switched over 10 years ago. It certainly became more usable in those years, but is still pain in the ass some times.
some claim (I'm not about to pay to read the article) that Linux is being used more. ISTR something about Solaris being taken up more in banking too, but that was long ago, before the Oracle buyout. Nobody with half a fucking brain is even considering putting Sun equipment into their infrastructure if they don't already have some.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
At least at the level of "business desktop", I believe "user stupidity" is a far bigger threat than "insecure operating system". Yeah, for a ___ server, or firewall, or really any sort of system managed by trained, competent people, the OS or applications may indeed be the bigger risk, but on the desktop? All it means is that instead of attaching bank_of_nigeria__withdrawal_forms.pdf.bat, they'll attach bank_of_nigeria__withdrawal_forms.pdf.pl when running a scam.
Linux is not a magic security bullet - such a thing simply does not exist. No OS is unbreakable. My company found that out ourselves, when we discovered just how completely '0wn3d' a particular clients' Linux servers were - let's just say the guy who configured them is now fleeing the *country* to escape the gross negligence and breach-of-contract lawsuits (when your job description is "keep these servers up-to-date and secure", and they're still running a version of Debian from '02 and participating in Anonymous DDoS attacks, you've failed).
Windows also, I have to admit, has gotten much better at security compared to the 95/98 days, or even the XP SP0 days. Linux still has a security lead, but that lead is now orders of magnitude smaller (especially since Linux, at least for certain distros, seems to be trading security for usability).
This is not about Windows, or Unix, or Linux, or OSX. This is about 3rd party apps, and their connectivity to the internet. Does Linux magically prevent Drop Box from sharing files? Does Linux magically prevent company data from moving offsite? This is about "Cloud" apps, not about Microsoft. Your reading comprehension falls below minimally accepted levels. You are banned to Facebook. Now GO! Stop Posting here. Further more whoever approved this article should stop working here.
It don't matter to me what software you use. If inclined I could crack just about anything in under 30 minutes. The problem isn't the software, it's people. People are trivial to fool, especially the ones who have a false sense of security, ie. people using a non-mainstream OS because they think it's impervious. Just remember, locks are made to keep honest people out.
Unix is actually very popular where security is a concern. Most of the internet runs on some variety of Unix.
Same in business.
But the reasons it's not even more widespread are:
a) Management and HR are clueless, and so they implement the wrong policies and hire the wrong people.
b) Microsoft spends a lot of money on getting people hooked on their technologies, including getting most universities to teach their crap, so many sysadmins are clueless regarding anything outside Microsoft.
c) CTOs get bribed. Those bribes determine what technology they buy. The FSF doesn't have much money to waste on bribes, but many corporations do.
WTF am I doing replying to an AC at 5 A.M on a Friday night?
One of the parts of the otherwise totally asinine "Zen and the Art of Motorcycle Maintenance" that actually did stick with me was the story about some little part of a motorcycle that can be replaced with just a little piece of tin can if it breaks, and in some ways it even works better if you do. But, in the auto parts store it costs $15. The point is this guy's friend would never consider using a piece of tin can on his bike, and would always buy the expensive part every time because he's the kind of guy that associates paying for something with quality. You could never convince him that a free alternative to anything could be better, because then why would anyone ever pay for it? And since there's these successful and widely popular companies selling the widget for lots of money and making a killing, they must be doing something right that can't be offered anywhere else. Having dealt with enough executive types that make decisions like these for large companies, they are almost universally this type of person. It's not that free can't be better, it's just out of their comfort zones. Really, I think it stems from faith in capitalism. Windows is it because its the big one that everyone uses, and that means everything to some people (unfortunately).
Yes, but you have to realize that most of those breaches require unpatched vulnerabilities and those are going to be on Windows machines most of the time. Just moving to another OS is sufficient to ensure a higher level of technical competence in most cases.
I suspect that, for large enterprises, 'security' as measured by 'how fucked it is after 6 months of clueless use by Joe Pornhound, his wife Jenny Incredimail, and his son Timmy Warez' is basically irrelevant.
Home users are basically helpless cattle; but they are also low value targets. If a drive-by download or a trivial trojan can't land some malware, they are safe. If it can, they are helpless.
Your enterprise, on the other hand, likely has the desktops locked down good and hard, firewall and IDS and people paid to care. However, they are a high value target. It is plausible, indeed quite likely, that they are getting actual human attention, from actually competent attackers, customized payloads, possibly even the honor of having one or more zero-days used against them. They are also much more likely to be running complex, web-facing applications, where the security may not rely on the underlying OS that much at all(how many sites have been exploited purely through more-or-less OS agnostic attacks on their CMS?)
In this scenario, it isn't entirely clear how much better Linux is than Windows(and, also, it isn't necessarily the case that the desktop OS matters nearly as much as the competence and vigilance of the chaps watching the network for funny business).
Why would anyone buy firewalls when we have iptables and as far traffic monitoring, why pay for some custom Snort frontend? Actually that goes for iptables too. I haven't boought a router, firewall, traffic monitor, shaper or spam appliance in well over a decade.
The world's burning. Moped Jesus spotted on I50. Details at 11.
Although Eclipse is a good IDE, Visual Studio simply feels more polished. Dev managers like the idea of a robust visual debugger. And Windows Forms has much more fancier (and useful) controls than Swing or anything in the Java world.
One could argue that providing component libraries of complex GUI controls is a lot of what Microsoft is about. That's a big issue in financial services, where they develop and use rich clients instead of (or in addition to) web apps.
Now, you might argue that Swing (or SWT, etc) is cross-platform, while Windows Forms isn't. Yes, but that's not an issue for big corporations because Windows is on everyone's laptops and desktops.
Linus and more so Greg K-H have said so.
Security is not a priority. A security bug should be treated like any other bug. Which is bullshit. A bug that can allow full compromise of your system is obviously more severe than a bug that maybe uses up more memory than it should. Especially with Linux being used in a server role more than anything.
Not to mention the dev team seems somewhat anti-full-disclosure, advocating keeping vulnerabilities secret, or at least not publicly disclosing/admitting them until they decide to/feel like fixing them.
Linux is fine for a desktop, but without some sort of MAC(in which case it would surpass most competing platforms when it comes to security), it's worse than Windows.
I need to know what vulnerabilities are on my system, when they will be fixed, and to know that the developers have security as a priority. Sadly, that describes Microsoft far more than it does Linux.
Bring on the troll mods.
If you ignore ACs because they are anonymous - you're an idiot.
People use computers to run applications. The operating system should be chosen to support the applications they need, not the other way around.
Business already has too many problems with Mac fanatics insisting on using Apple products. The main issue is they demand the computer/OS *before* seeing if any of the applications used at the office are supported. Ass backwards.
However, the question in the article was a non-sequitur. The use of cloud services has absolutely nothing to do with operating system of choice. It has to do with losing control of data.
Case in point, IBM didn't say "You can't use Dropbox on Windows", they said "You can't use Dropbox". Yes, there is a Linux client for Dropbox.
Learning HOW to think is more important than learning WHAT to think.
I can't speak for the financial advisors and banks, but for the lawyers, it is inertia. In 2000, when I graduated from law school, the firm I worked at still used Word Perfect 5.1 on Windows 97. They were convinced in 2001, to upgrade to Windows 2000. Even then they ran Word Perfect in a DOS box. They kept this for two reasons. The first was they didn't want to retrain their legal secretaries. Document formatting is very important and intensive in legal briefs, so you need to know the word processor in much greater detail than to write a term paper. The second reason is that they had purchased a customized version of Word Perfect that integrated with the accounting software the firm used. This was not easily duplicated. When they finally did upgrade to Word, they had to buy a whole new accounting package, and the conversion process, including training, took months.
I suspect that what keeps law firms, and most other professionals, from making a switch to Linux is the desire to avoid the unknown and the learning that goes with it. That is bolstered by the fact that every industry has some killer app that just doesn't exist on Linux.
Bullshit, do you have anything to back that up with? Appliances to monitor traffic are not just a Linux thing, if you care about it that much, you'll want them for a Windows only network as well. As for firewalls, if you're at all competent, you should be able to set one up for Linux without any particular trouble, for free. Set up the rules once and you probably don't have to fiddle with them again.
And no, people don't work for free, so I'm curious why you're only counting that when it comes to Linux, I doubt very much that Windows Admins work for free.
Sorry for the anonymous post. I'm a regular /. reader but infrequent poster. It really comes down to convenience and support, not technology. I've worked in IT for a while (pretty much my adult life) and have been a Linux user/open-source advocate for over a decade now. The reason open-source OS's like Linux and BSD arn't dominating is support. This is why Redhat dominates the commercial Linux market, even though long lived distributions like Debian (my personal favorite) rival it in features and security, for free. Businesses generally quantify in monetary terms. Spending money on something that you can quantify, like support and a general expectation of performance (true or not), is an easier "sell" to management. Tech oriented companies generally don't have financially biased opinions, which explains why Linux and BSD excel in the web and mobile markets but stalwarts of industry stick to commercial solutions, such as Microsoft. But that's just my 2 cents...
Have gnu, will travel.
Because of OpenBSD? :)
These two statements:
> linux isn't secure by itself. you have to configure it to be secure ... make me suspect that you've never actually used a good, modern distribution. To address your latter point (as MightyMartian does elsewhere below), you do NOT have to "buy firewalls and all kinds of appliances," unless you just want to. Our company recently upgraded to Zimbra (the free community build) running on CentOS 6 and we retired our Barracuda Spam Firewall. We just don't need it, saving us several hundred dollars a year in subscription fees. I monitored it very closely for a the first few weeks after going live with it, but now I just check it every other evening or so. Works like a champ and I don't worry a whole lot about someone cracking it. :)
> and you still have to buy firewalls and all kinds of appliances to monitor traffic
Now for the first point. Any of the major distros that I can think of off the top of my head -- Red Hat/Fedora, SuSE/OpenSuse, Ubuntu, or whatever -- has a default install that is VERY secure. Red Hat even includes the (NSA developed) SELinux, and Suse includes AppArmor. (Not sure about Ubuntu, I don't use it.)
I'm very glad the Windows has finally gotten its act together and has become more secure, but let's face it, it took years. While they were figuring out that it MIGHT not be a good idea to allow someone execute code from a freekin' email, I was learning how to use Linux. Now I'm married to it and don't plan to get a divorce. :)
Cogito, igitur comedam pizza.
Or is it security by being a minority (e.g., think Apple)? I'm betting even an OpenBSD workstation is prone to become compromised once it's handed over to the average "user", who'll want to download and install unvetted software (etc.). And really, what do I know about the majority of the smaller software packages in the Ubuntu Software Center?
I've been working as sysadmin for some 7 years now, almost every company using Linux pays redhat licences (support or whatever) and I have never seen someone actually calling redhat for support...
I happyly use debian in all my computers but I people tends to be afraid of
I'm positive, don't belive me look at my karma
Linux isn't really more secure since the weakest link is always the user. There's nothing inherent in Linux that makes a Linux user less likely than a Windows user to type in his password when he sees a website popup a window that says "Disk Corruption Detected. Please enter your password to automatically fix it".
Even if the linux kernel and root owned files are secure from the user, it doesn't matter since if I want to compromise a user I don't need to write to /bin/*, I just need to write to his ~/.profile (or whatever startup scripts he runs). If there was money to be made in hacking linux (like, say, if every investment banker ran Linux as his desktop), there would be plenty of malware targeting linux.
Linux is mostly security through obscurity - aside from a few remote exploits (ssh vulnerabilities, apache vulnerabilities, etc) that can be used to take over servers, there just hasn't been a concerted effort to target Desktop Linux with malware because there's not much payback in it.
Zoidberg?
and the flavor is "Why not Zoidberg?"
Space Shuttle was a program that strapped humans to an explosion and tried to stab through the sky with fire and math
The ability to upload customer data to the cloud is the issue. I have no idea why you think this has anything to do with the client OS.
the security they want in this case isn't to keep people out; they have separate firewalls for that... it's to keep their employees and their data in.
i don't know how easy it is to lock-down windows, but i assume there are some industry standards for it. are there vendors of certified locked-down linux? that's what it would take. by definition, they can't trust their own IT to do it, after all.
"They were pure niggers." – Noam Chomsky
If anyone thinks their favorite general purpose operating system is secure they are dellusioned fools. They all fail every last one of them. No exceptions. The only thing you can do is lock your shitty bug laden OS down to minimize your exposure.
The next time you think Linux is secure browse filter your favorite distributions software update database by security fixes and go running home in tears to your mommy.
I manage hundreds of Linux *servers* and I wouldn't consider running Windows on them. Period.
But I've the impression that managing thousands of Linux *desktops* distributed cross several departments with users requesting little changes and you name it.... would be a huge mess to manage. Again, totally subjective opinion based on what I've seen being used but never used myself... it seems easier to manage a network of thousands of Windows desktops with the M$ tooling.
Anyone got experience managing both OSes in a huge network and cares to weight in?
none
More important than security is productivity. Remember, IT knowledgeable people do not run companies, MBA fuckwads do. And those people don't care about security, they care about productivity. Security is something they care about when shit hits the fan. IT people need to care about security first, but they don't exactly go around making final decisions about the company do they??
Windows is king because people know it, and everyone has it. There's no learning curve when hiring new people. Linux and all it's various flavors presents additional hurdles for employees. Some people just aren't ever going to figure it out. Call them dumb, but it's irrelevent because they won't be fired for it and it will add even more work for the helpdesk people to guide them through any trivial efforts.
'My company deals with financial services. We are not allowed to access Dropbox either.' So why isn't Linux the first choice for all financial services?
The problem is that your question makes absolutely no sense whatsoever. "We can't use Dropbox, so why doesn't our company use Linux"? Banning cloud services has nothing to do with what OS you prefer. It's all about restricting ways users can get potentially confidential data offsite to places the employer can't control. That's it. End of story. Turning this into a Linux vs Windows debate not only strains logic, but hurts your cause. You're feeding the stereotype that Linux users are nothing but unruly zealots who try to cram their ideology into any conversation, regardless of wether or not it's invited or warranted.
Not to mention the submission is flat out absurd from a logical standpoint. "My employer doesn't allow cameras in the building. So why don't more companies have an on-site cafeteria?" makes about as much sense. Seriously, timothy...were you asleep at the wheel and just blindly posting whatever came across your screen? How about you may me to sit there and look at submissions instead. I'd at least put some actual effort into it.
"So after all this, you make my case for me. To end this stalemate, you must die..."
Yes, but you could also hand the computer directly over to a black hat hacker as well. Doesn't mean the system is any less secure by default, it just means that you're a fucking moron. The operator is always going to be a factor.
what planet does this guy live on? linux is used all over in the business world. maybe the author needs to experience life in IT or something.
That IBM would reject Cloud storage is totally understandable, or at least I understand it. The most sensitive information My Company would want to preserve from prying eyes is stored on Hollerith Cards pre-positioned in RFIDed burn bags. Everything else is stored on an internal fiber optic ring network on a robust ftp server running patched Novell 4.0.1. & Unix Services. Try to match that for a category of ancient information security (and no, cuneiform-engraved-into-beeswax-on-stone doesn't count).
Now, you young whippersnapper, get off my lawn ...
The problem with Dropbox isn't just that it exposes Windows insecurities, it's also that it makes it easy to export lots of stuff out of your company, potentially with wimpy passwords, to a storage system which your company doesn't have any control over - Dropbox doesn't even have to tell your company if they've gotten a subpoena or "friendly" FBI request for the material, and with no contract, there's no way to specify data retention limits.
At $DAYJOB, we've got a Dropbox-like service (at least the "upload/download from browser" part of it, not the "glom onto everything" part), because it's useful to have something like that. It goes to our own storage, and has encryption we've got control over, and it keeps the employees from needing to find other ways around the firewall's block on Dropbox uploads.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
*not* Linux is what is actually used by security conscious firms.
OMG. You are the first person to ever think of this, NOT. And the results show the results. Many have tried, none have been successful. When I hear Linux people say "it works fine for me" it usually means "I don't do very much, and not anything more complicated than notepad."
Anyone doing more than that has had to 'fix it themselves' for something.
