Microsoft Claims Firms 'Hitting a Wall' With Linux 717
maxifez writes writes to tell us that Microsoft has released yet another independent study downplaying the viability of Linux at the enterprise level. The study claims that Windows is "more consistent, predictable, and easier to manage than Linux." From the article: "The study, commissioned by the software giant from Security Innovation, a provider of application security services, claimed that Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts." Vnunet.com has also provided a PDF of the original report.
Miller Light is claiming Bud Light tastes bad (Score:4, Funny)
Well (Score:4, Insightful)
Linux may have more implementation overhead but the results, I would argue, are generally superior.
Re:Well (Score:3, Insightful)
Re:Well (Score:5, Informative)
Not to be a MS fanboi, but sysprep works pretty well alongside Ghost.
Re:Well (Score:3, Informative)
Welcome to the new world.
Re:Well (Score:5, Informative)
I don't have a lot of experience with Windows, but Kickstart [redhat.com] is one of the most impressive pieces of Linux software that I've used.
Network PXE boot, enter a configuration file location and sit back while Kickstart configures and partitions your server, downloads and installs all your packages, runs post-installation scripts to install updates and start all your services, and finally reboots your completed server. All without any intervention.
Not to mention that if you ever need to re-deploy that server, or deploy a similar server, you can reuse the configuration file to guarantee the server is identical.
Re:Well (Score:5, Insightful)
From the Summary (because who bothers to RTFA anymore?):
"...claimed that Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts..."
That much is probably true. Implementing some new process on a Linux box probably does take a bit longer. But here's the thing: Once it's done, it's done.
I've seen enough gawd-awful in-house software and scripts in Microsoft shops to know better than to be impressed by how much "faster" it is to adapt their shit. If you count all the down-time and set-backs which can happen after implementation, you probably ultimtely save a lot of time by going with a Linux-based enterprise.
But then, I'm not some kick-ass consulting firm which a big astroturfing... er... I mean independent study commission to put in the bank.
Re:Well (Score:3, Informative)
True, for the most part.
I've seen enough gawd-awful in-house software and scripts in Microsoft shops to know better than to be impressed by how much "faster" it is to adapt their shit. If you count all the down-time and set-backs which can happen after implementation, you probably ultimtely save a lot of time by going with a Linux-based enterprise.
Now I've
Re:Well (Score:3, Insightful)
But MS is selling their product by telling you that you don't need those expensive, slow-poke engineers to write code for you. Just get a college drop-out who has been fully certified (by us) to whip out a quick VB script in the afternoon, and have it in place by the following morining when you come in to evalu
Re:Well (Score:5, Insightful)
Re:Well (Score:3, Informative)
True.
But there are inherent differences that should not be overlooked.
Windows is not particuarly scriptable in the way that Linux is. Yes, you can do some basic things, but i
Re:Well (Score:4, Insightful)
Their login sequence includes loading the AV software and a few network IT notices. Sometimes this works, sometimes it doesn't.
Sometimes the volume icon appears in the tool tray. Sometimes it doesn't. I must then go to the control panels, Sound and Audio Options, disable the tooltray icon, apply, and then re-enable it.
Sometimes the Power Meter icon (userful for battery monitoring on a laptop) appears in the tool tray. Sometimes it doesn't. I must then go to the control panels, Power Monitor, disable the tooltray icon, apply, and then re-enable it.
Sometimes the icon for the automated network backup system appears in the tool tray. Sometimes it doesn't. I don't know how to cycle it if it doesn't appear.
Sometimes the icon for "Add/remove hardware" (aka hotplug) appears in the tool tray. Sometimes it doesn't. I don't know how to cycle it if it doesn't appear.
This is why Linux is both cheaper and better. Some things work and some things don't. But I have never had this "sometimes" bullshit on Linux.
I budget it like this (20-user office) (Score:3, Interesting)
B. Cost of Leon attending on site roughly once a year: 2 hours @AUD$120
C. Cost of Leon remote-adminning random stuff 4x a year: 0.25hr @AUD$120
Nett cost of Leon over 2 years: A + 2 x B + 2 x 4 x C == 480 + 2 * 240 + 8 x 30 == AUD$1200 (+GST)
D. MandrivaClub Silver membership, per year: EUR$120 == AUD$191.54 (x 2)
TOTAL: AUD$1583.08 (+ AUD$120 in GST) or AUD$791.54 pa or AUD$39.58 per user per annum
A. Cost of random MCS
Re:Well (Score:3, Interesting)
Now, on the flip side, I've seen unix gurus that can configure apache without blinking. And can configure a lot of the security and network settings with ease... network configuration is much more
Re:Well (Score:5, Informative)
ou=marketing,uid=myLogin
ou=hr,uid=myLogin
with only one server?
NTFS vs Unix file permissions. This use to be true but no longer, read up on ACL's in Linux and Unix, they have been around for a while. I would point to secure Linux and say that Microsoft doesn't have anything that competes in this arena. Granted this is somewhat complex and a lot of shops don't need it.
IIS is easy to configure, but then again using YAST or any of the webmin tools make Linux/UNIX a snap to configure. I would argue it is easier to admin a server with webmin than it is to learn all the Microsoft admin tools.
SMS is finally a decent package for Windows only shops. So is WinInstall and other products.
