As a former Sun employee and a huge linux fan/user/admin, Solaris is a pain IF you learned on Linux. Linux is a pain if you learned on Solaris. The learning curve for some people might be higher in this department and going from windows to a unice because they get flustered about where "it should be" or how "it should work" and have a different level of expectation.
All that being said... they are about the same. Redhat doesnt suffer from RPM hell if you stick to the normal packages or repo's. Get kinda screwy and start using obscure cruft and you will have dependancy hell. Of course doing the same thing on Solaris leads to the same problem, but more complicated since you will probably need to compile the stuff, and not everything plays well with solaris.
If uptime or stability are an issue, go with solaris. If features or support are the issue (support/management via rhn is sweet) go with redhat.
My 10 years experience tells me the same thing with a notable exception.
When dealing with HR do anything and everything you can to get past them and to the technical people. If you can actually get a real sit down tech interview then you should be golden.
We live in the western world and a good portion of science has been created in the western world. The major religion in the western world ? Christianity.
Its not on him to bash religions that have nothing to do with his post. The fact is that the catholic church has always been anti-science. Hell just look at some of the crap the church and its minions are pulling now.
Obviously. I have never seen flowers from south america shipped overnight. Though I am not a flower person.
Look at the cost of shipping something from south america to a non major metro area in the US. Then compare shipping it from a major metro US city to a non major metro area in the US. The cost difference is astounding.
Yeah, but it would most likely take extra time to be inspected at customs, then there is the issue of having a fleet of planes going 24x7 and the fuel costs etc etc.
Some things are still cheaper to handle locally.
If I mail a DVD to netflix on monday I get a new DVD wensday. Try having that turnaround time when using an out of state facility, let alone an out of country one.
I never said that people should get a job just because they work on OSS projects. I said that it surprised me that HE didnt get offers from redhat or novell. Like him or not he has contributed a good deal and has the ability to "get the job done".
There is a major dearth of talented people in the IT field, the pool of talent is even shallower on the OSS side of the fence.
Based on your statements you must not know much about his work. If you did you would know that he did indeed have many useful things to contribute to either (or many other) companies. Weather or note he wanted to work for them is a question best directed to him.
Well the owners make a ton. The players and their agents make a ton. So do the coaches.
What they actually DO with that money is another matter all-together. The fact that the minimum wage in the nba is 400k/year speaks volumes. IIRC the average career is 4+ years. 1.6 Million. Failure ? You would have to work almost your entire life to acheive that (32 years at 50k).
College is a huge roll of the dice. The people in college like to hype it up because they enjoy it. Problem is college isnt supposed to be about itself, its supposed to produce great minds. With the exception of the MIT's and Berkeley's of the world the university system is a joke when it comes to most technical studies.
Many people enjoy learning. Many people enjoy doing. Why is it that people feel the need to force their opinions onto others. There is no right or wrong answer here. The truth of the matter is that everyone learns in a different way.
I can't believe that redhat or novell or some other OSS friendly company didnt offer him a job.
I hope you do not suffer the same fate. Speaking as an unemployed (laid off) systems admin I know how hard it can be. Living comes in at a higher priority than opinion.
Good luck to us all. The corporate machine is making is very hard (expensive) to be principled.
No, to be more correct it does what YOU want, not what *I* want. What I want is to be assured that I can make things work how I want when I want. Not be fucked in the ass everytime an update comes out that breaks XYZ function or application.
I dont care what joe user can or cannot do. Joe driver cant change a tire, doesnt mean I can't. It also doesnt mean I shouldnt be able to. Using your logic nothing should ever be setup for people who are not "joe user".
"free? Since OS X comes with your Mac, it's essentially free. Even if it didn't, if you were doing Real Work, you'd realize that $150-200 for an OS is essentially free."
Really ? Last I checked the updated version costed money. Then there is that whole vendor forced update thing. Regardless of what YOU are capable of I can use Linux and all of the open source software work with some effort regardless of version dependancies. Thats where the freedom part comes in. Try telling Apple that you dont think you should have to buy a new version of XYZ app just because they felt the need to break the functionality of that app with an update, an update that they require you to have (for support, or new applications) going forward.
"If my key expertise is developing applications, or graphic work, or music or scientific simulations, why should I have to screw with the OS? I want it to just work."
