One year after it surprised rivals and partners by jumping into the anti-virus market, Microsoft still has no clear AV strategy, and users are still hanging on to the promise of integrated Windows protection.
Microsoft’s Anti-Virus Strategy Keeps Users Guessing
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
I know it’s an unpopular opinion around here, but I think that they should build AV software into Longhorn.
That would be the best idea.
You can’t please zealots (and I doubt they care). I hope they make Longhorn the best operating system that money can buy, and that they do it however they need to (within the law of course). I hope it’s great so that it encourages some more innovation from the FLOSS side.
MS should give the users whatever they want. If users want AV integrated, then MS should do it. If users want Windows Media Player integrated then MS should do it. Will Symantec try to sue MS, after it’s integrated, and no one has a need or cares about Symantec?
“MS should give the users whatever they want. If users want AV integrated, then MS should do it. If users want Windows Media Player integrated then MS should do it. Will Symantec try to sue MS, after it’s integrated, and no one has a need or cares about Symantec? ”
that wont work. businesses cannot do whatever they want no matter how many users ask for it. there are laws about how a monopoly can or should integrate products that will undermine competition. every one should play by that rules
Why don’t they just plug the security gap, that allows worms, and trojans to spread. Then Windows could be as secure as any nix. MS could then leave the AV stuff to third parties who would modify there software to work with in the email, and gateway systems stoppng the spread
Why don’t they just plug the security gap, that allows worms, and trojans to spread
You’ve never heard of Windows XP Service Pack 2 apparently.
MS could then leave the AV stuff to third parties
Heh. Microsoft is responsible for the virus situation in the first place (scripting everywhere) and it’s only fitting that they take steps to address their mistakes (and make it free and integrated). The third party AV vendors are bleeding people dry by exploiting a sistuation that should never have come to be in the first place. AV companies are about as high in my book as lawyers and insurance salesmen.
…just build an antivirus api, and build a protection schema that can be implemented and extended by any AV vendor. That way you get AV at the heart of the OS, but no anticompetitive issues as the core engine can be provided by any vendor, all using a common AV core API.
Service Pack 2 is going to make things more confusing. As with Zone Alarm when you turn on the new FireWall everytime an application tries to access the net it will pop up a message and ask you if you want to let it. Now how can a novice user that sees a message like “YPager.exe, do you want to allow this to access the internet” know what are real application and which are the fakes. The worst and most confusing messages are when basic Windows functions like connecting to DNS or the net it’s self pops up messages and you have NOOOOOOOOO clue what the heck is going on. You block it no net, you let it go and you get the net, have no clue what you did and it never asks you to block it again. NOT GOOD.
We all know that if MS puts AV into Windows it won’t work right and you will get more patches for the app then DAT files for the AV. I see it as being a mess. One big mess!
MS does put out some nice apps (At least they BUY then put out some nice apps) but they are never good till the 3rd or 4th Major release. IE was not good till IE 5, Exchange was not good till Exchange 6 (2000), Windows didn’t get good till Windows (NT5) 2000, SQL server didn’t get good till version 7. Office didn’t get good till office 8 (Office 97) came out. That is just standard Microsoft practice. So we know to get it to market will be a half hearted markering gimmic for the first several releases till people complain then Microsoft will make it better, or sell a better version that is not a part of the OS but a plugin .
I know it’s an unpopular opinion around here, but I think that they should build AV software into Longhorn.
What about McAfee, Norton AV and the others who stand to lose $millions? Those companies employ thousands, and it will be painful to lay them off in these days of tough economy. I am sure Microsoft will get sued if those companies are forced out of their livelihood.
“that wont work. businesses cannot do whatever they want no matter how many users ask for it. there are laws about how a monopoly can or should integrate products that will undermine competition. every one should play by that rules”
What competition? LMAO
Microsoft can do what it needs to do to get AV into it’s product. I think they bought RAV because they were threatened by its Linux and Unix products. Personally if they can put an AV into it then good for them, as long as there’s competition for better AV products.
However Windows has to take on the issue of Spyware. Until Windows is fully secured from this menace, I’ll stay with Mac OS X or Linux.
However Windows has to take on the issue of Spyware. Until Windows is fully secured from this menace, I’ll stay with Mac OS X
That’s not an entirely bad idea. In fact, If Mac OS X is doing everything you need it to do right now, why would you ever switch to Windows even if they did catch up to Apple’s offerings?
Why don’t they just plug the security gap, that allows worms, and trojans to spread.
Because the security gap is almost always the user and outside of their control.
Actually the security gap is not out side of Microsofts control. The problem is 2 things.
1. Windows didn’t start as a network OS and didn’t start to look at security till Windows 98 and Windows NT 4.
2. Microsoft knows that the changes they are making will break a ton of applications and cause tons of tech support headaches.
Microsoft is all about the money, they will not do anything they feel will make it harder for people to make crappy, buggy software using their tools like VB. (That is why VB scripting is still in Windows and causes problems everyday like making it easy to install spyware)
In order to make the OS secure Active X and VB scripting really need to go out the windows (So to speak) with a few other things.
They should never depend on the user for security. They should tighten it up and then if you need to open particular pots make those ports active only when an application needs them. Like if you have a game and it uses port 8080 then the game should be able to with your permission tell the OS to open 8080 and when the game is done close 8080. (Or at least block traffic) But with Windows its all or nothing. Open the port or keep it closed. If you really want to play that fancy game you will figure out how to work it.
But I doubt that will happen, make Windows that secure and you will have no other reason to buy the next great update for $300
It doesn’t matter if the port is blocked when there’s no app behind it listening. SP2 has the facility to allow only certain apps to use a port based on user input. Sadly I don’t think it will be all that helpful for home users, though it might be good for corporate types.
Uh… it’s McAfee… don’t you guys read the news
http://www.securitynewsportal.com/cgi-bin/cgi-script/csNews/csNews….
But shhhhhh… they aren’t announcing it until July 1st, when they will also announce layoffs at Network ASSociates.
Oh… and yes they are bleeding after that court settlement FORCED them to give free unlimited software to their users
http://www.securitynewsportal.com/cgi-bin/cgi-script/csNews/csNews….
“As a member of the class, you may receive a free download version of your choice of one of the three McAfee perpetual products: (1) VirusScan version 8, (2) AntiSpyware version 1.0, or (3) QuickClean version 4.01 (collectively “Software”).”
this is ONLY to existing customers. not much of a bleeding here.