90% of business is interested in deploying for the least costs. That means buying off the shelf, and having an install of additional products that work. I know you will not admit it but, Linux is broken off the shelf 8 out of 10 times. It requires admins that are much more rare than dime a dozen MS admins to spend days/weeks getting a stable platform. Then go to which web site and buy what software? The huge vast majority is written for windows. There is some for the Mac. I do not know of 1 web site store, that sells commercial software for linux, so it ends up being even more buggy untested non-QA open source junk. Sure there are a few decent open source apps, but not many. And I don't know of any outside of server oriented stuff.
Until you recognize the obvious truths, you will keep asking why, and keep getting the same answer. It is no big secret, open source, with few exceptions, does not come close to matching commercial software. Why should/would it? By the very definition you can not make money creating it, so how good is it ever going to be? A tiny success here and there in a small part of a very large market. It is an OS for and by people wanting to tinker with the guts. It fits some disciplines (Robotics/ROS) but not day to day business users.
slashdot troll = you make a compelling argument I do not like the implications of.
The financial services company I work for (a super-major one) has a policy of replacing all licenced Windows-server boxes with RHEL. Windows will stay on the desktop for a while yet but wherever possible it's being replaced server-side. Contrary to the Slashdot "clueless manager theory", architecture generally decide upon the solution, not management. Where's there's policy in place for a particular product it's because there is a Procurement preferred-supplier policy.. but once again, this is usually decided by architecture/infrastructure, perhaps for reasons of compatibility or support, but not because mythical Pointy-haired bosses have anything to do with it.
PS The question is a totally bullshit assumption, that the business world "barely know of" Linux/Unix. Sure it's not on the the desktop but it's basically everywhere that it counts. There's just no-one to toot Linux's horn in the media when it wins one over Windows
Posting anonymously because system privacy IS taken very seriously in financial services
If it has a browser, and has Flash or Adobe PDF plugins, it's vulnerable.
Software repositories free of spyware are a boon, but any corporate system is likely to be locked down anyway so users can't install software.
Linux desktops do benefit from being a smaller target. That's a fragile kind of protection that I'd hate to call "security", but as one friend of mine put it, "I'll take that!"
Use VMS. A properly administered and monitored VMS system is the most hackproof I've ever seen (admittedly I've no experience of IBM mainframes).
I've worked for some of the largest banks in the world, and:
1.) They use craploads of Linux.
2.) They're going to stop using Windows.
3.) They'll never use dropbox.
Detail:
1.) They use craploads of Linux.
Just about every bank has declared Linux to be the future for application services, with a few exceptions for specific applications. Accounting will stay mainframe for a very long time, Collaboration will remain MSExchange for a very long time, Sharepoint probably as well, and rinky-dink one-off applications may still run only on Windows servers, but only if those apps come from software shops built by math/business/commerce geeks (algo stuff, etc.). Most databases, report generation, records keeping, document management, webbanking backends, and other banking stuff will continue their current trend of UNIX-to-Linux. Some banks are 20% along their UNIX-to-Linux projects, some are at 80%, but I don't know any that aren't on that road.
I think you were talking about desktops, though, not the datacenters and server farms. That's a very superficial way to look at banking computing. Banks do not use Windows machines to do banking, they use Windows machines as desktops for running Exchange, and Office, and banks are thrilled that they can *also* use those same pieces of hardware as dumbterms for people to SSH/Telnet to some banking applications and also access the newer applications through the browser. But, if it wasn't for Exchange and Office, they wouldn't use Windows, they'd use Linux thin clients. I actually know one bank that's trying to migrate people to Google Apps for just this reason, but it's really hard, because bankers really do love office/exchange.
2.) They're going to stop using Windows.
But they're not going to go to Linux. The banks are all calling it "BYOD" for "Bring Your Own Device." Bankers really, really, really want to use Mac desktops and iPads and Android phones and ditch Windows -- but there's no way they'll switch to Linux on the desktop unless that Linux is called Android. So, the banks are currently running well-funded projects to replace all their Windows-desktop-only applications with web-based apps that'll work from any browser, and also throwing lots of money at companies like Good Technology to be able to get iPads and Android Tablets in to the workplace.
Microsoft is trying to use Office360 or WTF it's called so that they can still sell stuff to banks that have ditched Windows on the desktop, but there's going to be lots of turmoil over the next 5-10 years as that progresses. Windows on the desktop in banks is effectively dead already -- I know 3 banks that have decided to stick with XP on the desktop instead of upgrading to Win7 because the Win7 upgrade costs are better spent in moving faster to this better future.
3.) They'll never use dropbox.
Banks are required to log everything, and logging everything you upload to dropbox and everyone that downloads it and all of that crap is so expensive that you should find out what the approved tools are for doing what you want to do. Most banks will allow SFTP/SCP between trusted endpoints if the right people sign the right forms. In my experience, dropbox is only ever requested in banks by someone that wants to break the law and is too stupid to know what law they'd be breaking.
Dropbox blocking is not something IT decided to do, it's something the lawyers required IT to do, and it has nothing to do with "security" in the way that there are "security" differences between operating systems. It has to do with the kind of security you have in the lobby that would ask questions if you started walking out the door with canvas bags that have dollar signs on them. If the banks allowed dropbox, naughty employees would copy documents to home that their daytrader spouses would use for insider trading (seen that more than once).
Wow, pwned before he even finished posting.
Blank until
Dammit! Magic Linux security dust. Why didn't we think of that earlier? Thanks Slashdot. All our lawyers and accountants will take a while to get up to speed, but as soon as we have teh magic they can enter their kids birthdays as passwords, ask strangers to watch their laptops at the cafe, get socially engineered by good looking woman or guys in sharp suits, and swap thumb drives with their grandchildren. It won't matter because they have MLSD. We could kick ourselves for not having thought of that.
For any discrete computing problem, I think a good base solution would be to install a Linux/Unix-like operating system and then install any proprietary solutions in a virtualized environment, if necessary. Why not Linux for Security? Because cognitive dissonance is easier to install than Linux.
You don't have to pick sides, Linux doesn't make you choose. Linux says you can have it all. The given problem is like HBO asking "Which channel do you want, BBC/PBS or HBO?" It's a false choice, you can and do already have BBC/PBS access. Why would you ever make a choice that limits things you already have, for no apparent gain? You don't win anything for selecting against Linux, no matter what the "competition" would tell you.
I work at a couple of notable hosting providers and none of them paid anyone for support for servers, standardising on centos, and ubuntu, but avoiding debian as it was never really 'cool', apparently.
One of them even built their network using standard servers with open source software, but the general consensus was that dedicated hardware did the job better, and was more cost effective once you grew to a large enough size. I'm not a ops worker, so I'm not particularly knowledgeable on what evidence they used to draw their conclusion, but it's a pretty seems fairly resonable that dedicated hardware could do the job better, thus it's just a matter of the cost / performance ratio.
On the other hand where they seemed to lose the plot was breaking the bank on vendor supported storage solutions. It always seemed a case of outsourcing what you were afraid to tackle yourselves. Sure, I'm not saying that there weren't benefits, I just didn't see them as offering the cost performance ratio which were deserving of their premium.
The problem is that from the outside it's often impossible to really know why people have made their decisions. In your situation, it may well be the decision makers chose to pay redhat because they thought it was worth it in return for a lower investment in their own staff, or it may just be they have an irrational fear and should have stopped wasting their money a while ago. If they've never called them, perhaps it's the latter, but only you could know.
Windows has captured enough of the market to convince end users of its credibility. However, a properly set up Linux infrastructure could be invisible to the typical user and offer a more robust security implementation...
Its cheaper to stay on windows. When you to a Total cost benefit analysis of remaining on the current Windows platform compared to switching to Linux including: software deployment, Hardware deployment (if required), user training, support staff re-training, application migration, etc. Its so much cheaper to patch up the current software that the company has already outlaid $millions compared to changing over. Sure some companies will slowly migrate distributing the cost over a longer period of time, but most wont take the leap.
This is why enterprise is gay for RHEL & not CentOS or Fedora.
Yes, but you could also hand the computer directly over to a black hat hacker as well. Doesn't mean the system is any less secure by default, it just means that you're a fucking moron. The operator is always going to be a factor.
A good blackhat hacker would know how to harden the workstation. The point is that the operator is the biggest factor.
...and in Windows there is a robust choice of applications, far more extensive than any other OS. My principal client is trapped in Windows by two applications that they absolutely must use: MS Project and an industry-specific accounting application called Timberline (now owned by Sage, a serial collector of such orphan applications that entrap users). If they didn't need these applications, they would switch to Macs. We've had the discussion more than once.
Windows can offer this robust choice of applications because they bought off the ISV community decades ago. Which is a sort-of nice way of saying monopoly abuse. /. has that conversation every damn day.
Contrary to sound IT practice, business owners almost never make security the preeminent consideration. The business needs the optimal applications for them to be competitive or to function at all as a business. The Cloud and SaaS is probably the only hope to challenge MS's monopoly position.
I used to work for a large international organization. Every time I went to Africa, my laptop would get infected (from USB drives passed around at meetings). I finally installed Linux in my work laptop and never had a problem after that. (The USB drives still would get infected but not my laptop... I would just delete the offending files.)
The organization was a pure Microsoft shop and also was plagued by malware inside the headquarters (rumors were that there were foreign governments who wanted information).
Several times they had high level IT security meetings and I strongly made the point that they should move to Linux. This fell on deaf ears and they are still on Windows XP plus all of the Office, Exchange, etc. dross (and still plagued by security problems).
I don't read your sig. Why are you reading mine?
I can give you four good reasons.
1) Excel. Sorry Libreoffice can't compare to someone who has 15 years of experience ( and a masters in finance/ econ/ 10 years of experience at company) making pivot tables and doesn't wish to learn another way of doing things. It's nice when you have a 10 year old formula in excel and can boot up office 2k and it works. Keep in mind a fair share of companies are still on office 2k, for better or worse. You can sit there in your chair and say "well, upgrade", but for a 40 seat license, it can cost 3500 usd, and many companies refuse to pay for it, especially when Office 2k is "good enough".
2) Active directory. Yes, you can control file access via samba. Yes, you can have user control via (one of many) means, but active directory is not (too) difficult, and any 1st year admin should be able to set up simple file access.
3) Standard installs. If I go to CompUSA, Wal-Mart, Best Buy or Target, I can buy a computer or laptop with Windows. Windows is the de facto standard because (for better or worse) that is what is able to be bought at the retail level. I would wager 95% of all computer available through retail channels has windows preinstalled.
4) Support. Microsoft is a Global 100 company. As they used to say 20 years ago... Nobody gets fired for buying IBM. If everyone else is purchasing office, and by default windows, then any issues that you encounter are the same issues that your competitors have. That (in it's own way) levels the playing field. We can all sit here and talk about how great Ernie Ball is for standardizing on Linux, but that is less than 1% of the marketplace. If I have an issue, I have a number to call, and the support I get is from a company that I can pay to get support from that everyone has heard of. Everyone hasn't heard of canonical. Hell, a lot of people have never heard of SAP or Oracle.
Blah Blah Blah.
If what you said is true, that corporations signing "exclusionary contracts" with Microsoft getting huge discounts, in exchange for letting Microsoft to come into their daily IT operation to do spot checks for any so-called "violation", that will be a can of worm right there !!
No corporation, and I mean, no self-respecting corporation, whether or not they are in the Fortune list, should allow any outsider to intrude into their internal operation in carrying out spot checks !!
Whoever signed those type of contract with Microsoft, and all their superiors, must bear full responsibility in any loses, whether in financial or in trade secret, incurred during those "spot checks"
Muchas Gracias, Señor Edward Snowden !
Another security strawman. Most financial institutions have spent several hundred million setting up their IT not to mention their IP. Most had to be dragged away kicking and screaming from OS/2. Now the same is playing out for XP. It works quite well for them.
If it was cheaper by 4 decimal places per user/Admin/machine to switch to Linux they would do it in a heartbeat.
It's not.
Although depending on their role, their servers run any variety of OS. Cause that's what works.
Most of the end-users in various corporations and most of the Asians working in the IT industry grew up using windows and its derivatives. For a vast majority of the people in Asian countries, Win*.* was and is free because piracy knocked down the cost of the computer. Also, most of the end-users bought windows based machines when they were in School because the games were available on Windows and for most, at that stage in life, the computer was just an entertainment device to be used for gaming, music and movies. With the increase in adoption of Linux in Schools and the qualitative jump that Linux has experienced in the past few years, you shall see increased adoption of non-Windows OSs.
LOL, some MS Fanbois abusing mod points again. Not surprised seeing as Windows is crap compared with the other options.
I hate to say this, because I'm going to get pounded for it, probably: It's not that it's barely known - any competent MIS/IT department looks at Linux on the desktop, on an ongoing basis, as a replacement for Windows in their environment, simply from a financial perspective.
My company is fairly OS agnostic: While our official desktop OS is Windows: XP on the old laptops/desktops, which are being refreshed with Windows 7 Pro x64 systems, and Windows 7 Pro x64 on all new laptops and desktops, those that wish to run Linux are allowed to do so, so long as doing so doesn't represent additional costs to the company (this, despite the fact that every computer we buy comes with a Windows 7 Pro x64 license).
The same for Apple computers: Want a MacBook Pro? Good for you! Request it from your manager, make your business case for it, and you can get one. HOWEVER: If your job duties require Windows-specific programs such as Visio or Project? Denied! We will not pay additional costs for a Windows license, plus the cost for Parallels (for some reason, all of the people that want Apple computers refuse to use VirtualBox, insisting that they NEED Parallels) so that you can have access to the software tools that you need to do your job, at additional cost to the company, when our standard Windows 7 x64 laptop will run those with just the additional licensing costs of Visio and/or Project.
Cheap? No, we're not being cheap, we're being frugal, and we're also insisting that our employees understand that the computers that we provide to them are for their use while doing their jobs at our company.
In a business environment, computers are tools, provided to employees to help them do their jobs. They are not status symbols nor e-penis enhancers, nor toys.
With regards to security? I can't speak for anyone else, but among other things at my company, I build the images for the laptops and desktops that we deploy, and I can tell you that they are as secure as any Windows-based computer can be.
We build the images based upon Least User Access (LUA) principles: When issued, a user's Windows 7 laptop is secure, all installed programs are up-to-date when issued (We use WSUS to update them, later). Their domain account has no local admin rights: We provide them with a separate, local, admin account, so that they can escalate privileges, and install software as they need, above and beyond the standard image.
In addition, the user's local admin account has no domain rights: This protects our network: If someone should escalate local privileges and infect their computer, it cannot touch our network by default.
This is, BTW, my approach to Windows security, since Windows NT Workstation, in a business environment (and at home!): LUA - and, in addition to sane security update practices and a good Enterprise AV program (I like Sophos - your mileage may vary)? Once we implemented it at my current company, our infection rate has dropped to nearly zero, company-wide.
And, since we've already taken the time to address these issues, and ensure that our base images are secure, updated, etc.? Switching to Linux on the desktop for purely security reasons isn't even a "blip" on the radar anymore.
Our user base so loves Outlook that lacking any real competition to it, combined with Visio and Project? Sorry, but those tools are so embedded in our company that there's NO way that our userbase is ever going to change.
And, remarkably, our company is actually prospering and growing, using those tools, using Windows 7 x64-based laptops/desktops, with Office/Outlook, Visio and Project, and our computers and network are secure and stable.
If you see computers as tools to use in order to get a job done, then one that "just works" is ideal. Not all jobs with computers are as simple as, "I use this same software to do the same thing all the time." Sometimes you have to do something new and/or novel. Doing that with Windows is like looking at the user manual for your new tool attachment to see the simple steps to make it work. Doing that with Linux is like:
1) Find directions for making a blast furnace
2) Get materials to cast new tool attachment
3) Refine materials
4) Build mold to cast new tool attachment
5) Cast new attachment
6) Check to see if the new thing you did will do what you need
7) Bang head in frustration
Until Linux is easier for the average person to use it will continue to be a wonderful tool for people who want to spend time tinkering with computers instead of using computers to get some other thing done. Both can achieve the same end, but for people who just want to get their end goal done as quickly as they can Linux has an annoying set of extra steps.
In short, Linux is for people who really enjoy tinkering with computers.
that MS wins more corporate desktops than Linux.