Who the fuck are you to deem what is "real work" and whats not ? Only asshole artists are doing "real work". Get a grip. A desktop is a desktop is a desktop. I dont give two flying fiddlesticks if you are editing home made porn or the new pepsi commercial. Yeah it should "just work". Guess what - Linux does "just work". The major problem being that the thing you are comparing it to comes preinstalled on a box that has hardly any variation to it at all. Now tell me if your system is similar to the sparc box I have sitting on my desk and you will have the answer to why Linux needs to be configured after the install.
"I don't see you monkeying around with your CPU if there's a bug with it...do you reflash your car's ECU if you think there's a problem?"
The first part of that analogy is fucking dumb. Do you have a high grade chip factory in your house ? Was this CPU in question built to be repaired, or would it be a "throw away" like most PC parts ? To answer the second part of your question; Some people do that and much much more to their cars. Its their choice. Telling them to go out and buy a white camry and do nothing with it because you like the crowd that drives white camry's and think that they are awesome is... dumb.
Diversity exsists for a reason. Sure from a management standpoint a monoculture is easier to deal with, of course most managers are dumbasses. What you dont realize is that Linux is not even close to the same market as OSX. Hell Windows is closer to either than they are to each other.
Yeah some of the major companies involved in Linux are emulating windows in many ways. Now tell me what on winows looks like enlightenment or fluxbox. Tell me who had tabbed browsing first ? Who was stable first ? The reality is that not much is revolutionary these days because the majority of this stuff is all about $$$. Tell me what was so revolutionary about OSX ? The majority of the OS and some of its top layer stuff was copied from elsewhere.
All that being said, OSX is a nice product and it fits its market very well. I take about 15 minutes to get the average Linux install to where I want it. In order to do that with OSX it would take longer and cost an assload more (software AND hardware). Hell find me a brand new G4 motherboard from a known dealer that wont assrape me. Fact is there are not a lot of spare apple parts floating around and apple likes it that way. I on the other hand do not. It allows them to drive prices up.
"That hypocrite you smelled? I think I know who it is. Half the time you're complaining that there's a constant stream of updates from MS for Windows (and then try to add in third party updates to your complaints), then you complain that you have to wait months for the SP. Which, precisely, is your stance?"
Perhaps you should learn to read. I never said they bundled *ALL* of their updates. The fact of the matter is that they release a ton of updates and they would release a ton more if they didnt bundle a large portion into SP's or blatantly ignore the problem, which they also do.
"Machines have a three to four year life cycle. They're thrown out long before they need to be defragged. And, that's not an OS limitation, that's because you can typically only get hardware support for three or four years. "
I completely disagree with that statement. If we are talking an ever-expanding enterprise, okay I could see that. The average business ? Hell no. Try more like 5-7 years, longer if its just an intel based system and not a proprietary system (ie sparc, alpha etc etc) because you can usually find parts from vendors and distributors for many many years after the official support cycle ends.
As far as defrag... I admit I am not a windows wiz. However so far the vast majority of people who have posted in response to anything I have said in this article sound like their unix experience was limited to one failed install a few years ago, or one broken dirt old non-portable app. So we are on level footing. Nobody has given me a single reason to improve my opinion of windows. Its still far to bloated and unintuitive IMHO without even getting into the security and price issues.
Perhaps the reason windows gets such a bad rap is because of all the paper admins that are out there for that platform. Or perhaps its because windows has repeatedly failed in many instances and microsoft itself is a wretched greed mongering corporation. All of this contributes to the seeds of doubt that many of us have when dealing with "that other OS". I'll be honest with my bias I hate that damn operating system because it has been built from the bottom up for the stupid user. Not an administrator. Not a geek. Not even for the networked age (although they have improved by leaps and bounds in this area). I dont want warning windows when I try to do something the OS doesnt like. I dont want a GUI on a server, remote or not. I dont want a web browser installed on a server. I dont want clippy. I want the freedom to do what I want with the machines I am in charge of, not for some dipshit in a cubicle to deciede "we should bundle this" and force me into doing things that are not in my or my companies best interests.