1. Windows didn’t start as a network OS and didn’t start to look at security till Windows 98 and Windows NT 4.
Windows NT was a multiuser NOS from the day it was conceived.
DOS based Windows had networking built in to it from Windows for Workgroups, ca. 1992. Of course, it can’t escape the fact it isn’t multiuser, but it’s certainly been “network aware” for a _very_ long time.
Microsoft is all about the money, they will not do anything they feel will make it harder for people to make crappy, buggy software using their tools like VB. (That is why VB scripting is still in Windows and causes problems everyday like making it easy to install spyware)
What about VB scripting makes it easier to install spyware than other scripting tools and standard OS components ?
They should never depend on the user for security.
You cannot eliminate the fact that the user is a *major* part of the security equation.
They should tighten it up and then if you need to open particular pots make those ports active only when an application needs them.
Say, like when the user wants to run something ?
Like if you have a game and it uses port 8080 then the game should be able to with your permission tell the OS to open 8080 and when the game is done close 8080. (Or at least block traffic)
Yes, I thought you did. This won’t help much, since users will happily run programs that open ports, mass mail viruses and do many other nasty things.
But with Windows its all or nothing. Open the port or keep it closed.
What OS isn’t, without complex configuration tools ? And, even if they were, what OS is going to know that the user is telling it to open $PORT for a game or a virus ?
But I doubt that will happen, make Windows that secure and you will have no other reason to buy the next great update for $300
You haven’t listed anything that isn’t in the hands the user and thus out of Microsoft’s control. I rest my case.
“You haven’t listed anything that isn’t in the hands the user and thus out of Microsoft’s control. I rest my case.”
user can choose to not buy any software or just not use computers at all. so thats not a good argument at all
“Windows NT was a multiuser NOS from the day it was conceived.”
Hummmmmm, if I am not mistaken Windows NT was not “Conceived” but pulled together from VMS and OS2. It was not created from scratch. And I miss spoke. I meant a network OS with the idea of being used on Wide Area Networks like the internet.
“What about VB scripting makes it easier to install spyware than other scripting tools and standard OS components ?” Just like with macros, it is possible from a website, from an e-mail and from outside the machine to run VB scripting and use it to execute applications and or install things in the background. Without writing anything to the event log.
“You cannot eliminate the fact that the user is a *major* part of the security equation.” Yes you can, you can do smart things like NOT having the stupid Windows messaging service turned on by default. There are more hacks and cracks from VB, Active X, Windows Messaging Service, IE and IIS out the box then all of the user caused viruses combined. (Look through Mcafee or Symantec)
How about Microsoft ship XP with the firewall on? Wow isn’t that a novel idea. Took them ummmmmmmmm, 10 years to figure that out?? If Windows NT has been a NOS since day one then why has it taken soooooo long to give it security! There is NOOOO excuse! They have 50 Billion dollars.
Maybe if MS didn’t bank on the fact that users are dumb and having a weak crashing OS makes users buy new computers and new copies of Windows they would make a better OS and stop blaming their short comings and bad coding on users and hackers.
Hummmmmm, if I am not mistaken Windows NT was not “Conceived” but pulled together from VMS and OS2. It was not created from scratch.
It was created from scratch by a Microsoft team led by the person who made VMS. Nothing came from OS/2 except a potential name and an API specification.
In as much as any product can be “conceived”, Windows NT was. You can say it was “pulled together” from a bunch of sources if you want, but by that standard pretty much _everything_ is “pulled together”.
And I miss spoke. I meant a network OS with the idea of being used on Wide Area Networks like the internet.
Neither was any OS, if you want to talk like that.
Just like with macros, it is possible from a website, from an e-mail and from outside the machine to run VB scripting and use it to execute applications and or install things in the background. Without writing anything to the event log.
AFAIK this is only possible because of coding bugs, not by design.
Yes you can, you can do smart things like NOT having the stupid Windows messaging service turned on by default. There are more hacks and cracks from VB, Active X, Windows Messaging Service, IE and IIS out the box then all of the user caused viruses combined. (Look through Mcafee or Symantec)
I sincerely doubt that, but I can’t be bothered looking it up. Not to mention there’s a big difference between exploits that are caused by *coding bugs* and *design flaws*. You are claiming Windows’ scripting language are flawed by design, but submitting evidence showing software bugs.
How about Microsoft ship XP with the firewall on? Wow isn’t that a novel idea.
Breaks things. Makes common tasks much harder for the target audience.
Took them ummmmmmmmm, 10 years to figure that out??
Windows is hardly the only OS that has only recently started defaulting to a *firewall enabled*.
If Windows NT has been a NOS since day one then why has it taken soooooo long to give it security!
It hasn’t. The vast majority of security issues are caused by end users, something Microsoft have no control over.
NT *has* security. It *always* had it. It’s certainly a reasonable argument that default settings weren’t always chosen with security in mind, but the *technology* has always been present.
NT is hardly alone in this, either. It wasn’t that along ago many Unixes still had dozens of services listening by default, accepting root logins without requiring encryption, relaying mail willy-nilly and the like. Similarly, because of their significant established user bases, commitment to legacy systems and massive amounts of business at stake, they can’t afford the attitude the Linux community has towards legacy support, which alternates between frivolous and callous.
Plonk an unpatched Solaris 8 machine with a default installation on the ‘net and see how long it lasts.
There is NOOOO excuse! They have 50 Billion dollars.
Backwards compatibility and legacy support. Microsoft’s attempts at seamless legacy support are one of the big reasons they have that $50 billion and the cause of the majority of their security problems.
Much like Linux, Windows’ biggest strengths are also its biggest weaknesses.
Maybe if MS didn’t bank on the fact that users are dumb and having a weak crashing OS makes users buy new computers and new copies of Windows they would make a better OS and stop blaming their short comings and bad coding on users and hackers.
Most security problems are caused by users. Most stability problems are caused by shitty hardware and shitty privileged software (usually drivers). Anyone who has even a passing acquaintance with the security industry and OS development will (or shoud, at least) tell you that.
What competition? LMAO
MacAffee, Symantec, to name just two out of many.
drsmithy
Because the security gap is almost always the user and outside of their control.
