Guess it's too soon to make points that, if someone wants to kill other people, they can do it no matter what is legal or illegal?
Let's investigate that logic.
Since what works between individuals ought to work between states, then it's obvious that any country that wants to attack another country with nuclear weapons will do it whether or not they are legal or illegal, so let's abandon all international nuclear proliferation frameworks and hand out plutonium pellets in the UN lobby like candy.
Oops. Perhaps, after all, there is a difference between wanting to commit a crime and having the ready means available to do it efficiently?
Let's try that logic from the other side.
If someone wants to kill, they will do it with or without a gun, using a knife or a baseball bat. Therefore, it's obvious that guns are exactly as efficient killing weapons as baseball bats. Therefore therefore, anyone being attacked by a thug with a gun only needs to display a baseball bat and the thug will run. Therefore therefore therefore, nobody ever needs to buy any more guns. All gun stores can convert to sporting goods stores, and people will be exactly as safe as before. The firearms industry and large chunks of military defense contractors, can close down overnight, saving the US citizen and taxpayer millions of dollars.
Q.E.D.
Hope that helps! You can send me the cheque for solving the sequester crisis later.
So far as the Benghazi incident didn't prompt calls for immediate changes in domestic policy like Sandy Hook did, have you considered that might be because Benghazi isn't in the USA so there's fuck all changes to domestic policy that would be relevant to "preventing the next Benghazi"?
Of course, when it comes to foreign policy, it's possible that if the US military stopped trying to covertly smuggle arms through 'peaceful' embassies to Al-Qaeda-affilliated terrorist factions in Syria in direct contravention of the international antiterrorism treaties they themselves set up, then the other side might stop treating those 'diplomatic' bases as the illegal military bases they actually are.
But strangely the Republicans don't seem concerned about that Benghazi scandal.
My question was..."Who turns their computers off these days?
Anyone who doesn't want to be spied on 24/7?
The telescreen received and transmitted simultaneously. Any sound that Winston made, above the level of a very low whisper, would be picked up by it, moreover, so long as he remained within the field of vision which the metal plaque commanded, he could be seen as well as heard. There was of course no way of knowing whether you were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time. But at any rate they could plug in your wire whenever they wanted to. You had to live -- did live, from habit that became instinct -- in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized.
idiots who concatenated strings instead of using string builders, and similar abuses of common sense
Hmm. In many languages, string concatenation is simply string concatenation. Possibly a language which artificially creates two separate ways of handling strings - and not the user's "ignorance" of this baroque mechanism - is actually the thing which is violating common sense?
Ah yes, I'm definitely going to run a free binary "downloader" for Adobe and Oracle updates from a third-party website not affilliated with either Adobe or Oracle and with no apparent commercial reason to exist.
That is certainly 100% trustworthy behaviour which has absolutely no risk of infecting me with a virus!
(I don't care who Ninite are or if they are, in this case and for this moment, in fact legit. Nobody should be encouraging users to do this kind of thing.)
Value is what people give to things, not what things inherently have.
So modern economists claim. And yet, a litre of drinkable water is still a litre of drinkable water in every human civilisation from ancient Ur to the International Space Station, and has kept exactly the same intrinsic value to the human body over 10,000 years.
Does your economic model account for physical and biological reality? Because physics and biology don't care about economics.
In the late eighties and early nineties, academic software engineers were absolutely convinced OOP was the silver-bullet software development paradigm for all ills, since encapsulation (hiding methods) made code re-use practical. They also believed it was the end to all programming practices that inhibited re-use, particularly global variables.
The amusing thing is that code re-use between projects doesn't seem to have increased significantly due to OOP. We still have very tightly-bound, monolothic systems made up of multiple objects/components aggregated into large "platforms". Yes, people use a lot of prewritten platform code nowadays, but that's also the case with oldschool C-based libraries. Objects have mostly contributed a vague sort of hierarchical classification of APIs, but object classes don't ever quite equate to types due to inheritance, and there are very few actual guarantees you can make about an object class definition. At best you can say "it accepts these named/typed methods" but you can't guarantee what the effects of calling any of those methods will be.