I would also like to know how you go a year without rebooting a server when so many of microsofts updates require a reboot. I dont care how secure you are, avoiding an update is a bad practice,
If you are including updates for unused programs that were installed because of admin error or were not installed at all in the list of "unix updates" then we are going to include all possible installed software for windows and its updates as well. Oranges to Oranges. You wanna go core OS to core OS thats fine. Just because software is free and is included as an install option does not make it part of the operating system, part of the distribution/flavor sure, but if I install abobe and macromedia ad naseum on windows then those programs updates are included in the list. Period.
When you compare the core operating systems Windows has just as many holes as Unix/Linux. Which is astounding to me since its closed source (you cannot hunt for bugs in the simplest way) and has been around longer and in wider use than Linux. Add in the extra apps and libraries and you are still just about even. Now grade those holes according to ease of exploit and automation. This is where Linux/Unix takes a clear lead. The vast majority of Linux/Unix holes are "local". Even more are completely unproven or just "potential" holes.
Also a former employee here. I dont think mcnealy is the problem. Its the people between mcnealy and the talent. People like schwartz (who has to be the biggest fucking ass ever).
A lot of people think Sun will get bought out, the name and talent alone are worth the going rate these days. Buy sun, fire all of management and essentially absorb the engineering and service departments.
I disagree notably on the point about it not being an obvious replacement for end users. Most people dont game. The average user surfs the web, read email (more often via webmail than not) watches some porn and maybe uses aim. Linux does all of these things with less overhead and less risk than windows.
Also of equal importance to the amount of attacks and the percieved severity of attacks is the ease of the exploit. Most windows exploits are simple exploits that can be automated. Most Unix exploits are not so simple, and more often than not require a user account in order to exploit the hole. Some even exploit rarely used libraries and programs that *might* have been installed. Hell you start including all of the exploits for possibly installed windows software and see where you end up. Linux shouldnt be penalized for allowing the user massive flexibility with regards to software/package selection at install time.
Just looking over those lists two things stick out:
1. All of the mozilla/firefox exploits that are listed under Linux. Not under windows. Even though at this point more people use Firefox on windows than on Linux.
2. All of the extra exploits listed under linux because of some percived connection. The firefox example applies here. But why does an exploit on SGI altix count against linux ? Your faulting linux for being portable. How about lukemftpd. I dont know what distro uses that by default, I have not seen it, yet its listed. As is nasm an assembler compiler that works on many platforms including windows. Yet its only listed for linux. Either because its not an option in windows at install time, or because its not microsoft. If its the former fine I can deal with that since its the price you pay for being flexible. If its the latter (just as if not more likely) then the Linux list should be broken down into catagories of distrobution base. (ie redhat based, debain based, etc etc)
Well on a normal barebones install there isnt much to be running. Of course I classify barebones as 'minimal' so if you go through and load it up then that is different. However the default fedora core install also gives you an option for trusted devices and firewall security.
"Solaris is probably as bad as RedHat in cruft that needs to be cleaned."
I used to work for sun. Its worse. Redhat at least has made leaps and bounds worth of improvements since they switched to the fedora/community method.
"I have never, in my twelve years of Windows experience, ever gotten a virus, nor gotten spyware."
Which is directly tied to your being a decent windows admin and using firefox. Funny thing is that I have none of these issues and I can use whatever one of the 7 or 8 web browsers regularly available on linux without needing to be paranoid about what sites and/or content I use. There shouldnt need to be this much effort needed to be safe. Period.
Just so we are clear you also shouldnt need to put in any effort after the install to lock down a system, it should be that way by default.
These are windows problems. Most every linux distro these days comes with SSH or nothing enabled by default unless you tell it to enable something. Some even have insane firewall policies by default. Windows ? It still acts like a $2 whore.
"my home Windows XP machine never (and I mean never) crashes nor gives me any trouble. Its 100% reliable, never gets virus's, never gets spyware on it, and everything just works."
Well either you are full of shit, or you have some neato magic powers. Its also quite possible that you reboot frequently which would of course go against what I have been saying all along.
AD is like most things MS a good idea and a bad implemenatation. That however is neither here nor there.
Exchange is a nice product in small doses. Try running an entire enterprise's mail through an exchange server. eek. Boom. (in that order).