Nice cop out. I think it’s safe to say that both the user and the software vendor share the responsibility. Example: double-clicking on executable files of unknown origin is a bad security habit, making file executables by default through their extension is poorly-designed from security standpoint.
Most security problems are caused by users. Most stability problems are caused by shitty hardware and shitty privileged software (usually drivers). Anyone who has even a passing acquaintance with the security industry and OS development will (or shoud, at least) tell you that.
That has to be one of THE stupidest things i have EVER heard!
When it comes to M$ its *always* the end users or 3rd party hardware/software.
Of course that same User base running Linux on that same hardware and software and the problem goes away! I wonder why? Because every other OS out there are more comitted in solving their problems than blaming end users and hardware software venders.
Backwards compatibility and legacy support. Microsoft’s attempts at seamless legacy support are one of the big reasons they have that $50 billion and the cause of the majority of their security problems.
Yea, sure! Run a program that worked fine in win2k but wont run on XP pro. So much for ‘legacy support.’
The one thing you can bet every time is that no same program can run on any version of windows. Infact even a program ment for that version of windows may not run correctly. But then m$ zealots go back to the ‘3rd party’ argument again!
Breaks things. Makes common tasks much harder for the target audienc
So does every other service pack. Infact so does AV .dat files or spyware removal program.
So at least this way its on. Or better yet, why bother. Might as well skip SP2. So much for all of that ‘security.’
NT is hardly alone in this, either. It wasn’t that along ago many Unixes still had dozens of services listening by default, accepting root logins without requiring encryption, relaying mail willy-nilly and the like. Similarly, because of their significant established user bases, commitment to legacy systems and massive amounts of business at stake, they can’t afford the attitude the Linux community has towards legacy support, which alternates between frivolous and callous
The difference is that any package could be removed an not be installed or can be shut off easily. Most windows OS’es not only ship with default ports on BUT can not easily be shut off or it will ‘break’ the OS.
Besides if it was in history, why didn’t M$ at least learn from it? Because they are too busy blaming someone else!
That has to be one of THE stupidest things i have EVER heard!
When it comes to M$ its *always* the end users or 3rd party hardware/software.
Not always, just mostly.
The applies equally to all OSes, by the way, not just Microsoft ones.
Want to see an orgy of buck-passing from the Linux community ? Just tell them the source code isn’t available.
Of course that same User base running Linux on that same hardware and software and the problem goes away!
Sometimes. Sometimes a machine that works fine in Windows won’t run Linux.
I wonder why?
Different OSes use hardware in different ways. Memory errors can manifest in one OS but not in another because the latter never actually accesses that part of the physical RAM.
Because every other OS out there are more comitted in solving their problems than blaming end users and hardware software venders.
No.
Indeed, the Linux community *loves* to blame hardware vendors for poor software support (instead of simply settling with binary compatibility) and end users (doesn’t work for you ? RTFM !).
Yea, sure! Run a program that worked fine in win2k but wont run on XP pro. So much for ‘legacy support.’
Inevitably there are applications that simply cannot be saved, but even basic research should demonstrate the ridiculous lengths Microsoft are willing to go to for the sake of legacy support (eg: the memory management in Windows 9x has a “Sim City compatibility” mode). Hell, they developed a whole product line (Windows 9x) and kept it alive more than twice as long as originally intended *solely to support legacy environments*.
The one thing you can bet every time is that no same program can run on any version of windows. Infact even a program ment for that version of windows may not run correctly. But then m$ zealots go back to the ‘3rd party’ argument again!
I’ve seen DOS *2.0* binaries run on XP. That’s a twenty year old application. It’s extremely rare for old software to not work on newer versions of Windows without a very good reason. That’s why SP2, and Longhorn in particular, are such a big deal.
So does every other service pack.
Again, quite rare or with very good reason. That’s why they spend so long testing them.
The difference is that any package could be removed an not be installed or can be shut off easily. Most windows OS’es not only ship with default ports on BUT can not easily be shut off or it will ‘break’ the OS.
It’s pretty easy to shut down services in Windows. Or just turn the builtin firewall off.
But now you’re shifting the goalposts. Your complaint wasn’t about *managed* platforms, it was about *default configuration*.
It’s pretty easy to shut down services in Windows. Or just turn the builtin firewall off.
Should, of course, read “on”.
Shouldn’t bother feeding the /. trolls drsmithy – OS religion is always harder to fight as logic generally isnt a factor.
As an aside, I agree with your points, nice to see a sane reply occasionally in the forums rather than just M$ sux and OSS is crap comments.
nuff said.
Indeed, the Linux community *loves* to blame hardware vendors for poor software support (instead of simply settling with binary compatibility) and end users (doesn’t work for you ? RTFM !).
So in one statement you said that Windows is unstable because of shitty drivers, then you bitch about the Linux community not taking shitty drivers.
We want quality drivers for our quality OS, not some buggy shit that passes for drivers in Windows (no offense to the guy who wrote bsod screensaver).
It’s pretty easy to shut down services in Windows. Or just turn the builtin firewall off.
Windows XP has a built in firewall, 2000 and below didn’t. Meanwhile Linux has had firewalling since I started using Linux in the old 2.0.18 days.
Sometimes. Sometimes a machine that works fine in Windows won’t run Linux.
This is also true in reverse. Linux is quickly catching up with Windows when it comes to drivers. They’re better, 1 EtherExpress 100 driver for all Intel 10/100 Nic’s, not dozens like in Windows.
That’s why I will stay with Linux, Unix, or Mac OS X. Spyware cannot infect these machines. Microsoft has to solve the problem with Spyware in Windows (ALL VERSIONS).
Wait, wait. I must have fuzzy glasses on???
One minute you say: “You cannot eliminate the fact that the user is a *major* part of the security equation.”
And in the next post you say: “Backwards compatibility and legacy support. Microsoft’s attempts at seamless legacy support are one of the big reasons they have that $50 billion and the cause of the majority of their security problems.”
So which one is it? Is it backwards compatibility or the users fault??
And you call being able to remotely take over, crash or install spyware remotely a “Coding Bug” ??? Would that be a coding bug in Windows or in the spyware??
Now you tell me having the firewall on: “Breaks things. Makes common tasks much harder for the target audience” Hummmmmm, most Linux versions and Mac OSX ship with a basic firewall (Still more complete then the current one in XP) on by default and I have no problem doing all the things I would normaly do in Windows.