IT guys know that if they recommend MS they'll have plenty of work for years to come. There's all those security patches, problems created by updates, etc. that they will have to fix. Every time a new version of the beloved Office suite is released, they'll have to patch all those computers for compatibility with the old Office suite. Microsoft is probably responsible for more employment in the US than any other company.
If they recommend linux, the corporate IT dept will be reduced to 3 guys handling mainly new machine set-ups and taking support calls from CEOs about dead machines (is it plugged in/switched on?)
Exactly, and everything has to sync with sharepoint, and exchange. And MS changes OOXML all the time, hard for anybody but MS to keep up with it.
IBM's action are about controlling the behavior of people who may have access to IBM Intellectual Property. Anytime any pieces of information moves they want to know who moved it, why, when and where; and a complete list of everyone else who might be able to see it after it was moved. To try to understand this in terms of OSes is pointless, the proper metaphor is movie and music piracy. They are seeking to control how their IP can be copied or distributed.
Linux is irrelevant. It's like fretting over what brand of tire is on the get-away car.
I'm betting even an OpenBSD workstation is prone to become compromised once it's handed over to the average "user", who'll want to download and install unvetted software (etc.)
OpenBSD security is (at least partially) a myth. Don't get me wrong, I'm an OpenBSD user (less and less these days) and enthusiast, and their base network services are usually rock-solid. But the lack of some sort of MAC, compartimentalization/virtualization support and the occasional local kernel hole (as any other unix system) is a bit of a letdown.
And really, what do I know about the majority of the smaller software packages in the Ubuntu Software Center?
I've been saying the same ad nauseum. They say it's more secure because the connection between your computer and the package server is verified and encrypted, but when you ask what kind of guarantee the user has that some package wasn't built using tainted source or on a compromised server, the arguments quickly fade away.
http://www.spi.dod.mil/lipose.htm Quote: Lightweight Portable Security (LPS) creates a secure end node from trusted media on almost any Intel-based computer (PC or Mac). LPS boots a thin Linux operating system from a CD or USB flash stick without mounting a local hard drive. Administrator privileges are not required; nothing is installed. The LPS family was created to address particular use cases: LPS-Public is a safer, general-purpose solution for using web-based applications. The accredited LPS-Remote Access is only for accessing your organization's private network."
These days virtually every 'infection' is caused not by a vulnerability in the OS - but in its software.
Flash, Adobe, Java - or in other cases, your browser. Self-replicating malware doesn't happen any more but once in a blue moon, even on Windows. There was a Linux worm a few months ago for certain Linux servers (specifically a program they ran) - reported here. In fact, thats still the most recent worm event to get any form of attention that I know of.
Beyond that, the only 'malware' to gain much attention and spread have ironically been Macdefender and Flashback, the latter reaching a ~1% infection rate. (Which is an extremely big number as far as malware goes) As said initially though, OS software issue.
I'm an expert at getting around the Linux shell, but when it comes to installing software, I want to pull my hair out. They usually don't have binaries for the flavor we use at work (SuSE linux), so that means I have to download the source for the software I want to install. Then oh no, the server doesn't even have a compiler installed, so I have to install the compiler. Then the compiler can't compile the source because it's missing some libraries. So I have to go download those libraries (the source, since there aren't any pre-compiled binaries for SuSE), compile those (which will require me to download the source for even more prerequisite libraries...), and then finally get around to compiling the first thing I wanted to install.
Just good enough is what it claims to be. Windows motif is sufficiently familiar that such can be rolled out without much in the way of training, deal with the problems as they become costly enough to deserve attention...I remember when our city decided to upgrade from Vaxen...I led 6000 users into windows land because of the training cost issues, it just was easier and cheaper...AND Balmer came down and paid for a few mil of our costs, which did not hurt the case for windows at all lol.
By confusing the "fee as in speech" software licensing and confusing it with the "free except when we feel like keeping it secret and charging you for it by stealing and disguising someone else's work", they've confused lawyers and managers and wasted thousands of man years of development effort in really pointless forks and "clean room" rebuilds to produce scattershot products.
The result is predictably bad. OpenSSH took the GPL licensed old versions of SSH, took them over to OpenBSD licensing, and *CLOSED DEVELOPMENT* except for Theo de Raadt's geek wanna-be fanboys. Don't get me *STARTED* on the time wasted refactoring everything for petty reasons. If I see *one more source control system* that was invented by a CTO and which no other company in the world uses, I'll sell my keyboard to satan and start writing spam software.
Liability limitation is. Bluntly and simply.
Detach yourself from the idea that any company out there actually cares about security. What they care about is whether or not they will have to pay for anything, and whether or not their insurances will cover it. And as long as insurances don't require you to avoid windows, companies will stay with Windows. For various reasons.
First and foremost, your employees know it. There is exactly zero training cost and no holdup due to "unfamiliar" equipment. There is also no psychological barrier. In the presence of Linux, your workers will simply admit if they don't know how to do something since it's that "geek system" that nobody can use and they won't feel bad about not being productive since they just cannot figure out how to use it, it takes a genius to use it after all, right? No such problem with Windows, since their 10 year old can use it and they won't admit that they cannot. They will work with it. They may bitch about it and not be very efficient, but they will grow into it and the resistance is much lower. They cannot weasel out of it.
Now, you say, for servers it does not matter, since you can as well get admins for Linux. Let's assume you don't outsource (which does only shift the problem to someone else, basically, but I'll get into detail about that next). Now, getting admins for Linux is not as easy as getting some for Windows, at least for HR. Or how many certificates akin to MSCx's do you know for Linux that also HR knows AND believes in? Realize that HR doesn't know jack about computer administration and, bluntly, it ain't their job. So they need some kind of objective measure to gauge a candidate. Hard to get if there are so few certificates that hold any kind of esteem upstairs.
And finally, the reason that has been a selling point for IBM for years: Nobody ever got fired for buying MS.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
I'm glad to see someone mention OpenBSD. If security is the main driving factor, it would seem that a combination of OpenBSD and Capsicum would put together the most secure configuration that one can come up w/. (OpenVMS is dead, so no point talking about it - unless one happens to still have some fully operational AlphaServers in their offices.)
If one is going to look beyond Windows for this reason, seems to me that the above would be the best combination.
How many of those "cloud-based" solutions are written in PHP, Java, or Python and hosted on LAMP servers? You know, the ones with "Enterprise" features and "24x7 availability", and stiffly worded SLAs?
Lots and lots.
Working at such a hosted solution provider, we replace 50 to 100 onsite servers with 1 or 2 of our own and profit immensely on economies of scale. While we diligently scan uploaded data for viruses, we also benefit from having robust security, firewalls, and rapidly updated servers. In nearly 10 years of doing business like this, we've had zero virus outbreaks and uptime approaching 4 nines. We don't get complaints about our reliability, a few hours of downtime per year.
I have no problem with your religion until you decide it's reason to deprive others of the truth.
Wrong question - It's not about being good, just not a pathetic malware swamp from people that pay do little attention to detail that their global "cloud" network was down for a day due to it being a leap year.
There has been a lot of good stuff from Microsoft but for these problems you only need to find one deliberately open gate for the malware to walk through - or to push the analogy - a bit of reused fence that has rusted out.
A locked down Microsoft system CAN be fairly secure, but you've got to be careful to turn off or not install all the parts that let the side down. A lot of third party stuff still has the single user non-networked mentality that everyone else gave up on about the time MSDOS was first sold.
So it's not that *nix is good, it's that those that put together those systems learned the lessons of the 1980s (or maybe even before) while marketing and expedience trumps those lessons on the MS platform. It's obvious before you even install Win7: the media is fucking upside-down so it looks good in the case but can get fingerprints all over it when it's taken out to install. These people do not really give a shit about getting the job done, so yes, linux and everything else is more secure apart from extremes at both ends.
Hey, the 90's called -- they want their "Ask Slashdot" question back!
The commercial world of business software maneuvers and tactics is described in this 1999 vintage economics book:
"Information Rules A Strategic Guide to the Network Economy" by Carl Shapiro and Hal R. Varian.
The book has a website, http://www.inforules.com/
I recommend you get the book from the library. The way this book answers the original post is disappointing and mundane. Microsoft implemented a vendor lock in and pricing strategy and packaging strategy that elbowed Linux into the bushes. Microsoft also elbowed CPM86 and a third proprietary PC operating system into the bushes also.
Mr. Varian, one of the authors, now lists himself as employed by Google as chief economist. It would be interesting to know who in Google is listening to Mr. Varian. I have noted a number of Google business changes that seem to be a retreat from free software ideas: For instance, Google will not release the file specification of Sketchup (Google has cut out a big chunk of the AutoCAD market and now they are going to monetize their win with by selling a $200 version of Sketchup).
I would place the Varian Shapiro book as an example expressing the American tradition of a business seeking market supremacy and sales advantage.
Linux has a different economic ideal embedded in its' existence: To make an extremely good general purpose computer operating system available to anybody and everybody for free. An aspect of Linux worth savoring is it's Fininsh-marxian-equalitarian dedication to non-advertised excellence.
"There's no learning curve when hiring new people. Linux and all it's various flavors presents additional hurdles for employees." -
just how difficult is it to move a mouse and click to run the app on Linux?
"no learning curve" with Windows is a bollox argument -going from Win XP to Win 7 is probably the same a going from Win XP to Suse/Fedora. All the apps on a company desktop would be "approved" and therefore known
"The hands that help are better far than lips that pray." - Robert Ingersoll (1833-1899)
Mmmmm, so do you, sweetie!
You don't already have one?
1. A very consistent and user friendly interface. The most risky thing MS did was change the GUI in Windows 8 it's extremely risky.
When I say consistent... I mean it hasn't changed remarkably in 20 years. That is something business likes. I really can't be understated.
2. Of equal importance, backward compatibility. Business has no confidence in apple because you can't run old apple programs on a modern mac. And it seems like every new version of the OS breaks compatibility with something.
Some might say, hey linux has both these things. No you don't.
The OS still isn't user friendly. I don't care if you're using Mint or ubuntu or whatever. There are a lot of things you can do with a few mouse clicks in windows that require typing in arcane code into a prompt in linux. That's not okay. If I have to look at a prompt EVER while doing anything conventional... it's an instant fail. It's like accidentally running over gandolf in your driving test. You will not pass.
The OS and the apps also need to look almost identical the MS versions. I mean chinese KFC identical. Probably so identical it would violate trade mark and copyright. Now, you might have an opportunity given that windows is screwing with backward compatibility. But even then you need to package everything better. The office clone has to include an outlook clone with a corresponding Exchange clone. Package and market these things. I don't care if it's free. Put it together and set the wizards up so the whole thing configures itself. If I have to look at one god damn prompt you knocking over traffic cones and drinking vodka while entering highway traffic... singing.
As to backward compatibility. I'm honestly not sure how linux does here. I know that they recompile kernels frequently and that can cause compatibility issues. If you can run old programs from 20 years ago without lots of heavy emulation then we might have a winner here.
Anyway, I know I'm going to get some hate from the various OS's... Each has it's value.
Mac is a great consumer OS. Linux is great so long as we can assume a level of familiarity and sophistication not common in the office drone.
Windows as a business workstation is really pretty damn good. And it has all these great products that match business needs very well with lots of features that all tie into each other at a pretty reasonable price. And they're pretty simple to use.
It's a big deal.
I've decided to stop wasting my time responding to AC trolls/sockpuppets... so if you want a response from me... login.
The simple fact is that it's much easier to just rebuild an infected or compromised laptop than re-tool your entire company to use Linux. Far, far cheaper, as you will already have someone in-house building new laptops anyway; the process is no different, just a few more man-hours.
Any sensibly-run company will use a mixture of technologies; Unix is strong on scalability and security, Windows for ease-of-implementation, off-the-shelf solutions and rapid development, mostly due to the widespread availability of cheap skills, and an out-of-the-box extensible directory service that makes user management a lot easier. Linux for web services, appliances and VM hosting.
There is no black and white solution to questions of this kind, but the argument against Linux is the same for any OS out of its comfort zone: cost.
Essentially there are lots of people who both believe that Windows is the correct operating system and have no idea what they are doing. That's why rating firms run on Excel spreadsheets. Huge Excel spreadsheets nobody can maintain.
Plus there is another thing which is more important than security, it's the social structure. You usually cannot questions others decisions, even if you have actual proof that you are right. That's not acceptable in most companies.
The combination is also common. You have some idiots starting with VBA and having half maintained Excel spreadsheets which only grow, but never shrink. Converting them would be near impossible, so even if you are able to change the consensus, there's nothing people can do about.
Working in a company which is like that, I can tell that this is extremely frustrating.
Making money is priority 1, and making money requires the specialty legal/financial/scientific/medical/foo software that is only made for windows (NT 4.0) and which requires the user to be logged in with administrator privileges. And don't even think of setting up a remote desktop scenario, because the specialty legal/financial/scientific/medical/foo software needs to interact with the version of IE (6) and MS Office (97) they have installed to print to their local printer in their office which is parallel only; if they print to a copy-room printer they violate some federal regulation. Plus they don't want to walk down the hall and type in their passcode on the printer to release the document then wait while it prints.
Imbecile.
But I doubt you'll be given the credit you deserve.
I do ;)
In the corporate / work world, I'd have thought that most lawyers use what they are given and, unless the corporate IT policy changes, Windows it probably is. But that's not the choice of the lawyer, in most cases — perhaps it reflects the lawyers that I know, but most of us are employees like any other paid staff member (in some cases, even if called "partner"), and have no real say on the IT or any other office aspects of the environment in which we work.
However, outside the corporate world, I (and quite a lot of others that I know) don't use Windows — for my academic and personal work, I haven't used Windows for years, instead preferring a mix of Linux, FreeBSD and Mac OS, depending on what I'm doing. Perhaps it's reflective of my areas of interest, but many of my legally-qualified friends use Linux either on a netbook for travelling, or else just at home — that may be because I tend to see myself as a legally-qualified geek, and my friends are probably in a similar position.
So, yes, lawyers *do* use platforms other than Windows. Whether law firms do is perhaps a different matter.
Large companies do use a lot of linux, but generally only on server and security critical (eg firewall) devices... Most companies operate on the assumption that the outside (which is often a linux based firewall) is hard, while the inside (often active directory and windows workstations) is soft.
There is a _LOT_ of ignorance and general incompetence in the IT field, it's not uncommon to find people who either have no idea Linux exists, or are rabidly against it (because its free|because they dont understand it and fear losing their job to someone who does). Amusingly, most of these anti-linux shops who are most vocal about not using linux, actually have several embedded linux devices without realising it.
Then of course you have lock in, a company of any size is likely to have lots of applications which are used by various people within the organisation, some of which won't be cross platform and therefore artificially increase the cost of migrating away from windows.
There is also fear, people are scared of the unknown... You will often find people who have no experience of linux, and who will fight hard against it because they fear losing their job to someone who does have linux knowledge. Of course, the real problem is that they are unwilling to learn new skills, a fatal flaw in an industry such as this where things change so rapidly.
And don't forget misinformation, people will often say that linux "has no commercial support" for instance, which is obviously complete bullshit.
Personally i think that long term, linux will gradually take over unless microsoft succeed in doing something drastic to make it illegal... As things mature, costs will push down towards cost price as has already happened with hardware, i predict the same will happen with mainstream software eventually.
People gradually migrate towards more open systems, due to cheaper pricing and more competition. That's why we're stuck with the ibm compatible these days and not any of the considerably superior but proprietary alternative architectures.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
2012:
Medicaid hack update: 500,000 records and 280,000 SSNs stolen:
http://www.zdnet.com/blog/security/medicaid-hack-update-500000-records-and-280000-ssns-stolen/11444
So, what's dts.utah.gov running everyone?
LINUX (and yes, it got HACKED) -> http://uptime.netcraft.com/up/graph?site=dts.utah.gov
What's health.utah.gov running too??
YOU GUESSED IT: LINUX AGAIN -> http://uptime.netcraft.com/up/graph?site=health.utah.gov
* Ah, yes - see the YEARS OF /. "BS" FUD is CRUMBLING AROUND THE PENGUINS EARS HERE & 2012's starting out just like 2011 did below!