Oracle VS SQL Server. Oracle is free for one processor, 2GB of RAM and a 4GB database size. It runs on multiple platforms and it's target market is for higher end databases. It can mount XML, TAB delimeted and other files natively as tables. That is very very nice to developers. SQL Server has the DTS stuff. DTS is very nice for moving data around, but not as nice as actually mounting files as tables. Oracles Enterprise manager is very comparable to Microsofts, and at least with Oracles EM you can actually sort data after you view it AND you can see the SQL that is being generated by the query. I will say that the query builder in SQL server is very nice. I can't comment on DB2... All in all I would say that both are very friendly to developers, but one is free for small to mid size shops and one is not.
Now I find the core difference in Windows and Linux is that most shops do a LOT more on one Linux/Unix box than one Windows box. Most Windows shops (ours included), have a Windows server for one specific task, perhaps two tasks. Most Linux and Unix boxes run many different tasks and as such you need far less of them. Perhaps this is just the attitude of Windows users to purchase more servers because they are "cheap" but I can say that every place I have been this is the case. Most Unix/Linux guys you talk to mention two things, their uptime AND the amount of crap that is running on their boxes. Most Windows guys I talk to mention the number of servers they manage. So in short this needs to be factored in as well. This issue may also come from all the DLL hell that has plagued Microsoft for years, or the fact that it was difficult to impossible to run different versions of SQL server on the same box.
You are correct in mentioning security as a major concern. The constant amount of patches and reboots needs to also be factored in. You start to really need tools like SMS when you have 100 to 500 Windows servers that need patched as often as they do. Now if you replace those servers with say 10-20 high end Linux boxes then the need for an SMS type of application starts to diminish. This is not to say that you couldn't use a product like E-Directory and Red Carpet to manage those boxes, but the need isn't as great.
Re:Well (Score:3, Informative)
easier and quicker to deploy? Compared to what? Any shop using, say, redhat enterprise, can deploy a box in a few minutes, including a full lockdown, using kickstart. What similar technology even exists in windowsland?
It's called an unattended installation in windowsland. And they had it before redhat had kickstart. And yes you can apply a full set of patches and if you're wily enough you can get in lockdowns and such. The other people are touting Ghost because that is much more often the method used to
Re:Fanboi ALERT (Score:3, Interesting)
And yes it is easier with kickstart than ghost.
You still have to change names, ip, etc... Kickstart option can be selective. Ghost not.
Re:Well (Score:5, Insightful)
To be fair, you normally choose the OS and Hardware for the job. Microsoft likes to point out OEM boxes that are hard to install linux on, but then, thats like trying to put XP on all those old beige boxes and saying Microsoft sux0rs because of bad driver support.
SSDD.
Re:Miller Light is claiming Bud Light tastes bad (Score:3, Interesting)
I thought it might be the start of a new campaign.
They're behind schedule for Windows Server 2003 Compute Cluster Edition.
It's been in the news over the previous few days and "rescheduled" for early 2006. Of course, they announced six months ago it would be out now.
They're just reminding everyone they're still in business.
And speaking of Microsoft vs. Linux, a guy at the local SQL Server user group meeting last night insisted it would be in Microsoft's best interest to come out with SQL Server Li
Translation (Score:5, Funny)
More consistent: It crashes the same way every time I press the start button.
Predictable: It will crash at least once a week
Easy to manage: There aren't any extra settings in the windows to set that confuse people.
With Linux, they couldn't figure out what they needed to press to make it crash and couldn't determine out when it would crash.
No, THIS is the babelfish translation: (Score:5, Funny)
Predictable: A week crash will once it at least.
Easy to manage: Extra Windows settings to confuse people it will, arent there?
Let me tell you our "independant study" (Score:5, Interesting)
1 red hat 6 machine that lasted 6 years without an OS related reboot (the hardware started to give and the box had to be decommissioned)
1 database/web server running SLES 8 has gone over a year and a half without a reboot.
1 webserver running debian stable no reboot since installation
1 proxy server running SLES 9 w/ squid that was set up in under a 1/2 hour under emergency conditions (old proxy hardware died unexpectedly) running 20 days under extremely heavy load until new server came in.
1 database server running SLES 8. A year since last reboot.
And those are all the ancient boxes. We've got many more linux boxen that are too new to have aquired a long uptime.
From the article:
experiencing significant reliability issues resulting in higher total cost of ownership
*shrug* I've had none of these issues they speak of. All of our installs are quick, stable and long lasting. In fact, I've never had a production upgrade break anything, and never had an install take longer than a couple of hours in even the most complex of setups.
This whole "get the facts" campaign is just silly. I don't know why they keep on with it. I've been working with Linux for years and never run into any of the problems they have "documented".
Hey Balmer, want an anecdotal story of Windows breaking? Our mapping department had a Windows 2000 installation with their mapping software. One day it just breaks. 5 people standing around the box scratching our heads. No one had any clue why. Random reboots, blue screens, the whole works. We reinstall many times. Nothing. Do all the upgrades, patches and fixes. Nothing. Sounds like hardware, right? Nope. Upgraded to 2003 and worked fine since.
The fact that the box could have run 2 years without major issue then break out of nowhere with 5 very smart people trying to solve the issue and can't makes me wonder.
Get the real facts.
Re:I hope you get rooted like you deserve. (Score:4, Insightful)
Okay, so the parent poster was CLEARLY flamebait. I think that they do have a point - the grandparent poster running "4 red hat 7.3 DNS servers" and "1 red hat 6 machine that lasted 6 years without an OS related reboot" does seem to be emphasizing uptime over security though. Either you take an hour or two to back up your data, set up redundant services, and upgrade according to your schedule, or someone might force you to update at a "less convinient" time.