I am sorry but if you look at the last 20 Worms out for Windows only a couple of them are related to user error and those are the e-mail worms. The rest are from flaws in Windows. Blaster, Slapper etc. Lets go down the list of top Vulnerabilities to Windows Systems. Please show me one besides people opening dumb emails in Outlook that is caused by users:
1. Internet Information Services (IIS)
2. Microsoft SQL Server (MSSQL)
3. Windows authentication
4. Internet Explorer (IE)
5. Windows Remote Access Services
6. Microsoft Data Access Components (MDAC)
7. Windows Scripting Host (WSH)
8. Microsoft Outlook – Outlook Express
9. Windows peer-to-peer file sharing (P2P)
10. Simple Network Management Protocol (SNMP)
Looks to me like a lot of the problems here are with flawed parts of Windows. Not caused by the user. Sorry but come with something better.
Don’t attempt to argue logically with drsmithy. He’s just here to push his pro-MS agenda, and will often flip-flop, obfuscate the issues, or subtly change subject when confronted with arguments.
I like this part:
Indeed, the Linux community *loves* to blame hardware vendors for poor software support (instead of simply settling with binary compatibility) and end users (doesn’t work for you ? RTFM !).
Rubbish. Most hardware vendors provide drivers for Windows, and not for Linux, because of Windows’ monopoly status. It’s up to the community to provide drivers, which means that the drivers are not always up to par because the community doesn’t always have access to all the specs. It has nothing to do with binary compatibility. Indeed hardware vendors are partially responsible for this situation, which is starting to change, with more vendors providing Linux drivers.
As far as being told to RTFM, this is one of the myths most repeated by the “Linux users are rude” school of disinformation. The fact is that, in two years and a half, I was never once told to Read The Friendly Manual. I did read NVIDIA’s, and learned quite a few things about my video card in the process, but I did so on my own (a point that has been moot since the new installer was introduced).
Well, if it were me, I certainly wouldn’t integrate what they purchased, what I would do, however, is tender out parts of the operating system; its nothing new, the defragmenter is technology licensed from excutive software, why not do the same thing with anti-virus and fire well?
Get the vendors to compete to have thier technology integrated into the operating system, and if it means that the best firewall technology is provided by (hypothetically) McAfee and the best anti-virus technology is provided by (again, hypothetically) Kaspersky, then integrate those pieces of technology into the operating system.
Now one would lose, and everyone would win; you’d repeat the same cycle again, the next release of Windows, tender the technology, and let the industry compete for a place in the operating system.
That’s a good idea, but it should be the PC vendors who bundle these things, not MS.
Thank you for the info and thank you for sharing more facts with me. I love it when the truth comes to light.
I mean as I always say. Linux must be good when a 50 Billion dollar company has to do a road show to talk about it. LOL!
Seems they spend more time putting Linux down then making better products.
Again, thanks “A nun, he moos”
I think Microsoft should do what is done in Mac OSX and Linux. Come with a basic Firewall and Basic AV. Like Linux has IP tables and or IP Chains. But then I can use firestarter to do advance configuration.
McAfee or who ever could sell the plug in to give your firewall or AV advanced features. That way you have basic security out the box and the other vendors could still sell their wares.
MS making their own anti-virus sotware. Is this not the ultimate prove of the total failure of their own OS?
Even more funny is the fact that they bought RAV AV which made one of the best version of AV for Linux. LOL! (They, as normal didn’t even create it themselves.)
But sad to say the M$ advocate is gone. Nothing more to say. I mean the facts are that damage from most worms and viruses are not the cause of user error.
Yes EVERY OS has problems, no OS is 100% secure. But some do better then others. And I am sorry but with 50 billion in the bank (Which I keep repeating like a broken record) M$ should be the model of software development! But they are not, they are the model of how to make lots of money off of ignorant people without choice.
I really hope they don’t do a AV app. You guys know how holy windows is right? What makes you think a antivirus from MS will do any good? They should forget that & make windows secure. Microsoft is doing this so they can try to own every computer software market.
That’s why I will stay with Linux, Unix, or Mac OS X. Spyware cannot infect these machines. Microsoft has to solve the problem with Spyware in Windows (ALL VERSIONS).
Maybe because the market share of these OSes together ain’t greater than 3% on the desktop market? Once these OSes become more popular, you will see some. Same thing with viruses, especially if newcomers are using their computer as root.
“Maybe because the market share of these OSes together ain’t greater than 3% on the desktop market?”
thats a very pessimistic estimate and remember apache runs more than 60% of the websites will less problems than IIS ever had. so its not just numbers.
The first rule of security is to never assume that you are completely secure.
Apache is an HTTP daemon. I’m talking of the desktop market. I never said that Linux & co. would have as many viruses/spywares as MS Windows if they had their user base… However, it’s completely retarded to assume that there would be none.
“Maybe because the market share of these OSes together ain’t greater than 3% on the desktop market? Once these OSes become more popular, you will see some. Same thing with viruses, especially if newcomers are using their computer as root.”
By the time Linux passes 5% no one will be using root for much of anything because Linux companies are starting to lock root out for novice users:
http://www.lycoris.com/sneakpeek/sneakpeek04.php
“NO ROOT?!?
What’s this we’ve been hearing about Lycoris disabling root logins? Lycoris has decided to disable the ability to log in to the desktop as the System Administrator, or “root” user, for Desktop/LX 1.4. With security issues and major questions about some flavors of Linux running as root by default, this distances Desktop/LX from this major security concern. Running as root by default has always been a dangerous proposition.”
Yes there will be some people that configure servers wrong etc. The COOOOOOOOL thing about Linux is that there are so many companies and almost every company configures their OS different. So yes a worm may hit all users using Apache 2 on Red Hat 9 running GlibC version XXX. But someone using Apache 2 on Suse 9.1 running GlibC Version XXX won’t be affected.
See with Windows you will have a problem with SNMP and every version of Windows from Windows NT to Windows 2003 will be affected. (Too much of the same ole, same ole underneath.)
…there’s bound to be more malware for Linux once its market share rises. However, I don’t think that the problem would be as severe as it is today for Windows.
The best scenario, from a security point of view, is to have a diverse OS ecosystem. This would slow down worms and virus propagation, and there wouldn’t be one big single target.