I have not used 2003 at all, but XP wasnt so hot untill the second massive update ('service pack'). Matter of fact thats one of my biggest issues with microsoft. The way they handle updates. Every other update has to be installed solo, almost every update requires a reboot and they hold back updates to included them in "service packs". To often for my taste they take forever to update holes.
We agree. My entire point was not to let him off the hook for wasting time, it was to point out that MS could easily have saved him and many many others that time by including something that has been standard in most operating systems for years.
No pal. The entire point of this post was to point out how much of a piece of rancid shit windows is. The fact that you have to come up with this convoluted solution to an ass-simple fucking problem just proves that point.
Why be able to configure things at install when you can just install an extra piece of software and keep copies of everything on DVD and reinstall said software after the problem and restore from DVD.
Installing from scratch on the average box using an average linux distro takes all of 20 minutes these days. How about windows ? I know installing 2k and XP used to take a hell of a lot longer than that, and they didnt even give you any real config options.
"Sure. It's a suboptimal solution"
You got it right there.
"but it's good enough to do what you describe and save a bunch of time, and it's certainly better than configuring everything from scratch."
Thats the point. You shouldnt have to start from scratch or use some POS third party solution.
"There's no reason not to use open source software just because you're using Windows."
No there isnt, but its not a common practise either, and that was my point.
First and foremost, the amount of updates for windows far far FAR exceeds the amount for any Unix I have ever dealt with. While we are at it let me clue you into something: just because most apps are included within the base install of a unice doesnt mean you get to exclude the updates coming from third parties on that windows box.
Also of importance is that microsoft tries to bundle their updates into Service Packs, leaving its customers out to dry for months on end in some cases. Because "convinence" should always be paramount to security.
"Which leads to the question then of "why run Unix?"
Because you dont have to wait 3 years for SP2 to come out in order to have a stable platform. Because you dont have to spend hours dealing with virus's. Because one unix admin can handle far more boxes than his windows counterpart. Because that MCSE you put so much faith in is worth about as much as toilet paper to anybody with a lick of sense (this obviously doesnt include the HR nitwit who hired you). Because a properly secured nix box can run for YEARS without being rebooted and without service loss.
Securing any OS is equally easy. On a properly maintained network you really have no reason to do frequent updates because its virtually impossible to access a machine that is exposed to XYZ hole.
"when the machine was running which was relatively rare, we could get 300 simulataneous users. Not a typo, only 300 users. We switched the app server over to Windows/IIS on relatively comparable hardware and now we can accomodate approximately 5000 users. That's the thing about anecdotes, for every one you have, someone has one that's exactly the opposite."
Really. That might have more to do with you not knowing solaris or the hardware failing than anything else. Of course you knew that already. Of course the fun part about my anecdote is that the company in questions IT department was run by a bunch of MCSE's who needed fun little point-n-click interfaces for everything and said the HP server in question couldnt run linux (it could) because none of them knew linux they lied. Six months later this scenario was repeated under a new CTO... half the IT staff was let go and replaced with new staff that knew linux, installed the solution without a hiccup.
"This is probably the most interesting statement you made, as it's so untrue."
If something is built for XP I wouldnt give two hot damns about it being able to work on XP. If its built for XP, make it work on 3.1. I dare ya. Hence the need to upgrade. This isnt even obscure random crap, this is the core stuff. Sure old stuff runs on the newer OS's, but what freakin good is that ? I could see far more uses for running a new app on an old OS than an old app on a new OS, but of course thats because I am not a member of MSDN.
Oh and just out of curiosity, when exactly are things "just working" in the windows world ? Is that the five minutes before or after all the updates, defragging, anti-virusing, anti-malwaring and constant reboots ? Cause if things are "just working" somebody might want to let all the symantecs of the world that the myriad of products they put out to fix microsofts constant fuckups are wholly un-needed.
Slashdot Mirror
As a former Sun employee and a huge linux fan/user/admin, Solaris is a pain IF you learned on Linux. Linux is a pain if you learned on Solaris. The learning curve for some people might be higher in this department and going from windows to a unice because they get flustered about where "it should be" or how "it should work" and have a different level of expectation.
... they are about the same. Redhat doesnt suffer from RPM hell if you stick to the normal packages or repo's. Get kinda screwy and start using obscure cruft and you will have dependancy hell. Of course doing the same thing on Solaris leads to the same problem, but more complicated since you will probably need to compile the stuff, and not everything plays well with solaris.
