Well, at the risk of continuing to guess at how someone else thinks (as we're both doing)...I don't think so. I've read enough of Carmack's.plans to find it difficult to believe that he would stick with an inferior toolkit if a better one was readily available. Anyway, like I said above, I think it would be terribly interesting to hear his opinion of the two options.
No....Carmack's decision was made long before any of his games had a Linux version. In fact, IIRC the games before Q3A that now exist on Linux were ported without Id.
1. Integration of video drivers into the kernel. Yes this makes it unstable, but Linux currently is plagued by the problem that Windows NT 3.51 had using fastLPC and HAL to control the video cards. Integrating into the kernel will give the necessary speed.
Well, shit, here this whole time I thought nvidia.o was loaded into my running kernel each time I booted. (Oh, and before you start going on about the GLX module, it's in the right spot too...suggesting it should be a kernel module would be obtuse at best.
2. A thread model that allows thread ownership to be changed dynamically. Most important is the thread model. IPC is just too dammed slow compared to reading a common memory heap for a process. Without a thread model it is very difficult to make a responsive GUI application that does anything complex (unless of course you use IPC and spawn several processes).
Without a thread model? Pthreads? Oh, and about thread ownership changing dynamically, I'm too frightened by the security consequences of something like this to even think about it.
3. A GUI messaging system that makes much faster calls on the operating system. GUI applications will not be able to compete with the speed of windows apps unless something is done to integrate this GUI messaging system with the OS. While this sounds like it is forcing a default Window manager, this isn't so. It just requires a programming standard to the messaging system to be written.
You know, Linux could use that. Perhaps even through a scheduler that can dynamically reassign priority to a server process when a client is waiting on it....hmmm....Oh wow...that's funny...that's in the 2.6 kernel.
I'm not saying X is perfect...but it's pretty damn good, with speed in the same neighborhood as Windows. And looking at the change in performance over time of the two systems (Windows slowing down, X speeding up), it's not X that should be worried.
Ah, the answer to all problems with Linux are always with the user. So convenient.
Yeah, it is kind of convenient....when I have a problem with Linux, it's usually a problem with me...something I've done improperly, or something I haven't setup that I need to. In contrast, my Windows problems are much more frequently something that the system has wrong or broken.
Sure, the Windows problems are easier to deal with (since I can't deal with them, I just sit there without doing anything...quite easy). But the Linux problems get fixed.
Id and theCarmack use DirectX for input and sound while rendering their 3D visuals in OpenGL.
You know, that's a good point. I wonder why they chose to do it that way? Perhaps OpenGL actually is a good 3D setup for games? I'm not real sure, but I'd really like to hear Carmack's views on this debate. Because, unlike most of us in this thread, he's probably pretty qualified to say.
Well, the OpenGL guys have long said that DirectX was only concerned with getting things to "look right," rather than having pure mathematical accuracy. In other words, some of the rendering calculations were done in such a fashion as to make them inappropriate for, say, physics modelling, but fine (and faster) for video games.
That said, I'm not sure that argument holds much water anymore with the later versions of DirectX. It's hard to say, since I don't use it. But anyway, from the games standpoint (which I'll agree is lots more important to Linux's mainstream success) it doesn't make hardly any difference now, which was your main point anyway. Both are plenty fast with modern hardware, and do all the stuff games need.
Which of course means that the point that started all this (that Linux needed DirectX compatibility to succeed) is totally bogus. But then, that's no surprise, so were his other two points.
You might consider digging slightly deeper, and seeing if you can get ahold of an actual CO tech at your telco. Depending on the situation there, this may or may not be really difficult. I lived in a place that was within distance but wouldn't qualify for unknown reasons once...as an ordinary citizen, they just told me something similar to what they told you; "it could be an issue with the quality of the wire, or something like that..."
