Ask Slashdot: Why Not Linux For Security? 627
An anonymous reader writes "In Friday's story about IBM's ban on Cloud storage there was much agreement, such as: 'My company deals with financial services. We are not allowed to access Dropbox either.' So why isn't Linux the first choice for all financial services? I don't know any lawyers, financial advisers, banks, etc., that don't use Windows. I switched to Linux in 2005 — I'm well aware that it's not perfect. But the compromises have been so trivial compared to the complete relief from dealing with Windows security failings. Even if we set aside responsibility and liability, business already do spend a lot of money and time on trying to secure Windows, and cleaning up after it. Linux/Unix should already be a first choice for the business world, yet it's barely even known of. It doesn't make sense. Please discuss; this could use some real insight. And let's at least try to make the flames +5 funny."
Wonderful Support... (Score:5, Insightful)
The thing people like a lot of the times is that microsoft offers support, they have it stuck in their head that if you spend money on it, it must be better than a free alternative. Pretty simple really but that's human nature in this day and age, we are programed for it from commercials on tv to radio to Target and Walmart.
Re:Wonderful Support... (Score:5, Interesting)
Well if you want to spend a lot of money on a well-supported enterprise solution, there's still Solaris. And it's not like there's any shortage of commercially-supported Linux enterprise OSes too.
I understand that it's more important to some people to be able to have someone to scream at from outside the company who is contractually obligated to fix your stuff when it breaks. Microsoft offers that, but a million other companies do too.
I think it more often comes down to the simple fact that Microsoft stuff has more mindshare, and thus an easier learning curve for a greater number of employees. It's the standard because it's the standard because it's the standard.
Re: (Score:2, Interesting)
If you think that Solaris is "well supported", you must spend at least half a million a year on it, since Oracle won't even look at anyone who asks about spending less than that on Solaris/Sun hardware these days. Hell, I'd probably get better support running Debian/Sparc than I would trying to get support from Oracle for Solaris...
Re: (Score:3)
The question was: why not Linux for security.
You answer is: MS skills ?
I know businesses don't really care about security, but still finding a good admin with MS skills has to be atleast as hard as finding a Linux admin.
Re: (Score:3)
ZERO Linux apps.
You are using exaggerated rhetoric. It is certainly true that for most areas of business Windows has a huge applications advantage. It is not true it is anywhere near as stark nor as clear cut. There are tons of Unix apps that don't have Windows equivalents. It depends what you do. If you need an application for rapid stock trading with particular brokerages, Windows. If you need an application of cloning DNA, UNIX.
You are also conflating better GUIs (i.e. GIMP vs. Photoshop) with e
Comment removed (Score:4, Interesting)
Re:Wonderful Support... (Score:5, Informative)
The thing people like a lot of the times is that microsoft offers support, they have it stuck in their head that if you spend money on it, it must be better than a free alternative.
I've worked for several Fortune 500 companies. Support has nothing to do with the decision: Exclusionary contracts do. Microsoft offers huge discounts to businesses that agree not to use a competitor's product. They also regularily check for compliance and there are large fines for any company caught using open source software. Management often parrots what Microsoft says to tell the tech workers who question the policy, but if you ask the right people the right questions, you'll find out the company you're working for entered into an exclusive contract with Microsoft, and that was one of the conditions.
Re:Wonderful Support... (Score:5, Insightful)
I've worked for several Fortune 500 companies. Support has nothing to do with the decision: Exclusionary contracts do. Microsoft offers huge discounts to businesses that agree not to use a competitor's product. They also regularily check for compliance and there are large fines for any company caught using open source software.
I have been an employee/contractor at many Fortune 500 companies, and have never seen anything even hinting at a contract with Microsoft involving "large fines for any company caught using open source software". Care to provide any proof of Microsoft contract with any F500 consumer of software that prohibits said F500 from running open source software?
Re:Wonderful Support... (Score:5, Interesting)
Yeah, that kind of caught my eye too. I have had the odd F500 company as a client and they have definitely had open source software running. I would be very surprised if the assertion were true.
However, I have worked with Microsoft partners and have been told that they were obliged by contract not to run software with the GPL license. I was never able to verify if it was actually true, but at 2 of the places I worked with, I was told that. Very different kettle of fish, and it was quite a long time ago. Even if it were true at that time, I doubt that such a thing exists any longer.
Re: (Score:3, Insightful)
I've worked for several Fortune 500 companies. Support has nothing to do with the decision: Exclusionary contracts do. Microsoft offers huge discounts to businesses that agree not to use a competitor's product. They also regularily check for compliance and there are large fines for any company caught using open source software.
I have been an employee/contractor at many Fortune 500 companies, and have never seen anything even hinting at a contract with Microsoft involving "large fines for any company caught using open source software". Care to provide any proof of Microsoft contract with any F500 consumer of software that prohibits said F500 from running open source software?
YHBT YHL HAND.
Seriously though, the poster you're responding to is full of shit. I've been in IT for 25 years and have worked with everything from SMB's to Fortune 10's and have never seen any such thing.
It would be nice if people could state their opinions without resorting to lies and trolling.
Can of worm !! (Score:5, Insightful)
If what you said is true, that corporations signing "exclusionary contracts" with Microsoft getting huge discounts, in exchange for letting Microsoft to come into their daily IT operation to do spot checks for any so-called "violation", that will be a can of worm right there !!
No corporation, and I mean, no self-respecting corporation, whether or not they are in the Fortune list, should allow any outsider to intrude into their internal operation in carrying out spot checks !!
Whoever signed those type of contract with Microsoft, and all their superiors, must bear full responsibility in any loses, whether in financial or in trade secret, incurred during those "spot checks"
Re:Wonderful Support... (Score:5, Interesting)
After 17 years as a IT engineer/architect working for Fortune 500 companies, I'm calling BS on this one. It's simply not true. Microsoft does offer bigger discounts as you purchase more of their product licenses. That is far different though than giving discounts if there is no other vendor's product in your environment.
Re: (Score:3)
Well I have direct first hand experience of a situation where it was not that we "couldn't use open source software", but we had been given massive discounts on tens of thousands of (enterprise server) licenses on the condition that certain key named internal software projects were developed solely on Windows - any attempt to even investigate porting any of these products to a non-Windows platform would breach the contract and thus incur the full cost of all those licenses for the entire license period.
We w
Re:Wonderful Support... (Score:5, Interesting)
Yes, very good bait and it'll be well received thanks to all the anti-MS sentiment here, but, umm, care to back that up with some evidence? I've also worked for some Fortune 500 companies. More to the point I've worked at smaller companies that nonetheless had enormous pull with Microsoft due to what they did (critical infrastructure). At one of those companies I was responsible for a couple of years for working with Microsoft on the licensing true-ups.
