Acutally, Linux is barely holding steady in Server Marketshare, while Windows is increasing fast. Just recently, Microsoft broke 50% for new server shipments. For all the Linux hype, that's pretty impressive.
As of yet, there's little evidence that Linux Servers have really broken out of the "Unix Ghetto" -- Apache/Sendmail/Bind/Oracle and into the much larger file/print and office application markets.
Re:What I see from this
on
Browser Wars 2004
·
· Score: 2, Interesting
As I remember it, every sensible commentator out there was saying that ActiveX was a dystopian disaster just waiting to happen.
The big issue at the time was that IE3 would automatically run ActiveX stuff without any prompt at all. That was fixed in IE4. People were also incorrectly comparing it to sandboxed Java Applets, when a better comparison was non-sandboxed Netscape Plugins.
Realistically, ActiveX has not been a huge security problem or a "dystopian disaster" (rolls eyes). ActiveX is just one of a thousand ways of doing social engineering hacks. IE's *real* security issues are in it's HTML renderer and shoddy Zone system.
It's time to drop ActiveX as a mindless Bash Microsoft point. Mozilla.org has ripped off the idea, and they've shown even the Anti-MS people that it can be useful and convienent.
The native code in HTAs is also located in "plugins" (COM objects), which are "arbitrarily on your computer". The question is what the security model is going to look like and will it work better than IE's.
I think you're confused: New Plugin Archtecture --> New way of interfacing and running Flash etc.
ActiveDesktop or HTAs --> Local HTML pages can call Local Code, proprietary tags for enhanced functionality.
AFAICT, "Dashboard" seems to be just another take on Windows HTAs from 1997. (Although, the orange calculator was a sexier demo than most of Microsoft's stuff.)
The problem with IE's implementation is that the browser is easly confused between local and remote pages (using iframe tricks, etc). It will be interesting to see how Apple avoids this.
Yeah, my comment appeared right before the quick release of 0.92!
However, I'm still not totally sure what "stable long-lived branch" means in terms of security fixes, or if that has been adequately communicated to the IT folks here rolling out Mozilla to organizations.
Er, the word "FUD" might be a little strong, don't you think? This is the Mozilla people's argument of why they don't 'clone' IE -- it would be imperfect and would break or degrade Mozilla-oriented sites. It's not like Mozilla is a new browser anymore. I don't fully agree, but there's something to that.
I basically agree with you that Mozilla should be more IE-compatible, and that they were arrogant fools in the beginning by breaking backcompat with everything. Nowdays, they have lightened up a little, but they still seem all over the map. For some things they copy IE proprietary features, for others they seem to go out of their way to be intentionally incompatible. I'd just like to write code that never has to sniff the UA.
When Mozilla.org started, Netscape still had ~35% marketshare and thought they still had some weight to throw around. So they made some high-level decisions to not be compatible with either IE or Netscape 4. Things look a lot different when you have 2% marketshare instead of 35%
Now they're in a bind, because people have already coded sites based on the assumption that IE does X and Mozilla does Y. They can't become IE compatible without breaking stuff.
The worst thing is that Netscape/Mozilla sat out the dot com boom, when there was massive investment going into webdev. If you wanted "DHTML" or CSS functionality in 1998-2001, IE was pretty much the only game in town. So a lot of people unwittingly built non-W3C compliant sites and now don't have tons of developers sitting around to make things Mozilla-compatible.
(And Firefox's cookie management is pretty much identical to IE's, except IE is less spammy with the dialogs -- "Do you want to accept another cookie from shittysite.com? You already have 18 cookies." ARRG!)
Depends if you are talking about major sites or CSS/javascript-heavy nerd sites.
Windows-using corporate types have heard of IE and have heard of Macs, so they tend to write Mac/IE testing into their requirements. However, they haven't heard of "Safari", so it's not as likely to be written into the specs.
In fact, I bet that even most Mac users haven't heard of Safari, because it's only really availble on the latest OS X version, and half the installed base is still on OS 9 and below. If you want to reach the entire Mac installed base, you really have to test on both.