===
2011:
KERNEL.ORG COMPROMISED - The Cracking of Kernel.org: (that's VERY bad - do you trust it now?)
http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised
---
Linux.com pwned in fresh round of cyber break-ins:
http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/
---
Mysql.com Hacked, Made To Serve Malware:
http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware
What's that site running? You guessed it - Linux -> http://uptime.netcraft.com/up/graph?site=mysql.com
---
London Stock Exchange serving malware:
http://slashdot.org/submission/1484548/London-Stock-Exchange-Web-Site-Serving-Malware
(I mean hey - NOT ONLY DID LINUX FALL FLAT ON ITS FACE less than a few minutes into the job http://linux.slashdot.org/story/11/02/19/0147232/London-Stock-Exchange-Price-Errors-Emerged-At-Linux-Launch, & crash not only ONCE, but TWICE there? You see "Linux 'fine security'" in motion @ the LSE too!)
---
DUQU ROOTKIT/BOTNET BEING SERVED FROM LINUX SERVERS:
http://it.slashdot.org/story/11/11/30/1610228/duqu-attackers-managed-to-wipe-cc-servers
---
Linux Foundation, Linux.com Sites Down To Fix Security Breach:
http://linux.slashdot.org/story/11/09/11/1325212/linux-foundation-linuxcom-sites-down-to-fix-security-breach
---
Linux's showing in CA's breached recently too? Ok: (very, Very, VERY BAD for ecommerce, online shopping, banking, etc./et al)
http://uptime.netcraft.com/up/graph?site=StartCom.com
http://uptime.netcraft.com/up/graph?site=GlobalSign.com
http://uptime.netcraft.com/up/graph?site=Comodo.com
http://uptime.netcraft.com/up/graph?site=DigiCert.com
http://uptime.netcraft.com/up/graph?site=www.gemnet.nl
The list of CA Servers BREACHED that RUN LINUX (StartCom, GlobalSign, DigiCert, Comodo, GemNet)... per these articles verifying that:
You are an exec, you need to make a decision about lin vs win. You are paid a lot, if you fuck it up, out of the door with a cardboard you will go. So, should you make the same decision as everybody else, or something differnet ? cisco or cheap_switch as i dont need many feature anyway ? exchange/outlook or qmail/imap ? I think a lot of people think and make decisions strongly influenced by what everybody else do, especially in large corporate environment where "liability" (get fired with a bonus equivalent to 200 employees salaries for 10 years) comes with the pay check. The umbrella effect.
Why not opt for OpenBSD instead, there are many sources that put it as the most secure operating system.
There are important reasons why malware targets flash/acrobat/java...
1, this software is ubiquitous... they used to target internet explorer before, but now its down to >50% marketshare its a less attractive target.
2, it can be easily reached via the browser - ie less social engineering required.
3, it is hardly ever updated, neither windows nor osx has a decent centralised update system that takes care of third party software like this. you might get a crude updater program, but hats useless in a corporate environment where you aren't given admin rights.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
At least in Australia, many a Company is finally catching on to the benefits of FOSS and not just the positive financial aspects of it. Jobs are rolling in the desktop support market for Linux and it's great because it's an employees market at the moment. Companies here see that you can reduce 100 Windows licenses to 4 or 5 and run any win apps in a terminal session on their Linux machines. This makes it easier for support and easier on the wallet.
You're right though, Linux is inherently more secure than Windows given how permissions work, we know that. BSD is even better when using jails! And if something is contracted, it is going to be limited to your user, BUT even this can be wiped out with carelessness. Some examples are: Leaving ssh open with no pub/pri keys whilst not disabling root login (common in Debian/Ubuntu) on both workstations and servers or leaving the initial user in the sudoers group (common in Ubuntu) or Incorrectly set up samba shares and the list goes on.
My point is, even the most secure OS can be the most insecure OS when amateur hour is upon us.
I assume from tone that the OP is discussing Linux on the desktop rather than the server because there's already plenty of Linux servers out there doing lots of heavy lifting.
Any business has a whole list of things they need from their computer systems, and that list has a priority order. From what I've seen, that priority order is (roughly speaking):
- Our staff must be able to do their work with minimal hassle. If we use a legacy Windows application, we don't want to hear "you can't do that"; we want to use it. WINE isn't an option because our vendor will simply refuse to talk to us if we raise any issues with it under WINE.
- The system must be reliable. "Not crashing" is only part of this; reliable, consistent behaviour is also important. A desktop that radically changes with every new version is a sign of an immature product, not a revolutionary one.
- We must be able to easily find people we can trust to look after it. Not just vendor support, but local techs who can manage the system.
- We must be able to do all this for a price we're comfortable with. Note that "a price we're comfortable with" does NOT mean "free", nor does it necessarily mean "stupendously expensive". If the price we're quoted is too cheap, we'll be just as concerned as if it's too expensive.
(It's important to note that "free" has great connotations if it's a single free pint of beer; what's the worst that can happen? It's not very nice beer? Well, then don't drink it, you've not lost anything! But when it's the software your business, and therefore your livelihood depends on, "free" has terrible connotations).
- It must be reasonably secure. But we have very limited understanding of IT, and even less understanding of IT security. Our idea of secure is "You need a password to get in".
Note that there are four things above "secure" in the priorities list. If the alternative you're offering fails at any of those four points, you are wasting your time trying to persuade anyone to use it.
If you're going to make these allegations, you must name names.
I will not use a bank that allows its employees to "BYOD" and use that to login and access my account information.
Worst. Idea. Evar. And if it's my bank, I want to know now so I can transfer my money out immediately.
And really, what do I know about the majority of the smaller software packages in the Ubuntu Software Center?
I've been saying the same ad nauseum. They say it's more secure because the connection between your computer and the package server is verified and encrypted, but when you ask what kind of guarantee the user has that some package wasn't built using tainted source or on a compromised server, the arguments quickly fade away.
I trust those packages because I know that if they do have a problem it will come out soon enough (via channels like /.), after which Ubuntu is sure to start losing users in droves, and go bankrupt.
Ubuntu has a good business reason to not have malware in their software centre packages. And that's what makes me trust them to keep it safe, and also that once a problem has been identified, that they will act to fix it.
The same for organisations like Mozilla or OpenOffice and it's forks: they run a business based on people trusting their software to do what it says it does, and that it doesn't come with any malware that tries to steal your identity or empty your bank account. This makes it a trusted source. Even if I don't get to audit the complete source myself.
How many people regularlly work on GNU, the linux kernel, apache webserver, and the core of stable well used programs around linux as well as the kernel. Plenty, probably thousands.
How many people does microsoft have maintaining the windows kernel, and the rest of the operating system?
Now, the more people use windows or any other operating system, the bigger the payout for writing malware is. There are also more programmers for it, and with it, more hackers, and more people looking for bugs. But when you have open source, the hacker thing works both ways. At least some hackers will contribute back bugfixes for bugs they find. The more people use linux, the more of them will be hackers, and will add to the pool of people fixing bugs proportionally. especially if these people are already programmers.
When microsoft wants to expand the amount of people working on windows, it has to hire them, adding to cost. Putting the time and effort commercially that gets put into your typical distro would be cost prohibitive for closed source, single entity paying programmers.(as opposed to many companies paying many people like linux). Then we have the fact Microsoft is not known for really giving a shit about quality either. Infact the inverse has been said time and time again. They put in as little effort as humanely possible.
Oh, and in linux and from what I can tell gnu, there are no radical overhauls to the system. There are only incremental changes. Compare that to windows who without exception have had massive *.0 problems with every operating system as long as I can remember. The term "microsoft model" has been coined of any company that makes users pay to beta test. Lets see:
Windows 95 was unstable until version c
so was 98 until second edition.
millienium edition was so bad it was pulled before it got that far.
Windows XP was worthless until SP2(SP3 is awesome though, released almost upon obsolescence.)
Now windows 7 comes doing little more than fixing vista's problems.
"lawyers, financial advisers, bank[er]s" - not exactly the smartest cookies in the box.
Why not Linux for Security? Sure, okay, but what will run? Let's take the example of a small law office that bills by the hour. You have several needs . . .
1. Document Assembly. If your document assembly software is running on Windows, you're not going to migrate to Linux. Ever. Never EVER.The learning curve means lost revenue.
2. Time and billing. These take time to set up, they work with #1 above, and they usually work best on Windows.
3. Practice management. Once again, usually Windows only, or Windows best, and they work with #1 and #2 above.
4. Accounting and taxes. Quickbooks Enterprise works with Linux, but not the smaller packages. Also, there's not Turbotax Business for Linux.
I know a lot of people who would love to experiment with Linux, but it would be experimenting. A lot of people don't have time to experiment, and certainly don't want to pay someone to experiment. If you do everything yourself, there's a learning curve, and in a lot of industries there's a constant learning curve with new legislation, case law, and administrative decisions, there's no extra time to fiddle with your technology. There's always a bit of condescension when these posts come up, whether we're talking Linux or back in the day Mac OS, about continuing to use M$ products. It's like you're labeled for not wanting to f**k up your business by trying new software just for the sake of trying new software. If it were better, and CHEAPER, businesses would have switched years ago.
Make love, not reality television.
I haven't worked for a F500 company, as I am in the educational sector. But if what you say is true, the London stock exchange fiasco must have been truly devastating to Microsoft! If your systems are crap, how does any of level of support help?
As far as I know, NASA, the US army, and any involved system are Linux. That says something, doesn't it?
Companies have spent millions to get comfortable patching Microsoft. Does anyone really believe they will not have to learn as much to use Linux instead? Seriously?
Linux is far from perfect. We run it in my small company - only 2 systems run Windows here - Quickbooks ... and the CEOs laptop. The rest all use Linux and F/LOSS.
Only 1 box runs OSX and it sits unused 99% of the time. To me, OSX feels like "Linux-lite" and is really frustrating. I forced myself to use it for 7 days solid. It was good to be back on Linux.
I suspect our needs are much simpler than that of most companies. We are IT architecture consultants, so we aren't too worried about running a different OS.
The CEO does .NET programming for a government client - so having Windows somewhere really is important.
There is no fighting with an accountant over Quickbooks - that would just be stupid.
At home, I use Windows for media center (recording digital TV only). Playback is from either XBMC or WDTV-Live boxes, not the big, noisy, 7MC that runs only inside a virtual machine - no video card, no monitor, no keyboard or mouse, just RDP access and Remote Potato.
Quicken runs very well under WINE. There aren't any other non-Linux programs here.
I consulted for about a decade in a very controlled environment with 20,000 hardened laptops. My boss begged me to find a way to dump Windows for Linux. He didn't realize all the custom code and DRIVERS that were necessary for the people to do their jobs. Those drivers and code would need to be rewritten under Linux. That was not going to happen, therefore, no Linux deployment.
Linux isn't right for many situations, but it probably could be used in 90% of the desktops. The way to help migrate your company is to start by deploying Linux servers and F/LOSS infrastructure. Zimbra instead of MS-Exchange; Alfresco instead of Sharepoint; OpenLDAP instead of ActiveDirectory; Apache instead of IIS; Python and Ruby instead of all the .NET languages.
On the desktop, start the migration:
* Thunderbird+Lightning replaces MS-Outlook
* Firefox instead of IE
* LibreOffice instead of MS-Office
We have done this where I work. At first, the non-technical people bitched. We said, "try it for 6 months and let us know." It never came up again. Users are excited about a new LibreOffice release.
As more and more servers become client agnostic, the exact desktop will matter less and less.
There may always be a need for 100% MS-Office, but not for internal use and only when dealing with clients. A terminal server with 10 licenses can help. Much better than 100 licenses so every desktop has one. What a waste and it just re-enforces the Microsoft treadmill.
Patching desktops will always be difficult regardless of OS. Windows, Linux, OSX - it doesn't matter. If you can't prove that a desktop is patched, then it isn't. Without proof, you are screwed.
I would say that patching under Linux is much easier than any other OS, but to a Microsoft-centric IT group, it will be scary. Change is scary. Only knowledge can fight FUD.
More secure than a default Linux install with most distros, as you have to actually select what is installed on the machine rather than just checking a box for Desktop or Server.
Microsoft offers a business model that is familiar and non threatening, sure it does not work that well, but then the general feeling is that IT is complicated anyway, and "everybody is doing it".
For most business persons, using Microsoft is the sure way of not thinking about IT, using anything else and particularly using an Open Source solution means thinking and making a decision about something they do not want to look at.
The alternative would be to delegate to the IT team, but that would be worse, you know "thouse people are weird..."...
And using a disruptive business models sheds a light on one owns business, can my "law business" fore example be handled the same way ?
could there be some "open source collaborative platform" giving an useful answer in 95% of the cases ? and putting me out of work ? (well actually asking me to start to really work...)....
Better not rock the boat...
2011-2012 show why & trolls TRIED 2 HIDE it by downmod -> http://linux.slashdot.org/comments.pl?sid=2875333&cid=40118977
APK
P.S.=> Trolls - you REALLY DO "tip your hand" when ALL YOU HAVE is an unjustified mod-down to obviously try to HIDE my post, which had nothing but concrete, verifiable, & undeniable data showing how "secure" Linux REALLY is (it's not, not anymore than any other modern OS is)... it's your "ReAcTioNs" like this one I really truly enjoy, because they make me LAUGH (hugely)...apk
2012:
Medicaid hack update: 500,000 records and 280,000 SSNs stolen:
http://www.zdnet.com/blog/security/medicaid-hack-update-500000-records-and-280000-ssns-stolen/11444
So, what's dts.utah.gov running everyone?
LINUX (and yes, it got HACKED) -> http://uptime.netcraft.com/up/graph?site=dts.utah.gov
What's health.utah.gov running too??
YOU GUESSED IT: LINUX AGAIN -> http://uptime.netcraft.com/up/graph?site=health.utah.gov
* Ah, yes - see the YEARS OF /. "BS" FUD is CRUMBLING AROUND THE PENGUINS EARS HERE & 2012's starting out just like 2011 did below!
===
2011:
KERNEL.ORG COMPROMISED - The Cracking of Kernel.org: (that's VERY bad - do you trust it now?)
http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised
---
Linux.com pwned in fresh round of cyber break-ins:
http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/
---
Mysql.com Hacked, Made To Serve Malware:
http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware
What's that site running? You guessed it - Linux -> http://uptime.netcraft.com/up/graph?site=mysql.com
---
London Stock Exchange serving malware:
http://slashdot.org/submission/1484548/London-Stock-Exchange-Web-Site-Serving-Malware
(I mean hey - NOT ONLY DID LINUX FALL FLAT ON ITS FACE less than a few minutes into the job http://linux.slashdot.org/story/11/02/19/0147232/London-Stock-Exchange-Price-Errors-Emerged-At-Linux-Launch, & crash not only ONCE, but TWICE there? You see "Linux 'fine security'" in motion @ the LSE too!)
---
DUQU ROOTKIT/BOTNET BEING SERVED FROM LINUX SERVERS:
http://it.slashdot.org/story/11/11/30/1610228/duqu-attackers-managed-to-wipe-cc-servers
---
Linux Foundation, Linux.com Sites Down To Fix Security Breach:
http://linux.slashdot.org/story/11/09/11/1325212/linux-foundation-linuxcom-sites-down-to-fix-security-breach
---
Linux's showing in CA's breached recently too? Ok: (very, Very, VERY BAD for ecommerce, online shopping, banking, etc./et al)
http://uptime.netcraft.com/up/graph?site=StartCom.com
http://uptime.netcraft.com/up/graph?site=GlobalSign.com
http://uptime.netcraft.com/up/graph?site=Comodo.com
http://uptime.netcraft.com/up/graph?site=DigiCert.com
http://uptime.netcraft.com/up/graph?site=www.gemnet.nl
The list of CA Servers BREACHED that RUN LINUX (StartCom, GlobalSign, DigiCert, Comodo, GemNet)... per these articles verifying that:
Then here it is:
"We've always done it this way."
Honest, I swear.
Regards;
This is blatant M$B$ Marketing on /. AGAIN!
A blatant anonymous "M$B$ Marketing" reader on /. writes "In Friday's story about IBM's ban on Cloud storage there was much agreement ..."
Then a giggle of M$B$ marketeers reply with the add campaign lies. Wow, WTF has happened to /.'s community reputation/credibility.