Soon after, I got a job (which I still hold) at a local ISP, who deals with the same LEC for ADSL. I placed an ADSL service order with the LEC, and they denied it...but this time I made more noise asking about why. Ultimately, they said my home's phone line was on an ECD-50 analog carrier system (a setup that allows one telco pair to carry two phone lines) because apparently some previous tenants had once had 4 phone lines in the house. I only had one line, so it was a simple matter to rearrange the phone services and get the ADSL turned up.
Since then, I have found a varietty of similar problems; there are several setups for voice service that aren't entirely compatible with DSL. Sometimes (not always) something can be done about it...I'd make a few phone calls and see where it gets you.
I pity your provider; that amount of bandwidth is costing them way more than you are paying. Contractual limits on usage are the only reasonable interim model, and will have to do until people get comfortable/knowledgable enough about broadband to pay for it like they pay for electricity...by the [bit|watt].
Nothing wrong with my reading comprehension. You can spin it any way that you'd like. Windows and Linux are equally difficult to compromise.
Wow. What a dumbass. I mean, the logical leaps in your last couple posts were really obvious and foolish, but this just takes the cake! You haven't even suggested up till now any relative security, and you haven't given any reason or example of how Windows exploits have been either difficult to achieve or correctly handled.
In short, you obviously don't know what the fuck you're talking about.
How were these alleged Linux admins in the study hacked? Probably by "not doing their fucking job" as you would put it. Not having something patched, running unnecessary services, etc.
That doesn't make the hacks not happen. You still need to count them all or your study is just made-up numbers.
That's ridiculous. I can't figure out where you're reading that in, and it doesn't apper in their marketing either. That said, they did originally have a partnership with Codeweavers (IIRC) that dissolved, which is why they originally claimed some compatibility and backed off...not because of any MS lawsuit.
And to make matters worse you can't dilute a trademark that doesn't exist. Microsoft has forever been unable to acquire trademark on the term "Windows"...it only has "Microsoft Windows." This had a lot to do with everyone in the world already calling the behavior Windows displays as "Windows" before MS ever arrived on the scene. And partly because of the pre-existing trademark on "X Window System" as well.
So...if the courts a)wouldn't give MS trademark rights (ie rights to sue people for use of) on "Windows" and b)allowed the co-existence of a trademark on "X Window System" it stands to reason that they have rubber-stamped naming software "Windows"...I could call my Linux distribution "Linux Windows" if I wanted. It's already been hashed out.
Which is why the case was quickly thrown out around here. Now...as to why it has been so successful elsewhere? I'm confused....
That's fair enough; I overstated it. Perhaps I should have said "many major distributions have patching/upgrading systems that are less painful than Windows."
That should make you happier. By "many" I'll mean Debian, Gentoo, SuSE, Mandrake, Lycoris, Xandros, Lindows, and probably more.
And by the way, RedHat qualifies as well if you are paying for it (like you would for Windows).
Yes. Take a look at their criteria...they just "evaluated successful exploits."
And that's fine; MS's servers come with plenty of other vulnerabilities out of the box. If you want to define it as just what's in the shink-wrapping of Advanced server 2000, there are still plenty of holes.
Yeah, right. These exploits on Windows allow root access or arbitrary code; a cracker looking to steal data can procure tools (or at least modify a popular worm) to do that just fine on Windows...but still would have been "discounted" by this study. Because he still would have probably employed a worm or trojan or virus. Because that's how you get into Windows boxes.
Also, if Windows had been determined to be most vulnerable, with the same "discounting" of worms/virii/etc., the problem with the logic would not be as serious.
Why? Because it would not have led to a completely different conclusion. If anything, it would have been very, very kind to MS. Any (Windows-favoring) complainer about those "discounts" would be foolish, because including them would only make Windows look even worse.
The most important thing is that in the actual case, throwing out a huge category of data led to a completely reversed conclusion. In the hypothetical you suggest, the inclusion of the extra data would not have changed the conclusion, and in fact would have strengthened it.