I can't even think of a company of that kind of size that wouldn't use a competitor's product in some way. They'd laugh if Microsoft said get rid of Linux or Oracle or whatever, because they couldn't continue doing business. Volume discounts, of course, nothing wrong with that. But banning a company of the size of a Fortune 500 company from using someone else's software?
I once was working with our MS reps on our support contract details and they described what happened in the case of certain types of "system down" calls. At some point it starts copying the status e-mails into Steve Ballmer's inbox. No-one is naive enough to think he's going to pick up the phone, but it sure as hell impresses upon the execs that Microsoft understands how crucial their business really is.
If I had a system down and I escalated it to a high enough severity, even before it got to Ballmer's inbox I'd get a phone call from my technical account manager after a set number of hours asking me if I wanted an emergency response engineer on site. If I said yes, they would go to a pool of the absolute top talent and get whoever was available to my site as quickly as possible. Several hours away? Next flight. Not quick enough? Microsoft would charter a helicopter just to get their expert to me so my system could get up and running. Remember, this was for a very definitely NON-Fortune 500 company.
Their support escalation procedure is world class. They have a rigorous workflow, with extremely well defined escalation times, conditions, and requirements for the Microsoft TAM to fulfill. I've seen it in action. It's surgical. What I've described above doesn't cost millions. It cost that companymore to get support for their RedHat licenses, and that didn't include specialist engineers being flown in by private helicopter if necessary.
That kind of dedication wins out. I've seen Oracle gurus be absolutely stunned by the response to a SQL Server emergency ticket. They have wished out loud they could get that response for an Oracle problem. So has upper management. The company I have in mind runs all their really heavy stuff on Oracle/AIX. They won't consider SQL Server for the truly critical databases. But I have heard them tell Oracle they need to get their act together and be more like Microsoft when there's a top line problem.
That's why Microsoft. Because even the people who complain their stuff is flaky still wish all the other companies had emergency response technical teams that were half as good as Microsoft at getting systems back up and running.
Re:Wonderful Support... (Score:4, Interesting)
I'll echo this sentiment with my personal anecdote:
Working for a large Canadian telecom, preparing to launch a new service, I was reviewing the infrastructure at the behest of my manager after a sysadmin had moved into another role. I discovered, with no more than 2 weeks until this high profile service was to launch, that our clustered SQL instance would behave fine while sitting there or under minimal testing load, but as soon as you piled it on, the system would outright fall over.
Long story short, this led to a 36 hour phone call with Microsoft where I was escalated to SQL engineers and Windows engineers who in turn managed to pull strings at HP to get driver engineers on the phone leading to the discovery that the HBA drivers for our servers were crapping out under said load.
I'm a proponent of Linux, I use it where appropriate, I get support from RedHat on stuff that I need support on, and I generally loathe the generic issues that come along with running Windows. That said, when it comes to "Somebody is going to lose their job if I don't get this fixed" there are few organizations I'd rather have backing me up than Microsoft.
Re: (Score:3)
More than anything, this seemed like a collossal process failure in general. Stuff simply should have been vetted better than that. You should have never been that close to a go-live date with problems like that.
Re:Wonderful Support... (Score:4, Informative)
I think I know the contracts you're talking about.
They're not exclusionary in the way you describe, but IIRC one of the cheaper volume licensing schemes does include language to the effect of: "Count **every PC you own that is capable of running this software**, that's how many licenses you need to purchase if you want to use this cheap licensing scheme".
Suddenly the cost savings from F/OSS software - on the desktop at least - are dead in the water.
Re:Wonderful Support... (Score:5, Interesting)
It is about getting staff to support your business, and the software you need.
If you have a Linux shop, you need to find people with Linux experience to keep your company going. These people with Linux experience also know Windows. However you need to find people who know Linux well enough as there is a gap in skills between very basic user, and administrator. For windows you can hire most any tech at any price range you need. You need a $10.00 per hour kid to make sure the disk doesn't get too full and install software, you can find some one. You need a $50.00 per hour skilled admin who will operates complex networks and mass storage you can find them too.
Next is software. You don't work in a vacuume your software will need to work with vendors and customers. That software you need for your business might have a Linux port, but there is always a windows version. You call for support you say Linux they say sorry you are on your one.
The issue of hardware. Your Linux experience is based on the hardware you get. Get the wrong hardware it runs like crap, get the right hardware, Linux runs like a champ. Companies like Dell that sells systems preloaded with Linux are risky because the don't really give you a good compatible system. You need to spec out each component. Windows has the drivers and they work. Thus getting a Windows system much more reliable.
Often the cost of a system with or without a windows license is verry small, get the license you can always go to Linux in the future. When you are in the future, you have a windows infrastructure that is too costly to change.
Re:Wonderful Support... (Score:4, Insightful)
2) 90% of banking software on the front-end (tellers, etc) is accessed via a web browser. 90% of the backend stuff is already java or linux powered.
3) When you buy 1000 machines for a large business, you get a few for testing ahead of time no matter WHAT operating system you plan to run.
4) When a large business buys computers, they don't come with windows licenses. They buy blank machines and get a site license.
Re: (Score:3)
4) When a large business buys computers, they don't come with windows licenses. They buy blank machines and get a site license.
Not true. The Windows "site license" is an upgrade to the OEM copy of Windows installed on the PC. It cannot be used on bare metal. What businesses do is buy the cheapest possible Windows license with the PC and then image over it with the desired version. (Or get the OEM to ship the image preinstalled for a few extra bucks.)
Re: (Score:3)
Hiring cheap staff is an absolute false economy, someone cheap might be able to get a windows network limping along, but it will be horrendously insecure and unstable, not to mention that you will need considerably more of these cheap staff just to handle the day to day tasks.
These cheap staff could also get a linux network limping along, it would still be more secure and stable than windows but still not great, the only difference is that these cheap staff probably dont have the confidence to claim linux e
Fine, I'll bite (Score:5, Interesting)
Re: (Score:3, Insightful)
Additionally, Linux distribution security generally isn't much better than modern Windows. Even small to medium packages tend to pull in everything but the kitchen sink. Of course, if you stick to packages in Linux, you at least have only one update mechanism.
Re:Fine, I'll bite (Score:5, Informative)
Additionally, Linux distribution security generally isn't much better than modern Windows.
Marketing efforts aside, reality disagrees.
The share of Windows malware increased to 99.6%. Classic Windows program files dropped 0.3% proportionately, but the increase in .NET programs compensated for this
loss.
In the first half of 2011, the lion share of malware was once again written for Windows systems.
Only one in two hundred and fifty malware programs is not a Windows program file. The proportion of classic Windows program files (Win32) continues to drop. However, .NET programs (MSIL) compensate for this loss of 0.3% and the overall share of Windows malware programs is on the rise.