OK, the whole reason folks want to switch from IE is because Microsoft isn't providing timely patches. However, I'm not sure if Mozilla is either -- Mozilla seems to be a "work in progress", which means that potential security problems are fixed in the development branch, but that does not affect the release schedule. And Firefox is still in beta stages and probably isn't being patched at all.
I read somewhere there's a remote hole in Moz 1.6 and FireFox 0.8. However, the advisory page doesn't list them, and hasn't been updated since November, so I don't know what to believe.
Furthermore, some milestone releases aren't totally stable or may behave differently. It would be very difficult for a corporate deployment to follow Mozilla's release schedule, especially if they had to test intranet apps etc.
I know that Mozilla security is not a huge real world problem yet, but maybe someone can clarify what exactly Mozilla's security patch policy really is.
(Also, you'll have to prepare to uninstall and reinstall the whole browser because there isn't a patch procedure, but that probably could be scripted.)
the Windows Start menu that you mention as if Microsoft created it was ripped off almost entirely from the Apple menu from Mac OS
Not really, because the Apple Menu wasn't the place to "Start". It was supposed be only for little DA applets. (Some users manually configured it this way though.) If anything the Start Menu was a rip off of the Drawers in CDE etc.
And most lowskill users probably found the Start Menu easier to "start" with than Apple's blank desktop.
This is true for the most part. However sometimes you want content to stay on the page without doing a reload (perhaps there's a long database query or something). In that case frames/iframes are pretty much your only choice.
Sounds like he's just describing reality -- many people have already moved to Flash, largely because DHTML has been such a trainwreck.
I have a feeling that Flash is going to be the VB of the 21st century. Which means it will be enormously popular for simple applications, even while getting bashed from all corners.
It's easy to turn this into a bash fest, but keep in mind that browser plugins are patented technology, and Microsoft is on the edge of losing a very large lawsuit for using them. It's a bogus patent, but it might hold up.
Why would Microsoft (and Opera and Mozilla) waste any time working on a standard if they can't legally use the technology?
Also, there's no technical reason a Windows-based browser couldn't support all ActiveX (IE) plugins, the same way all Windows-based word processors support COM enbeddding. And they could do a better job on the policy side than Microsoft. (And before someone responds with "ActiveX is insecure", tell yourself that all Internet Plugins are insecure.) Mozilla even has a ActiveX thingy, but it's not included with the Windows binaries, mostly for political reasons I guess.
Not quite VAX, but the large Unix setups I've seen relied heavily on X-Terminals and remote storage, and had no where near the freedom of your average Windows network. (For example, no root privs for the users.)
The four most expensive tech support incidents I recall from my IT Drone days were: + Compaq Presario + AOL for VP's 19 Year Old Girlfriend + Crappy Inkjet for VP + VP who kept installing "Grateful Dead Screensavers" causing DLL Hell with an internal application. + Nightmare consumer Sony laptop for VP
See what's in common?:) In one of these places, the entire managed Windows/Novell network client & servers were handled by 2 guys, while 2 more people did nothing but coddle executives. The nice thing about something like a Sun network is that it would just eliminates any possibility of stuff like this happening. But if IT can't politically stop them from running screensavers, how the hell are they going to force them to use Unix machines?
And if you had put those links in your original post, rather than a bunch of nonsense about broadband IP addresses, you'd be at Score 5 and you wouldn't be so agitated right now.
I don't think you're a zealot, by-the-way, just poor at presenting your argument.
OK, I'm talking to a guy who will nitpick Google's 1% to death, but then thinks it's perfectly OK throw out a number like "2.5%" with no source whatsoever and then claim it's "generally accepted" (by whom?). See the problem with your argument?? Maybe, just maybe, that's why people think you are an irrational zealot.
Furthermore, the desktop/server difference could easily accomodate both numbers.