The funny thing here is that you suggest that this guy wouldn't complain about the statistics in your hypothetical because he's a Linux crazy. But a real Linux diehard would still complain about the ignored worms/virii....he'd say the study went too easy on MS!
Sure...we've got evidence. You can even (hopefully) find it in your own memory of the day when the whole Internet had major slowdowns and large service outages when SQL-slammer came out.
Or perhaps you just want to take a look at any number of statistics that compare breaches and don't ignore all worms. I'm not going to go link-hunting for you this second, but if you seriously look for any real studies on this subject and make sure they are taking all attacks into consideration, the numbers are tremendously different.
Seriously...just think about it for a second. Have you ever seen someone perform an attack on a Windows box that would be considered for this study? I've seen several hundred Windows breaches now (I've worked in computer repair shops, and now an ISP, for some time) and so far I think every last one of them involved some sort of worm, virus, scripted exploit or trojan. If you leave all this out, what do your numbers mean?
Uh...I haven't read all this other guy's posts. But they don't change the fact that his point here is incontrovertibly correct. Throwing out the most popular method for breaching security is a completely unacceptable way to conduct research that hopes to conclude relative security. That's pretty damn basic.
I mean, do you seriously disagree? You think this study actually shows that Linux is less secure than Windows? Even after you realize that they are ignoring SQL-slammer, Blaster, MyDoom, Nimda, Code Red...............and on and on?
This is one of the most bone-headed studies I think I've ever seen. Anybody duped by this has absolutely no concept of either computer security or basic logic.
Don't be ridiculous. All my boxes are patched; Linux, BSD and Windows. Now....I spend significantly more time keeping the Windows ones safe. And I have had many more security breaches on Windows (4) than on Linux (0) or FreeBSD (0). And most of my services are on Linux.
But the point here, that most folks do at least seem to recognize, is that the reason I have to worry about the Windows machines so much doesn't have anything to do with a "real" hacker actually "attacking" me. That's what I worry about on the Linux boxes, and just a bit on the BSD one (there are actually a really high concentration of FreeBSD boxes on the network that machine is in, so it is a bit more inviting a target than normal). On the Windows machine I just lose sleep all the time over script-kiddies and worms.
After all...why would anyone expend their 31337 h4X0r skills on some Windows box, when there are a dozen easy point-click-backdoor attacks available? No, anybody who wants to spend real energy taking over systems will point at something more impressive.
...not that this means you don't have to patch your box. But all major distros these days make that really painless. Or at least a lot less painful than Windows.
We all know the average Linux user is more likely to tamper with his setup...
I hope not, for the Windows admins' sakes. If you don't "tamper with your setup" some (or put the box behind some other firewall) by turning off all the services Windows runs by default, you are asking for it on Windows. But then, I'm not "discounting" all the recent attacks on Windows.
That's the problem I see with this article; to focus entirely on these direct hacking attacks just doesn't make sense....or at least doesn't support their conclusion. To say that one OS is "safer" than the others you must evaluate all the dangers. It's like you have two cars, one of which is somewhat easier to break into than the other...but the other one has an extremely high rate of bursting into flame when the owner leaves it parked. These guys would say the flaming car is "safer to leave your expensive stuff in" after they "discounted" the "latest round of car-sitting-still fires."
No, you're right...the article could have been worded better. Yes, it's definitely the combination of multiple scripting languages in the single file that matters.
And yet...that really just makes it all the more ridiculous. This board is already covered with people's examples of prior art. I think the VIM configuration files mentioned above are my favorite.
Slashdot Mirror
Well, at the risk of continuing to guess at how someone else thinks (as we're both doing)...I don't think so. I've read enough of Carmack's .plans to find it difficult to believe that he would stick with an inferior toolkit if a better one was readily available. Anyway, like I said above, I think it would be terribly interesting to hear his opinion of the two options.
No....Carmack's decision was made long before any of his games had a Linux version. In fact, IIRC the games before Q3A that now exist on Linux were ported without Id.