1 Win32 1.218.138 97,8 %
2 MSIL 21.736 1,7 %
3 WebScripts 3.123 0,3 %
4 Scripts 832 0,1 %
5 Mobile 803 0,1 %
6 Java 313
7 *ix 233
8 NSIS 131
http://www.gdatasoftware.co.uk/uploads/media/G_Data_MalwareReport_H1_2011_EN.pdf [gdatasoftware.co.uk]
Note that the 6% of Apple Macs infested are included in that "*ix 233" figure.
Re: (Score:3)
I don't follow. So more malware is written for windows? Hasn't that always been the case?
Re:Fine, I'll bite (Score:5, Insightful)
If many businesses switched to *nix on the destop it would become more popular and more malware would be written for it.
There's no evidence for that at all, in fact, there are now close to a million Android devices activated per day, more than there are Windows licenses sold. Despite that, Windows malware outnumbers Android malware by a couple of orders of magnitude.
And despite all the hype, the rate of increase of Android malware is low, again much lower than .NET malware.
Re:Fine, I'll bite (Score:4, Interesting)
Not just that. Look at the number of iOS malware, vs Android malware. If iOS is as popular as people seem to think, shouldn't it have a proportionate number of malware compared with the number of Androids?
Re: (Score:3)
You can add whatever you want to your own copy of a Linux based product, but adding it to someone else's copy is a different matter entirely. How successful you are depends on the security of the chosen distribution channel and package management. That comes down to implementation. Apple implemented this well, and google have not. Simple as that. It has very little to do with the underlying technology.
Re:Fine, I'll bite (Score:5, Insightful)
Do a lot of on-line banking on your Android phone, do you? Or have a nice, high bandwidth connection you could saturate to support a DDoS attack on someone who didn't pay their protection money? Or store any juicy company data that could be handy for not-quite-insider trading?
There have been security vulnerabilities found in just about every major piece of networking/server software on Linux. There is no doubt about this, because most of those packages are open source, and the fixes are a matter of public record. If there was money in writing Linux malware, there have been plenty of weaknesses to exploit, just like on Windows (or any other major platform).
But serious malware today isn't written by script kiddies any more. It's essentially organised crime, and it follows the money. If you think that wouldn't lead it right to Linux if that became the dominant desktop OS, or that being primarily open source makes the Linux ecosystem magically immune to the kinds of security bugs that make it into code written by highly skilled and experienced professionals working for the best funded software companies in the world, then I've got a few friends in Nigeria who would like your help with some financial transactions.
Re:Fine, I'll bite (Score:5, Informative)
Do a lot of on-line banking on your Android phone, do you?
Yes, my bank provides an app to do that.
Or have a nice, high bandwidth connection you could saturate to support a DDoS attack on someone who didn't pay their protection money?
Yes, wifi, same as my laptop.
Or store any juicy company data that could be handy for not-quite-insider trading?
Yes, my company has a BYOD policy.
Re:Fine, I'll bite (Score:5, Interesting)
Do a lot of on-line banking on your Android phone, do you? Or have a nice, high bandwidth connection you could saturate to support a DDoS attack on someone who didn't pay their protection money? Or store any juicy company data that could be handy for not-quite-insider trading?
As ozmanjsri said, yes to all these things. My 4g connection is definitely faster than my home broadband.
There have been security vulnerabilities found in just about every major piece of networking/server software on Linux. There is no doubt about this, because most of those packages are open source, and the fixes are a matter of public record. If there was money in writing Linux malware, there have been plenty of weaknesses to exploit, just like on Windows (or any other major platform).
There have been security vulnerabilities found in every piece of networking/server software, Period. The trick is that on Windows, even Microsoft is often not notified of these for months after their discovery by the black hats, and it has been sometimes two years for a fix. You as a consumer may NEVER know about them.
But serious malware today isn't written by script kiddies any more. It's essentially organised crime, and it follows the money. If you think that wouldn't lead it right to Linux if that became the dominant desktop OS, or that being primarily open source makes the Linux ecosystem magically immune to the kinds of security bugs that make it into code written by highly skilled and experienced professionals working for the best funded software companies in the world, then I've got a few friends in Nigeria who would like your help with some financial transactions.
the U.S. Army is “the” single largest install base for Red Hat Linux. Industrial Commercial Bank of China runs Linux at all 20,000 of its locations. The Chicago Mercantile Exchange employs an all-Linux computing infrastructure and has used it to process over a quadrillion dollars worth of financial transactions. No money in Linux malware? Pshaw.
But no, Linux doesn't make you magically immune. It simply has a more mature and advanced security model, better tools for detecting and stopping intrusions, and the ability for a motivated firm to make any security modifications needed on their own schedule.
Re: (Score:3)
And how, exactly, is this different to the situation with Linux? There is no guarantee that someone will report a vulnerability to the maintainers of, say, a Linux distro, any more than that someone will report one to Microsoft. And what Linux distribution or major infrastrucuture project still runs an open access security mailing list today, with guaranteed full and immediate disclosure of all reported vulnerabilities?
Ultimately, unless you personally are directly involved with the security and maintenance of every major Linux project you use, you're still trusting other people to be honest in their disclosure and prompt with fixing security issues.
You're looking for guarantees while I'm talking about options. If you, as a security professional, are concerned about the code, you can scrutinize it. Windows doesn't give you this option. There's no guarantee of disclosure but probability suggests that with greater access to the code will come greater disclosure.
Yes, because obviously the people who are responsible for systems processing a quadrillion dollars of financial transactions just throw a quick Debian CD in the drive to set it up. I don't suppose they're taking any extra steps to audit or secure their systems beyond what a typical home user running Windows for Facebook and gaming would do. Hell, you could probably just walk right into their data centre and remove a hard drive while no-one's looking, and then take it home to look through the files in your own time.
It's ridiculous to assume that when we're talking about securing an office computing environment that we're not allowing for extra steps of auditing and securing in the process. The question is
Re:Fine, I'll bite (Score:5, Interesting)
This is the part where I suggest you read this interview with a guy who wrote malware: http://philosecurity.org/2009/01/12/interview-with-an-adware-author [philosecurity.org]
The majority of malware is written for Windows for two, simultaneous reasons: most people run Windows, and it's an easy target. It's both at the same time.
Running some form of GNU/Linux distro doesn't magically absolve you from security issues, but it's a decent first step.
Re:Fine, I'll bite (Score:5, Informative)
it's remote exploits of one of the services that are installed, by default, to be accessible from the Internet.
Why worry about defaults?
If you're choosing Linux for security, you can already choose one of the security-enhanced distros like SELinux (if you trust the NSA) or Ubuntu Privacy Remix https://www.privacy-cd.org/ [privacy-cd.org], or LPS http://www.spi.dod.mil/lipose.htm [dod.mil], or Fortress Linux http://www.fortresslinux.org/ [fortresslinux.org] etc etc etc. Or just roll your own with your favorite distro and GRSec installed http://grsecurity.net/ [grsecurity.net].