Rob ..., this classic marketing misdirect make /. looked pwned by M$; Really, you need to get a M$B$ marketeers filter. The question/info looks legit, when it starts, then the M$B$ marketeers /.mob drivel takes over to create the M$B$ Add-Campaign. This is happening far to often on /. and is becoming a significant embarrassment to me and I suspect an insult to the larger global /. community.
Maybe make a filter (M$B$ supplants the original topic [way-off-post]) that allows folks like me to filter out the M$B$ marketeer-campaigns.
Unaccountable leaders are masters, and unrepresented people are slaves. How do US and EU fare?
Is this a new corporate-welfare bribery that is legal only in the USA?
I thought bribery, in any form, is still bribery even in the USA. I got fooled again?
Give'em diamonds, dollars, euros, gold, give'em a deal they can't refuse M$-products. I would never take the M$ bribe/deal, but ... business is business and well above the law in the USA.
Unaccountable leaders are masters, and unrepresented people are slaves. How do US and EU fare?
point and click is gross oversimplification. You're talking about most all desktop applications being different. No Office suite and any homegrown applications may or may not work. You dismiss my argument because you have no trouble working with linux. The majority of workers are not going to be comfortable doing so, and that will affect productivity. Thus, Linux will not become the standard desktop OS within business.
followed closely by Free and Net BSD. Not linux. Regardless, no cloud storage can be considered secure as you do not have physical control over the hardware, it really does not matter what OS is used, the system is inherently flawed. You may be fine with all the limitations that brings for pictures of your drunken escapades but it is not fine for storing valuable corporate data (which may also come with fiduciary responsibilities too.)
U can't hide my post which is PURE FACTS trolls: New NEWS/NewsFlash:
I won't ALLOW it -> http://linux.slashdot.org/comments.pl?sid=2875333&cid=40119055
(And there she goes, right back into view... lol!)
APK
P.S.=> You know, when all trolls have is UNJUSTIFIED MODDOWNS vs. facts? You KNOW you've "blown them away", completely... lol, NO questions asked - especially IF/WHEN (and it's ALWAYS this way vs. that post in the link above, except for ONCE with some fool of a troll that claimed to work for HILTON & who said "they don't use Windows" and I UTTERLY COMPLETELY DUSTED HIM ON IT too, he had to admit he was WRONG, lol!)
Additionally?
Hey, don't worry - I'll just POST IT AGAIN, & you can keep blowing your mod points on me, & then?
Well... Downmod it again, & I'll just do it again, saving the next person you *try* that puny tactic on, & expending your modpoints to nothing, lol... apk
When it comes to security of just about anything, there are many misconceptions. The biggest problem is that MOST security problems come from the "bundled" software that comes with the base OS. This includes Linux, Windows(all versions), MacOS, and really just about anything else. Now, we have a fundamental problem that all modern OS releases will force certain things during the initial install, with fairly few giving an "advanced" option to select what features you want.
For Linux, a web server is fairly common, yet most people probably don't need or use it on their own machine, and a "normal end user" wouldn't even think or know about it being there. That is a huge potential security risk, as is just about any other thing that comes included in an OS that is not really understood by the user. The primary reason we see so many security problems is because there is a mindset out there with any group or company that releases an OS that you MUST include all sorts of features, and to ask questions will scare off those without much if any computer or technical skills. What happened to the "advanced" install for something like MS Windows, where you can go through DURING INSTALL to pick and choose which features you want? Why not give the option to disable networking during an install for a standalone workstation? It may not be a common thing, but giving people the option also means that by default, most operating systems would be MORE secure if they asked some questions during the install.
"We should remember that >60% of servers run Linux, versus Windows. - by krslynx (1632027) on Friday May 25, @08:50PM (#40116303) Homepage
Sure, sure (sarcasm): Perhaps because it is "ZERO COST" (up front only) vs. a paid for OS... that'd be about it, though!
Now, facts:
OVER 1/2 OF THE "TOP 100 FORTUNE 100/500 COMPANIES TO WORK FOR" BELOW USE WINDOWS, over Linux (or, other solutions)
(It's easy enough to produce them because of Windows overall marketshare/mindshare being 85-94++% to 1.29% for Linux for example (& MacOS X taking up the rest) on Servers + PC's combined, worldwide... see here -> http://www.netmarketshare.com/report.aspx?qprid=10&qptimeframe=M&qpsp=155 [netmarketshare.com] )
Each of the companies listed below are HIGHLY PRODUCTIVE COMPANIES using Windows Server setups for MANY YEARS, successfully...
Linux gets MOSTLY used @ smallfry sites because they can't afford higher quality Windows stuff like big companies above obviously can! There's more smallfries out there, thus, Open "SORES" tries to "claim that as a victory" (lol, not). it's illusory b.s. typical /. FUD!
(Funniest part is, that despite being FREE, linux defied business logic & couldn't get more than 1.29% of the desktop PC market even when GIVEN AWAY, lol -> http://www.netmarketshare.com/report.aspx?qprid=10&qptimeframe=M&qpsp=155 )
ANYHOW/ANYWAYS even though they won't ALL fit here? Here goes:
367++ TOP FORTUNE 100/500 (or best 100 to work for per CNN Money) COMPANIES, EDUCATIONAL INSTITUTIONS, &/or GOVERNMENT AGENCIES USING WINDOWS (over other solutions like Linux) both in HIGH TPM ENVIRONS, & FROM "TOP 100 COMPANIES TO WORK FOR" & more, from academia environs too (per CNN Money 2011):
---
38 HIGH TPM & 99.999% "uptime" examples:
---
XEROX: Managing 7++ million transactions a day for office devices for its customers using Windows Server 2003 + SQLServer 2005 64-bit with 99.999% uptime!
NASDAQ: The U.S.' LARGEST STOCK EXCHANGE, Since 2005 has had Windows Server 2003 + SQLServer 2005 in failover clusters running the "official trade data dissemination system" for them in 24x7 fabled "5-9's" 99.999% uptime, doing 64,000 transactions PER SECOND (compare London Stock Exchange using Linux @ 3,000 per second)
FUJIFILM GROUP: Tracks data for its imaging, information, & documentation for its products & services using Windows Server 2003 w/ a custom SAP solution on SQLServer 2005, achieving 99.999% uptime.
HILTON HOTELS: Manages 1.4 Billion records a day for customers in 1000's of their hotels worldwide - for 370,000 rooms & catering services forecasts (switching from 6 *NIX systems to 1 Windows Server 2003 + SQLServer 2005 clustered failover system using a data warehouse with 7 million rows & 99.998% uptime).
MEDITERRANEAN SHIPPING COMPANY: Manages & Tracks 7 million containers out of 116 countries daily using Windows Server 2003 + SQLServer 2005 in failover clusters with 99.999% uptime.
SWISS INTERNATIONAL AIRLINES: Serves 70 airport destinations worldwide, with 6,500 employees + 110 branch offices via Windows Server 2003 & Active Directory with 99.95% uptime (all while growing their business 30% per year). THEIR PREVIOUS LINUX SYSTEM COULD ONLY HANDLE 250 concurrent users - the Windows one handles over 500++ users concurrently/simultaneously!
UNILEVER: Global consumer good leader, migrated to mySAP on SQLServer 2005 + Windows Server 2003 & scaled UP their operations by over 200% & yet saved money + have 99.999% uptime!
MOTOROLA: Using System Management Server, Windows Server 2003 & SQLServer 2005 to co
Via unjustified moddowns? Please: I'll just drag it back into view http://linux.slashdot.org/comments.pl?sid=2875333&cid=40119071 with this very post reply to it.
APK
P.S.=> That's RIGHT trolls: You're NOT going to "get away" w/ pulling your USUAL CRAP, & trying to "hide" posts with undeniable FACTS in them as the link above I earlier posted here shows...
Additionally? LOL, So: DO keep blowing those mod points trolls, because I LOVE IT when you do that, because sooner or later? You'll run dry of them!
(Plus, lol, it's such "noble work" you're doing - hiding facts, right? WRONG!)...
Also because I'll not only drag it into view with this post, but I'll just POST IT AGAIN... & you can blow your mod points to nothing downmodding it + then I'll just do it again, exhausting your attempts @ hidings FACTS, and your mod points along with it (so you can't do it to the NEXT person... pretty simple)... apk
They've already attempted to HIDE this set of facts from all of you once, so I am posting it again for everyone's reference (and, to watch them use their "weapon of last resort" vs. facts, which always fails, the unjustified moddown):
2012:
Medicaid hack update: 500,000 records and 280,000 SSNs stolen:
http://www.zdnet.com/blog/security/medicaid-hack-update-500000-records-and-280000-ssns-stolen/11444
So, what's dts.utah.gov running everyone?
LINUX (and yes, it got HACKED) -> http://uptime.netcraft.com/up/graph?site=dts.utah.gov
What's health.utah.gov running too??
YOU GUESSED IT: LINUX AGAIN -> http://uptime.netcraft.com/up/graph?site=health.utah.gov
* Ah, yes - see the YEARS OF /. "BS" FUD is CRUMBLING AROUND THE PENGUINS EARS HERE & 2012's starting out just like 2011 did below!
===
2011:
KERNEL.ORG COMPROMISED - The Cracking of Kernel.org: (that's VERY bad - do you trust it now?)
http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised
---
Linux.com pwned in fresh round of cyber break-ins:
http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/
---
Mysql.com Hacked, Made To Serve Malware:
http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware
What's that site running? You guessed it - Linux -> http://uptime.netcraft.com/up/graph?site=mysql.com
---
London Stock Exchange serving malware:
http://slashdot.org/submission/1484548/London-Stock-Exchange-Web-Site-Serving-Malware
(I mean hey - NOT ONLY DID LINUX FALL FLAT ON ITS FACE less than a few minutes into the job http://linux.slashdot.org/story/11/02/19/0147232/London-Stock-Exchange-Price-Errors-Emerged-At-Linux-Launch, & crash not only ONCE, but TWICE there? You see "Linux 'fine security'" in motion @ the LSE too!)
---
DUQU ROOTKIT/BOTNET BEING SERVED FROM LINUX SERVERS:
http://it.slashdot.org/story/11/11/30/1610228/duqu-attackers-managed-to-wipe-cc-servers
---
Linux Foundation, Linux.com Sites Down To Fix Security Breach:
http://linux.slashdot.org/story/11/09/11/1325212/linux-foundation-linuxcom-sites-down-to-fix-security-breach
---
Linux's showing in CA's breached recently too? Ok: (very, Very, VERY BAD for ecommerce, online shopping, banking, etc./et al)
http://uptime.netcraft.com/up/graph?site=StartCom.com
http://uptime.netcraft.com/up/graph?site=GlobalSign.com
http://uptime.netcraft.com/up/graph?site=Comodo.com
http://uptime.netcraft.com/up/graph?site=DigiCert.com
For one thing, Windows 7 rocks the world for desktops and laptops. I have used Linux for a decade or more, and a Mac laptop, and the last I used Windows was when Win2k was new and shiny. I have to say, I recently had to get back into Windows and was astounded by how slick and useful Win7 actually is, especially with Cygwin. Runs all my Linux software (Emacs, Perl, etc), connects to Samba shares, and so on. My little $800 HP laptop is better than the Mac, easier to use, and so on. I never thought I would ever go back to Windows, but when Apple recently announced the Mac would not longer have an ethernet plug and a DVD drive, the two things use on a laptop, I decided to give Win7 a try. So far, the Win7 laptop has met or exceeded anything my current Mac can do.
So why would anyone not use Windows?
Now when Windows 8 comes out, it's going to be DOA, and that KDE desktop is going to look really nice. I predict MS will extend Windows 7 indefinitely until they do damage control on Windows 8 and kill it off. Otherwise they'll lose their desktop market share.
I love it when I hear "windows is not secure so use Linux." Most people, even in ITSEC, don't know how to build a secure system or fully assess security. That's OK. The types of threats they've been dealing have minimal knowledge in exploiting computers, as there is so much low hanging fruit. Modern OS's are broken by design. Even if major holes are closed, they have a ridiculous amount of covert channels. To see what securing UNIX takes, look up papers on UCLA Secure UNIX (might need ACM/IEEE membership). Closest thing to a secure UNIX/Linux today is BAE System's XTS-400.
The thing is that security requires a good Trusted Computing Base (TCB). The TCB is every piece of software or hardware an app depends upon to enforce security requirements. Writing a secure TCB is tough: look up Common Criteria's EAL6/EAL7 requirements. The only software commercially available like that is the old STOP OS on XTS-400, Aesec's GEMSOS, LOCK (in BOeing SNS Server), and INTEGRITY-178B/VXWORKs-MILS. The INTEGRITY RTOS, SourceT OS & Bodacon's Hydra OS are well-constructed. INTEGRITY, LynxSecure, VXWorks MILS, Turaya and PikeOS all have POSIX/Linux emulation layers. INTEGRITY Padded Cell + OpenBSD might be a decent combo.
So, all in all, Linux violates most secure system design techniques and requirements, such as small TCB. The system is too complex to meaningfully evaluate. Other systems have been designed much better. Many of these systems have protected high value assets from determined attackers without compromise. These OS's have techniques such as enforcing security during compromise, provide trusted path, prevent buffer overruns by design, prevent resource starvation by design, etc. A number are compatible with Linux/UNIX apps or support virtualization, full or para. These are a better choice if you want REAL OS security.
Nick P
schneier.com
We(a broker/dealer on wall street) used to have linux thin clients for all of the brokers. But the desire to use bloomberg terminals dictated a switch to xp. On the plus side, all of our trading systems and corporate infrastructure is linux.
Only a wet baby likes change.
Chris
"outdated by superior designs like NT. "
That's a good joke. Even M$ uses Linux wherever a serious network stack and serious multiprocessing under high load conditions is needed. Think of Bing load distributors or key Skype network elements.
And I know why - just copy a large file from Win7 PC A to Win7 PC B. Then install Linux on these boxes and repeat experiment. You will see a 10x Speedup. Also, MSN is dog-slow at times, while Google manages to permanently deliver a lightning-fast service from a huuuge Linux cluster. So your claim is just that - PAID $hilling from Mr Steve "Chairthrower" Ballmer.
Your argument is equal to claiming that Belarus isn't worse than America, because there have been incidents of Police abuse in America. Ever heard of the term "statistics" ? In Belarus there is 90% Police abuse if you piss in Mr Dictator's garden, while there probably is 1% Police abuse in America if you criticize Mr O'Bumma.
With Windows, there is a huge chance to get infected because M$ is too lazy to fix or simply maxed out and can't fix timely. Only gobbermint spooks are allowed to inspect Windows sources. With Linux anybody can inspect and social pressure is enormous to fix security issues RIGHT NOW. So the "vulnerability window" is much smaller with Linux. Lots of shoulders at Redhat, HP, IBM, Novell, Google and many independent guys carry the Linux security engineering burden. There are no viruses for Linux because there is virtually no scope for viruses. If there were any credible threats, we (the open source community) would deploy AppArmor and SE Linux in a matter of days. I am not a firefox expert, but I was capable of creating a meaningful AppArmor profile for FF in a matter of two days. M$ still does not provide a general-purpose sandbox, while Linux has at least two competing ones. Finally, the behaviour of Adobe has royally fucked the Windows ecosystem and M$ has done nothing to punish Adobe for that.
The operative word here is NOT. Any self-respecting Linux user only runs Adobe Flash, behind Flashblock, Adblock and NoScript. These are all open-source tools designed to limit the issues related to Commercialware Risks. Java Web Start is generally not installed.
Windows users though, they typically have a Broad And Deep Virus API (the full spectrum from Flash to Java Web Start and of course M$ Office).
Flash and Java exploits have so far only pentrated userland. Windows users typically run as Admin (as M$ does not educate them to the risks of that) and a single Flash exploit hoses the whole computer. Linux an OSX users only risk the current user's data - nothing more.
It appears that SE Linux is indeed quite difficult, but AppArmor uses quite familiar metaphors (file path patterns) and any capable Unix admin can create profiles even for complex things like firefox or OpenOffice. It takes about two days per application to do that.
From your article
"DTS had recently moved the claims records to a new server, which had a configuration error at the password authentication level, allowing hackers to circumvent the security system. DTS says it shut down the affected server, implemented new security measures, is reviewing every server in the state to ensure proper security measures are in place, identified where the breakdown occurred, and has implemented new processes to ensure this type of breach will not happen again."