Try QCAD.
(it is getting increasingly difficult to find an app that doesn't have an answer of this varietty.)
There is no system but GNU, and Linux is one of its kernels.
1. Integration of video drivers into the kernel. Yes this makes it unstable, but Linux currently is plagued by the problem that Windows NT 3.51 had using fastLPC and HAL to control the video cards. Integrating into the kernel will give the necessary speed.
Well, shit, here this whole time I thought nvidia.o was loaded into my running kernel each time I booted. (Oh, and before you start going on about the GLX module, it's in the right spot too...suggesting it should be a kernel module would be obtuse at best.
2. A thread model that allows thread ownership to be changed dynamically. Most important is the thread model. IPC is just too dammed slow compared to reading a common memory heap for a process. Without a thread model it is very difficult to make a responsive GUI application that does anything complex (unless of course you use IPC and spawn several processes).
Without a thread model? Pthreads? Oh, and about thread ownership changing dynamically, I'm too frightened by the security consequences of something like this to even think about it.
3. A GUI messaging system that makes much faster calls on the operating system. GUI applications will not be able to compete with the speed of windows apps unless something is done to integrate this GUI messaging system with the OS. While this sounds like it is forcing a default Window manager, this isn't so. It just requires a programming standard to the messaging system to be written.
You know, Linux could use that. Perhaps even through a scheduler that can dynamically reassign priority to a server process when a client is waiting on it....hmmm....Oh wow...that's funny...that's in the 2.6 kernel.
I'm not saying X is perfect...but it's pretty damn good, with speed in the same neighborhood as Windows. And looking at the change in performance over time of the two systems (Windows slowing down, X speeding up), it's not X that should be worried.
No, there are not.
Yes there are, times infinity!
Here's a list of things linux needs to conquer windows.
1.) cleartype fonts
2.) automatic directX compatibility for games
3.) one solid universal gui
BWAAAAAHAHAAHA!
Seriously...there may be a (short?) list of things Linux needs to conquer windows.....but these aren't on it.
Ah, the answer to all problems with Linux are always with the user. So convenient.
Yeah, it is kind of convenient....when I have a problem with Linux, it's usually a problem with me...something I've done improperly, or something I haven't setup that I need to. In contrast, my Windows problems are much more frequently something that the system has wrong or broken.
Sure, the Windows problems are easier to deal with (since I can't deal with them, I just sit there without doing anything...quite easy). But the Linux problems get fixed.
Id and theCarmack use DirectX for input and sound while rendering their 3D visuals in OpenGL.
You know, that's a good point. I wonder why they chose to do it that way? Perhaps OpenGL actually is a good 3D setup for games? I'm not real sure, but I'd really like to hear Carmack's views on this debate. Because, unlike most of us in this thread, he's probably pretty qualified to say.
(in other words, "people who know choose OpenGL")
Is there a reason why it sucks for such work?
Well, the OpenGL guys have long said that DirectX was only concerned with getting things to "look right," rather than having pure mathematical accuracy. In other words, some of the rendering calculations were done in such a fashion as to make them inappropriate for, say, physics modelling, but fine (and faster) for video games.
That said, I'm not sure that argument holds much water anymore with the later versions of DirectX. It's hard to say, since I don't use it. But anyway, from the games standpoint (which I'll agree is lots more important to Linux's mainstream success) it doesn't make hardly any difference now, which was your main point anyway. Both are plenty fast with modern hardware, and do all the stuff games need.
Which of course means that the point that started all this (that Linux needed DirectX compatibility to succeed) is totally bogus. But then, that's no surprise, so were his other two points.
You might consider digging slightly deeper, and seeing if you can get ahold of an actual CO tech at your telco. Depending on the situation there, this may or may not be really difficult. I lived in a place that was within distance but wouldn't qualify for unknown reasons once...as an ordinary citizen, they just told me something similar to what they told you; "it could be an issue with the quality of the wire, or something like that..."