> Unless the military is very unusual you'd need several times the number of MCSEs compared with unix admins
True, but much of that has to do with management philosophies than the actual OS. If you are running Windows, you are likely running a Personal Computer network, with all the freedom and costs involved. If you are running Unix, you are likely running a Host-Terminal network, where users are far more restricted.
I know a "Windows Guy" who the biggest Host-Terminal (Citrix) fanboy you'd ever meet. At the same time, I don't think we have enough data on support load of "Give the users KDE and let them do whatever the hell they want".
Back in the 80s we had this little bloody IT revolution where the Host-Terminal guys got thrown out and the PC guys took over the desktop. I don't think that's quite been resolved yet in most places.
Which sounds great, until you realize he's stupidly misrepresenting Netcraft, and the reality is that IIS installations likely grossly outnumber Apache installations.
Here's why: Windows 2000 brings up IIS by default, in a rather insecure configuration. No moder Linux/Unix OS that know of will bring up Apache without the admin taking action. Therefore, there's likely millions of unused or internal IIS installs ready and waiting to get wormed.
Conclusion: Microsoft made a horrific security decision, but the "Apache is more popular" numbers game argument is pure bullshit to anyone bothering to use their brain a little.
It seems logical that Google would associate OSes with individual IP addresses.
No web developer worth his paycheck uses IP addresses to track users. There's too many people (like all of AOL and nearly every corporate user) behind proxy servers. Google uses permenent cookies to track users, and they've got webserver logs. Unless you have a reference, I'm going to assume you pulled that from your ass.
As far as IIS is concerned, I'm not talking about its other capabilities,
Well, it doesn't really matter what you want to talk about -- when it comes to automated worms it's a pure numbers game. And IIS has tons of installations that don't show up in Netcraft. It seems you want to remain ignorant of that fact, because it undermines your argument.
(And yes, that has largely to do with stupid defaults, but also the fact that IIS is designed more for Intranet use than public servers.)
If you'd like to kill the "popularity" argument, you're going to have to do better than bogus statistics. A good example may be how 'Unix Hackers' picked on inexperenced Linux users back in the 1990s. Linux was relatively not that popular, but it had more than it's share of hack scripts.
I don't see how broadband makes a difference, but Google does not explain how they generate the stats.
I would think Linux would be over-represented on Google because (1) Smarter users use Google, dumb users use MSN because it's the default home page, and (2) Google started out marketing to Linux users during their "beta" period.
As for IIS -- Netcraft is not even half of the story. IIS is very commonly installed on intranet server, file servers, workstations, etc. It runs by default on every new Windows 2000 Server. IIS could well be more "popular" than Apache. Even if it isn't used, it's still can be worm infected.
Wrong. Go buy a license for 100 mail users, or 50 MSSQL user licenses. OUCH. Now compare Postgres/MySQL or Sendmail/Qmail/god-knows-what-free-email-servers
This has devolved down to a game of equal-and-opposite spin.
The Linux advocates will portray some world where where all Linux users are running Debian and MySQL for free, while all Microsoft users are paying for expensive licenses.
Microsoft portrays a world where Linux users are all using expensive IBM and Oracle software and RedHat support contracts.
Truth is, of course, somewhere in the middle. Lots of Windows users use MySQL and cheap/free mail servers. Most Corporate Linux users will be "paying their way" with supported distros and will very likely be using J2EE, commerical RDBMSes, and other pricey stuff on some systems.
Unless someone wants to start getting realistic about IT needs and scenarios, this is all just noise.
[An aside: Where's a free (stripped down) version of Visual Basic on Windows? Microsoft gives out free C#, VB.NET, and C++ compilers now.]
There is the "Do what I say, not what I do" angle -- if 100% of Microsoft's own applications ran under "User", there would be no bashing angle. That is not the case however, especially with games.
What MS does is OK for corporate setups. But to have the "Setup Wizard" create an Admin account for home users is not right at all -- the user will likely never reconfigure his/her account. See OS X for how this could be done in a much better way.