Re:I hope you get rooted like you deserve. (Score:3, Interesting)
This doesn't mention the others... By visiting Windows Update, I have to press "I agree" to the ActiveX control which gives whichever website I'm connected to the permissions required to remotely administer my company's computers and remotely access our data.
Hope everyone at Microso
Re:I hope you get rooted like you deserve. (Score:3, Insightful)
What about them? Do you have the faintest clue what that means? I'm guessing not based on your flamebait attitude.
Hint -- in order to make use of a "local root exploit" you have to have access to an account on the box. So unless you can get on the box, the local root exploit is a complete non-issue. Based on the GP post, most of those boxes are well behind a firewall and have either no or limited interaction with the world at
Well.... (Score:3, Informative)
However, these are the exception rather than
forgot the scare quotes (Score:4, Insightful)
Re:forgot the scare quotes (Score:4, Interesting)
Re:forgot the scare quotes (Score:4, Insightful)
Re:forgot the scare quotes (Score:5, Insightful)
I don't know why they bother honestly. My bosses bosses boss recently informed me that we use Microsoft almost exclusively. I just nodded and smiled, because it was easier to do that than explain that even our DESKTOPS are mostly Mac, and our infrastructure is 90% unix (Solaris, linux, bsd). The only people who really read those studies don't know what the hell they're talking about anyway.
I don't give a damn what microsoft's studies say. I've been using unix, linux, and windows for years, and unix and linux have ALWAYS been more reliable. I've got a 250,000 dollar machine hooked up to a brand new Dell box running 2003 that goes down as often as a nickel whore, and I am SICK of hearing from Microsoft that this is just my imagination!
vnunet screwed up the pdf linkage (Score:4, Informative)
then I looked at the linked PDF and got confused,
because that PDF is about database security.
The correct Link:
MS Summary Page [microsoft.com]
The PDF [microsoft.com]
[Your Complaint About
Re:forgot the scare quotes (Score:4, Insightful)
They put Linux on the radar more and more with every one of these stunts. I'm with you - I really enjoy working with Unix systems. It's not because it's trendy to do so, it's because the Shit Just Works. I don't have to pour through vague event log entries on to fix problems with a clean install, I don't have to have a Microsoft tech come out and live with us for three weeks to address odd AD anomolies, and I don't have to use undocumented features to make something work.
The power of the Linux community simply can't be ignored. If you have a problem with just about anything with any OSS, you can always find a lot of information about it with a quick google search. The same is not true with Windows software - often times I get the dreaded "Sorry, no results found."
Nobody can honestly claim that Microsoft software hasn't improved in the last few years. It's a lot better then how things used to be. Unfortunately for them, it just doesn't matter anymore. They blew it. Linux is here, it's a lot more flexible, and it's not going away. It surrounds Microsoft from all sides (Very high end, embedded, very small (PDA's, cell phones)) and it's only a matter of time before it completely replaces Windows on core desktop and traditionally Windows based server environments.
It goes beyond the generic server arena, though. Have you have the chance to work with VMWare ESX server? It's awesome! Completely Linux based. Not only is the "service console" running Linux, the vmkernel itself is a customized Linux kernel which runs on top of it. VMWare ESX is so nice - you can really see what a Linux system is capable of: powerful, customizable, very easy to use.
That's the way I see it, anyways. And I do primarily Windows server work.
Re:forgot the scare quotes (Score:3, Insightful)
So in other words, the fact that papers attempting to disprove intelligent design are starting to appear means that there's merit to intelligent design?
No, it means the papers attempting to disprove intelligent design are as moronic as those that are supporting it. You can't disprove intelligent design. You can only show that scientific theories adhere to certain rules. Intelligent design doesn't adhere to those rules, adn therefore even qualify as a scientific theory. That's why it should not be taug
Re:forgot the scare quotes (Score:5, Insightful)
Part of the problem for MS, especially regarding studies, is that they are selling a "one size fits all" solution, whereas Linux allows numerous variations to best achieve your goals. MS is facing a tough battle, trying to convience everyone that they are the best solution for all situations (read as: easy to use for uncaring sheep), yet technically appealing to even the most distinct niche users.
As Mike Warnke once said as the moral of a long story: "If you try to please everyone, you're going to lose your ass." (How's that for an obscure reference?)
Re:like what? (Score:4, Interesting)
Linux is a grassroot effort like the anti-tobacco movement -- both are backed by many millions of dollars.
Re:forgot the scare quotes (Score:5, Interesting)
I am sorry but this is the most sorry ass downhill marketing I have ever seen. It is like Pepsi hiring a guy to wear a Coca-Cola Tshirt and purposely choking. This guy changed title 3 times in a year. Just a couple months ago he was Microsoft's very own Linux strategist.
Independent ... (Score:5, Interesting)
...Installing a private certificate server (Score:5, Interesting)
OK, it's time for me to repost what's involved installing a private certificate server on Windows 2000 via its "intuitive" point-and-click GUI. (You forgive me if I just link to it, not wanting to repeat slashdot's lameness filter hell for this kind of post.) It compares the Linux way and the Windows way. These were the actual procedures used, that I carefully documented, for two different projects that accomplished exactly the same goal. Here it is. [slashdot.org] (Scroll past the lameness filter stuff at the beginning.)
Nice to know (Score:5, Interesting)
Also I am pleased to notice that the "independant company" that spewed out this "commissioned report" (see the microsoft page) lists Microsoft on their partners page, and from what I can tell no one who has even heard of Linux (with the exception of HP). Since it looks like their business depends on selling enhanced security products, I can see why they wouldn't be too keen on having people show an interest in Linux.