So that agency "DTS" fucked up their Linux password system, won't tell exactly how and it is a fault of Linux ? Muahaha. Please try harder, Mr Ballmer.
Sorry for laughing, mate. There is a tool called "strace" (I assume "system trace").
https://en.wikipedia.org/wiki/Strace
It's much better than process monitor on Windows, as it records every single file/socket/semaphore access since the start of the process in chronological order. Funnily, I have found the open-spource tool "NtTrace" from some aussie or NZ guy really helpful on Win7, when it fscks with UAC.
The Pointy-Haired use Windows, Office, some VBA, Adobe Acrobat and PDF reader heavily. They have not the slightest clue about the security risks, because their core competence is in manipulating people with nicely looking presentations and excel sheets.
They are very, very happy with these Polished Shitballs and they can't fathom Linux. They have invested heavily in Windows technologies such as Excel, PPT and Access. Perl, SVG, TeX - it would be a huge investment and it would not look as polished. The accurary of data would be much higher, but it would not look as blinking. So a reduction of manipulative firepower for them. BAD.
Canonical is now a big operation and you can buy support from many, many more firms including IBM. IBM sells Linux also on highest-quality hardware (S/390 and Power). Expensive, but rock-solid.
Linux surely is as crappy as the SMB shit. Throwing 1219 errors in entirely wrong places. And certainly exploitable to hell by Russia Inc. Sure, scp is as crappy as that.
I was also wondering about it, but taking into account the pain that M$ brings onto the IT profession, I do think, yes.
..FUD
Could you please go back to your Master Ballmer and tell him all that security advice ? Most of the advice is implemented out-of-the-box with all the popular Linux distros. M$ still thinks they cannot force users to set up two users (Admin and normal user) at install time. Instead they will foist the UAC $hit on them. Which the users often have to disable to get anything done.
Also, Linux file sharing does not need to be "hidden" by firewall, because it is a hairy shitball like M$ SMB. I can expose it on the interwebs, provided I have set a proper password. It is called ssh/scp.
Linux does have a proper security architecture and desktop machines do not need a firewall, because we don't expose shit. No call your Propaganda Minister for the next load of crap to be posted here.
So it is a Linux problem if the admins don't know the basics ?? Come on, you can do better FUD.
Most corporate PCs are loaded with the full spectrum of Wet Virus Writer Dreams: Adobe Flash, Acrobat, Java Web Start and MS Office. I guess M$ is a bit more responsive, but in general these corporations are mad to rake in more money next quarter and they are royally pissed by customers demanding security fixes. Adobe and Oracle are periodically annoyed about that. Security fixes don't rake in money. New features, new product versions == new $$$. Security fix == damned COSTS.
The underlying problem of the commercialware vendors is that they see their customers as Victims. Something like a rogue farmer who will milk his cows until the milk turns red. After all, farming is about Volume Of Milk per day; it is not about white milk, or is it ?
The corporate IT people are mostly spineless muppets who aren't deep experts and deep thinkers - these guys are with Google and all the startups. So the corporate guys will go with "industry standards" and they won't even dare to suggest replacing Acrobat by evince. In their world Flashblock is probably a "hacker tool"; not a valuable security measure. And because M$ does not request them, they won't do sandboxing.
The pros at Google - they are all Linux for a long time. Their peers at bing - they are too, btw,
"No shill cash for you this week!"
You mean, you feel sorry for Linux advocates because there is nobody to give them a nice kickback, paycheck or "free new bathroom" ? Yeah, we are idealists and we are not mental whores like you. No fuck off to zdnet.
..is an issue to be laughed at ??
Tell that to the F22 pilot who will get a Chinese missile rammed into his arse because they hosed down Locked Martin and now know about the F22 Weak Points. Which in turn, was possible because they spearphished RSA security via Flash+MS Office. On Windows, of course.
Quite simply: Security is not a feature, it's a bolt on. The operating system is there for the apps that it can run. Businesses want specific apps.
..on Western Computers, of course.
..are firmly on the Open Source Unix train. And making tons of money with that. Yeah BSD != Linux, but the difference is not that big.
So you took the effort to reformat your Sales PPT slide for Slashdot. That can only mean that your handlers in Redmond are scared to hell by Android, BSD/OSX/iOS, Linux, Google, Ubuntu and Redhat.
I've been with the biggest derivatives exchange as a C++ developer and they are currently moving everything to Linux and Postgres (from VMS and Solaris) . They also cannot stand Oracle, despite having tons of cash. Clueless People Chose Windows. Pros dominate the world using Unix.
"I want to impress my colleagues and bosses with a nice Blinkenware Powerpoint Slideset. SVG and TeX won't do".
"But China will hose all the secrets of your $500 million process sooner or later if you run MS Office and Adobe software".
"But I will already have collected my bonus by then".
Linux can never capture the desktop market until computer manufacturers can make more money selling computers with Linux pre-loaded than they can make from selling computers with Windows on them.
The 1% or so of the population that might ever do something like partition a hard drive and install another OS is already on Linux, or at least has dabbled with it. The other 99% will never do anything like that. In fact, I read that less than 50% of the population has ever installed any software at all. "Normal" people just buy computers and use whatever is on the box.
..will simply ignore Windows Security Risks, until all of the Russian Mafia uses them and China has hosed all the secrets of your customers. See RSA, Lockheed Martin and the F-22 Fighter. And the Chinese copy, which apparently is quite well-developed.
..will write anything for Mr Göbbel's, I mean Mr Ballmer's money.
..to promote anything which would inhibit the sales of this Great American company ! A company who is capable of buying their freedoms, a company who is truely living all the values of American Industry since Rockefeller and J.P. Morgan. Your communist operating system sympathies must be reported to the FBI, so that they harass you !
...and come to that, the mere fact that a normal user can turn it off suggests it isn't proper security.
regular users CAN NOT turn off UAC. Only administrators can turn it off. When you log in as an administrator (but without admin privileges because UAC stripped those from your token) you can *elevate* (get your admin privileges back) and turn it off. But regular users CAN NOT turn it off. You will be prompted for administrator credentials if you try.
No, UAC doesn't actually stop you doing anything, it just moans about it when you try, and then lets you after it asks if your'e sure. You click yes and carry on. There's a big difference to that and proper security.
If you don't accept the elevation, your token will not hold administrative privileges and the regular Windows security system will stop you from taking any action which require such privileges. Like changing OS files. You seem to miss the fact that UAC is more than just the UAC *prompt*. You naively assume that is all there is to it, while under the hood it is actually quite sophisticated. For instance, the UAC elevation prompt and several of the control panel applets run in high integrity mode, meaning other lower integrity processes CAN NOT send messages (e.g. controlling the mouse or stuffing keyboard buffer) to the high integrity level process.
How would you feel about UAC being the only thing protecting your checking account? "I see you're not the account holder. Are you REALLY sure you want to transfer its entire balance to another account?"
What a stupid question. How do you feel about Linux only protecting the *tools* and not the actual operations? How do you feel about Linux actually *caching* your sudo password so that *any operation* following the first one can silently take advantage of your credentials? How do you feel about a tool secretly launching and transferring your money out of your account, even without a prompt? Just because it could use cached credentials?
Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*
You are basically saying that the convenience of your users trumps everything. Linux software must be 99,999% the same as Windows software.
You completely disregard the confidentiality of your business secrets and that is what will bring you and your country down. Take your layoff with Freedom Fries.
Trade secrets stolen ? Secret technology being transferred to competitors ? Wars lots because of crappy computer security ?
I am currently fighting with MFC, but one of my clueless corporate colleagues suggested that "imagine to having work with Qt on Linux, how bad would that be". That guy is doing odd programming jobs on Windows and lots of non-programming stuff, so I guess he is also scared about the "great unknown Linux thing". He has serious investment in Windows and the corp is trying to promote him into some kind of management thing, so he can't dive into Linux. So he is instinctively negative without a proper reason.
Almost anything is better than MFC; Qt certainly is.
For all practial purposes, Linux and BSD would appear identical to most users. So all the smearing of the Microshaft Brigade would apply, also.
Secondly, the main difference in security is Windows vs any OS-*nix. You gain little from Linux to xBSD, but you gain a lot from Windows to almost any *nix.
I trust those packages because I know that if they do have a problem it will come out soon enough
So, the "because someone else may look at them" approach. It didn't work for Debian.
after which Ubuntu is sure to start losing users in droves, and go bankrupt.
Canonical (the Ubuntu company isn't named ubuntu) does not have a clear business model, and it is (as a sustainable business) bankrupt today. Can you please explain to me the difference between having zero paying users or one million of those?
Ubuntu has a good business reason
Oh god, please tell me, I really want to know! Because the company isn't run as a profitable business.
And that's what makes me trust them to keep it safe, and also that once a problem has been identified, that they will act to fix it.
1) Canonical has ZERO control over the repositories they push the sources from, so they can't really guarantee that - as an example, there is a cgi php bug that is only really fixed in 5.4, which is incompatible with a ton of existing php code. 2) every other vendor does that (fixing bugs), including Microsoft.Can I get security updates for my Linux 8 year old system install? doubtful.
The same for organisations like Mozilla or OpenOffice and it's forks: they run a business based on people trusting their software to do what it says it does
I want some of what you're taking. Mozilla is sustained mostly by Google trough the search engine in firefox, and OpenOffice doesn't have a commercial model at all, being a shared effort project.
And that "trusting in people you don't really know for stuff to be ok" is called social engineering. Look it up.
I work incident response for a fairly large bank with about 50,000 employees, and 38,000 desktop machines.
We haven't *had* a malware incident that affected since rolling out Windows 7 with AppLocker about 4 months ago. We've had AV go off with exploit attempts against Java on occasion, but the executable got dropped wouldn't run due to system security policies.
This isn't 2001 anymore. Microsoft have gotten their shit together in a big way since the bad old days of XP. Windows when properly configured can be pretty damned solid, our main problem is third party apps, and in particular Java. Oracle's JRE is a bug ridden heap of shit.
AC stalker "projects" his problems w/ "meds" obviously & off-topic illogical ad hominem attack attempts that always fail, because of what they are (when will you learn that you can NEVER "get the best of me", hmmm?).
APK
P.S.=> I rather STRONGLY SUSPECT @ this point he's "stuck in a loop" mentally, because he tries the same crap per my subject-line above, everytime, & fails, everytime... lol! No creativity, no originality, just the "same old/same old" TIRED b.s. - how weak!
... apk
Especially those I posted here -> http://linux.slashdot.org/comments.pl?sid=2875333&cid=40119055 U FAIL!
* You know it, I KNOW IT, & so does anyone else reading by this point especially w/ your WEAK reply...
(Yes, as-per-usual? That post of mine LOADED WITH UNDENIABLE FACTS, always "does the job", nicely)
Funny how it elicits the EXACT line of b.s. almost to a tee from those LIKE you (facts ARE like that).
APK
P.S.=> This was the MOST amusing part though, & so WEAK of you it's not even funny (ad hominem attack attempts always are, illogical & weak):
"So you took the effort to reformat your Sales PPT slide for Slashdot." - by Anonymous Coward on Saturday May 26, @06:15PM (#40123697)
---
"That can only mean that your handlers in Redmond are scared to hell by Android, BSD/OSX/iOS, Linux, Google, Ubuntu and Redhat." - by Anonymous Coward on Saturday May 26, @06:15PM (#40123697)
Yea, ok... lol! Tell U what - When Linux OR Google can take the "top spot" on PC's & Servers combined? Get back to us then, & tell us about "scared", lol...
---
"I've been with the biggest derivatives exchange as a C++ developer and they are currently moving everything to Linux and Postgres (from VMS and Solaris) . " - by Anonymous Coward on Saturday May 26, @06:15PM (#40123697)
Sure, sure - I am President Obama too...
---
"They also cannot stand Oracle, despite having tons of cash. Clueless People Chose Windows. Pros dominate the world using Unix." - by Anonymous Coward on Saturday May 26, @06:15PM (#40123697)
Oh yes... I keep forgetting: ONLY "PENGUINS" ARE SMART, the rest of the planet is stupid... lol, yea... "right" (sarcasm)...
... apk
Downmoddin posts n facts u can't beat to try "hide" 'em http://linux.slashdot.org/comments.pl?sid=2875333&cid=40119055
LMAO: If the "best u got" is unjustified moddowns to hide facts http://linux.slashdot.org/comments.pl?sid=2875333&cid=40118873 then you obviously FAIL trolls... like usual, everytime, vs. myself & that post.
* It's SO painfully obvious & hilariously amusing, and it NEVER fails... always the same!
Especially since the "ReAcTiOn" isn't disproving facts I put up (can't beat facts), but rather, "effete retaliation" in an unjustified downmod of my post...
(Merely clearly illustrating that the "best you have" is unjustified downmods to *try* to "hide facts" that show truths vs. "penguins fictions & fantasies"...)
APK
P.S.=> I tell you all, it's AMUSING AS HELL... & happens every single time... apk
LMAO: If the "best u got" is unjustified moddowns to hide facts I posted, here -> http://linux.slashdot.org/comments.pl?sid=2875333&cid=40118873 then you obviously FAIL trolls... like usual, everytime, vs. myself & that post.
* It's SO painfully obvious & hilariously amusing, and it NEVER fails... always the same!
Especially since the "ReAcTiOn" isn't disproving facts I put up (can't beat facts), but rather, "effete retaliation" in an unjustified downmod of my post...
(Merely clearly illustrating that the "best you have" is unjustified downmods to *try* to "hide facts" that show truths vs. "penguins fictions & fantasies"...)
APK
P.S.=> I tell you all, it's AMUSING AS HELL... & happens every single time... apk
Merely shows "Penguins" are 'F-UPS' then. Thanks 4 pointin it out. They can't even run their own OS right, lol!
This made me LAUGH the most though, since it proves my point for me:
"So that agency "DTS" fucked up their Linux password system, won't tell exactly how and it is a fault of Linux ?" - by Anonymous Coward on Saturday May 26, @04:48PM (#40123071)
See above, lol... & again, THANKS for making ME, look good (& you + your fellow "penguins" NOT SO GOOD... lol!)
---
"Muahaha. Please try harder, Mr Ballmer." - by Anonymous Coward on Saturday May 26, @04:48PM (#40123071)
Ahem: Based on the FACT you yourself noted that the penguins who setup Linux badly noted by YOU messed up so bad?
Don't YOU think you ought to be saying that to your fellow "penguins" that messed up their own setup?
* LMAO - Absolutely!
APK
P.S.=> Man... you KNOW I've just GOTTA say it, as-is-per-my-usual inimitable style:
This? This was just "too, Too, TOO EASY - just '2EZ'"... & is, everytime, vs. penguins (especially since I used nothing but facts here, & ones the "penguins" obviously CANNOT combat -> http://linux.slashdot.org/comments.pl?sid=2875333&cid=40119001 and MANY OF THEM from 2011-2012... )...
... apk http://linux.slashdot.org/comments.pl?sid=2875333
..that Linux servers might be technologically superior ?
After working for a bank, it was VERY M$ or IBM oriented. Yes, Dell & IBM were in there. We had a little proprietary imbeded UNIX clone in one internal appliance, and two IBM AIX servers we used for wire transfer. Other than the IBM System 34 (or whatever they call their mid-range to small mainframes) ran an IBM only OS (even though it was really an RS6000 internally with PowerPC chips). Everything else was M$.
Security at that bank was all peripheral as far as I could tell. Way to much dependence on 'well behaving' apps and firewalls (Cisco mainly).
Now WHY? I have a few theories. ... even then, you were under pressure to 'go along to get along')
. We won't be fired if we do what everyone else does
. If we loose money, and we don't do what everyone else does, we can go to jail because we are 'obviously just criminals and hackers' (yep, they had that attitude)
. The auditors don't understand this other stuff (UNIX in general). (State banking, Fed banking, Federal Reserve, External financial auditors, internal auditors, compliance auditors - everyone had an annual review, and comments on what to 'improve'. You had to document why you didn't do anything the way 'everyone else does it' if you had a 'better idea'.
. Management was afraid to 'rock the boat', even if they could save a 'boatload' of money. They didn't want to be re-educated.