Slashdot Mirror
Acutally, Linux is barely holding steady in Server Marketshare, while Windows is increasing fast. Just recently, Microsoft broke 50% for new server shipments. For all the Linux hype, that's pretty impressive.
As of yet, there's little evidence that Linux Servers have really broken out of the "Unix Ghetto" -- Apache/Sendmail/Bind/Oracle and into the much larger file/print and office application markets.
As I remember it, every sensible commentator out there was saying that ActiveX was a dystopian disaster just waiting to happen.
The big issue at the time was that IE3 would automatically run ActiveX stuff without any prompt at all. That was fixed in IE4. People were also incorrectly comparing it to sandboxed Java Applets, when a better comparison was non-sandboxed Netscape Plugins.
Realistically, ActiveX has not been a huge security problem or a "dystopian disaster" (rolls eyes). ActiveX is just one of a thousand ways of doing social engineering hacks. IE's *real* security issues are in it's HTML renderer and shoddy Zone system.
It's time to drop ActiveX as a mindless Bash Microsoft point. Mozilla.org has ripped off the idea, and they've shown even the Anti-MS people that it can be useful and convienent.
The native code in HTAs is also located in "plugins" (COM objects), which are "arbitrarily on your computer". The question is what the security model is going to look like and will it work better than IE's.
I think you're confused:
New Plugin Archtecture --> New way of interfacing and running Flash etc.
ActiveDesktop or HTAs --> Local HTML pages can call Local Code, proprietary tags for enhanced functionality.
AFAICT, "Dashboard" seems to be just another take on Windows HTAs from 1997. (Although, the orange calculator was a sexier demo than most of Microsoft's stuff.)
The problem with IE's implementation is that the browser is easly confused between local and remote pages (using iframe tricks, etc). It will be interesting to see how Apple avoids this.
Yeah, my comment appeared right before the quick release of 0.92!
However, I'm still not totally sure what "stable long-lived branch" means in terms of security fixes, or if that has been adequately communicated to the IT folks here rolling out Mozilla to organizations.
Er, the word "FUD" might be a little strong, don't you think? This is the Mozilla people's argument of why they don't 'clone' IE -- it would be imperfect and would break or degrade Mozilla-oriented sites. It's not like Mozilla is a new browser anymore. I don't fully agree, but there's something to that.
I basically agree with you that Mozilla should be more IE-compatible, and that they were arrogant fools in the beginning by breaking backcompat with everything. Nowdays, they have lightened up a little, but they still seem all over the map. For some things they copy IE proprietary features, for others they seem to go out of their way to be intentionally incompatible. I'd just like to write code that never has to sniff the UA.
When Mozilla.org started, Netscape still had ~35% marketshare and thought they still had some weight to throw around. So they made some high-level decisions to not be compatible with either IE or Netscape 4. Things look a lot different when you have 2% marketshare instead of 35%
Now they're in a bind, because people have already coded sites based on the assumption that IE does X and Mozilla does Y. They can't become IE compatible without breaking stuff.
The worst thing is that Netscape/Mozilla sat out the dot com boom, when there was massive investment going into webdev. If you wanted "DHTML" or CSS functionality in 1998-2001, IE was pretty much the only game in town. So a lot of people unwittingly built non-W3C compliant sites and now don't have tons of developers sitting around to make things Mozilla-compatible.
(And Firefox's cookie management is pretty much identical to IE's, except IE is less spammy with the dialogs -- "Do you want to accept another cookie from shittysite.com? You already have 18 cookies." ARRG!)
Depends if you are talking about major sites or CSS/javascript-heavy nerd sites.
Windows-using corporate types have heard of IE and have heard of Macs, so they tend to write Mac/IE testing into their requirements. However, they haven't heard of "Safari", so it's not as likely to be written into the specs.
In fact, I bet that even most Mac users haven't heard of Safari, because it's only really availble on the latest OS X version, and half the installed base is still on OS 9 and below. If you want to reach the entire Mac installed base, you really have to test on both.