All of these are a (free) download away. It's not like it's difficult to secure Linux if you choose to.
That's why all this bullshit about Linux being as insecure as Windows, but less popular is just FUD. If Linux IS ever threatened the same way, the FOSS community is ready and has the tools to respond. Linux users won't have to wait for a vendor to reluctantly spend the money to ramp up a security team. They'll just benefit when it's needed.
Re:Fine, I'll bite (Score:5, Insightful)
Re: (Score:3, Insightful)
Even small to medium packages tend to pull in everything but the kitchen sink.
Well, if you're going to install something that requires KDE and you don't have KDE installed, be prepared to wind up installing KDE. But then if you are suddenly surprised that you are downloading KDE, it's *your* fault for not looking at the depends in the first place. It's not like this stuff is hidden away.
There *is* a problem with "Recommend" abuse. But then you can just turn off "treat recs as depends" and be done with i
Re:Fine, I'll bite (Score:4, Informative)
Re:Fine, I'll bite (Score:4, Insightful)
Linux is at its lowest point in a very long time in terms of look-and-feel, polish, and usability in comparison to its commercial competitors. A lot of Linux users don't care about such things, and that's why desktop Linux never took off. ... Meanwhile Win7 is polished and works well.
While I'd agree with that regarding GNOME 3 and Unity, I don't think that applies to all Linux desktop environments -- it's very easy in KDE 4 to pick and use a theme that very closely mimics Win7 or OS X, just with more customization options if you want them. KDE 4's main visual failing point IMHO is that there's a severe lack of diversity in the themes compared to GNOME 2 or KDE 3, as nearly everything looks to some degree like a variant of Windows or OS X.
The main reason I see Linux forever failing to capture the desktop market is that the application & environment/theme developers, being unpaid, have zero incentive to care what the users want. The result is desktop environments & applications that may suit the devs perfectly well, but from many users' points of view are clunky, missing features, or bloated with features they'll never use. It's the devs' right, of course, but that doesn't keep the end-result from being that Linux can't manage to gain a respectable percentage of desktop marketshare.
Re:Fine, I'll bite (Score:5, Insightful)
The biggest advantage to Linux security is that it is far far easier to tell what is running, why it's running, and how it is configured, not to mention what ports are open and by whom.
Yes, in the hands of a newb user, both Linux and Windows can be insecure. That said, the training needed to lock down a Linux system is much more accessible and implementable. To properly lock down a Windows box you either need expensive third party tools or a Doctorate in "Making Microsoft do what I say despite what it wants".
Re:Fine, I'll bite (Score:4, Insightful)
The biggest advantage to Linux security is that it is far far easier to tell what is running, why it's running, and how it is configured, not to mention what ports are open and by whom.
Yes, in the hands of a newb user, both Linux and Windows can be insecure. That said, the training needed to lock down a Linux system is much more accessible and implementable. To properly lock down a Windows box you either need expensive third party tools or a Doctorate in "Making Microsoft do what I say despite what it wants".
This is one thing I love about Linux and *nix in general. If something goes wrong, it happened for a reason. It is not a random event. That means I can actually find out not just what failed, but *why* it failed. When I fix it, it stays fixed.
It's more like the deterministic behavior one would expect from a machine.
Re:Fine, I'll bite (Score:5, Funny)
"A system error has occurred."
"The service terminated unexpectedly."
"Please contact your network administrator."
Linux failures leave me checking log and config files.
Windows failures leave me tearing my hair and screaming "I *am* the administrator! Tell me what the bloody problem is!!!!!" at the screen.
Re: (Score:3)
Re: (Score:3)
They don't tell you where or what. You don't even get the process ID of the stuff that's logging the error.
You do get the process ID, accompanied by a bunch of other stuff (such as vendor error codes, the binary path, etc).
You can't even easily sort by date then by error type - sorting by error ID causes the date sort to no longer be in order. So what's the frigging point of the stupid fancy log UI?
But you can easily discard non-relevant information, or create a custom view for a given error ID. And the available info isn't limited by default to 7 days. And you can export the available info to XML (granted, not as easy to work as textfiles).
That crappy attitude to useless logs goes all the way up to the app level with useless messages like "Object reference not set to an instance of an object."
And in other systems, this is different how? How more helpful are messages about segfaults before a core dump? And if you _do_ have debug information
Re: (Score:3)
What's the process ID of the nfssvr in this Windows Server 2008 log: http://technet.microsoft.com/en-us/library/cc731909(v=ws.10).aspx [microsoft.com]
Or this log: http://www.petri.co.il/images/ie7_on_ex2003_1.gif [petri.co.il]
In Windows XP, I do not see any process ID either:
(The following are all real errors in my event viewer)
Example error #1:
Event Type: Error
Event Source: Application Error
Event Category: (100)
Event ID: 1000
Date: 5/26/2012
Time: 2:35:31 AM
User: N/A
Computer: CORE
Description:
Faulting a
Re: (Score:3)
It's tremendously rare that I need to use all that in one go - the right tool for the right job, and all that. (The Linux proponents are always touting choice, right?)
I once had an issue with something on OpenBSD that appeared to be running into filesystem permission issues. I was trying to figure out which file it wasn't able to read. To track it down, I wanted to watch filesystem activity in real-time. I'm not a dyed-in-the-wool OpenBSD expert, so I asked our guy who is, and he had no elegant way to do th
Re:Fine, I'll bite (Score:5, Interesting)
Funny, where I work we still use XP which is still the same rotting mess it was 10 years ago, the only difference is that it is wrapped in so much duct tape and so much time, effort and expense has been invested in it that the infosec people treat Linux and OSX as the same steaming pile of shit and it is really hard to break them free of it.
Re: (Score:3)
So I work in the financial services I would not use drop box - and not because it is a bad product.
First, people will have access to material insider information, SS#, etc. You have to have positive proof that this information is under your control and that it can not be leaked to 3rd parties. There is simple too much room for mischief with a rouge employee uploading data and selling it to the competitors.
Second, I have to keep all information between 3 to 7 years. Once again, there has to be positive contr
upper management (Score:4, Funny)
Simple, because upper management always wants more windows.
been done before (Score:5, Insightful)
This has been discussed ad nauseum here over the last decade.
One big reason why things are the way they are, is that corporate types want somebody to blame when things go pear-shaped. There's not many linux companies of enough size to handle that. Just RedHat and SuSe.
Another reason is yes, the apps. The simply *must* have MS Access and integration with the whole Office suite. Anything that doesn't have this is likely a non-starter.