One of the problems I have with OOP is that there is no generally-agreed fundamental definition of the exact semantics of an object. Because of that we have multiple deeply incompatible "object systems" which don't generally interoperate. The closest we have to a lingua franca on Windows is COM and that's not much. On Linux? Not even that. Compare to the situation with SQL databases - we have the relational algebra which at least defines what the mathematical semantics of a database *should* be (though this isn't ever quite implemented correctly). In objects, we don't have an algebra, so we're always at the mercy of platform implementors' changing code.
I'd like to see some serious thought about the effectiveness of the industry-wide OOP paradigm and just what the impact of it has been.
Your conception of security and its evolution on Windows NT is flawed. The NT family was designed from day one for multi user access and security.
The NT kernel and NTFS filesystem were originally designed for security, certainly.
Then they bolted on a subsystem called Win32 which was designed to run Windows 95 which was based DOS andFAT32, neither of which had security, and run all existing DOS applications without issues, and so it happily ignored pretty much all of NT's useful security features. Win32 is what defaulted everything to world-write for C:\ and gave Windows its abysmal security reputation. And Windows NT 4 "improved" speed by moving the display drivers into kernel space, violating the security policy in the process.
And everything was still okay for about three years after the launch of Windows 95, except this Internet thing appeared, so they quickly added a way of exposing a thin layer over raw binary COM interfaces into Internet Explorer and called it ActiveX and made it visible to the entire Internet. And embedded it into Microsoft Office and Outlook so that even hovering a mouse over a mail message in your intray could trigger automatic execution of untrusted native code with full user rights (which defaulted to root).
But technically, all this wide-open system was still "secure" because it was running on the secure NT kernel. It's just that, like the US nuclear arsenal in the 1960s, all the security codes were set to off to make things work faster.
But the Java problems were the result of defective implementation, not poor design of the underlying security model.
I think part of the problem is precisely that programmers (and platform designers) think in terms of security models at all. A model is an idealised design which someone can choose to follow, or not.
Security can not be a model. Security must be a law. It must be literally impossible for any code, anywhere in the system, whether third-party or OS code, to violate the security invariants. Period. Exclamation. Underline. Highlight. You should have a tiny, 100% mathematically provably audited security kernel, and the rest should be some kind of interpreted/compiled-on-demand bytecode. There should be no conceivable way for that bytecode to 'break out' of the interpretative sandbox in any possible alignment of universes. And that's perfectly doable, as long as language designers do their job and don't put in exceptions.
The irony is that that's exactly what Java clamed to be. Somehow, and I have no idea how, the implementors of Java decided that they wanted to violate their own security model in the implementation of their own system libraries by shipping native code interfaces (probably for speed), and the fact that this was even possible means that their security model was worth precisely nothing.
If you can't prove mathematically that your code is secure, it isn't. And if it isn't, then you have no business connecting it to an Internet of six billion highly motivated potential botnet zombies.
I would also have imagined that by now there are image decoding libraries which never, ever trust the contents of the file, which have limits-style protection for excessively large images, and the like.
That's what I imagined too, but it seems like all the professional working programmers who wrote industrial-strength image parsing libraries just didn't bother to do any security checking at all and took all sorts of unsafe shortcuts. And then were really surprised to find that their 100% bulletproof code had been exploited.
I suppose I shouldn't really be surprised, given the corruption and meltdowns going on in other 'industrial strength' fields like, say, mining, or global banking -- but I always used to think that programming was a world apart, that we lived in a more ethereal plane and were a bit smarter, less easily swayed by snake oil and more honest than the average corporate executive or politician.
Seems not! Internet security is our generation's disaster - we built it, we didn't bother to check our premises, we own it. Oops!
Very good point. Many, many programmers do not get how to operate IT competently.
Yes. And this is a problem.
It leads to the atrocities that are the Adobe and Apple installers, among other things. Apparently an "application developer" these days doesn't need to trouble himself* with how his priceless treasures actually interact with the operating system they will be installed on. Because that's, like, the IT grunt's job? And anyway isn't some file copies and maybe a few registry hacks just a small matter of scripting, and not really coding at all?
I'd like to dream that one day IT will be taught in computer science courses, with the same level of theoretical abstraction, and given the same kind of functional-programming toolsets that... well, haven't made it into mainstream "software engineering" either... but at least could get us all talking in the same room again. You know, like some lectures about how just tossing a bunch of files into a filesystem is sorta like coding in raw assembler in the 1960s where we had global variables for everything? And maybe couldn't there be a slightly smarter way of organising our lives so that we didn't....? And maybe how we could apply some of that "object oriented" and "functional" stuff that exists inside a running process, to the OS layer? At a slightly finer level of granularity than "spin up an emulated image of an entire server"? And maybe even the network infrastructure guys could have some kind of version control system for all the text config files for their DHCP servers and routers? Pretty please?