So, in fact, the best way to improve Windows security with regards to malware is to actually increase the number of Linux users! Funny, I don’t see MS apologists calling out for that…maybe they’re not that interested in improving Windows’ dismal security record…
“Apache is an HTTP daemon. I’m talking of the desktop market. ”
the relevant factor is numbers. you said popularity means more problems. that isnt true. see apache vs iis. so that arguments got thrown out. a popular product also has to be insecure and buggy to create as many problems as this. there has been some stupid decisions which are still being reverted and this is the main reason. not popularity
When we’re talking of spywares and viruses, popularity is a factor. The idiots developing them won’t bother to target a platform that is only used by few people.
Popularity puts bullseyes on a project. The more popular it is, the more likely that kiddiots will try to exploit it. You’re right that it does not mean more problems… However, there are more chances that conceptual issues or sloppy coding practices will be unveiled. Like A nun, he moos said, I don’t think the current issues we have with that kind of software would be that bad if Linux had 95% of the userbase… However, I’m pretty sure that the Linux userland is not completely imperivious to these malwares. That’s my point: these OSes are not immune.
“However, I’m pretty sure that the Linux userland is not completely imperivious to these malwares. That’s my point: these OSes are not immune.”
agreed provided that you agree that secure products will have lesser problems than we currently face
Of course! That’s for sure. The better the foundations, the less likely that the whole structure will crumble. That said, some exploits found in MS Windows are so stupid that you wonder if they did some design and not just went directly to the “implementation” phase…
Even if Linux had 95% for the market I can’t see any one version of Linux ever having more then 50% of the market. And as I stated before I doublt that there will be many worms or viruses that will effect every Linux user. It’s almost impossible.
There are flaws in the Kernel that people who have access to the machine through shell or to the physical machine can take advantage of. But because of the changes each vendor makes to the Kernel etc it’s very unlikely that there will be many worms that would ever effect over 50% of the user community.
For example, Sun JDS is built on Suse yet they are 2 different OS’s. The changes that Sun has made makes JDS look, feel and secure differently. Very unlikely you would be able to launch the same attack against both OS’s and take both down.
basicaly windows was designed with a different mentality. OSX, Linux and BSD all were designed with ease of use, security, stability and functionality in mind. Let the user do what he/she wants and keep over all costs down.
M$ windows hoever is not about users, its about marketing. The more people gullable to use the OS the better! It means that because viruses and spyware infects windows so easily it creates a total new economy under windows.
E.G. Provides little stores that constantly fix windows. Provides a market for ‘anti-spy,AV,Firewall’ software and hardware. The need to keep the user on the ‘upgrade’ tredmill and by keeping other companies going by providinig unessessary hardware because windows needs more power just to do the same tasks.
So knowing all of this, its no wonder they spend more time with spinning out FUD than actualy fixing their product. Because if their product ever worked then there will be no need to fix it and the cluless user would be happy. A no no when it comes to the corperate world. Always leave them wanting more!
So in one statement you said that Windows is unstable because of shitty drivers, then you bitch about the Linux community not taking shitty drivers.
No. I note that the Linux community blames the hardware developers because they refuse to make the effort to make binary-only drivers for Linux practical.
We want quality drivers for our quality OS, not some buggy shit that passes for drivers in Windows (no offense to the guy who wrote bsod screensaver).
So make it easy for hardware developers to write drivers for Linux without having to agree to the community’s political beliefs.
Windows XP has a built in firewall, 2000 and below didn’t. Meanwhile Linux has had firewalling since I started using Linux in the old 2.0.18 days.
Both 2000 and NT4 have the ability to filter IP traffic.
They’re better, 1 EtherExpress 100 driver for all Intel 10/100 Nic’s, not dozens like in Windows.
I’ve only dealt with about a half dozen different types of EEPro NICs, but they all seem to be auto detected and supported fine by any recent version of Windows.
That’s why I will stay with Linux, Unix, or Mac OS X. Spyware cannot infect these machines.
Not “can not”, “does not yet”.
One minute you say: “You cannot eliminate the fact that the user is a *major* part of the security equation.”
And in the next post you say: “Backwards compatibility and legacy support. Microsoft’s attempts at seamless legacy support are one of the big reasons they have that $50 billion and the cause of the majority of their security problems.”
So which one is it? Is it backwards compatibility or the users fault??
Are you able to conceive of a relationship *other* than an XOR ?
Are you able to conceive that in one comment I was talking about security as a whole and another part security features of the OS ?
And you call being able to remotely take over, crash or install spyware remotely a “Coding Bug” ???
Entirely possible. A buffer overflow, for example, is a “coding bug”.
Now you tell me having the firewall on: “Breaks things. Makes common tasks much harder for the target audience” Hummmmmm, most Linux versions and Mac OSX ship with a basic firewall (Still more complete then the current one in XP) on by default and I have no problem doing all the things I would normaly do in Windows.
Firstly, the firewalls in OS X and most Linux distros are not, to the best of my knowledge, activated without some user interaction.
Secondly, said firewalls will makes something like setting up a quick & dirty home network more difficult.
I am sorry but if you look at the last 20 Worms out for Windows only a couple of them are related to user error and those are the e-mail worms.
Here are the “latest virus threats” currently listed on http://www.symantec.com:
W32.Korgo.O
W32.Korgo.N
W32.Korgo.M
Backdoor.Ranky.G
Backdoor.Hacarmy.C
W32.Korgo.L
And on http://www.sophos.com:
W32/Korgo-P
W32/Rbot-BL
W32/Rbot-BI
W32/Lovgate-V updated
W32/Dansh-A
W32/Sdbot-JB
W32/Rbot-BC
W32/Agobot-KB
W32/Rbot-AY
W32/Rbot-AX
A quick look at each one would suggest they all either require user interaction to propogate, or are exploiting problems that are already fixed. That’s 100% user error.
The rest are from flaws in Windows. Blaster, Slapper etc.
*sigh*. Coding bugs aren’t OS flaws. Not on Windows, not on Linux. When SSH has a bug that makes it vulnerable, no-one with intelligence says it’s a flaw in Unix – yet for some reason when a similar bug appears in Windows programs, it’s a flaw in the OS.
Looks to me like a lot of the problems here are with flawed parts of Windows. Not caused by the user. Sorry but come with something better.
I never said user error was the *only* security problem, I simply said it was the most commonly exploited. Reeling of a list of 10 different things that possible vectors but not user related doesn’t change that.