All that being said
If uptime or stability are an issue, go with solaris. If features or support are the issue (support/management via rhn is sweet) go with redhat.
No it wasnt. Although you go back a bit farther than me I remember those days myself.
Of course back then usenet or some really good personal realationships with other admins went a long long way.
Yeah, it makes you want to master cluebat-fu.
Windows most certainly has some of the most goofy problems I have ever seen, and I hardly use it.
My 10 years experience tells me the same thing with a notable exception.
When dealing with HR do anything and everything you can to get past them and to the technical people. If you can actually get a real sit down tech interview then you should be golden.
Two words:
Google.
Safari.
If you know how to maximize them and you can do IT in general you are all set.
Or just dumping it onto the net in plain text or non-encrypted traffic. Which is where a large portion of identity theft comes from.
The average person has no security on their home PC.
More like leaving the door open. A closed locked door would be the smart way to go.
Walking past somebodies house while their blinds are open and stoping to watch is not a crime. Walking into the house is.
You also have the responsibility to put forth an effort to protect your privacy.
Have sex with a woman in a parked car on some random street. Anyone can stop and watch and they are doing nothing wrong.
We live in the western world and a good portion of science has been created in the western world. The major religion in the western world ? Christianity.
Its not on him to bash religions that have nothing to do with his post. The fact is that the catholic church has always been anti-science. Hell just look at some of the crap the church and its minions are pulling now.
Obviously. I have never seen flowers from south america shipped overnight. Though I am not a flower person.
Look at the cost of shipping something from south america to a non major metro area in the US. Then compare shipping it from a major metro US city to a non major metro area in the US. The cost difference is astounding.
Yeah, but it would most likely take extra time to be inspected at customs, then there is the issue of having a fleet of planes going 24x7 and the fuel costs etc etc.
Some things are still cheaper to handle locally.
If I mail a DVD to netflix on monday I get a new DVD wensday. Try having that turnaround time when using an out of state facility, let alone an out of country one.
I never said that people should get a job just because they work on OSS projects. I said that it surprised me that HE didnt get offers from redhat or novell. Like him or not he has contributed a good deal and has the ability to "get the job done".
There is a major dearth of talented people in the IT field, the pool of talent is even shallower on the OSS side of the fence.
Based on your statements you must not know much about his work. If you did you would know that he did indeed have many useful things to contribute to either (or many other) companies. Weather or note he wanted to work for them is a question best directed to him.
Well the owners make a ton. The players and their agents make a ton. So do the coaches.
What they actually DO with that money is another matter all-together. The fact that the minimum wage in the nba is 400k/year speaks volumes. IIRC the average career is 4+ years. 1.6 Million. Failure ? You would have to work almost your entire life to acheive that (32 years at 50k).
College is a huge roll of the dice. The people in college like to hype it up because they enjoy it. Problem is college isnt supposed to be about itself, its supposed to produce great minds. With the exception of the MIT's and Berkeley's of the world the university system is a joke when it comes to most technical studies.
Many people enjoy learning. Many people enjoy doing. Why is it that people feel the need to force their opinions onto others. There is no right or wrong answer here. The truth of the matter is that everyone learns in a different way.
I can't believe that redhat or novell or some other OSS friendly company didnt offer him a job.
I hope you do not suffer the same fate. Speaking as an unemployed (laid off) systems admin I know how hard it can be. Living comes in at a higher priority than opinion.
Good luck to us all. The corporate machine is making is very hard (expensive) to be principled.
"does what you want"
... dumb.
No, to be more correct it does what YOU want, not what *I* want. What I want is to be assured that I can make things work how I want when I want. Not be fucked in the ass everytime an update comes out that breaks XYZ function or application.
I dont care what joe user can or cannot do. Joe driver cant change a tire, doesnt mean I can't. It also doesnt mean I shouldnt be able to. Using your logic nothing should ever be setup for people who are not "joe user".
"free? Since OS X comes with your Mac, it's essentially free. Even if it didn't, if you were doing Real Work, you'd realize that $150-200 for an OS is essentially free."