Well, not next year. But maybe by 2030?
* Theoretically that could be "herself", except that this level of arrogance/ignorance really does seem to be a uniquely male failure mode . Most females are smarter than to believe that they know everything about subjects they haven't learned.
Here's the problem with backups: You're still trusting software to not have bugs. If you have a tape library what prevents a bug in the library from overwriting the wrong tapes?
I can see you've worked backup shift operator before.:)
In my experience, tape backup software is just about the buggiest, cranky, least resilient piece of software I've had the displeasure of attempting to make half-work. There are so many ways an inventive tape jukebox can decide to fail (trying to backup an open database is a popular one). Pretty much if your backup completes at all, you can be sure it's because it didn't write what it was supposed to. If you're lucky it maybe wrote something to the log before it crashed!
Oh, and testing by restoring? Onto the live production server which doesn't have an identical hot-swap live backup? Or even the one that does, but is in full-time use by the development team? Good luck getting permission to try that just to see if the backup system is working.
Admittedly that was ten years ago. But I'm sure things have been fixed completely since then, just like security has.
You seem to be misunderstanding water...and gravity...
So-called "gravity" is a socialist myth. A vast invisible centrally-mandated field stretching across the galaxy, coercing otherwise herorically isolated atoms of matter to collide together and "cooperate" by force? Only hard-core Marxists could believe in such an economy-destroying fiction.
No, in the libertarian space utopia, every lifeform provides their own personal collection of photon and graviton particles, powered solely by their own sweat and gumption, and no particle interacts with any other except by mutual consent and with appropriate exchange of vector bosons at a rate determined by the free market.
There'd be no problems with waste disposal in such a society! Untreated fracking discharge would simply float off into space, in damp squelchy globules, until it met a species that could profit handsomely by digesting it. And in return they would spit out small ingots of gold bullion accelerated to roughly 0.99 lightspeed, which would form the basis of innovative interstellar financial and strategic warfare solutions.
Severe restrictions on industry by "concerned" people 100 years ago would have left us with, maybe, a cleaner environment, but 1980-level tech instead of 2013. Net effect: Magnitudes more deaths, not fewer.
Tell me about it. I remember the 1980s. Those were hard years, man. We had to scrape by with computers with cassette drives. And we had 64 kilobytes of memory and 2400 baud modems.
The horror still haunts me. If we'd only had iPads and Facebook, millions of young lives could have been saved!
>Can anyone that's an IT director please clarify the gap, skillset, and possible configuring a network so complicated as to solidify job security for said admins? Which costs more and can deliver the most value?
I'm not an IT director but as a Windows sysadmin who uses Linux for preference at home, there's still a huge gap in manageability for Linux. Linux has taken out some very small, specific niches, mostly in the server and mobile device space. But there's simply no Linux equivalent of Active Directory and Group Policy (there's Open Directory, which OSX uses, but there's a whole missing layer of policy control on top of that which isn't there).
I wish Windows had an equivalent of deb/rpm package management. MSI and SCCM are atrocities. But, like Apple but even more so, Linux desktops aren't even trying to play in the enterprise desktop space. If no other contestants bother to turn up, Microsoft wins the game by default.
Slashdot Mirror
Hey everyone, I'm an athiest!
A little bit athy, maybe. But I bet Christopher Hitchens is athier than you.
And, after those generations, we'd rid the world of the threat. They'd go the way of the Nazi or the Imperial Japanese.
Do you mean these Nazis?
Guess it's too soon to make points that, if someone wants to kill other people, they can do it no matter what is legal or illegal?
Let's investigate that logic.
Since what works between individuals ought to work between states, then it's obvious that any country that wants to attack another country with nuclear weapons will do it whether or not they are legal or illegal, so let's abandon all international nuclear proliferation frameworks and hand out plutonium pellets in the UN lobby like candy.
Oops. Perhaps, after all, there is a difference between wanting to commit a crime and having the ready means available to do it efficiently?
Let's try that logic from the other side.