I think Microsoft should do what is done in Mac OSX and Linux. Come with a basic Firewall and Basic AV. Like Linux has IP tables and or IP Chains. But then I can use firestarter to do advance configuration.
OS X doesn’t come with AV and most of the Linux distros with which I am familiar don’t either.
Windows already has a basic firewall, which is all it should have. Advanced configuration is the realm of third party software.
But sad to say the M$ advocate is gone. Nothing more to say.
Ever heard of “work”, “sleep” and “places outside the Us” ?
I mean the facts are that damage from most worms and viruses are not the cause of user error.
In fact, of the “Top Ten” viruses listed at http://www.sophos.com, the only one that doesn’t require direct user intervention to spread is Sasser, which while being the most commonly reported was also patched back in April and is trivial to defend against, so I’d be inclined to chalk it up to user error as well.
And I am sorry but with 50 billion in the bank (Which I keep repeating like a broken record) M$ should be the model of software development!
Well, since you seem to have all the ideas, how about you engage in some *constructive criticism* and explain how you think Microsoft should spend that money to fix their “security problems”. You keep bleating “fix the problem” but don’t appear to have any real understanding of what the problem *is*. “Security” isn’t just a tickbox on a form, it’s a whole process involving multiple entities.
But they are not, they are the model of how to make lots of money off of ignorant people without choice.
Ignorant people are not without choice, they simply don’t exercise it – there’s a *big* difference.
By the time Linux passes 5% no one will be using root for much of anything because Linux companies are starting to lock root out for novice users:
Just because people can’t login as root does not mean a) the root user doesn’t exist and b) users can’t execute code as root (eg: sudo, SUID).
Yes there will be some people that configure servers wrong etc. The COOOOOOOOL thing about Linux is that there are so many companies and almost every company configures their OS different. So yes a worm may hit all users using Apache 2 on Red Hat 9 running GlibC version XXX. But someone using Apache 2 on Suse 9.1 running GlibC Version XXX won’t be affected.
As I keep trying to get across, the biggest security risk isn’t remote exploits from coding bugs, it’s users doing stupid things. How many Linux boxes have you ever used that didn’t come with things like grep, mail, [ba]sh or even perl ? That’s all one of those “click here to see Britney’s tits” style trojans needs.
See with Windows you will have a problem with SNMP and every version of Windows from Windows NT to Windows 2003 will be affected. (Too much of the same ole, same ole underneath.)
A monoculture does, indeed, increase security risk (despite the insistence of various twits that marketshare is irrelevant), but there’s not much *Microsoft* can do about this.
Even if Linux had 95% for the market I can’t see any one version of Linux ever having more then 50% of the market. And as I stated before I doublt that there will be many worms or viruses that will effect every Linux user. It’s almost impossible.
Oh, come on. There was a kernel DoS vulnerability only in the last few days that would have potentially affected every Linux user.
There are flaws in the Kernel that people who have access to the machine through shell or to the physical machine can take advantage of. But because of the changes each vendor makes to the Kernel etc it’s very unlikely that there will be many worms that would ever effect over 50% of the user community.
Most of those vendors aren’t auditing for security problems, they’re backporting drivers and fixing general bugs. Not to mention most of them don’t do many modifications to the non-kernel parts of the system. Exploits in the kernel, and/or extremely popular software like SSH, could *easily* affect 90%+ of Linux users.
For example, Sun JDS is built on Suse yet they are 2 different OS’s. The changes that Sun has made makes JDS look, feel and secure differently. Very unlikely you would be able to launch the same attack against both OS’s and take both down.
Very unlikely ? *Extremely* likely would be a better assessment. Shit, there’s probably more differences between Windows 2000 and Windows XP than Suse and JDS.
Don’t attempt to argue logically with drsmithy. He’s just here to push his pro-MS agenda, and will often flip-flop, obfuscate the issues, or subtly change subject when confronted with arguments.
If it weren’t for that .ca in your domain I’d guess you were American, since you seem incapable of grasping the possibility of a neutral perspective.
Rubbish. Most hardware vendors provide drivers for Windows, and not for Linux, because of Windows’ monopoly status.
Actually, because:
a) the Linux community has no interest in making binary-only drivers feasible; and
b) the Linux community has very little interest in drivers that aren’t OSS.
c) they can sell a hell of a lot more hardware to the Windows market.
It’s up to the community to provide drivers, which means that the drivers are not always up to par because the community doesn’t always have access to all the specs.
I think you mean to say “the community isn’t prepared to do things like sign NDAs and write non-OSS drivers”.
It has nothing to do with binary compatibility.
It has a lot to do with binary compatibility (and directly related issues). I’d say everything to do with it, but the relatively low marketshare plays a part as well.
As far as being told to RTFM, this is one of the myths most repeated by the “Linux users are rude” school of disinformation. The fact is that, in two years and a half, I was never once told to Read The Friendly Manual. I did read NVIDIA’s, and learned quite a few things about my video card in the process, but I did so on my own (a point that has been moot since the new installer was introduced).
You are clearly capable of analysing and solving problems on your own, aren’t scared of the technology and are prepared to spend time figuring things out. Most people aren’t and it is these people that constantly get told to RTFM.
…there’s bound to be more malware for Linux once its market share rises. However, I don’t think that the problem would be as severe as it is today for Windows.
I’m glad you’ve finally decided that marketshare *is* relevant.
The problem on Linux probably won’t be as severe because by the time Linux has even a remotely comparable marketshare, various parts of technology related to protecting users from themseves will have marched on far enough to be useful (undoubtedly much to the disgust of the more technically-bent side of the Linux community).
The best scenario, from a security point of view, is to have a diverse OS ecosystem. This would slow down worms and virus propagation, and there wouldn’t be one big single target.
It’s good for sysadmins as well, since it means the world will need more of them, with greater skills and they’ll be able to charge more.
Companies, OTOH, might not be so happy with a rising cost of IT infrastructure.
So, in fact, the best way to improve Windows security with regards to malware is to actually increase the number of Linux users!
Not that there’s much Microsoft can do about that, since as a publically-traded US company they’re legally required to do as much as possible to increase profits.
If it weren’t for that .ca in your domain I’d guess you were American, since you seem incapable of grasping the possibility of a neutral perspective.
Are we into stereotypes, now? Careful, that could count as abuse of the posting terms.