OK, the whole reason folks want to switch from IE is because Microsoft isn't providing timely patches. However, I'm not sure if Mozilla is either -- Mozilla seems to be a "work in progress", which means that potential security problems are fixed in the development branch, but that does not affect the release schedule. And Firefox is still in beta stages and probably isn't being patched at all.
I read somewhere there's a remote hole in Moz 1.6 and FireFox 0.8. However, the advisory page doesn't list them, and hasn't been updated since November, so I don't know what to believe.
Furthermore, some milestone releases aren't totally stable or may behave differently. It would be very difficult for a corporate deployment to follow Mozilla's release schedule, especially if they had to test intranet apps etc.
I know that Mozilla security is not a huge real world problem yet, but maybe someone can clarify what exactly Mozilla's security patch policy really is.
(Also, you'll have to prepare to uninstall and reinstall the whole browser because there isn't a patch procedure, but that probably could be scripted.)
the Windows Start menu that you mention as if Microsoft created it was ripped off almost entirely from the Apple menu from Mac OS
Not really, because the Apple Menu wasn't the place to "Start". It was supposed be only for little DA applets. (Some users manually configured it this way though.) If anything the Start Menu was a rip off of the Drawers in CDE etc.
And most lowskill users probably found the Start Menu easier to "start" with than Apple's blank desktop.
How does that work exactly? I've never seen used with HTML content.
This is true for the most part. However sometimes you want content to stay on the page without doing a reload (perhaps there's a long database query or something). In that case frames/iframes are pretty much your only choice.
Sounds like he's just describing reality -- many people have already moved to Flash, largely because DHTML has been such a trainwreck.
I have a feeling that Flash is going to be the VB of the 21st century. Which means it will be enormously popular for simple applications, even while getting bashed from all corners.
It's easy to turn this into a bash fest, but keep in mind that browser plugins are patented technology, and Microsoft is on the edge of losing a very large lawsuit for using them. It's a bogus patent, but it might hold up.
Why would Microsoft (and Opera and Mozilla) waste any time working on a standard if they can't legally use the technology?
Also, there's no technical reason a Windows-based browser couldn't support all ActiveX (IE) plugins, the same way all Windows-based word processors support COM enbeddding. And they could do a better job on the policy side than Microsoft. (And before someone responds with "ActiveX is insecure", tell yourself that all Internet Plugins are insecure.) Mozilla even has a ActiveX thingy, but it's not included with the Windows binaries, mostly for political reasons I guess.
Not quite VAX, but the large Unix setups I've seen relied heavily on X-Terminals and remote storage, and had no where near the freedom of your average Windows network. (For example, no root privs for the users.)
:) In one of these places, the entire managed Windows/Novell network client & servers were handled by 2 guys, while 2 more people did nothing but coddle executives. The nice thing about something like a Sun network is that it would just eliminates any possibility of stuff like this happening. But if IT can't politically stop them from running screensavers, how the hell are they going to force them to use Unix machines?
The four most expensive tech support incidents I recall from my IT Drone days were:
+ Compaq Presario + AOL for VP's 19 Year Old Girlfriend
+ Crappy Inkjet for VP
+ VP who kept installing "Grateful Dead Screensavers" causing DLL Hell with an internal application.
+ Nightmare consumer Sony laptop for VP
See what's in common?
And if you had put those links in your original post, rather than a bunch of nonsense about broadband IP addresses, you'd be at Score 5 and you wouldn't be so agitated right now.
I don't think you're a zealot, by-the-way, just poor at presenting your argument.
OK, I'm talking to a guy who will nitpick Google's 1% to death, but then thinks it's perfectly OK throw out a number like "2.5%" with no source whatsoever and then claim it's "generally accepted" (by whom?). See the problem with your argument?? Maybe, just maybe, that's why people think you are an irrational zealot.
Furthermore, the desktop/server difference could easily accomodate both numbers.
Sorry, I didn't realize I was talking to someone who would portray "Linux Counter" numbers as more legitimate than Google. Forget it.