If someone wants to kill, they will do it with or without a gun, using a knife or a baseball bat.
Therefore, it's obvious that guns are exactly as efficient killing weapons as baseball bats.
Therefore therefore, anyone being attacked by a thug with a gun only needs to display a baseball bat and the thug will run.
Therefore therefore therefore, nobody ever needs to buy any more guns. All gun stores can convert to sporting goods stores, and people will be exactly as safe as before. The firearms industry and large chunks of military defense contractors, can close down overnight, saving the US citizen and taxpayer millions of dollars.
Q.E.D.
Hope that helps! You can send me the cheque for solving the sequester crisis later.
So far as the Benghazi incident didn't prompt calls for immediate changes in domestic policy like Sandy Hook did, have you considered that might be because Benghazi isn't in the USA so there's fuck all changes to domestic policy that would be relevant to "preventing the next Benghazi"?
Of course, when it comes to foreign policy, it's possible that if the US military stopped trying to covertly smuggle arms through 'peaceful' embassies to Al-Qaeda-affilliated terrorist factions in Syria in direct contravention of the international antiterrorism treaties they themselves set up, then the other side might stop treating those 'diplomatic' bases as the illegal military bases they actually are.
But strangely the Republicans don't seem concerned about that Benghazi scandal.
My question was..."Who turns their computers off these days?
Anyone who doesn't want to be spied on 24/7?
The telescreen received and transmitted simultaneously. Any sound that Winston made, above the level of a very low whisper, would be picked up by it, moreover, so long as he remained within the field of vision which the metal plaque commanded, he could be seen as well as heard. There was of course no way of knowing whether you were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time. But at any rate they could plug in your wire whenever they wanted to. You had to live -- did live, from habit that became instinct -- in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized.
idiots who concatenated strings instead of using string builders, and similar abuses of common sense
Hmm. In many languages, string concatenation is simply string concatenation. Possibly a language which artificially creates two separate ways of handling strings - and not the user's "ignorance" of this baroque mechanism - is actually the thing which is violating common sense?
and this is why you should have the download from
Ah yes, I'm definitely going to run a free binary "downloader" for Adobe and Oracle updates from a third-party website not affilliated with either Adobe or Oracle and with no apparent commercial reason to exist.
That is certainly 100% trustworthy behaviour which has absolutely no risk of infecting me with a virus!
(I don't care who Ninite are or if they are, in this case and for this moment, in fact legit. Nobody should be encouraging users to do this kind of thing.)
Value is what people give to things, not what things inherently have.
So modern economists claim. And yet, a litre of drinkable water is still a litre of drinkable water in every human civilisation from ancient Ur to the International Space Station, and has kept exactly the same intrinsic value to the human body over 10,000 years.
Does your economic model account for physical and biological reality? Because physics and biology don't care about economics.
In the late eighties and early nineties, academic software engineers were absolutely convinced OOP was the silver-bullet software development paradigm for all ills, since encapsulation (hiding methods) made code re-use practical. They also believed it was the end to all programming practices that inhibited re-use, particularly global variables.
The amusing thing is that code re-use between projects doesn't seem to have increased significantly due to OOP. We still have very tightly-bound, monolothic systems made up of multiple objects/components aggregated into large "platforms". Yes, people use a lot of prewritten platform code nowadays, but that's also the case with oldschool C-based libraries. Objects have mostly contributed a vague sort of hierarchical classification of APIs, but object classes don't ever quite equate to types due to inheritance, and there are very few actual guarantees you can make about an object class definition. At best you can say "it accepts these named/typed methods" but you can't guarantee what the effects of calling any of those methods will be.
One of the problems I have with OOP is that there is no generally-agreed fundamental definition of the exact semantics of an object. Because of that we have multiple deeply incompatible "object systems" which don't generally interoperate. The closest we have to a lingua franca on Windows is COM and that's not much. On Linux? Not even that. Compare to the situation with SQL databases - we have the relational algebra which at least defines what the mathematical semantics of a database *should* be (though this isn't ever quite implemented correctly). In objects, we don't have an algebra, so we're always at the mercy of platform implementors' changing code.
I'd like to see some serious thought about the effectiveness of the industry-wide OOP paradigm and just what the impact of it has been.
What's more important is whether the architecture is fully open so the students can czech inside.