Actually, because:
a) the Linux community has no interest in making binary-only drivers feasible; and
b) the Linux community has very little interest in drivers that aren’t OSS.
Really? Well, I’m part of the community, and I use nvidia’s drivers. Most Linux users that are also nvidia card owners use the proprietary drivers as well. Since nvidia has a good share of the video card market, it’s safe to conclude that a lot of Linux users don’t mind using binary-only and/or proprietary drivers.
For some who’s quick to judge it, you don’t seem to know the Linux community very well.
Incidentally, many people in the Linux community argue that it would be better if nvidia or ati released their drivers as open source because they believe the community could contribue to make them better. You see, it’s really a practical matter, not a political one.
c) they can sell a hell of a lot more hardware to the Windows market.
Sure, but they can sell more hardware to all markets. It’s not as if they had to choose only one, you know. This is why vendors are beginning to provide drivers: nvidia, Samsung, Epson…
I think you mean to say “the community isn’t prepared to do things like sign NDAs and write non-OSS drivers”.
Tsk, tsk. Don’t turn into the obfuscatroll just yet. I meant to say exactly what I said: “It’s up to the community to provide drivers, which means that the drivers are not always up to par because the community doesn’t always have access to all the specs.”
By definition, community projects for Linux are done openly. If nvidia was to open up their drivers, they would only gain a lot of volunteer testers and coders, people who are willing to improve nvidia performance under Linux.
You are clearly capable of analysing and solving problems on your own, aren’t scared of the technology and are prepared to spend time figuring things out. Most people aren’t and it is these people that constantly get told to RTFM.
Well, if they’re posting questions on the internet, then they are in fact spending time to figure things out. If they’re not on the internet looking for help, how can anyone tell them to RTFM?
I’ll let you in on a little secret: people don’t know how to set up Windows either. I can tell you that as a “family and friend” tech support guy. When the support guy isn’t available, people go look for information on…Google! Yes, that’s true, a lot of people get their infos and docs for Windows apps on Google as well!
Of course, they don’t have the same quality of community as we do, but hey…
I’m glad you’ve finally decided that marketshare *is* relevant.
I’ve never claimed it was irrelevant, just that it wasn’t the main factor.
It’s good for sysadmins as well, since it means the world will need more of them, with greater skills and they’ll be able to charge more.
Actually, if there’s more of them there will be a downward pressure on salaries. Also, you’ll probably have more specialization.
Hey, at least sysadmins can’t be outsourced to India, like programming jobs!
Companies, OTOH, might not be so happy with a rising cost of IT infrastructure.
Well, that’s assuming that IT costs actually rise. You haven’t demonstrated that for a fact. Remember: opinion != facts.
I think IT costs will actually decrease if there are more Linux systems. There will be more sysadmins therefore the average salary for a Linux sysadmin will drop. Furthermore, according to studies it takes less sysadmins to administer a number of Linux servers than for a identical number of Windows servers (look it up).
Also, Linux can offer some interesting thin-client options for certain types of users, something that can dramatically reduce costs. I’ve tried Remote X on 100Mbit ethernet and it’s surprisingly responsive.
If only in reduced security costs, a more diverse ecosystem makes sense. Someone who claims to be neutral should appreciate such a fact.
Not that there’s much Microsoft can do about that, since as a publically-traded US company they’re legally required to do as much as possible to increase profits.
MS might not be able to do anything, but MS advocates who are serious about better security should consider encouraging people to use Linux instead. Of course, if they’re really astroturfers…
Large corporations other than MS and governments can also give a good example and switch to Linux, improving their security and those of Windows users as well!
Really? Well, I’m part of the community, and I use nvidia’s drivers. Most Linux users that are also nvidia card owners use the proprietary drivers as well. Since nvidia has a good share of the video card market, it’s safe to conclude that a lot of Linux users don’t mind using binary-only and/or proprietary drivers.
“Don’t mind” and “like” are two very different things. Indeed, one need only look at all the griping about Nvidia not open sourcing their drivers to see that, at best, the Linux community “tolerates” their drivers.
I never said the Linux community won’t use binary drivers, I said they do very little to make them feasible.
For some who’s quick to judge it, you don’t seem to know the Linux community very well.
On the contrary, I know it extremely well.
Incidentally, many people in the Linux community argue that it would be better if nvidia or ati released their drivers as open source because they believe the community could contribue to make them better.
That doesn’t mean they actually *would* make them better.
You see, it’s really a practical matter, not a political one.
If it was a practical issue, they’d be happy to make such contributions and improvements under a code license that wasn’t the GPL, or even FSF approved.
Sure, but they can sell more hardware to all markets. It’s not as if they had to choose only one, you know. This is why vendors are beginning to provide drivers: nvidia, Samsung, Epson.
Perhaps you misunderstood. I was trying to say that the extra cost of supporting Linux the way the Linux community wants to be supported might not be worth it in sales.
I’ve no doubt hardware vendors would *love* to sell as much hardware as possible and, hence, would love to sell to the entire market – but if it costs them more to support some platforms than they believe they can recoup in sales, it’s not going to happen.
Tsk, tsk. Don’t turn into the obfuscatroll just yet. I meant to say exactly what I said: “It’s up to the community to provide drivers, which means that the drivers are not always up to par because the community doesn’t always have access to all the specs.”
But it wouldn’t be up to “the community” if “the community” were prepared to handle hardware drivers the same way most other “communities” do.
By definition, community projects for Linux are done openly. If nvidia was to open up their drivers, they would only gain a lot of volunteer testers and coders, people who are willing to improve nvidia performance under Linux.
But, perhaps, at too great a cost in terms of their IP, or simply impossible due to legal obligations.
Well, if they’re posting questions on the internet, then they are in fact spending time to figure things out.
Well, that depends. If the question is “why isn’t my computer working” and the answer is “because the power cord isn’t plugged in”, clearly a great deal of effort wasn’t put into “figuring things out”.
I’ll let you in on a little secret: people don’t know how to set up Windows either.
This hardly a secret. I’ve never claimed otherwise and, indeed, recall posting a reasonably long rant about the fascination “reviews” posted to this site have with OS installation procedures pointing that out.
When the support guy isn’t available, people go look for information on…Google!
No, they stop doing anything until the support guy appears, except perhaps going and paying someone to help them. Very few people will pursue a problem on their own.