Really ? Last I checked the updated version costed money. Then there is that whole vendor forced update thing. Regardless of what YOU are capable of I can use Linux and all of the open source software work with some effort regardless of version dependancies. Thats where the freedom part comes in. Try telling Apple that you dont think you should have to buy a new version of XYZ app just because they felt the need to break the functionality of that app with an update, an update that they require you to have (for support, or new applications) going forward.
"If my key expertise is developing applications, or graphic work, or music or scientific simulations, why should I have to screw with the OS? I want it to just work."
Who the fuck are you to deem what is "real work" and whats not ? Only asshole artists are doing "real work". Get a grip. A desktop is a desktop is a desktop. I dont give two flying fiddlesticks if you are editing home made porn or the new pepsi commercial. Yeah it should "just work". Guess what - Linux does "just work". The major problem being that the thing you are comparing it to comes preinstalled on a box that has hardly any variation to it at all. Now tell me if your system is similar to the sparc box I have sitting on my desk and you will have the answer to why Linux needs to be configured after the install.
"I don't see you monkeying around with your CPU if there's a bug with it...do you reflash your car's ECU if you think there's a problem?"
The first part of that analogy is fucking dumb. Do you have a high grade chip factory in your house ? Was this CPU in question built to be repaired, or would it be a "throw away" like most PC parts ? To answer the second part of your question; Some people do that and much much more to their cars. Its their choice. Telling them to go out and buy a white camry and do nothing with it because you like the crowd that drives white camry's and think that they are awesome is
Diversity exsists for a reason. Sure from a management standpoint a monoculture is easier to deal with, of course most managers are dumbasses. What you dont realize is that Linux is not even close to the same market as OSX. Hell Windows is closer to either than they are to each other.
Yeah some of the major companies involved in Linux are emulating windows in many ways. Now tell me what on winows looks like enlightenment or fluxbox. Tell me who had tabbed browsing first ? Who was stable first ? The reality is that not much is revolutionary these days because the majority of this stuff is all about $$$. Tell me what was so revolutionary about OSX ? The majority of the OS and some of its top layer stuff was copied from elsewhere.
All that being said, OSX is a nice product and it fits its market very well. I take about 15 minutes to get the average Linux install to where I want it. In order to do that with OSX it would take longer and cost an assload more (software AND hardware). Hell find me a brand new G4 motherboard from a known dealer that wont assrape me. Fact is there are not a lot of spare apple parts floating around and apple likes it that way. I on the other hand do not. It allows them to drive prices up.
"That hypocrite you smelled? I think I know who it is. Half the time you're complaining that there's a constant stream of updates from MS for Windows (and then try to add in third party updates to your complaints), then you complain that you have to wait months for the SP. Which, precisely, is your stance?"
... I admit I am not a windows wiz. However so far the vast majority of people who have posted in response to anything I have said in this article sound like their unix experience was limited to one failed install a few years ago, or one broken dirt old non-portable app. So we are on level footing. Nobody has given me a single reason to improve my opinion of windows. Its still far to bloated and unintuitive IMHO without even getting into the security and price issues.
Perhaps you should learn to read. I never said they bundled *ALL* of their updates. The fact of the matter is that they release a ton of updates and they would release a ton more if they didnt bundle a large portion into SP's or blatantly ignore the problem, which they also do.
"Machines have a three to four year life cycle. They're thrown out long before they need to be defragged. And, that's not an OS limitation, that's because you can typically only get hardware support for three or four years. "
I completely disagree with that statement. If we are talking an ever-expanding enterprise, okay I could see that. The average business ? Hell no. Try more like 5-7 years, longer if its just an intel based system and not a proprietary system (ie sparc, alpha etc etc) because you can usually find parts from vendors and distributors for many many years after the official support cycle ends.
As far as defrag
Perhaps the reason windows gets such a bad rap is because of all the paper admins that are out there for that platform. Or perhaps its because windows has repeatedly failed in many instances and microsoft itself is a wretched greed mongering corporation. All of this contributes to the seeds of doubt that many of us have when dealing with "that other OS". I'll be honest with my bias I hate that damn operating system because it has been built from the bottom up for the stupid user. Not an administrator. Not a geek. Not even for the networked age (although they have improved by leaps and bounds in this area). I dont want warning windows when I try to do something the OS doesnt like. I dont want a GUI on a server, remote or not. I dont want a web browser installed on a server. I dont want clippy. I want the freedom to do what I want with the machines I am in charge of, not for some dipshit in a cubicle to deciede "we should bundle this" and force me into doing things that are not in my or my companies best interests.