Soon after, I got a job (which I still hold) at a local ISP, who deals with the same LEC for ADSL. I placed an ADSL service order with the LEC, and they denied it...but this time I made more noise asking about why. Ultimately, they said my home's phone line was on an ECD-50 analog carrier system (a setup that allows one telco pair to carry two phone lines) because apparently some previous tenants had once had 4 phone lines in the house. I only had one line, so it was a simple matter to rearrange the phone services and get the ADSL turned up.
Since then, I have found a varietty of similar problems; there are several setups for voice service that aren't entirely compatible with DSL. Sometimes (not always) something can be done about it...I'd make a few phone calls and see where it gets you.
Good luck...
I pity your provider; that amount of bandwidth is costing them way more than you are paying. Contractual limits on usage are the only reasonable interim model, and will have to do until people get comfortable/knowledgable enough about broadband to pay for it like they pay for electricity...by the [bit|watt].
Nothing wrong with my reading comprehension. You can spin it any way that you'd like. Windows and Linux are equally difficult to compromise.
Wow. What a dumbass. I mean, the logical leaps in your last couple posts were really obvious and foolish, but this just takes the cake! You haven't even suggested up till now any relative security, and you haven't given any reason or example of how Windows exploits have been either difficult to achieve or correctly handled.
In short, you obviously don't know what the fuck you're talking about.
How were these alleged Linux admins in the study hacked? Probably by "not doing their fucking job" as you would put it. Not having something patched, running unnecessary services, etc.
That doesn't make the hacks not happen. You still need to count them all or your study is just made-up numbers.
That's ridiculous. I can't figure out where you're reading that in, and it doesn't apper in their marketing either. That said, they did originally have a partnership with Codeweavers (IIRC) that dissolved, which is why they originally claimed some compatibility and backed off...not because of any MS lawsuit.
...I could call my Linux distribution "Linux Windows" if I wanted. It's already been hashed out.
And to make matters worse you can't dilute a trademark that doesn't exist. Microsoft has forever been unable to acquire trademark on the term "Windows"...it only has "Microsoft Windows." This had a lot to do with everyone in the world already calling the behavior Windows displays as "Windows" before MS ever arrived on the scene. And partly because of the pre-existing trademark on "X Window System" as well.
So...if the courts a)wouldn't give MS trademark rights (ie rights to sue people for use of) on "Windows" and b)allowed the co-existence of a trademark on "X Window System" it stands to reason that they have rubber-stamped naming software "Windows"
Which is why the case was quickly thrown out around here. Now...as to why it has been so successful elsewhere? I'm confused....
That's fair enough; I overstated it. Perhaps I should have said "many major distributions have patching/upgrading systems that are less painful than Windows."
That should make you happier. By "many" I'll mean Debian, Gentoo, SuSE, Mandrake, Lycoris, Xandros, Lindows, and probably more.
And by the way, RedHat qualifies as well if you are paying for it (like you would for Windows).
Yes. Take a look at their criteria...they just "evaluated successful exploits."
And that's fine; MS's servers come with plenty of other vulnerabilities out of the box. If you want to define it as just what's in the shink-wrapping of Advanced server 2000, there are still plenty of holes.
Yeah, right. These exploits on Windows allow root access or arbitrary code; a cracker looking to steal data can procure tools (or at least modify a popular worm) to do that just fine on Windows...but still would have been "discounted" by this study. Because he still would have probably employed a worm or trojan or virus. Because that's how you get into Windows boxes.
We've gotten lazy.
Who's we? Leave me out of this.
Also, if Windows had been determined to be most vulnerable, with the same "discounting" of worms/virii/etc., the problem with the logic would not be as serious.
Why? Because it would not have led to a completely different conclusion. If anything, it would have been very, very kind to MS. Any (Windows-favoring) complainer about those "discounts" would be foolish, because including them would only make Windows look even worse.