Re:been done before (Score:5, Interesting)
> corporate types want somebody to blame when things go pear-shaped
I think that's part of it, but an even bigger part is just sheer inertia. Budgets are tight, the economy is still struggling, and even though Windows costs a little more, a lot of PHB's figure they'll just hire people who know how to use Office and Outlook and be done with it.
BUT ... and here's the real reason I popped in here; I've been dying to say this for some time now. :)
I think this is changing. Our own company, as recently as three years ago, was still buying standard laptops with Windows and Office pre-installed. We are now migrating over to iPads and Android tablets. The privacy issues concern us somewhat, but I think this is going to increase in the future. People are willing to learn new "apps" to replace what they used under Windows, too.
I think Microsoft had better be very, very worried about this trend. Years ago, most people who bought computers demanded Windows on it. Nowadays, people buying pads and tablets and they are perfectly willing to use something other than Windows. Most significantly, when someone introduces a smart phone or tablet with Windows on it, the marketplace is saying, "ho, hum."
Especially among younger users, Windows is viewed as, "like, SO 1990." :)
Re:been done before (Score:4, Insightful)
Hmm, well then they better not have too close a look at any of MS or Apple's EULAs. They're all "no indemnification" and all that. Good luck suing MS or Apple, or even getting a response unless you already paid out the ass for a support contract.
The simple fact of the matter is that when it comes to big companies and technology, the ones making the "corporate" decisions are blithering idiots. Think about it: where are the smartest people you know working? Either they are actually getting (fun) shit done (eg, engineers solving problems), or they are in charge of their own startups (and how many startups go with MS?). Also, as someone else mentioned, there are some other large factors known as "mindshare" (why do you think MS gives deep discounts to college students) and bribes. If there were any justice in this world, MS would have gone out of business ten years ago due to everyone seeing through their BS. The depressing reality is that PT Barnum was right (and even that is a good example of mass ignorance: Barnum didn't say that, his opponent Hull did).
Re:been done before (Score:4, Insightful)
corporate types want somebody to blame when things go pear-shaped. There's not many linux companies of enough size to handle that. Just RedHat and SuSe.
The irony here is that you complain there are just two Linux vendors that are big enough to provide such support.
While there is just one Windows vendor.
Usability (Score:5, Interesting)
If you've got things to do, learning how to operate a Linux system is low on the priorities. If people start finding hiccups because of the differences between Linux and Windows they'll rapidly complain to tech. support, who will soon fold under the pressure of people not being able to meet their commitments due to not understanding their workstations.
Linux isn't the top dog because it's 'more secure' than Windows, it's not the top dog because it's not as well known as Windows. I see more people using Mac in the workplace now, and with the popularity spike in BYOD I would suggest that if Linux were to become more user friendly, Linux would be slowly be adopted anyway.
We should remember that >60% of servers run Linux, versus Windows.
To use the bad car analogy... (Score:2)
This is like saying: Some companies have prevented their drivers from parking their cars in the bad part of town (i.e. the cloud). These guys all drive Fords, but I drive a Chevy. So why not leave my Chevy in the bad part of town instead!
Oh wait...
I'm pretty sure DropBox runs its servers on Linux, but that's completely beside the point. Guess what's more secure? A fileserver that you own and physcially control that happens to be running Windows that's properly configured with strong ACLs and sits behind
Must we ...? (Score:2, Insightful)
Must we really re-hash windows vs linux? Must we?
Fear of Backdoors? (Score:5, Insightful)
If I were a too busy to be bothered executive, my high level opinion of the hobbyist operating system would be that it's bound to be full of backdoors put in by the coders. What's worse, is when those backdoors cause my golden parachute producing institution serious financial harm, there's nobody to sue. At least if Microsoft were to do something dastardly, there's a few billion in assets to get the lawyers worked up over.
Here are a few reasons (Score:2)
Enterprise management capabilities, genuine software (Office, in particular) as opposed to "compatible" or "capable" software, familiarity, upper management, vendor packages that require MS servers, and relative lack of people that can "fix things" along with their regular responsibilities, are just a few reasons why.
Re: (Score:2)
Having an application like Office is completely irrelevant to a security infrastructure.
Security Space and W3Tech's's latest surveys came up with a > 60% market share for Linux servers. I imagine the people to support it are equally available.
That of course doesn't mean squat when it comes to security. Great security means one thing - having great people managing and implementing security.
One reason (Score:2)
I see what you did there. (Score:2)
such as: 'My company deals with financial services. We are not allowed to access Dropbox either.' So why isn't Linux the first choice for all financial services?
Wait, what? What does one have to do with the other?
To answer the question - based on my own time served working in the financial industry - it comes down to support. They want the security of the big-time support contracts. Sure, there is Red Hat and others - but frankly, Red Hat's marketing machine isn't nearly as good as Microsoft's.
That being said: we upgraded to Windows 2000 on employee desktops from OS/2 Warp. At that time, enterprise Linux didn't have the same maturity that it does now. By the time
Few reasons (Score:5, Insightful)
1) Trying to run away from good security practice by going to something you perceive to be less targeted or better able to save you from yourself isn't a good idea. Hate to break it to you but really Windows itself is pretty good security wise these days. If you are having trouble the question to be asking yourself is what is wrong with the way things are set up. To me it is like having your house robbed and moving to a new neighbourhood, rather than locking your door at night. We run a mixed environment at work, and we don't have many Windows security issues, despite it being our big OS. Reason is we have a good security setup that provides defense in depth. We have real proactive security, not ostrich security.
2) Because often the products businesses need aren't available for Linux. People will point to half-assed alternatives because said half-assed alternatives are the best they can find. "Just write your own," is completely unfeasible to many companies, and uneconomical to others. If you'd save $X in terms of security issues and licensing but spend $X*10 to develop and support your software that does what you need, it isn't a good move.
3) Because Linux doesn't always, maybe even not usually, have a lower TCO. In our environment it requires a hell of a lot more fiddling than Windows to make it work. Our Linux lead spends a lot of time hacking around with things to make them work right, and dealing with customized setups (which we do a lot of being a research university) is a pain. I spend way less time fiddling to make Windows work, and not because I'm smarter to better than him. He's damn good. It just seems to be more trouble to get Linux to do what we need, the enterprise support tools aren't as robust.
Remember that security is only one facet of cost, and also remember Linux doesn't provide perfect security. You can argue if it is better or not, though many of the better arguments are just arguments of less targeting. Things like malware that the user has to download and run, an OS can provide no defense against that short of trusted computing or the like.
So you have to look at what it would cost and save in total.
Also as I said, really security talk needs to be about defense in depth and how to prevent problems, not about trying to run away from them. Security failures WILL happen, anyone who's done physical security know there's no such thing as a perfect defense, everything is fallible, and you have to have layers and you have to monitor and adapt to maintain good security.