> Unless the military is very unusual you'd need several times the number of MCSEs compared with unix admins
True, but much of that has to do with management philosophies than the actual OS. If you are running Windows, you are likely running a Personal Computer network, with all the freedom and costs involved. If you are running Unix, you are likely running a Host-Terminal network, where users are far more restricted.
I know a "Windows Guy" who the biggest Host-Terminal (Citrix) fanboy you'd ever meet. At the same time, I don't think we have enough data on support load of "Give the users KDE and let them do whatever the hell they want".
Back in the 80s we had this little bloody IT revolution where the Host-Terminal guys got thrown out and the PC guys took over the desktop. I don't think that's quite been resolved yet in most places.
Which sounds great, until you realize he's stupidly misrepresenting Netcraft, and the reality is that IIS installations likely grossly outnumber Apache installations.
Here's why: Windows 2000 brings up IIS by default, in a rather insecure configuration. No moder Linux/Unix OS that know of will bring up Apache without the admin taking action. Therefore, there's likely millions of unused or internal IIS installs ready and waiting to get wormed.
Conclusion: Microsoft made a horrific security decision, but the "Apache is more popular" numbers game argument is pure bullshit to anyone bothering to use their brain a little.
It seems logical that Google would associate OSes with individual IP addresses.
No web developer worth his paycheck uses IP addresses to track users. There's too many people (like all of AOL and nearly every corporate user) behind proxy servers. Google uses permenent cookies to track users, and they've got webserver logs. Unless you have a reference, I'm going to assume you pulled that from your ass.
As far as IIS is concerned, I'm not talking about its other capabilities,
Well, it doesn't really matter what you want to talk about -- when it comes to automated worms it's a pure numbers game. And IIS has tons of installations that don't show up in Netcraft. It seems you want to remain ignorant of that fact, because it undermines your argument.
(And yes, that has largely to do with stupid defaults, but also the fact that IIS is designed more for Intranet use than public servers.)
If you'd like to kill the "popularity" argument, you're going to have to do better than bogus statistics. A good example may be how 'Unix Hackers' picked on inexperenced Linux users back in the 1990s. Linux was relatively not that popular, but it had more than it's share of hack scripts.
I don't see how broadband makes a difference, but Google does not explain how they generate the stats.
I would think Linux would be over-represented on Google because (1) Smarter users use Google, dumb users use MSN because it's the default home page, and (2) Google started out marketing to Linux users during their "beta" period.
As for IIS -- Netcraft is not even half of the story. IIS is very commonly installed on intranet server, file servers, workstations, etc. It runs by default on every new Windows 2000 Server. IIS could well be more "popular" than Apache. Even if it isn't used, it's still can be worm infected.
Wrong. Go buy a license for 100 mail users, or 50 MSSQL user licenses. OUCH. Now compare Postgres/MySQL or Sendmail/Qmail/god-knows-what-free-email-servers
This has devolved down to a game of equal-and-opposite spin.
The Linux advocates will portray some world where where all Linux users are running Debian and MySQL for free, while all Microsoft users are paying for expensive licenses.
Microsoft portrays a world where Linux users are all using expensive IBM and Oracle software and RedHat support contracts.
Truth is, of course, somewhere in the middle. Lots of Windows users use MySQL and cheap/free mail servers. Most Corporate Linux users will be "paying their way" with supported distros and will very likely be using J2EE, commerical RDBMSes, and other pricey stuff on some systems.
Unless someone wants to start getting realistic about IT needs and scenarios, this is all just noise.
[An aside: Where's a free (stripped down) version of Visual Basic on Windows? Microsoft gives out free C#, VB.NET, and C++ compilers now.]
There is the "Do what I say, not what I do" angle -- if 100% of Microsoft's own applications ran under "User", there would be no bashing angle. That is not the case however, especially with games.
What MS does is OK for corporate setups. But to have the "Setup Wizard" create an Admin account for home users is not right at all -- the user will likely never reconfigure his/her account. See OS X for how this could be done in a much better way.