Security Innovation designed this study to be repeatable, and we believe that the results are consistent with what customers are experiencing in the real world.
And if I wander over and look at my main Linux file server, I see an uptime of 125 days (it had over a year uptime before I physically had to move the server to a different location). During that time the server's files were available 24/7 with absolutely zero problems. Needless to say we have had way fewer problems with the new Linux server; the old Microsoft server crashed or had to be rebooted on a regular basis; the people before me actually had a planned "weekly reboot every Friday evening". When it came time to replace the Microsoft server, Microsoft didn't fare so well, especially when it came time to pay big piles of $$$ to upgrade it: basically we could have bought two linux file servers for the cost of the Microsoft software upgrade costs alone. Hows that for a real-world example?
Re:Nice to know (Score:5, Insightful)
On the Linux side, I simply rsync software to all our of workstations. I can even upgrade software people are using right at that moment (like rsyncing the newest thunderbird to /usr/local/thunderbird-1.0.7 while they use the thunderbird in /usr/local/thunderbird-1.0.6, and then moving the /usr/local/bin/thunderbird symbolic link to point to the new version). On the windows side, I wander around bugging people to take an early lunch or whatever while I install/upgrade software on their machine.
There are plenty of ways in which Unix-style systems are easier to administer than Windows boxes, but this is not one of them. Windows actually has quite decent remote administration tools these days, including a fairly nice infrastructure for performing remote installations. Assuming you add some third party components (or are installing to a server with Terminal Services), ad-hoc remote access is also quite good.
I'm a big fan of Linux (I have seven computers at home; six run Linux, one runs OS X, no Windows, not even a dual-boot), and I'd probably drive a bus before I'd work as a full-time Windows sysadmin, but even I can't let this sort of FUD pass.
I suggest that you learn Windows first, then rant about it. You'll still have plenty to rant about, but you won't look like an idiot doing it.
Re:Nice to know (Score:4, Interesting)
Too bad it doesn't provide a method for replacing in-use executables, nor can you run an executable with a new version of a DLL while the old one is still running because of the way windows handles shared libraries...
Re:Nice to know (Score:3, Informative)
Uh, I think you're the one who needs to think about it. You can delete all links to the file, and while the inodes are not freed until the last reference to the file is closed, the file is for all other intents and purposes deleted. The only discrepancy
Re:Nice to know (Score:5, Funny)
This is true. I remotely administer several Windows machines owned by people I've never met. The Windows infrastructure makes it trivial to remotely install FTP servers that I use to share Warez.
Re:Nice to know (Score:5, Insightful)
You just copy the files, move a link (guaranteed to be an atomic operation), and any new instances of the program are running the new code.
It's simpler than that, actually, if you don't mind the program being inaccessible for a few milliseconds. You just 'mv' the new file in place of the old one. New instances are running new code, old instances keep running old code. I never said Linux/Unix wasn't *better*, just that Windows wasn't as bad as the other poster made it out to be.
In Windows-land, you need to set locks, twiddle bits, edit the registery, God knows what. Sure, some "wizard" hides all this for you, but it's nothing like the simple equivalent Unix version. What happens if there's a power failure right in the middle of all this, for instance? Or if the computer runs out of RAM or disk? Yeesh. I just wouldn't trust it, no matter what the software author claims.
Actually, if they use the MS installer toolset, the installer will roll back the changes in the event of a power failure or other installation problem.
It's a prototypical Microsoft solution, actually. Compare them:
Of course, some of the added functionality that MS provides, like the system for centrally managing updates of many machines through a simple GUI, really is nice, so it has been implemented for Unix systems as well. But a Unix admin can get a hell of a lot done with nothing more than some shell scripts and ssh, including things that the authors of the fancy GUIs never thought to implement.
Re:Nice to know (Score:5, Informative)
The reason Windows locks an executable file that is in-use is that it uses it as a kind of mini-swap file. If you need to swap part of that binary's code out to disk, windows doesn't - it just forgets it. If it needs that code back in memory, it reads it directly from the file on disk.
All modern Unix-type systems, including Linux, do the same thing. Yes, that means you can have a situation where:
What happens? Nothing much. It works just fine. How? Because when I said the program was "deleted" in step three, I wasn't being precise. What really happened was that the program was "unlinked". That removes the directory entry and makes it so no process can create a new reference to the file. But any running processes already have a reference to the file, and the actual file stays in existence until all references (both filesystem references and process references) to it go away.
This holds true for all files, too, not just executables. For example, it's not uncommon for me to start a download then, while the download is running, decide I don't like where it's being written. No problem. I just move it. As long as I'm not moving it to a different file system, the download process doesn't care, because it isn't writing to "/home/shawn/foo.tar.gz", it's writing to "the file handle referencing inode 274327". It doesn't matter a bit if that inode happens to get relinked into a different part of the file system.
No, there's no excuse for this particular bit of Windows braindamage. The Unix solution is better in every way.
Hogwash (Score:5, Funny)
1) Package the software as spyware.
2) Upload it somewhere on the internet. Anywhere. Doesn't matter where.
3) It will inevitably find its way to all the Windows computers in your office within 20 minutes.
5) Profit!
If you are worried about the wrong people getting your software, add something to the package that detects the identity of the host and have it delete itself if not in your office.
-matthew
Re:Nice to know (Score:5, Funny)
Re:Nice to know (Score:4, Interesting)
Actually, it does. (Score:5, Informative)
Get a copy of Win2K3 on your box. Create a directory that's 3 directories below the root.
Put 200,000 files in that directory (size of each file does not matter).