. ATMs were OS2 but being converted to Windows due to new 'banking security' regulations that came along when I worked there (10+ years ago), so even suggesting UNIX, let along Linux, was heretical. I still laugh when I see another ATM with a BSOD on it's ugly mug.
. The only real network guy and I were the only 2 at this bank that understood UNIX. I was almost drawn and quartered when they found me running Linux on my bank provided 'personal' desktop. I was able to 'defend myself', but I have often swam up-stream even if it didn't do any long term good.
. Most banking software is written to be run on M$ or IBM proprietary systems.
. When you have lots of M$ products, they cut you 'corporate deals'. VS having to have admins that know what they are doing (and have to pay them real $$)
I have more, but these are the obvious 'top' issues, IMHO.
Why did I work there? I needed to put beans on the table for my family. Some days pride takes a back seat to $$. Ethics still tops that. I never felt so relieved as when I left on my own power.
There were
Some examples from the press:
http://www.maas360.com/news/industry-news/2012/01/banks-begin-to-tackle-byod-800677691/
http://www.fiercecio.com/story/banks-learn-accept-byod/2012-04-29
Also, it's not "your" account, it's theirs.
I've read through the comments thus far, and no one has pointed out the absurdity of the original question, if cloud storage isn't allowed why don't businesses use Linux? What does the choice of operating system have to do with essentially exposing data outside of the corporate firewall? Cloud storage and choice of operating system have nothing to do with each other. All that have appeared are the usual knee-jerk responses defending or attacking various operating systems.
'Stuck in a loop' by the copy and paste troll, APK? There's a bit of irony.
Jesus was all right but his disciples were thick and ordinary. -John Lennon
First, you have to look at it from an enterprise perspective. Security is not black and white, but instead a sliding scale of cost vs benefit.
Also, it is not a one Windows box vs one Linux box perspective. It is 10,000+ windows boxes vs 10,000+ Linux boxes perspective. Once you have that enterprise perspective the reasoning becomes clearer. Most companies have spent a lot of money on a Desktop Management solution such as LANDesk.
I worked for LANDesk Management Suite for 7 years (a few years as a SME over Linux agents), and I can give you the Enterprise perspective on managing Linux workstations. I Also worked with our "patch content" for patching Red Hat and SUSE and based on the patch content, a Linux Desktop is not "more secure" than windows. They actually release more patches a month. That means increased cost. Also, while LANDesk is quite good at managing Linux agents (better than most of the "all around" desktop management solutions) the feature set for Linux is far smaller than that for windows. So there is less reporting and everything is more difficult.
So now lets define some of the enterprise perspectives.
Enterprise perspective #1: It is harder to get data from Desktop Management solutions about Linux.
Enterprise perspective #2: Desktop Management of Linux workstations costs more per box than Desktop Management of Windows Workstations.
Enterprise perspective #3: A Linux OS is not free because Enterprise demands support and so they actually pay Red Hat or SUSE per OS as much or more than they pay for Windows.
Enterprise perspective #4: A Linux guy in IT costs more than a Windows guy in IT
Now add to that the fact most Enterprises internal apps that are for windows or are running SharePoint using features that require IE, and they have hundreds of thousands of dollars invested in these tools and by the way, rapid development Windows with Visual Studio is more rapid than rapid development on Linux with the best IDE being Eclipse??? (which is in my opinion order of magnitude inferior to Visual Studio)
Enterprise perspective #5: The cost to move over existing internal enterprise tools from Windows to Linux is huge.
Like it or not, these are perspectives that are out there and they are real. You can argue or say you disagree, or say there are ways to make Linux cheaper, but it is not me you have to sell it to, it is the CIO/CTO/CEO and other decision makers in the enterprises.
Resolve these perspectives and somehow advertise it and you will see Linux explode in the enterprise.
gmhowell forgot 2 troll me by ac posts. Ur a KNOWN TROLL that hangs around w/ other KNOWN multiple registered 'luser' account using trolls (that mod themselves up that way, and their opponents down that way too - like weasels would).
Case-in-point? Tomhudson/Barbara, not Barbie... & everyone here KNOWS it:
barbara.hudson@unjava.com from http://slashdot.org/~Barbara%2C+not+Barbie = barbara.hudson@barbara-hudson.com from http://slashdot.org/~tomhudson
* In fact, since everyone KNOWS "ur pal" tomhudson/Barbara, not Barbie are the SAME PERSON & she does EXACTLY what's stated above? I'd wager YOU are just another of her "trolling guises"...
"I do whatever amuses me at the moment. Sometimes that is trolling. As far as AC? I only do that to avoid undoing moderations." - by gmhowell (26755) on Wednesday April 20, @12:49AM (#35877174) Homepage
Proof of how you "operate"/your "modus operandi" is above, you stalking harassing troll!
(That makes YOU, weak & a wuss... no questions asked!)
APK
P.S.=> Funniest part here is this:
'Stuck in a loop' by the copy and paste troll, APK? There's a bit of irony." - by gmhowell (26755) on Sunday May 27, @06:28PM (#40130821) Homepage
I'm NOT the one who blew it SO MANY TIMES vs. myself it's not even funny anymore... lol, but YOU did!
In fact, here's a "few examples thereof":
---
gmhowell can't even BEGIN to disprove my points on HOSTS files & resorts to his typical dolt-style effete & illogical off-topic ad hominem attacks:
http://tech.slashdot.org/comments.pl?sid=1907528&cid=34541322
---
gmhowell BLOWS IT RIGHT AWAY on hosts file data I had already that blocks a malware being discussed:
http://tech.slashdot.org/comments.pl?sid=1907528&cid=34536654
---
PROOF of the above & my source that had the data per the last example above:
http://tech.slashdot.org/comments.pl?sid=1907528&cid=34536868
---
gmhowell says he will STOP TROLLING ME, and breaks his word, again as he has here, in his typical dishonorable weasel like fashion:
http://slashdot.org/comments.pl?sid=2245866&cid=36489654
(Can't even KEEP YOUR WORD, can you, troll? LOL, evidently not!)
---
gmhowell admits stalking & harassing me yet again:
http://tech.slashdot.org/comments.pl?sid=1907528&cid=34541428
(How do you LIVE WITH YOURSELF knowing you're nothing more than an off-topic little stalking worm online, hmmm?)
---
Of course the above aren't anything new: He did it before, trolling me AFTER he said he'd stop:
http://slashdot.org/comments.pl?sid=2245866&cid=36489812
(Ah yes, further proof you're a dishonorable little weasel)
---
You ADMIT trolling/stalking/harassing me & kept a journal on it no less... pitiful, and quite "weasel-like":
http://slashdot.org/~gmhowell/journal/266768
---
(Man! The list goes on FAR beyond that too... I have TONS more, but those will do, for now... lol!)
... apk
"So, if it isn't your meds that has you on your monthly freakout cycle, what is it? Phases of the moon?" - by gmhowell (26755) on Sunday May 27, @09:00PM (#40131465) Homepage
gmhowell, do you have these items to your credit/name to make that "insta-snap 'prognosis/diagnosis'" of yours?
---
1.) A PhD in the psychiatric sciences
2.) A license to practice said psychiatric sciences in #1 above
3.) A formal examination of myself given in a professional psychiatric environs
---
???
NO, to all of the above? Of COURSE - "U DON'T NEED THEM, BECAUSE YOU'RE THE "SiDeWaLk-'ShRiNk' of /.", right?
LMAO!
I "kicked your ass" MANY times before, troll -> http://linux.slashdot.org/comments.pl?sid=2875333&cid=40131039
This is just another one to add to it...
---
"Hard to kee+p one's word when dealing with a lunatic such as yourself." - by gmhowell (26755) on Sunday May 27, @09:00PM (#40131465) Homepage
Ahem: You have no honor or word to keep, troll... lol, just like you don't have any of the items above that would allow you to judge others "mental state" & what-not, as you did above, in your typical STALE & unoriginal failing off-topic illogical ad hominem attack above...
APK
P.S.=> As per your usual? U FAIL, badly... you can't help it: It's just YOU, a known troll/stalker-harasser of others online due to your own mental difficulties/issues you attempt to PROJECT ONTO OTHERS, obviously... apk
You must be writing all your software yourself, and auditing all third-party source before you compile it in your audited (or self-written) compiler as it seems you don't see any reason to trust anyone.
Or if you do use software you didn't write or audit yourself: what is your trust in that software based upon?
See subject troll: Quit projecting your issues w/ meds onto others.
You must be writing all your software yourself, and auditing all third-party source before you compile it in your audited (or self-written) compiler as it seems you don't see any reason to trust anyone.
I just don't assume that the software is trustable just because some magical Canonical fairies compiled it, and the connection to their server is encrypted. How is this better than windows? (and that was the discussion)
As a sidenote, I usually build everything from ports in my servers (and the base system is rebuilt from a direct copy from the development source). While I cannot audit/control the source, I get a pretty good idea of what is actually installed and the dependencies of the most common applications I use. If a given application is perceived as untrusted, I can always rely on the available methods to try to isolate it as much as possible (securelevels, MAC, chroots, jails, systrace, capiscum, etc). It's not like there is no middle ground between thinking that a repository is farily safe and writing your own software from scratch.
You must be writing all your software yourself, and auditing all third-party source before you compile it in your audited (or self-written) compiler as it seems you don't see any reason to trust anyone.
Or if you do use software you didn't write or audit yourself: what is your trust in that software based upon?
I doubt Canonical audits everything in their store. The major and default packages? Sure. But if something bad filters through, what does Canonical really have to lose? They didn't write the malware. In fact, the android market suffers from this problem but it's hardly keeping users away from android smart-phones; even though Google has the means (unlike Canonical) to do a better job and the Java/Dalvik platform makes it easier to weed out the bad apples. Security is far from the minds of workstation users when compared to software support--will it run XYZ--and how frustrating/helpful an OS is to productivity. And given Windows 7 (no comment on Win 8) has made inroads on all of this PLUS security, Linux is a hard sell.
The financial utilities that keep the world working use several distinct layers of security:
- IPsec etc for wire level
- Tux link level security for messages. Security key changes with each session
- PKI authentication at the appl level. Any change to a bit invalidates the message.
Endpoints are built by the central provider. A thin layer, with limited API's. Data is stored, briefly, at the app level message queuing servers. They run embedded oracle. Users cannot take PLSQL to touch the db, in part so that cust support knows the start of all 5,000 endpoints. Each OS is monitored from command centers; our new system went live in 2001, just after several DOS attacks on famous, and sloppy, companies. Even if one of our endpoints got taken over and ran more requests than it should, command center shows red on that link and has a command to turn that endpoint down and off if necessary.
Endpoints do CRC checks when they start; if some noodle-head has attached exe to them, they will fling an error and stop.
Users? They have right only to sub,it a message, review it reject it or release it.
"Perhaps I have an MD in Psychology. You'll never know." - by gmhowell (26755) on Monday May 28, @06:16PM (#40137679) Homepage
No, I DO know (& NO, you do not, so... "go away, troll")
APK
P.S.=> See subject-line above - that's about ALL you've got, troll... nothing more! apk
Just checking that you're still answering to prove my point:
You're unemployed, with no wife, no child, spending all your time on the Internet, keeping track of all your posts and who answers what.
also you're self-contradicting your own yourself: in one post you say that you don't care about moddown, but if you didn't care, you wouldn't then post a complaint such as above about "hiding posts via unjustified moddowns". Last but not least all these moddowns show clearly that the /. crowd disapprove your spamfest.
now go take your pills and get a job, I'm tired of you stealing my job taxes through your unemployment.
Flavored w/ "the bitter taste of SELF-defeat" & ur foot in ur mouth -> http://it.slashdot.org/comments.pl?sid=2857487&cid=40153371
* You FAIL, right off the bat/from the starting line there, & YOU KNOW IT, I know it, + anyone reading knows it - where you ERRONEOUSLY stated "I put 'everything' into my hosts file" & I clearly do NOT...
(So, that puts YOU right in your place, troll... the trashbag)
APK
P.S.=> Lastly - As to the rest of your "phantasies" about myself?
I can only say this the SIMPLEST way possible (especially now that you've run dry of modpoints downmodding my posts left & right this week, only to have me post again bringing them to the surface (so much for your "effete retaliation" in bogus downmods, eh?)):
QUIT PROJECTING YOUR OWN ISSUES & FAULTS ONTO OTHERS LIKE MYSELF... ok?
... apkb
U failed from the start here http://it.slashdot.org/comments.pl?sid=2857487&cid=40034765 and now, u stalk apk to this post too?
(U show us how bad of a loser u are stinging with 'geek angst', stalking apk to another set of his posts (which you doubtless downmodded unjustly blowing all of your mod points so there's no more of that coming from you now "oddly" (not))).
Now, you complete the picture here, stalking apk, with further off topic ad hominem attacks that fail in the light of what's in the link above (ur big fail vs. apk that's got you all bothered n u only did that to urself).
Geek angst and your big mouth got the best of you, lol! See link above.
U FAIL, troll. Very badly I might add.
U ran outta modpoints - no more bogus downmods of my posts ("funny that, eh", lol, not)... Your "effete retaliations" modding down many of my posts bogusly with no computing technical justification behind them?? All done... lol!
(Go on though, mod my posts here down now - you can't, can you? Nope... lol!)
That's right... I am LAUGHING @ U!
* Still, all that "all said & aside": I really must THANK-YOU, lol, for proving my points...&, of course, for you being SO stupid too!
(You continually make me look GOOD!)
APK
P.S.=>
"You really have several personnality, one of them acting as if it's not you ... unbelievable" - by Anonymous Coward on Friday June 01, @02:58PM (#40183417)
1st of all, goofy, it's personality, and in combination with several, it should have been personalities from you... please - learn to spell/write, etc./et al!
SECONDLY, & more importantly? Do you have the following items to YOUR name/credit (no, because there's no degrees in the psychiatric sciences given to "anonymous coward"):
1.) A PhD in the psychiatric sciences
2.) A license to practice in said psychiatric sciences
3.) A formal examination result for your "insta-snap 'prognosis'/'diagnosis'" given in a professional psychiatric environs
NO, to all/each of the above? OF course! Why?
Heck, because you're "The 'SiDeWaLk-'ShRiNk' of /.", complete with your OWN "delusions of grandeur" @ being a psychiatric professional in your libel sessions here... lol!
... apk/b
Flavored w/ a "bitter taste of defeat" & ur foot in ur mouth -> http://it.slashdot.org/comments.pl?sid=2857487&cid=40034765
?
* Stalking me from one post to another, and blundering your grammar here while doing it? Please... lol "U FAIL"... as always, vs. myself.
(Irony - the captcha is "stalked"... just like you showed everyone you're doing to myself, here -> http://it.slashdot.org/comments.pl?sid=2857487&cid=40046391 psycho )
APK
P.S.=> No more downmods of my posts either, "funny THAT stopped too" (lmao - NOT)... I knew you'd "run dry" of modpoints out of your registered 'luser' account here, & now? Now you have no "effete retaliation" weapons, such as the technically unjustified downmod, do you?? Nope... as-per-usual, you KNOW I've just GOTTA say it:
This? This was just "too, Too, TOO EASY - just '2EZ'" & your having to "eat your words" above, due to the errors you made there saying "APK puts everything into his hosts file" (which isn't true) made it so for me... thanks for making me look good as per your failing usual!
I always win, especially vs. off-topic illogical ad hominem FAIL attack attempt using obviously undereducated TROLLS like yourself that like to stalk/harass others online... apk
2012:
Medicaid hack update: 500,000 records and 280,000 SSNs stolen:
http://www.zdnet.com/blog/security/medicaid-hack-update-500000-records-and-280000-ssns-stolen/11444
So, what's dts.utah.gov running everyone?
LINUX (and yes, it got HACKED) -> http://uptime.netcraft.com/up/graph?site=dts.utah.gov
What's health.utah.gov running too??
YOU GUESSED IT: LINUX AGAIN -> http://uptime.netcraft.com/up/graph?site=health.utah.gov
* Ah, yes - see the YEARS OF /. "BS" FUD is CRUMBLING AROUND THE PENGUINS EARS HERE & 2012's starting out just like 2011 did below!