I would rank a place high security that runs Windows but does things like: Have regular users run deprivileged and not hand out admin accounts. Have a good, but sensible password policy and use two factor authentication. Have all systems patched regularly and quickly and monitored. Run a host based firewall on all systems. Run an on access and on download virus scanner on all systems, centrally monitored. Run a network based firewall and IDS, maybe even more than one. Segments servers from workstations and only allows the access needed. Proactively monitors for problems. And so on.
I would rank a place low security if they just run Linux, give local users sudo, and say "Have fun, Linux is safe!"
Linux could potentially help with security, that would need to be evaluated by someone competent case-by-case. Linux does not give good security, it is layers and a process, not a magic bullet.
iPhones also banned at IBM over Siri worries (Score:2)
It's stories like this that make me wonder why IBM isn't laying off people instead of HP. (Truth: HP wouldn't need to lay off so many people if they could tell people how to swap the crappy batter on the HP Touchpad. Then again, Meg Whitman is Carily Fiorina 2.0 now with Romney cues.)
But IBM has has also rejected allowing anyone from using an iPhone at office meetings over concerns that Siri may be spying on the company.
Also, remember a few years back how IBM was so eager for businesses to switch to Linux
Maybe they are (Score:2)
some claim [highbeam.com] (I'm not about to pay to read the article) that Linux is being used more. ISTR something about Solaris being taken up more in banking too, but that was long ago, before the Oracle buyout. Nobody with half a fucking brain is even considering putting Sun equipment into their infrastructure if they don't already have some.
Problem is the user, not the OS (Score:5, Interesting)
At least at the level of "business desktop", I believe "user stupidity" is a far bigger threat than "insecure operating system". Yeah, for a ___ server, or firewall, or really any sort of system managed by trained, competent people, the OS or applications may indeed be the bigger risk, but on the desktop? All it means is that instead of attaching bank_of_nigeria__withdrawal_forms.pdf.bat, they'll attach bank_of_nigeria__withdrawal_forms.pdf.pl when running a scam.
Linux is not a magic security bullet - such a thing simply does not exist. No OS is unbreakable. My company found that out ourselves, when we discovered just how completely '0wn3d' a particular clients' Linux servers were - let's just say the guy who configured them is now fleeing the *country* to escape the gross negligence and breach-of-contract lawsuits (when your job description is "keep these servers up-to-date and secure", and they're still running a version of Debian from '02 and participating in Anonymous DDoS attacks, you've failed).
Windows also, I have to admit, has gotten much better at security compared to the 95/98 days, or even the XP SP0 days. Linux still has a security lead, but that lead is now orders of magnitude smaller (especially since Linux, at least for certain distros, seems to be trading security for usability).
Your premise is wrong. (Score:5, Insightful)
Unix is actually very popular where security is a concern. Most of the internet runs on some variety of Unix.
Same in business.
But the reasons it's not even more widespread are:
a) Management and HR are clueless, and so they implement the wrong policies and hire the wrong people.
b) Microsoft spends a lot of money on getting people hooked on their technologies, including getting most universities to teach their crap, so many sysadmins are clueless regarding anything outside Microsoft.
c) CTOs get bribed. Those bribes determine what technology they buy. The FSF doesn't have much money to waste on bribes, but many corporations do.
...Cuz Windows... (Score:5, Insightful)
Re: (Score:2)
Re: (Score:3)
Actually no, that's exactly it. The author's friend was quite disturbed about the idea of fixing his expensive bimmer with a bit of beer can:
At least for IBM... (Score:5, Interesting)
Home users are basically helpless cattle; but they are also low value targets. If a drive-by download or a trivial trojan can't land some malware, they are safe. If it can, they are helpless.
Your enterprise, on the other hand, likely has the desktops locked down good and hard, firewall and IDS and people paid to care. However, they are a high value target. It is plausible, indeed quite likely, that they are getting actual human attention, from actually competent attackers, customized payloads, possibly even the honor of having one or more zero-days used against them. They are also much more likely to be running complex, web-facing applications, where the security may not rely on the underlying OS that much at all(how many sites have been exploited purely through more-or-less OS agnostic attacks on their CMS?)
In this scenario, it isn't entirely clear how much better Linux is than Windows(and, also, it isn't necessarily the case that the desktop OS matters nearly as much as the competence and vigilance of the chaps watching the network for funny business).
Applications (Score:4, Interesting)
People use computers to run applications. The operating system should be chosen to support the applications they need, not the other way around.
Business already has too many problems with Mac fanatics insisting on using Apple products. The main issue is they demand the computer/OS *before* seeing if any of the applications used at the office are supported. Ass backwards.
However, the question in the article was a non-sequitur. The use of cloud services has absolutely nothing to do with operating system of choice. It has to do with losing control of data.
Case in point, IBM didn't say "You can't use Dropbox on Windows", they said "You can't use Dropbox". Yes, there is a Linux client for Dropbox.
As for the Lawyers . . . (Score:2, Informative)
I can't speak for the financial advisors and banks, but for the lawyers, it is inertia. In 2000, when I graduated from law school, the firm I worked at still used Word Perfect 5.1 on Windows 97. They were convinced in 2001, to upgrade to Windows 2000. Even then they ran Word Perfect in a DOS box. They kept this for two reasons. The first was they didn't want to retrain their legal secretaries. Document formatting is very important and intensive in legal briefs, so you need to know the word processor i
Why not Linux for security? (Score:3)
Because of OpenBSD? :)
Linux isn't more secure (Score:2)
Linux isn't really more secure since the weakest link is always the user. There's nothing inherent in Linux that makes a Linux user less likely than a Windows user to type in his password when he sees a website popup a window that says "Disk Corruption Detected. Please enter your password to automatically fix it".
Even if the linux kernel and root owned files are secure from the user, it doesn't matter since if I want to compromise a user I don't need to write to /bin/*, I just need to write to his ~/.profil
Re:Linux isn't more secure (Score:4, Informative)
Linux is really more secure. Here's why.
You as a normal windows user by default have sufficient rights to modify or delete files in the OS.
Not true in Linux.
When you install an application in windows it ususaly drops files all over everywhere, adds stuff the the registry etc. so ususally extends the operating system itself. There is no partitioning.
Again, not true in Linux.
Re: (Score:3)
You as a normal windows user by default have sufficient rights to modify or delete files in the OS.
Not true for Windows. Since the very first version of Windows/NT regular users never had rights to modify or delete OS files. That was a Windows 9x problem. The problem with desktop versions of Windows (for home users) was that the *default account* was an *administrator* account - not a "normal windows user" as per your claim.
In the context of this discussion you have to consider Windows deployed in *enterprise* settings. In enterprises users log on with normal user accounts and *do not* hold rights to cha
These questions have a flavor (Score:3)
and the flavor is "Why not Zoidberg?"