Now, watch the application that reads and writes files to that directory get slower and slower over time. Until you need to reboot the box.
For an instant problem, open that directory in Explorer. All of your processor speed will be eaten by the "system" process. Even after you close Explorer. Rebooting is the only thing that will clear the problem.
Re:Actually, it does. (Score:5, Interesting)
I've got three antiquated Solaris boxes running older versions of the same software, and taking MORE traffic, that need to be rebooted about once a month.
I've gotta say, the software must be brutal because I've never had a Solaris machine have that many problems. Even so, Windows shows it's true colors as usual. On new hardware, with new software and all the patches, it's much less reliable than much older machines running a better os.
Re:Nice to know (Score:3, Insightful)
Re:Nice to know (Score:3, Funny)
Re:Nice to know (Score:3, Interesting)
68% of what? (Score:4, Insightful)
What the study failed to mention is that 86 per cent of the time to implement was spent convincing the executives and attorneys that using Linux was worth pursuing.
Re:68% of what? (Score:3, Insightful)
That's what you get for actually thinking through what a sane implementation should involve rather than clicking "Install -> OK -> OK -> OK -> OK -> Reboot Now"...
speed (Score:5, Interesting)
yeah, maybe true. But how about maintaining them later, for years, with zero downtime?
Re:speed (Score:5, Funny)
Nah, most IT people would rather have jobs. Windows will keep the administrators going for years to come. Thanks windows, keep up the bad work!
All true (Score:5, Funny)
I can predict Windows will consistantly crash more. Not sure how that is a selling point tho
It is fairly easy to manage, just press reboot every now and then. Ok, they probably have that point.
Claims of security (Score:4, Insightful)
"The data indicated does not seem to indicate drastic security vulnerability improvement for RHEL 4"
I usually don't get pissed off about these Microsoft studies, but this is more than FUD. It's a lie. They compared the security patches for RHEL 3 and 4 over a 2 1/2 month perdiod. RHEL 4 had more. They indicate that selinux did not make RHEL 4 more secure. The point of selinux isn't to lessen the number of security advisories. IT'S ANOTHER FUCKING LAYER OF SECURITY. It's akin to a firewall or antivirus. It's exactly like saying "the month after microsoft released Windows defender, 38 new viruses were detected in the wild. The month before only 30 new viruses were found in the wild. Windows defender seems to have little effect on spyware and viruses." There's no connection. selinux would make it so a vulnerable piece of software would have a harder time being exploited and an even harder time getting total system control. A hole is a hole. Whether or not it is easily exploited or not doesn't matter. It needs to be patched regardless. If sendmail has a buffer overflow that selinux is able to mitigate, sendmail still needs to be patched. Whether or not they will be able to successfully exploit it is another question. It doesn't stop the fact that sendmail has a buff overflow.
You'd think a "professional" security agency would have more sense than that, but aparently not.
k thx get the lies campaign.
Warning: possible incongruity detected! (Score:5, Insightful)
It's all about the criteria. (Score:5, Informative)
In this "study", that step into UnReality begins where all systems are required to stay on the same time-line for upgrades.
This means that what would otherwise be a normal upgrade from SLES 8 to SLES 9 instead becomes a strange mix of back-porting patches from SLES 9 to SLES 8. In other examples, the sysadmins are downloading code from the glibc and mysql sites and applying it to those server WITHOUT TESTING. So, over time, the SLES systems become unstable.
Meanwhile, no non-Microsoft supplied code is applied to the Windows boxes.
Of course, the one who commissions the "study" gets to choose the criteria
Page 25 of their whitepaper. (Score:4, Informative)
The problems start at page 25. Here's the beginning:
Whitepaper location:
http://www.securityinnovation.com/reliability.sht
In other news.... (Score:5, Funny)
It seems to me that (Score:5, Funny)
"In a world without fences and walls, who needs Windows and Gates?"
Predictable, consistent (Score:3, Insightful)
No suprises! (Score:5, Funny)
Well, I'm not suprised - They're probably busy reading slashdot half of the time.
My servers . . . (Score:5, Interesting)
My Websites Hosted on Linux:
Last Reboot: 468 days
Last Reboot: 331 days
Last Reboot: 664 days
Other of My Websites Hosted on Windows:
Last Reboot: 3 days
Last Reboot: 9 days
Last Reboot: 11 days
Customers wanting to switch from Windows to Linux: 3
99.999% Uptime and 50% happy customers: Priceless
CP
Re:My servers . . . (Score:4, Interesting)
Re:My servers . . . (Score:3, Interesting)
I don't have the stats handy, but there have been a tremendous number of "oops!" patches to the, ahem, "stable version" of Linux in the last year. For instance, you may remember 2.6.14, the most recent release? That broke traceroute.
It looks like 2.4 had a patch released today, as well... 2.4.32 has today's date on the tarfile.
I'll bite (Score:3, Informative)
Better than his Windows uptimes, or his Linux uptimes? Even if it's the latter (and I doubt that, see below), all that says is that you never apply updates to Windows. So you never update, yet you have the temerity to question his "fucking" windows admin skills?
As to "orders of magnitudes" h
98% of MSFT Funded Studies Favor MSFT! (Score:5, Funny)
How pathetic is it when the only people who say nice things about you are the people you PAY to say nice things about you? That's like paying people to be your friend.