The most important thing is that in the actual case, throwing out a huge category of data led to a completely reversed conclusion. In the hypothetical you suggest, the inclusion of the extra data would not have changed the conclusion, and in fact would have strengthened it.
The funny thing here is that you suggest that this guy wouldn't complain about the statistics in your hypothetical because he's a Linux crazy. But a real Linux diehard would still complain about the ignored worms/virii ....he'd say the study went too easy on MS!
Sure...we've got evidence. You can even (hopefully) find it in your own memory of the day when the whole Internet had major slowdowns and large service outages when SQL-slammer came out.
Or perhaps you just want to take a look at any number of statistics that compare breaches and don't ignore all worms. I'm not going to go link-hunting for you this second, but if you seriously look for any real studies on this subject and make sure they are taking all attacks into consideration, the numbers are tremendously different.
Seriously...just think about it for a second. Have you ever seen someone perform an attack on a Windows box that would be considered for this study? I've seen several hundred Windows breaches now (I've worked in computer repair shops, and now an ISP, for some time) and so far I think every last one of them involved some sort of worm, virus, scripted exploit or trojan. If you leave all this out, what do your numbers mean?
What a dumbass way to conduct a study.
Uh...I haven't read all this other guy's posts. But they don't change the fact that his point here is incontrovertibly correct. Throwing out the most popular method for breaching security is a completely unacceptable way to conduct research that hopes to conclude relative security. That's pretty damn basic.
I mean, do you seriously disagree? You think this study actually shows that Linux is less secure than Windows? Even after you realize that they are ignoring SQL-slammer, Blaster, MyDoom, Nimda, Code Red...............and on and on?This is one of the most bone-headed studies I think I've ever seen. Anybody duped by this has absolutely no concept of either computer security or basic logic.
After throwing out 98% of all Windows attacks, Windows was proven safer than Linux, with 1/8 the number of breaches.
...good one, Guys.
Don't be ridiculous. All my boxes are patched; Linux, BSD and Windows. Now....I spend significantly more time keeping the Windows ones safe. And I have had many more security breaches on Windows (4) than on Linux (0) or FreeBSD (0). And most of my services are on Linux.
But the point here, that most folks do at least seem to recognize, is that the reason I have to worry about the Windows machines so much doesn't have anything to do with a "real" hacker actually "attacking" me. That's what I worry about on the Linux boxes, and just a bit on the BSD one (there are actually a really high concentration of FreeBSD boxes on the network that machine is in, so it is a bit more inviting a target than normal). On the Windows machine I just lose sleep all the time over script-kiddies and worms.
After all...why would anyone expend their 31337 h4X0r skills on some Windows box, when there are a dozen easy point-click-backdoor attacks available? No, anybody who wants to spend real energy taking over systems will point at something more impressive.
...not that this means you don't have to patch your box. But all major distros these days make that really painless. Or at least a lot less painful than Windows.
We all know the average Linux user is more likely to tamper with his setup...
I hope not, for the Windows admins' sakes. If you don't "tamper with your setup" some (or put the box behind some other firewall) by turning off all the services Windows runs by default, you are asking for it on Windows. But then, I'm not "discounting" all the recent attacks on Windows.
That's the problem I see with this article; to focus entirely on these direct hacking attacks just doesn't make sense....or at least doesn't support their conclusion. To say that one OS is "safer" than the others you must evaluate all the dangers. It's like you have two cars, one of which is somewhat easier to break into than the other...but the other one has an extremely high rate of bursting into flame when the owner leaves it parked. These guys would say the flaming car is "safer to leave your expensive stuff in" after they "discounted" the "latest round of car-sitting-still fires."
No, you're right...the article could have been worded better. Yes, it's definitely the combination of multiple scripting languages in the single file that matters.
And yet...that really just makes it all the more ridiculous. This board is already covered with people's examples of prior art. I think the VIM configuration files mentioned above are my favorite.