Your conception of security and its evolution on Windows NT is flawed. The NT family was designed from day one for multi user access and security.
The NT kernel and NTFS filesystem were originally designed for security, certainly.
Then they bolted on a subsystem called Win32 which was designed to run Windows 95 which was based DOS andFAT32, neither of which had security, and run all existing DOS applications without issues, and so it happily ignored pretty much all of NT's useful security features. Win32 is what defaulted everything to world-write for C:\ and gave Windows its abysmal security reputation. And Windows NT 4 "improved" speed by moving the display drivers into kernel space, violating the security policy in the process.
And everything was still okay for about three years after the launch of Windows 95, except this Internet thing appeared, so they quickly added a way of exposing a thin layer over raw binary COM interfaces into Internet Explorer and called it ActiveX and made it visible to the entire Internet. And embedded it into Microsoft Office and Outlook so that even hovering a mouse over a mail message in your intray could trigger automatic execution of untrusted native code with full user rights (which defaulted to root).
But technically, all this wide-open system was still "secure" because it was running on the secure NT kernel. It's just that, like the US nuclear arsenal in the 1960s, all the security codes were set to off to make things work faster.
The iPad was never meant to fulfill Alan Kaye's vision of the Dynabook.
The fact that the iPad 'was never meant to be' a Dynabook does not contradict the claim that the iPad is not a Dynabook.
What we should be asking is, do we want a Dynabook?
But the Java problems were the result of defective implementation, not poor design of the underlying security model.
I think part of the problem is precisely that programmers (and platform designers) think in terms of security models at all. A model is an idealised design which someone can choose to follow, or not.
Security can not be a model. Security must be a law. It must be literally impossible for any code, anywhere in the system, whether third-party or OS code, to violate the security invariants. Period. Exclamation. Underline. Highlight. You should have a tiny, 100% mathematically provably audited security kernel, and the rest should be some kind of interpreted/compiled-on-demand bytecode. There should be no conceivable way for that bytecode to 'break out' of the interpretative sandbox in any possible alignment of universes. And that's perfectly doable, as long as language designers do their job and don't put in exceptions.
The irony is that that's exactly what Java clamed to be. Somehow, and I have no idea how, the implementors of Java decided that they wanted to violate their own security model in the implementation of their own system libraries by shipping native code interfaces (probably for speed), and the fact that this was even possible means that their security model was worth precisely nothing.
If you can't prove mathematically that your code is secure, it isn't. And if it isn't, then you have no business connecting it to an Internet of six billion highly motivated potential botnet zombies.
I would also have imagined that by now there are image decoding libraries which never, ever trust the contents of the file, which have limits-style protection for excessively large images, and the like.
That's what I imagined too, but it seems like all the professional working programmers who wrote industrial-strength image parsing libraries just didn't bother to do any security checking at all and took all sorts of unsafe shortcuts. And then were really surprised to find that their 100% bulletproof code had been exploited.
I suppose I shouldn't really be surprised, given the corruption and meltdowns going on in other 'industrial strength' fields like, say, mining, or global banking -- but I always used to think that programming was a world apart, that we lived in a more ethereal plane and were a bit smarter, less easily swayed by snake oil and more honest than the average corporate executive or politician.
Seems not! Internet security is our generation's disaster - we built it, we didn't bother to check our premises, we own it. Oops!
Do not innovate. It is guaranteed to not be secure.
Very much so. That's the depressing reality of the Internet in 2013.
Things might be different if we had languages and platforms which didn't actively conspire against us.
Who cares about the theory as long as it works? Macro economics is not based on good theory anyway.
Yeah, it's time we at least upgraded to a compiled economics, if not a threading p-code interpreter.
Very good point. Many, many programmers do not get how to operate IT competently.
Yes. And this is a problem.
It leads to the atrocities that are the Adobe and Apple installers, among other things. Apparently an "application developer" these days doesn't need to trouble himself* with how his priceless treasures actually interact with the operating system they will be installed on. Because that's, like, the IT grunt's job? And anyway isn't some file copies and maybe a few registry hacks just a small matter of scripting, and not really coding at all?