MSFT has the best friends money can buy.
oh yes... (Score:5, Funny)
They forgot to mention that 67.3% of the windos counterparts did not solve the problem at all because they did not know of a vendor who had the software available, and those were not included in the statistics. Also, 23.1% of the windos projects were ten times over budget. 17.5% of the windos projects were fast, but in violation of on average 7 EULAs and 3 other license agreements. 55% of the Linux projects were slowed down by the requirement that no Free or Open Source software could be used, while 15.8% were limited by the requirement that no non-microsoft software could be employed, and Wine was specifically disallowed. Also, 97.5% of statistics are made up on the spot, including 87.3% of those who are conducted by so-called "independent institutes" for lots of money. Finally, 99.87% of studies paid for by someone surprisingly reveal exactly what the customer asked for.
ARGH! (Score:3, Funny)
I don't get it (Score:5, Informative)
"The study compared two teams of experienced IT administrators running Windows Server 2000 and Novell SUSE Enterprise Linux 8, then monitored their progress as they upgraded to Windows Server 2003 and Novell SUSE Enterprise Linux 9."
But the PDF says:
"Specifically, for the database server role, we considered three configurations; Microsoft SQL Server 2000 on Windows Server 2003, Oracle 10g on Red Hat Enterprise Linux 3 and MySQL on Red Hat Enterprise Linux 3. In order to produce a meaningful comparison of platforms, the systems studied were manually installed and their configurations were verified."
Red Hat Enterprise Linux 3 is the only Linux distribution listed in the PDF. Also the fact that "the systems studied were manually installed" is probably why the upgrade was problematic. If you want your upgrade to be easy, install from the distribution, not manually. I also wonder why they did not test MySQL and Oracle 10g on windows. There are windows versions of these software packages. When you are comparing systems running different software, you are not just doing an OS comparison. You are also comparing the software packages. They might just as well have compared Red Hat Enterprise Linux 3 running Oracle 10g to Windows Server 2003 running Microsoft Access 2003.
Here's the link for the REAL pdf. (Score:4, Informative)
Just click through and don't give them any info. You can still download it.
http://www.securityinnovation.com/reliability.sht
Re:I don't get it (Score:4, Interesting)
Also, I never found any mention the 68% figure quoted in the article. In fact, there is no mention of the subject of upgrading in support of business needs at all; it deals only with deployment/use of a database server. Not to mentioned that the Windows system in the study is Server 2003, not Windows 2000, as is mentioned in the article.
In fact, now that I think about it, they MUST have linked to the wrong .pdf, because the study I read (linked above AND in the original article) have nothing to do with the statsitics quoted. (The link I followed is here [microsoft.com].) Further, the .pdf was written in June 2005, but the article is from November...something is up...
Looking at the Microsoft site, they make no mention of those statistics either in regards to the linked report. Their summary page is here [microsoft.com] and links back to the study the article links to.
In fact, I did several google searches (and MS searches!) to try to find ANY study in the Microsoft whitepapers section that has any mention of upgrading from SUSE Linux 8 to 9, or a mention of "hitting the wall", or a mentioned on Linux taking 68% longer than Windows to upgrade to suit business needs. I found no results. In fact, there was only one result on the entire Microsoft site regarding SUSE Enterprise Linux 9, and it wasn't relevent. Oh, and Vnunet didn't provide a copy of the report as the submitter states...that link goes back to an (incorrect) page at Microsoft.
In short, can I read the study that this article is talking about? I'm curious to see what it says... =)
Maybe its time for a change... (Score:5, Funny)
Comment removed (Score:3, Funny)
Wow, what a pointless stat. (Score:3, Insightful)
And how long maintaining them afterward? How many flaws or deviations did their implementations have? How maintainable were the implementations?
I'm not saying that Windows automatically leads to that type of thing, but saying "hey, the implementation was done faster" is the most meaningless of statistics. I've had experiences where I took longer to implement a solution on the same platform as a competitor, but my solution was more complete, more fault-tolerant, and future changes took about a third as long. Which was the better solution? I suppose that depends on whether fast or good is more important.
This whole thing is a quantitative analysis without any consideration of qualitative differences, making it pointless as a basis for reasonable discussion.
This is why Microsoft gets accused of FUD: instead of comprehensively making their point about where Windows is a better choice than Linux, they produce pointless "flashy" studies like this that provide no real argument.
LOL WINDOWS CRASHES (Score:4, Informative)
C:\Documents and Settings\wysoft>uptime office
\\office has been up for: 121 day(s), 0 hour(s), 39 minute(s), 23 second(s)
Estimate based on last boot record in the event log.
See UPTIME
Bite it.
In summary... (Score:3, Informative)
Windows Server 2003 with SQL Server 2000
Red Hat Enterprise 3 with Oracle 10g
Red Hat Enterprise 3 with MySQL 3.23
They measure two items:
(1) The number of vulnerabilites reported over a period of time and
(2) The average number of days of risk
For each platform they record the number of security advisories reported
for the kernel, libraries and all related applications. These include
all low, medium and high risk reports.
The time period was between March 1 2004 and February 28, 2005, and only
included those vulnerabilities fixed in this period.
Unfortunately, they don't go into the exact details of each advisory.
But here is the summary count:
Windows = 63 (16 Internet Explorer)
RHEL/Oracle = 207 (Linux kernel = 38, Oracle = 30)
RHEL/SQL = 116
They then count the number of days until each security risk (low/medium/high) was fixed.
These get accumulated and then divided by the number of reports filed to give the
average number of days at risk:
Windows = 31.98
RHEL/Oracle = 38.73
RHEL/MySQL = 61.64
Obvious there is a bias here, as they don't explicitly list the security advisories listed,
and this is based entirely on the number of components that are considered to be needed for
each server.