I would also like to know how you go a year without rebooting a server when so many of microsofts updates require a reboot. I dont care how secure you are, avoiding an update is a bad practice,
If you are including updates for unused programs that were installed because of admin error or were not installed at all in the list of "unix updates" then we are going to include all possible installed software for windows and its updates as well. Oranges to Oranges. You wanna go core OS to core OS thats fine. Just because software is free and is included as an install option does not make it part of the operating system, part of the distribution/flavor sure, but if I install abobe and macromedia ad naseum on windows then those programs updates are included in the list. Period.
When you compare the core operating systems Windows has just as many holes as Unix/Linux. Which is astounding to me since its closed source (you cannot hunt for bugs in the simplest way) and has been around longer and in wider use than Linux. Add in the extra apps and libraries and you are still just about even. Now grade those holes according to ease of exploit and automation. This is where Linux/Unix takes a clear lead. The vast majority of Linux/Unix holes are "local". Even more are completely unproven or just "potential" holes.
Also a former employee here. I dont think mcnealy is the problem. Its the people between mcnealy and the talent. People like schwartz (who has to be the biggest fucking ass ever).
A lot of people think Sun will get bought out, the name and talent alone are worth the going rate these days. Buy sun, fire all of management and essentially absorb the engineering and service departments.
I disagree notably on the point about it not being an obvious replacement for end users. Most people dont game. The average user surfs the web, read email (more often via webmail than not) watches some porn and maybe uses aim. Linux does all of these things with less overhead and less risk than windows.
Also of equal importance to the amount of attacks and the percieved severity of attacks is the ease of the exploit. Most windows exploits are simple exploits that can be automated. Most Unix exploits are not so simple, and more often than not require a user account in order to exploit the hole. Some even exploit rarely used libraries and programs that *might* have been installed. Hell you start including all of the exploits for possibly installed windows software and see where you end up. Linux shouldnt be penalized for allowing the user massive flexibility with regards to software/package selection at install time.
Just looking over those lists two things stick out:
1. All of the mozilla/firefox exploits that are listed under Linux. Not under windows. Even though at this point more people use Firefox on windows than on Linux.
2. All of the extra exploits listed under linux because of some percived connection. The firefox example applies here. But why does an exploit on SGI altix count against linux ? Your faulting linux for being portable. How about lukemftpd. I dont know what distro uses that by default, I have not seen it, yet its listed. As is nasm an assembler compiler that works on many platforms including windows. Yet its only listed for linux. Either because its not an option in windows at install time, or because its not microsoft. If its the former fine I can deal with that since its the price you pay for being flexible. If its the latter (just as if not more likely) then the Linux list should be broken down into catagories of distrobution base. (ie redhat based, debain based, etc etc)
Well on a normal barebones install there isnt much to be running. Of course I classify barebones as 'minimal' so if you go through and load it up then that is different. However the default fedora core install also gives you an option for trusted devices and firewall security.
"Solaris is probably as bad as RedHat in cruft that needs to be cleaned."
I used to work for sun. Its worse. Redhat at least has made leaps and bounds worth of improvements since they switched to the fedora/community method.
80M ??? Is that supposed to be a low number ?
"I have never, in my twelve years of Windows experience, ever gotten a virus, nor gotten spyware."
Which is directly tied to your being a decent windows admin and using firefox. Funny thing is that I have none of these issues and I can use whatever one of the 7 or 8 web browsers regularly available on linux without needing to be paranoid about what sites and/or content I use. There shouldnt need to be this much effort needed to be safe. Period.
Just so we are clear you also shouldnt need to put in any effort after the install to lock down a system, it should be that way by default.
These are windows problems. Most every linux distro these days comes with SSH or nothing enabled by default unless you tell it to enable something. Some even have insane firewall policies by default. Windows ? It still acts like a $2 whore.
"my home Windows XP machine never (and I mean never) crashes nor gives me any trouble. Its 100% reliable, never gets virus's, never gets spyware on it, and everything just works."
Well either you are full of shit, or you have some neato magic powers. Its also quite possible that you reboot frequently which would of course go against what I have been saying all along.