They do use Linux. (Score:5, Informative)
I've worked for some of the largest banks in the world, and:
1.) They use craploads of Linux.
2.) They're going to stop using Windows.
3.) They'll never use dropbox.
Detail:
1.) They use craploads of Linux.
Just about every bank has declared Linux to be the future for application services, with a few exceptions for specific applications. Accounting will stay mainframe for a very long time, Collaboration will remain MSExchange for a very long time, Sharepoint probably as well, and rinky-dink one-off applications may still run only on Windows servers, but only if those apps come from software shops built by math/business/commerce geeks (algo stuff, etc.). Most databases, report generation, records keeping, document management, webbanking backends, and other banking stuff will continue their current trend of UNIX-to-Linux. Some banks are 20% along their UNIX-to-Linux projects, some are at 80%, but I don't know any that aren't on that road.
I think you were talking about desktops, though, not the datacenters and server farms. That's a very superficial way to look at banking computing. Banks do not use Windows machines to do banking, they use Windows machines as desktops for running Exchange, and Office, and banks are thrilled that they can *also* use those same pieces of hardware as dumbterms for people to SSH/Telnet to some banking applications and also access the newer applications through the browser. But, if it wasn't for Exchange and Office, they wouldn't use Windows, they'd use Linux thin clients. I actually know one bank that's trying to migrate people to Google Apps for just this reason, but it's really hard, because bankers really do love office/exchange.
2.) They're going to stop using Windows.
But they're not going to go to Linux. The banks are all calling it "BYOD" for "Bring Your Own Device." Bankers really, really, really want to use Mac desktops and iPads and Android phones and ditch Windows -- but there's no way they'll switch to Linux on the desktop unless that Linux is called Android. So, the banks are currently running well-funded projects to replace all their Windows-desktop-only applications with web-based apps that'll work from any browser, and also throwing lots of money at companies like Good Technology to be able to get iPads and Android Tablets in to the workplace.
Microsoft is trying to use Office360 or WTF it's called so that they can still sell stuff to banks that have ditched Windows on the desktop, but there's going to be lots of turmoil over the next 5-10 years as that progresses. Windows on the desktop in banks is effectively dead already -- I know 3 banks that have decided to stick with XP on the desktop instead of upgrading to Win7 because the Win7 upgrade costs are better spent in moving faster to this better future.
3.) They'll never use dropbox.
Banks are required to log everything, and logging everything you upload to dropbox and everyone that downloads it and all of that crap is so expensive that you should find out what the approved tools are for doing what you want to do. Most banks will allow SFTP/SCP between trusted endpoints if the right people sign the right forms. In my experience, dropbox is only ever requested in banks by someone that wants to break the law and is too stupid to know what law they'd be breaking.
Dropbox blocking is not something IT decided to do, it's something the lawyers required IT to do, and it has nothing to do with "security" in the way that there are "security" differences between operating systems. It has to do with the kind of security you have in the lobby that would ask questions if you started walking out the door with canvas bags that have dollar signs on them. If the banks allowed dropbox, naughty employees would copy documents to home that their daytrader spouses would use for insider trading (seen that more than once).
Head in the sand... (Score:4)
I used to work for a large international organization. Every time I went to Africa, my laptop would get infected (from USB drives passed around at meetings). I finally installed Linux in my work laptop and never had a problem after that. (The USB drives still would get infected but not my laptop... I would just delete the offending files.)
The organization was a pure Microsoft shop and also was plagued by malware inside the headquarters (rumors were that there were foreign governments who wanted information).
Several times they had high level IT security meetings and I strongly made the point that they should move to Linux. This fell on deaf ears and they are still on Windows XP plus all of the Office, Exchange, etc. dross (and still plagued by security problems).
Why is everyone so arrogant about linux? (Score:4, Insightful)
I can give you four good reasons.
1) Excel. Sorry Libreoffice can't compare to someone who has 15 years of experience ( and a masters in finance/ econ/ 10 years of experience at company) making pivot tables and doesn't wish to learn another way of doing things. It's nice when you have a 10 year old formula in excel and can boot up office 2k and it works. Keep in mind a fair share of companies are still on office 2k, for better or worse. You can sit there in your chair and say "well, upgrade", but for a 40 seat license, it can cost 3500 usd, and many companies refuse to pay for it, especially when Office 2k is "good enough".
2) Active directory. Yes, you can control file access via samba. Yes, you can have user control via (one of many) means, but active directory is not (too) difficult, and any 1st year admin should be able to set up simple file access.
3) Standard installs. If I go to CompUSA, Wal-Mart, Best Buy or Target, I can buy a computer or laptop with Windows. Windows is the de facto standard because (for better or worse) that is what is able to be bought at the retail level. I would wager 95% of all computer available through retail channels has windows preinstalled.
4) Support. Microsoft is a Global 100 company. As they used to say 20 years ago... Nobody gets fired for buying IBM. If everyone else is purchasing office, and by default windows, then any issues that you encounter are the same issues that your competitors have. That (in it's own way) levels the playing field. We can all sit here and talk about how great Ernie Ball is for standardizing on Linux, but that is less than 1% of the marketplace. If I have an issue, I have a number to call, and the support I get is from a company that I can pay to get support from that everyone has heard of. Everyone hasn't heard of canonical. Hell, a lot of people have never heard of SAP or Oracle.
I don't know any lawyers... that don't use Windows (Score:3)
I do ;)
In the corporate / work world, I'd have thought that most lawyers use what they are given and, unless the corporate IT policy changes, Windows it probably is. But that's not the choice of the lawyer, in most cases — perhaps it reflects the lawyers that I know, but most of us are employees like any other paid staff member (in some cases, even if called "partner"), and have no real say on the IT or any other office aspects of the environment in which we work.
However, outside the corporate world, I (and quite a lot of others that I know) don't use Windows — for my academic and personal work, I haven't used Windows for years, instead preferring a mix of Linux, FreeBSD and Mac OS, depending on what I'm doing. Perhaps it's reflective of my areas of interest, but many of my legally-qualified friends use Linux either on a netbook for travelling, or else just at home — that may be because I tend to see myself as a legally-qualified geek, and my friends are probably in a similar position.
So, yes, lawyers *do* use platforms other than Windows. Whether law firms do is perhaps a different matter.
Re: (Score:2, Interesting)
because the windoes security guys work for free!
Re:security is a system, not in a product (Score:5, Funny)
2001 called, they want their "get the facts" back....
Re: (Score:2, Insightful)
Why would anyone buy firewalls when we have iptables and as far traffic monitoring, why pay for some custom Snort frontend? Actually that goes for iptables too. I haven't boought a router, firewall, traffic monitor, shaper or spam appliance in well over a decade.