Actually that sounds a little generous... (Score:4, Insightful)
On top of that, the Redhat installation ticked along for four years solid with not a glitch other than an occasional fsck due to a power outage. The Windows installation needed to be fixed and re-installed at least 35 times in that same period of time. And Windows still didn't have all the functionality that the Redhat install did. She ditched Windows once it was no longer a work requirement. She's now my wife and we have several Linux boxes (she's no techie) and one XP box that only I use for the occasional video editing foray. (I've recently rediscovered Cinelerra and will likely be losing the XP box within the next year)
The point here is which would you rather have your admins doing? Spending all their time fixing ailing boxes with multiple occurences of downtime over the years? Or... spending a longer period of time getting it "right" and not having to do much with it due to the LACK of downtime for the box? I think Microsoft loses yet again.
Bad Science (Score:5, Interesting)
- They appear to be more comfortable with Windows than Linux. There is nothing wrong with that except they do not account for it in the time to complete tasks.
- They compared a Windows box running MS SS against two versions of Red Hat running MySQL and Oracle. That the did not use the same data bases on both OS slants the numbers from the start. Even if they wanted to avoid MySQL, they could have selected an Oracle installation.
- They counted vulnerabilities at the component level. So a shared library that had a vulnerability, but was used by both the installed OS and the database is counted twice. One used by the OS, the GUI, and the database, three times, etc. They state this is fair, but this would automatically penalize a Linux distribution because MS does not get counted twice in any case.
- The Red Hat installations were done manually and minimal installations. They then had problems, and make commentary on the difficulty of the upgrades. I would be very interested in the detail of what they did for the install. This appears to be a self-inflicted wound claiming to be otherwise.
- They make an big deal about what ports are open in the default installation. They comment that MS continues to allow MSUpdate, a good thing, but that Linux left the port for up2date open, a bad thing. Again, as a minimalist install they should have secured the ports, but that is dumb argument regardless. Admins who leave a machine wide open deserved to be fired. Because MS now ships theirs with everything closed is a side effect of the number of complaints about bad admins leaving the server in its out of the box state.
- Days to resolve a vulnerability are dangerous guides. First, a vulnerability has to be reported, then verified. We are dependent upon the vendor (MS, Oracle, etc) to correctly reflect these. However, almost anyone can and does report one for OSS - and that is a good thing.
In general, they speak of vulnerabilities and the ability to respond to business requests. I would like to see the requests they specifically refer to. While 68% sounds like a lot, is it the difference between 12 and 26 seconds? I just cannot see in my day to day activities it taking me more than half again as long to do anything and it is far less to image entire boxes. I wonder if this is a familiarity thing.
It is really time someone from RedHat or SUSE took a study like this and dissected it for a comparison 1:1 with MS. None of this it counts twice or differing databases garbage, a real compare. The top 20 tasks an admin will perform in a year. If we loose at least we know what to focus our energies upon. (What does not kill us, makes us stronger)
Supporting a mixed (Windows/Linux/Solaris) environment, I just do not see a 68% difference anywhere for an experienced admin.
Re:Bad Science (Score:4, Insightful)
This is a huge thing, particularly if you rely upon the vendor to acknowledge the vulnerability. There are a lot of vulnerabilities out there that are known (and sometimes even "in the wild") that the vendor refuses to acknowledge for various reasons. Often they'll finally acknowledge it shortly before (or on the day of) having a patch ready for it -- that way they look like they're "on the ball" to management even if the IT geeks know better. This is not a purely MS problem, nor is it unique to commercial/closed-source software, but it certainly seems more prevelant in closed source than open source.
I just do not see a 68% difference anywhere for an experienced admin.
I think this is what it always boils down to -- familiarity with one platform over another. I certainly know how to do certain things in Unix/Linux better than in Windows, and vica versa. That doesn't necessarily mean that Windows is better than Linux for a certain task -- it merely means that I'm more familiar/comfortable with one than the other. And that is a significant factor to base business (or personal) decisions on.
don't bite the hand that feeds you. (Score:3, Informative)
Acknowledgements
This study and our analysis were funded under a research contract from Microsoft
o_0
My biggest problem with this article. . . (Score:5, Interesting)
End of year fear mongering! (Score:3, Interesting)
does it have to do something about closing next years budget plans in e.g. US companies of a certain size ?
Windows is superior, Linux sucks
Linux took 68 percent longer to implement.... it was more secure, and did not have hours of downtime, and had instant patches, but hey bill send me the check and we don't write about that
Bored of it....
Probably I will be flamed to hell by various windows admins... and maybe they are right, I am more bored of the subject itself than the always biased "facts in them"
It is like 2 kids in the sandbox fighting over who's dad is stronger.....
The sad thing is that companies actually read these, and then make decisions,
One company I was in contact with was pretty open about it: we sell the solution which costs more and the one we can charge more for service costs..... in fact we try to sell Linux + Windows + some proprietary crap, in case they have an admin for some we have a fair chance of billing them for the other
Oooh, I better go back and work, my real point was: are these effecting "end of the year" decisions and does anyone think that is a systematical way to purchase a few more boxed windows cds or servers in the last minute?
One virus outbreak (Score:3, Insightful)
True, but (Score:4, Insightful)
So, the ease is there, but the advantage of flexibility lies with Linux/*NIX. I think this is for both a cultural, as well as a technical reason. Normally, Windows users/admins want something thats easy to get up and running, and they don't have a particular desire for real flexibility.