AD is like most things MS a good idea and a bad implemenatation. That however is neither here nor there.
Exchange is a nice product in small doses. Try running an entire enterprise's mail through an exchange server. eek. Boom. (in that order).
I have not used 2003 at all, but XP wasnt so hot untill the second massive update ('service pack'). Matter of fact thats one of my biggest issues with microsoft. The way they handle updates. Every other update has to be installed solo, almost every update requires a reboot and they hold back updates to included them in "service packs". To often for my taste they take forever to update holes.
We agree. My entire point was not to let him off the hook for wasting time, it was to point out that MS could easily have saved him and many many others that time by including something that has been standard in most operating systems for years.
A decent amount. Which is why I dont care about sales figures.
The only thing that concerns me is jobs. The more jobs for linux/unix admins the happier I am.
No pal. The entire point of this post was to point out how much of a piece of rancid shit windows is. The fact that you have to come up with this convoluted solution to an ass-simple fucking problem just proves that point.
Why be able to configure things at install when you can just install an extra piece of software and keep copies of everything on DVD and reinstall said software after the problem and restore from DVD.
Installing from scratch on the average box using an average linux distro takes all of 20 minutes these days. How about windows ? I know installing 2k and XP used to take a hell of a lot longer than that, and they didnt even give you any real config options.
"Sure. It's a suboptimal solution"
You got it right there.
"but it's good enough to do what you describe and save a bunch of time, and it's certainly better than configuring everything from scratch."
Thats the point. You shouldnt have to start from scratch or use some POS third party solution.
"There's no reason not to use open source software just because you're using Windows."
No there isnt, but its not a common practise either, and that was my point.
::sniff sniff::
... half the IT staff was let go and replaced with new staff that knew linux, installed the solution without a hiccup.
I smell a hypocrite.
First and foremost, the amount of updates for windows far far FAR exceeds the amount for any Unix I have ever dealt with. While we are at it let me clue you into something: just because most apps are included within the base install of a unice doesnt mean you get to exclude the updates coming from third parties on that windows box.
Also of importance is that microsoft tries to bundle their updates into Service Packs, leaving its customers out to dry for months on end in some cases. Because "convinence" should always be paramount to security.
"Which leads to the question then of "why run Unix?"
Because you dont have to wait 3 years for SP2 to come out in order to have a stable platform. Because you dont have to spend hours dealing with virus's. Because one unix admin can handle far more boxes than his windows counterpart. Because that MCSE you put so much faith in is worth about as much as toilet paper to anybody with a lick of sense (this obviously doesnt include the HR nitwit who hired you). Because a properly secured nix box can run for YEARS without being rebooted and without service loss.
Securing any OS is equally easy. On a properly maintained network you really have no reason to do frequent updates because its virtually impossible to access a machine that is exposed to XYZ hole.
"when the machine was running which was relatively rare, we could get 300 simulataneous users. Not a typo, only 300 users. We switched the app server over to Windows/IIS on relatively comparable hardware and now we can accomodate approximately 5000 users. That's the thing about anecdotes, for every one you have, someone has one that's exactly the opposite." Really. That might have more to do with you not knowing solaris or the hardware failing than anything else. Of course you knew that already. Of course the fun part about my anecdote is that the company in questions IT department was run by a bunch of MCSE's who needed fun little point-n-click interfaces for everything and said the HP server in question couldnt run linux (it could) because none of them knew linux they lied. Six months later this scenario was repeated under a new CTO
"This is probably the most interesting statement you made, as it's so untrue."
If something is built for XP I wouldnt give two hot damns about it being able to work on XP. If its built for XP, make it work on 3.1. I dare ya. Hence the need to upgrade. This isnt even obscure random crap, this is the core stuff. Sure old stuff runs on the newer OS's, but what freakin good is that ? I could see far more uses for running a new app on an old OS than an old app on a new OS, but of course thats because I am not a member of MSDN.
Oh and just out of curiosity, when exactly are things "just working" in the windows world ? Is that the five minutes before or after all the updates, defragging, anti-virusing, anti-malwaring and constant reboots ? Cause if things are "just working" somebody might want to let all the symantecs of the world that the myriad of products they put out to fix microsofts constant fuckups are wholly un-needed.