===
2011:
KERNEL.ORG COMPROMISED - The Cracking of Kernel.org: (that's VERY bad - do you trust it now?)
http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised
---
Linux.com pwned in fresh round of cyber break-ins:
http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/
---
Mysql.com Hacked, Made To Serve Malware:
http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware
What's that site running? You guessed it - Linux -> http://uptime.netcraft.com/up/graph?site=mysql.com
---
London Stock Exchange serving malware:
http://slashdot.org/submission/1484548/London-Stock-Exchange-Web-Site-Serving-Malware
(I mean hey - NOT ONLY DID LINUX FALL FLAT ON ITS FACE less than a few minutes into the job http://linux.slashdot.org/story/11/02/19/0147232/London-Stock-Exchange-Price-Errors-Emerged-At-Linux-Launch, & crash not only ONCE, but TWICE there? You see "Linux 'fine security'" in motion @ the LSE too!)
---
DUQU ROOTKIT/BOTNET BEING SERVED FROM LINUX SERVERS:
http://it.slashdot.org/story/11/11/30/1610228/duqu-attackers-managed-to-wipe-cc-servers
---
Linux Foundation, Linux.com Sites Down To Fix Security Breach:
http://linux.slashdot.org/story/11/09/11/1325212/linux-foundation-linuxcom-sites-down-to-fix-security-breach
---
Linux's showing in CA's breached recently too? Ok: (very, Very, VERY BAD for ecommerce, online shopping, banking, etc./et al)
http://uptime.netcraft.com/up/graph?site=StartCom.com
http://uptime.netcraft.com/up/graph?site=GlobalSign.com
http://uptime.netcraft.com/up/graph?site=Comodo.com
http://uptime.netcraft.com/up/graph?site=DigiCert.com
http://uptime.netcraft.com/up/graph?site=www.gemnet.nl
The list of CA Servers BREACHED that RUN LINUX (StartCom, GlobalSign, DigiCert, Comodo, GemNet)... per these articles verifying that:
367++ TOP FORTUNE 100/500 (or best 100 to work for per CNN Money) COMPANIES, EDUCATIONAL INSTITUTIONS, &/or GOVERNMENT AGENCIES USING WINDOWS (over other solutions like Linux) both in HIGH TPM ENVIRONS, & FROM "TOP 100 COMPANIES TO WORK FOR" (per CNN Money 2011):
---
38 HIGH TPM & 99.999% "uptime" examples:
---
XEROX: Managing 7++ million transactions a day for office devices for its customers using Windows Server 2003 + SQLServer 2005 64-bit with 99.999% uptime!
NASDAQ: The U.S.' LARGEST STOCK EXCHANGE, Since 2005 has had Windows Server 2003 + SQLServer 2005 in failover clusters running the "official trade data dissemination system" for them in 24x7 fabled "5-9's" 99.999% uptime, doing 64,000 transactions PER SECOND (compare London Stock Exchange using Linux @ 3,000 per second)
FUJIFILM GROUP: Tracks data for its imaging, information, & documentation for its products & services using Windows Server 2003 w/ a custom SAP solution on SQLServer 2005, achieving 99.999% uptime.
HILTON HOTELS: Manages 1.4 Billion records a day for customers in 1000's of their hotels worldwide - for 370,000 rooms & catering services forecasts (switching from 6 *NIX systems to 1 Windows Server 2003 + SQLServer 2005 clustered failover system using a data warehouse with 7 million rows & 99.998% uptime).
MEDITERRANEAN SHIPPING COMPANY: Manages & Tracks 7 million containers out of 116 countries daily using Windows Server 2003 + SQLServer 2005 in failover clusters with 99.999% uptime.
SWISS INTERNATIONAL AIRLINES: Serves 70 airport destinations worldwide, with 6,500 employees + 110 branch offices via Windows Server 2003 & Active Directory with 99.95% uptime (all while growing their business 30% per year). THEIR PREVIOUS LINUX SYSTEM COULD ONLY HANDLE 250 concurrent users - the Windows one handles over 500++ users concurrently/simultaneously!
UNILEVER: Global consumer good leader, migrated to mySAP on SQLServer 2005 + Windows Server 2003 & scaled UP their operations by over 200% & yet saved money + have 99.999% uptime!
MOTOROLA: Using System Management Server, Windows Server 2003 & SQLServer 2005 to conduct inventory of 65,000 desktops from a single location (e.g. for system updates corporate & worldwide).
NISSAN: Uses Windows Server 2003 to manage 50,000 employees' email & calendaring (w/ out VPN, & using Exchange Server 2003) for local AND remote + mobile users.
TOYOTA MOTOR SALES: Reduced the # of techs needed per dealership (1,000's worldwide) from 7, to 1 using Windows Server 2003.
SIEMENS: 420,000++ people, 130 business units over 190 countries managed in Windows Active Directory
REUTERS: Managing 3,000 servers worldwide @ customer sites internationally (using only 4 managers to do so, remotely).
DELL COMPUTER: Managing 130,000 servers & 100,000 PC's worldside using Windows Server 2003 + 40 million customers' data worldwide.
LEXIS NEXIS: Searches BILLIONS of documents each second delivering news, legal, & business information.
HSBC: Deploys System Center solutions to 15,000 Servers worldwide & 300,000 desktops using Windows Server 2003.
RAYOVAC: Chose Windows Server 2003 over Linux to manage their infrastructure - saving 1 million dollars estimated in software, staffing, & support costs.
JETTAINER/LUFTHANSA/U.S. AIRWAYS: managing shipping to 3,000 flights to 400 airports every day.
CONTINENTAL AIRLINES: Manages crew communication systems, log on/log off, schedules, & shifts using Windows Server 2008 worldwide.
JET BLUE AIRWAYS: Managing 12 million flights & their data annually + ticketing, finance, & personnel too.
TIMEX: Using Windows + Exchange Server for remote personnel & executives (for their ENTIRE workforce)
7 ELEVEN STORES: Chose Windows Server 2003 over Li
"U FAIL"
who is this "U" guy you keep talking about ? I don't know of any user named "U" here on slashdot.
and it would be "U fails", you illiterate moron.
From THIS exchange http://linux.slashdot.org/comments.pl?sid=2875333&cid=40153943 YOU brought this up from another exchange where you attempted to "make me look bad" on hosts files -> http://it.slashdot.org/comments.pl?sid=2857487&cid=40152867
HOWEVER: There in that link? You made a HUGE FAIL there by stating I put "everything in my hosts file", which I clearly do NOT!
That much was easily proven there by myself in this reply that utterly FLOORED your b.s. -> http://it.slashdot.org/comments.pl?sid=2857487&cid=40034765
QUESTION: How's it FEEL "eating your words" spiced with "the bitter taste of SELF defeat" along with your foot in your mouth?
APK
P.S.=> You're also proving you "stalk me" post-to-post of mine via the links you posted above from that other exchange here, into this one, & funniest part of all is this: NO MORE DOWNMODS of my posts have occurred for days now, proving you "ran outta gas" (modpoints) to do THAT with... lol @ U, again, U FAIL! apk
From THIS exchange http://linux.slashdot.org/comments.pl?sid=2875333&cid=40153943 YOU brought this up from another exchange where you attempted to "make me look bad" on hosts files
Dammit, wasn't me, it was this 'U' guy, I'm telling you !
@ U, again, U FAIL! apk
Again barking at this 'U' guy ... I wonder who he is ? so who's 'U' ? it looks like he f***d your butt because you're flaming him all the time.
Bullshit. Think anyone believes YOU, troll? Guess again:
After all, You're the one who constantly keeps replying, stalking me here & elsewhere which you already proved as well in posts prior to this -> http://linux.slashdot.org/comments.pl?sid=2875333&cid=40153943
(Man, lmao... please, give us a break!)
* YES, it's very apparently that You're an obsessed "geek angst" ridden fool who I have OBVIOUSLY dispatched with facts & "blown away" before, hence your nigh constant stalking of myself via AC posts!
(Since you obviously KNOW I keep track of times I blow away trolls like yourself by their registered 'luser' name & toss those defeats of theirs into their faces again & again, lol, when they try it again as you are now - you don't DARE post by your registered 'luser' name, doubtless one of MANY alternate registered accounts you keep here too no less... because of THAT fact. It's quite obvious...).
Hey, please: DO keep making ME look good though... just like you did here -> http://it.slashdot.org/comments.pl?sid=2857487&cid=40034765 where YOU ended up ABSOLUTELY BLOWING IT saying I put 'everything' into my custom hosts file, when I clearly do NOT!
(Trying to say it wasn't YOU is hilarious - YOU pointed to that very exchange where you blew it there in fact, albeit in THIS very exchange! Nobody else would be replying here by ac posts especially w/ NO name attached to your posts, so who do you *think* you're fooling? Not I, or anyone else who might be reading...)
Answer this simple question:
What do your words taste like, flavored with the BITTER TASTE of self-defeat, & your foot in your mouth now?
Per this -> http://it.slashdot.org/comments.pl?sid=2857487&cid=40034765
APK
P.S.=> That, as well as your rampant expenditure of mod points downmodding my posts which stopped because you "ran outta gas" in your mod points!
(Which YOU OBVIOUSLY DID & ran out of them, haha, proving that you were doing that to my posts, since that has ceased for days now)...
Give up, you FAIL as always... & this? Well - you KNOW I've just GOTTA say it, as is per my own inimitable style:
This? This was just "too, Too, TOO EASY - just '2EZ'" - especially vs. geek angst ridden cowardly FOOLS like yourself who have OBVIOUS obsession issues...
... apk
U stalk me by ac posts & say THAT? LMAO!
FTFY: "U stalks me by ac posts and says THAT ? LMAO !
So it shows the "gist" of what I wrote with the subject. Ur "pot calling a kettle black" or don't YOU recall YOUR BLATANT errors here -> http://linux.slashdot.org/comments.pl?sid=2875333&cid=40193617
(Where you said I put "everything" into my custom hosts file - WRONG!)
* I have a reason for using U vs. YOU, to fit the gist of my point into the limited space given after the subject-line... YOU? You're just a screwup, see the link above... lmao @ U troll.
APK
P.S.=> You're also OFF-TOPIC now, the "last resort" of the dimwitted troll, lol... the "grammar check/spelling check" & new NEWS/NewsFlash:
This ISN'T "English Class", professional correspondence, or an academic paper for a grade... the topic is computing technical information!
Now, mind you, on grammatical errors?
You're the "pot calling the kettle black":
"You really have several personnality, one of them acting as if it's not you ... unbelievable" - by Anonymous Coward on Friday June 01, @02:58PM (#40183417)
1st of all, goofy, it's personality, and in combination with several, it should have been personalities from you... please - learn to spell/write, etc./et al!
Get a clue, get a life, troll...
Yes, & too bad you had to "eat your words", spiced with the BITTER TASTE OF SELF-DEFEAT here where you said I put "everything" into my hosts file, but I proved otherwise, easily -> http://linux.slashdot.org/comments.pl?sid=2875333&cid=40193617
barbara.hudson@unjava.com from http://slashdot.org/~Barbara%2C+not+Barbie = barbara.hudson@barbara-hudson.com from http://slashdot.org/~tomhudson who has multiple accounts for trolling others, modding herself up and her opponents down, and stalking them by ac posts which she admits to here and told others to join her in doing which is breaking the rules of this forum as well as laws.
See here http://slashdot.org/comments.pl?sid=1646272&cid=32150544
"Wait until he starts on another kick, then reply to him as an AC. It's the new meme." - by tomhudson (43916) on Sunday May 09 2010, @08:29PM (#32150544) Journal
from http://slashdot.org/comments.pl?sid=1646272&cid=32150544
barbara.hudson@unjava.com from http://slashdot.org/~Barbara%2C+not+Barbie = barbara.hudson@barbara-hudson.com from http://slashdot.org/~tomhudson who has multiple accounts for trolling others, modding herself up and her opponents down, and stalking them by ac posts which she admits to here and told others to join her in doing which is breaking the rules of this forum as well as laws.
See here http://slashdot.org/comments.pl?sid=1646272&cid=32150544
"Wait until he starts on another kick, then reply to him as an AC. It's the new meme." - by tomhudson (43916) on Sunday May 09 2010, @08:29PM (#32150544) Journal
from http://slashdot.org/comments.pl?sid=1646272&cid=32150544
APK
P.S.=> YOU did this to YOURSELF, "barbie" (or is it tom?), & now? Now I am only exposing you for it... with your OWN bogus words & tactics which others are aware of as well... lol, couldn't happen to a more BOGUS troll! apk
I have a reason for using U vs. YOU
Why do you want 'U' and I to get into a fight all of a sudden ? I don't even know him ('U') !
I do that "compressed" speak ... to fit the gist of my point into the limited space given after the subject-line
MWA HA HA this has to be your most hilarious comment in the past 10 years !
... ... "compressed" ... MWA HA HA lmao, hahahahahah lol, hahahahahaha ... yuk yuk yuk, he-he ... rotfl
you, apk, doing "compressed" speak ? hahahahahah lmao, hahahahahaha, MWA HA HA lmao lol, rotfl
pffffffffffff
apk
"compressed"
wow, he-he, thanks for that, you made my day dude
How does "eating your words" taste flavored w/ a "bitter taste of SELF defeat" & ur foot in ur mouth -> http://it.slashdot.org/comments.pl?sid=2857487&cid=40034765 you off-topic stalking psycho troll.
APK
P.S.=> Answer the question troll - after all:
We KNOW you stalked me here from that series of posts where you utterly BLEW it, by this post from you in THIS exchange -> http://linux.slashdot.org/comments.pl?sid=2875333&cid=40153943
(So all your bullshit only makes me laugh, especially considering it's VERY OBVIOUS I've "blown you away" before & hence why you stalk me by ac posts like the obsessed psycho you clearly evidence yourself to be - you KNOW I keep track of those, & I'd simply toss them in your face again too, just to humiliate you for the WORM you clearly are - you must know, deep inside, you can never get the better of me, so you go "off-topic" like some juvenile idiot would)... apk
"You really have several personnality" - by Anonymous Coward on Friday June 01, @02:58PM (#40183417)
QUOTED FROM YOU AC TROLL, here -> http://linux.slashdot.org/comments.pl?sid=2875333&cid=40183417 in this very exchange...
* New NEWS/NewsFlash: You need to get your "hooked on phonics" out & learn to write, illiterate moron... lol!
(The correct spelling of the word is PERSONALITY, and when used with several, it would be the plural of it, PERSONALITIES).
APK
P.S.=> You're an utter fool... you make me laugh, you defeat yourself on your OWN grounds for attacking me every single time - is your IQ like "10 below plantlife", or what? apk
is your IQ like "10 below plantlife", or what?
To be fair it's "133.7 above apk"
"You really have several personnality" - by Anonymous Coward on Friday June 01, @02:58PM (#40183417)
QUOTED FROM YOU AC TROLL, here -> http://linux.slashdot.org/comments.pl?sid=2875333&cid=40183417 in this very exchange...
Now, you're also stalking me to OTHER threads like a demented lunatic (always by "ac" posts not even identifying yourself) -> http://it.slashdot.org/comments.pl?sid=2892215&cid=40212009
* New NEWS/NewsFlash: You need to get your "hooked on phonics" out & learn to write, illiterate moron... lol!
(The correct spelling of the word is PERSONALITY, and when used with several, it would be the plural of it, PERSONALITIES).
APK
P.S.=> Get professional psychiatric help, psycho... stalking me post-to-post by ac trolling/stalking/harassing posts on YOUR part shown above evidences that much clearly for me, no psychiatric training required... apk
Looking at the replies it's clear that so many /. people have no clue just how pervasive Linux is out there. Storing your stuff in the cloud - that would be Linux with like one exception. Storing your stuff in a San, NAS, that would also be Linux. Your Android, Set top box, F5, firewall, almost anything - that would be Linux. There are exceptions, however not many. Microsoft is in the clear minority. According to Netcraft their web server is at it's lowest share since about 1997. IE Browsers are at a low point too as so many phones run Linux or anything other than Windows.
The world is changing away from Microsoft. Most people don't know it yet.
Before you BSD people get upset, I know about BSD and the others. They have strong points and perhaps do some things better than Linux. I used to use BSD before there was such a thing as Linux. For better or worse it was passed by. I'd love it if the unices would unite and become one instead of being so fragmented.