Re: (Score:2)
I've been working as sysadmin for some 7 years now, almost every company using Linux pays redhat licences (support or whatever) and I have never seen someone actually calling redhat for support...
I happyly use debian in all my computers but I people tends to be afraid of
Re: (Score:2, Informative)
Bullshit, do you have anything to back that up with? Appliances to monitor traffic are not just a Linux thing, if you care about it that much, you'll want them for a Windows only network as well. As for firewalls, if you're at all competent, you should be able to set one up for Linux without any particular trouble, for free. Set up the rules once and you probably don't have to fiddle with them again.
And no, people don't work for free, so I'm curious why you're only counting that when it comes to Linux, I do
Re: (Score:2)
These two statements:
> linux isn't secure by itself. you have to configure it to be secure ... make me suspect that you've never actually used a good, modern distribution. To address your latter point (as MightyMartian does elsewhere below), you do NOT have to "buy firewalls and all kinds of appliances," unless you just want to. Our company recently upgraded to Zimbra (the free community build) running on CentOS 6 and
> and you still have to buy firewalls and all kinds of appliances to monitor traffic
Re:Windows = Easy + User Friendly (Score:5, Insightful)
... but it really isn't! If you can manage to find someone with zero experience, Windows does not magically make sense to them.
Re:Windows = Easy + User Friendly (Score:4, Funny)
... but it really isn't! If you can manage to find someone with zero experience, Windows does not magically make sense to them.
We seem to have no problem finding an endless supply of Windows "admins" with zero experience. I don't know why you think that's such a big deal.
Re:Windows = Easy + User Friendly (Score:5, Insightful)
No, windows is not user friendly. It's actually very user antagonistic. It is, however, corporate (particularly *AA) friendly.
Rather than not being user friendly, Linux's problem is it is too user friendly: it's easy to get lost in the choices.
Most windows users want their hand held. Corporations want to use handcuffs. Windows provides the handcuffs.
Re: (Score:2, Flamebait)
The security problems are from everything else you want to run on Linux.
Linux as, a complete platform, ends up just as exploitable as any Windows installation.
Or do you not recall the hacking of Kernel.org and Linux.com?
Linux servers/users are just as likely as Windows users to be running their OS & software without being fully patched.
Seriously are you a registered shrill? so much vague FUD.
While some of what you say is true they are used way out of context to imply things they really don't prove.
So most Linux insecurities are from third party apps* but the only example you provide is a privilege escalation exploit.
*This is still a theoretical argument.
Re: (Score:3)
Re: (Score:3)
As everyone else here is saying if your admin is not up to it then any argument about OS security is irrelevant.
Maybe you aren't reading the same thread as I. Very few people are actually saying that, and it is a shame, because it is the truth.
I don't know the best way to do this but I (no admin training) could get something this working on linux.
Shure you can. On linux or on any other unix operating system. But can you do it in under a minute, or without logging on the machine (suppose it's 7pm and the user already left the building), or that instead of 2 or 3 accounts, you have to enforce 50 or 100 with different schedule requirements? The easy answer is to have your linux desktop authenticate on a Windows Server (or
Re:Office (Score:5, Interesting)
Office, plus things like Visio and MS Project. And I don't care how much someone argues, Dia is nowhere near a good a product to date as Visio. And there is nothing in the Linux world that even compares to MS Project. There are some apps with 'project' in the name that might even look a little like MS Project, but nothing that can compete. ERD tools are another thing. Yes there are a bunch that run on Linux, but even a mid to low price Windows offering like Toad Data Modeller is head and shoulders above anything you can find for Linux. And the multitude of financials software out there runs on Windows not Linux.
Software vendors simply don't want to deal with the GPL if it means there is any chance that they will have to give away the code they spent hundreds of thousands, if not millions of dollars to develop. You will find them occasionally making software that will also run on OSX, but again the license there won't force them to give away anything. And I know there is the LGPL, but it still has GPL in the name which rightly scares the vendors. And with the way some of the more rabid FOSS people are, vendors don't want the worry of a v4 of the GPL and/or something that deletes the LGPL, etc. Unless vendors can be guaranteed to make money on their investment they won't write top level code for Linux, and without top level apps, people won't use it... except for programmers who have made tons of decent apps to work on the platform they code entereprise apps for (not the client apps that the bosses use).
Re: (Score:3, Insightful)
I work in financial services and we are addicted to Microsoft Excel.
I get "relational data" in Excel spreadsheet form from outside vendors all of the time. I can't even get them to send me the data in a flat text file so Excel won't chop off the leading (and necessary) zeros.
It is what everybody knows.Not the way it should be, but that's life.
Dropbox is issue, not just Windows (Score:4, Informative)
The problem with Dropbox isn't just that it exposes Windows insecurities, it's also that it makes it easy to export lots of stuff out of your company, potentially with wimpy passwords, to a storage system which your company doesn't have any control over - Dropbox doesn't even have to tell your company if they've gotten a subpoena or "friendly" FBI request for the material, and with no contract, there's no way to specify data retention limits.
At $DAYJOB, we've got a Dropbox-like service (at least the "upload/download from browser" part of it, not the "glom onto everything" part), because it's useful to have something like that. It goes to our own storage, and has encryption we've got control over, and it keeps the employees from needing to find other ways around the firewall's block on Dropbox uploads.
Re:Because Security is not a priority for Linux (Score:5, Informative)
Re: (Score:3)
I love how a single anecdote gets taken as a representation of the whole and upvoted to 5. Groupthink, gotta love it.
Re: (Score:3)
Re:Because ... (Score:5, Interesting)
My NEARLY COMPUTER ILLITERATE next door neighbour (has trouble remembering how to copy files and use email attachments) who is 75 years old (a retired air force mechanic) who has used MS OS's for over 20 years (I helped him upgrade from DOS and a batch launcher script to Windows), now uses Ubuntu. It took him exactly ONE day with NO ASSISTANCE to learn the UI, and feel at home. Why?! Because he hated Vista, and after he held out for Windows7, and hated it as well, I said: "Before we install an OS that will be unsupported soon (XP), give Linux a try, it's free, so what do we have to lose?" -- Note: He has NEVER had to do anything with the command line, and he was AMAZED at how simple the installer was: "How are we're already running it from just the CD? ... How can this be free? ... Why doesn't Windows have this?" (well, now they do, sort of, but that's beside the point).
I've had people with ZERO experience with Linux borrow my Laptop (running Linux), and get around just fine, waiving me off when I offer assistance... even write a resume using Libre Office, and check out my music collection... I don't want to disrespect my friends, but these are the kind of people who have 37 windows "I'm an AV" viruses and don't know how to burn CDs or run Defrag -- You are deranged, a shill, or just down right mentally retarded if you can't use the OS.
Re: (Score:3)
You really need to work a bit harder than that to push your agenda. No shill cash for you this week!