More patches? More software! (Score:3, Insightful)
Looking at the PDF linked from the original article, which is actually about RHEL3, not SLES, you can see that they start making the right noises about only installing minimal software for a database server, but when you reach the detail near the end on page 41, you find they have GNOME, KDE, Editors, Graphical Internet, Development Tools, etc. selected. The excuse is no doubt that that's what Oracle list in their "deployment guidelines", but so what. If the approach is to try and install a minimal system, in the face of what the vendors may say you can get away with using, then that's what they should do.
Given the funders of the study, I would expect the SLES study to be equally flawed.
Another potayto-potahto issue is that they go with following the severity risk in Mitre etc., but that doesn't mean that that severity is relevant to their database server installation. Something may be high priority on Linux if it allows a local user to become root, but a database server should not have any old users logging in, nevermind running any old application. In fact the whole class of security issues resulting in improper raising of local user privileges is something that Windows has not really begun to tackle yet, due to not really being a very good multi-user system. They've instead been dealing with the far more serious remote exploits.
So can you compare even "high" priority vulnerabilities on Windows and Linux? I think not.
What they say, what they mean (Score:3, Funny)
They say: more consistent --- They mean: you can only do it our way
They say: predictable --- They mean: you don't know if Linux will ever crash
They say: easier to manage --- They mean: you have no control
I worked faster when I was ignorant (Score:5, Insightful)
Of course, the new systems are actually usable, as secure as I can make them, better integrated with the rest of the business environment, and much easier to maintain and expand.
It's easy to do things quickly when you get to skip the planning stage. Ask your stereotypical long-bearded Unix guy to implement web services and you'll be lucky to see the first draft during the same fiscal year - and no amount of pressure will make it happen any faster. Of course, it'll work correctly from the first day and will exceed the total workload of the quick-hack system within the first month, but that doesn't look pretty on this year's financials so a lot of managers aren't interested.
No such thing as 'bad' publicity... (Score:3, Insightful)
In Other News... (Score:5, Funny)
The independent report, paid for by the Ford Motor Company, shows that 67% of GM customers hit walls.
"We feel that this incredibly accurate and indisputable information will demonstrate that GM is inferior, and that the only vehicle anyone with any brains of any kind should buy is a Ford." said Melvin R. Boarshyte, public relations representative.
Since we're playing the anecdotal evidence game... (Score:3, Informative)
File server:
System Availability: 99.9786%
Total Uptime: 316d 14h:11m:34s
Total Downtime: 0d 1h:37m:29s
Total Reboots: 21
Mean Time Between Reboots: 15.08 days
Total Bluescreens: 0
Mail server:
System Availability: 99.9859%
Total Uptime: 319d 15h:45m:56s
Total Downtime: 0d 1h:4m:43s
Total Reboots: 13
Mean Time Between Reboots: 24.59 days
Total Bluescreens: 0
For a small biz, we'll take 99.97/98% uptimes and be DAMN glad about it!
I'm nobody's Windows fan either (OSX is my preferred), but the claims of wild instability need to be taken with a grain of salt, IMHO...
Windows upgrades easier. (Score:3, Insightful)
I upgraded our 3 Debian servers to Sarge "apt-get distro-upgrade" in about 2 hours. With the exception of the mail server we had no significant down time. The mail service was turned off during the upgrade to avoid any errors.
Every one of our WindowsXP machines (no servers) were virtually unusable after the Service pack 2 upgrade for most of a day.
Comparing apples and pears ! (Score:4, Insightful)
On Windows they applied some normal patches; while the 'milestones' on Linux included real heavy stuff: upgrading glibc, upgrading mysql. Plus patches.
When I upgrade mysql and glibc I upgrade from W2K to Server2003; so to say.
Serious upgrading and normal patches cannot be compared.
So, to me, it is and remains FUD.
On purpose they would not use a period including an update from W2K to 2003; or XP. Even less one when you migrate Exchange from 5.5 to 2000 or similar.
They feel the pain and now spend some big money to some Herbert, PhD, to invent a useless situation.
Deception.
[ends]
Slow, steady, open tops fast, buggy & closed. (Score:3, Interesting)
proprietary software comes with a given level of incompatability and constraints as to what you can do with it.
Speed of implimentation of something new doesn't mean the users will adapt it as quick as the implimentor installs it.
On the other end there is the company politics and red tape to get approval to impliment something new and cost considerations of purchase.
On the open software comparison side, the implimentation of something new
There are two completely different methodologies here dealing with the primary subject matter of software.
Microsoft has a reputation of being faster to market because they cut corners in quality to do so.
Open Source Software is in no big rush to get anywhere, but moves forward more so because those involved genuinely want to move it forward, Someone who is getting paid to get something to market fast will not only sacrifice quality but may also get a bit blind as to what people would really want if they were allowed to know better.
There was a time when MS ignored Open Source software such as Linux. Believe it or not. But today, its a historical provable fact that they are not doing that any more. Slow and stead has a stronger and more stable foundation.
On innovation? Maybe that's one of the reasons MS is doing this! Maybe they just want open source software developer to hurry up and innovate something that the great imitatior (not innovator) will imitate but get to mass market sooner....and again claim they did it first...
Someone really should teach MS how to count..... grounded zero comes before 1st level distortion.
Typo in the story (Score:3, Funny)
It's really about Microsoft downplaying the visibility of Linux at the enterprise level. Something which, let's face it, is really bothering them.
Sure It Is (Score:3, Funny)
You KNOW it's going to hose itself, you KNOW it's going to be slow, you KNOW it's going to be insecure, you KNOW it's going to be complicated to manage...
Not much we don't KNOW about Windows.