I'd like to dream that one day IT will be taught in computer science courses, with the same level of theoretical abstraction, and given the same kind of functional-programming toolsets that... well, haven't made it into mainstream "software engineering" either... but at least could get us all talking in the same room again. You know, like some lectures about how just tossing a bunch of files into a filesystem is sorta like coding in raw assembler in the 1960s where we had global variables for everything? And maybe couldn't there be a slightly smarter way of organising our lives so that we didn't....? And maybe how we could apply some of that "object oriented" and "functional" stuff that exists inside a running process, to the OS layer? At a slightly finer level of granularity than "spin up an emulated image of an entire server"? And maybe even the network infrastructure guys could have some kind of version control system for all the text config files for their DHCP servers and routers? Pretty please?
Well, not next year. But maybe by 2030?
* Theoretically that could be "herself", except that this level of arrogance/ignorance really does seem to be a uniquely male failure mode . Most females are smarter than to believe that they know everything about subjects they haven't learned.
you ALWAYS have incremental backups on MULTIPLE MEDIUMS.
Preferably one who specialises in Atlantean wizard-kings and another who does Egyptian or Indian priestesses.
And several dozen offsite Sir Arthur Conan Doyles, if you want a belts-and-braces approach.
Here's the problem with backups: You're still trusting software to not have bugs. If you have a tape library what prevents a bug in the library from overwriting the wrong tapes?
I can see you've worked backup shift operator before. :)
In my experience, tape backup software is just about the buggiest, cranky, least resilient piece of software I've had the displeasure of attempting to make half-work. There are so many ways an inventive tape jukebox can decide to fail (trying to backup an open database is a popular one). Pretty much if your backup completes at all, you can be sure it's because it didn't write what it was supposed to. If you're lucky it maybe wrote something to the log before it crashed!
Oh, and testing by restoring? Onto the live production server which doesn't have an identical hot-swap live backup? Or even the one that does, but is in full-time use by the development team? Good luck getting permission to try that just to see if the backup system is working.
Admittedly that was ten years ago. But I'm sure things have been fixed completely since then, just like security has.
If war was more horrible people would do more to prevent it.
Yes, that strategy worked so well in preventing the Sequester, I am sure it would also work for preventing wars between nation-states.
You seem to be misunderstanding water...and gravity...
So-called "gravity" is a socialist myth. A vast invisible centrally-mandated field stretching across the galaxy, coercing otherwise herorically isolated atoms of matter to collide together and "cooperate" by force? Only hard-core Marxists could believe in such an economy-destroying fiction.
No, in the libertarian space utopia, every lifeform provides their own personal collection of photon and graviton particles, powered solely by their own sweat and gumption, and no particle interacts with any other except by mutual consent and with appropriate exchange of vector bosons at a rate determined by the free market.
There'd be no problems with waste disposal in such a society! Untreated fracking discharge would simply float off into space, in damp squelchy globules, until it met a species that could profit handsomely by digesting it. And in return they would spit out small ingots of gold bullion accelerated to roughly 0.99 lightspeed, which would form the basis of innovative interstellar financial and strategic warfare solutions.
Sounds reasonable to me.
Theoretically, we could make fossil fuel usage sustainable. We just have to figure out how to make more fossils.
Severe restrictions on industry by "concerned" people 100 years ago would have left us with, maybe, a cleaner environment, but 1980-level tech instead of 2013. Net effect: Magnitudes more deaths, not fewer.
Tell me about it. I remember the 1980s. Those were hard years, man. We had to scrape by with computers with cassette drives. And we had 64 kilobytes of memory and 2400 baud modems.
The horror still haunts me. If we'd only had iPads and Facebook, millions of young lives could have been saved!
You are probably the type of person who thinks only LEO should have guns too.
No, Low Earth Orbit should have lasers, not slugthrowers.
>Can anyone that's an IT director please clarify the gap, skillset, and possible configuring a network so complicated as to solidify job security for said admins? Which costs more and can deliver the most value?
I'm not an IT director but as a Windows sysadmin who uses Linux for preference at home, there's still a huge gap in manageability for Linux. Linux has taken out some very small, specific niches, mostly in the server and mobile device space. But there's simply no Linux equivalent of Active Directory and Group Policy (there's Open Directory, which OSX uses, but there's a whole missing layer of policy control on top of that which isn't there).
I wish Windows had an equivalent of deb/rpm package management. MSI and SCCM are atrocities. But, like Apple but even more so, Linux desktops aren't even trying to play in the enterprise desktop space. If no other contestants bother to turn up, Microsoft wins the game by default.