Yes, that’s true, a lot of people get their infos and docs for Windows apps on Google as well!
Of course, they don’t have the same quality of community as we do, but hey…
Are we into stereotypes, now? Careful, that could count as abuse of the posting terms.
Hey, at least sysadmins can’t be outsourced to India, like programming jobs!
Precisely why I do it.
Well, that’s assuming that IT costs actually rise. You haven’t demonstrated that for a fact.
I’m struggling to see how a more diverse environment requiring greater management costs is going to make it cheaper. Remember, the expensive part about IT, like most hings, is the manpower.
Remember: opinion != facts.
Indeed. Advice you should keep in mind yourself when extolling the virtues of the GPL.
I think IT costs will actually decrease if there are more Linux systems.
Ah, but we weren’t talking about just more Linux systems, we were talking about a more diverse environment. The vast bulk of Linux distros are so similar that they could hardly qualify as “diverse”.
There will be more sysadmins therefore the average salary for a Linux sysadmin will drop.
But the trouble is you’ll need a Linux sysadmin *and* a Windows sysadmin *and* a MacOS X sysadmin, etc.
Swapping one monoculture for another isn’t going to help.
Furthermore, according to studies it takes less sysadmins to administer a number of Linux servers than for a identical number of Windows servers (look it up).
Well, it’s been a while since I’ve read any of those studies, so I’m working from memory, but I seem to recall one of the big furphies in those studies is that Windows sysadmins tend to also be doing client/desktop support work, while the Linux admins don’t.
Also, Linux can offer some interesting thin-client options for certain types of users, something that can dramatically reduce costs. I’ve tried Remote X on 100Mbit ethernet and it’s surprisingly responsive.
So can Windows and IME Terminal Services/RDC is vastly superior to typical X based solutions, both in performance and functionality. Some of the major advantages that spring to mind:
* RDC deals better with network unreliability.
* RDC is perfectly usable over a 56k modem.
* RDC allows the admin and/or support person to easily take over a person’s session to diagnose problems or demonstrate things.
One downside, that X is better at by default (RDC requires something like Citrix), is seamless integration of local and remotely hosted apps. Straight RDC only allows hosting an entire user desktop which can confuse users if they have to use both local and remote resources (“Two desktops ? WTF ?”), where X apps just pop up and (usually) look like they’re running on the local machine. Of course, this doesn’t apply if the user is doing *everything* on the remote machine – you just start RDC at login and maximise their RDC session and they need never know.
If only in reduced security costs, a more diverse ecosystem makes sense. Someone who claims to be neutral should appreciate such a fact.
The question is do the hypothetically reduced security costs make up for the much higher plstform management costs – because they *will* be a lot higher.
MS might not be able to do anything, but MS advocates who are serious about better security should consider encouraging people to use Linux instead.
Personally I encourage home users to use Macs and OS X (unless they’re planning on playing a lot of games).
I usually only recommend Linux for horizontally-scalable *nix server needs (which, these days, covers just about everything) and only then if FreeBSD won’t do the job (eg: they need to run Oracle/something else that needs a certified platform, or Linux has a clearly superior featureset like RAID and LVM).
You’ll probably also be happy to know that one of the long terms goals of my current job is to migrate a few dozen SCO OSR5 boxes to RHEL and WBL.
Of course, if they’re really astroturfers…
Are we into stereotypes, now? Careful, that could count as abuse of the posting terms.
Large corporations other than MS and governments can also give a good example and switch to Linux, improving their security and those of Windows users as well!
Assuming the initial costs (which would be huge) and the ongoing costs (which might be higher – lower is not a given) don’t outweigh the existing costs over a reasonable timeframe.
Remember, it may well actually be cheaper to contain and fix the odd virus outbreak now and then than it would be to migrate and/or integrate to another platform. Migrating platforms is a *huge* task with *massive* expenses. It’s not something you “just do”. Similarly, managing a heterogenous environment is much more expensive than managing a homogenous one, both in software and manpower costs. It is *not* a given that a reduction in “security costs” will even occur from a heterogenous environment (more platforms == more exposure), let alone that such a reduction would outweigh the costs involved in creating and/or running one.
On the contrary, I know it extremely well.
An unsupported claim.
If it was a practical issue, they’d be happy to make such contributions and improvements under a code license that wasn’t the GPL, or even FSF approved.
Then it’s not a practical issue for you, but a political one.
I was trying to say that the extra cost of supporting Linux the way the Linux community wants to be supported might not be worth it in sales.
You’re grasping at straws.
but if it costs them more to support some platforms than they believe they can recoup in sales, it’s not going to happen.
If they open-source their drivers, it’s not going to cost them anything.
But it wouldn’t be up to “the community” if “the community” were prepared to handle hardware drivers the same way most other “communities” do.
And how do other “communities” do it? Oh, and I’m talking about real communities, not made up ones.
Are we into stereotypes, now? Careful, that could count as abuse of the posting terms.
You know, you should really read those terms. You’re starting to sound childish.
But the trouble is you’ll need a Linux sysadmin *and* a Windows sysadmin *and* a MacOS X sysadmin, etc.
No you wont’t. Having an heterogenous OS ecosystem doesn’t mean having to support multiple OSes within a single company, just that every company shouldn’t have to use the same OS.
Swapping one monoculture for another isn’t going to help.
Have you been following our conversation? That was precisely the point: increase Linux/Mac OSX/FreeBSD’s market share, and Windows security will improve.
Well, there goes the majority of your argument.
So can Windows and IME Terminal Services/RDC is vastly superior to typical X based solutions, both in performance and functionality.
I disagree. XDMCP over a 100MBit network (which requries what, a 10$ card these days?) works very well. It runs on older hardware as well, and saves a bundle in licensing and maintenance costs.
The question is do the hypothetically reduced security costs make up for the much higher plstform management costs – because they *will* be a lot higher.
Again, you haven’t demonstrated that. Don’t confuse opinion and facts.
“Of course, if they’re really astroturfers… ”
Are we into stereotypes, now? Careful, that could count as abuse of the posting terms.
Unlike your comment about americans, this does not constitute abuse. Please get a clue, especially if you’re going to use cheap rhetorical tricks. You’ll look less like a fool.
BTW – in case you were feeling targeted – I wasn’t implying that you were an astroturfer. Just that there are astroturfers on this and other sites, and of course these people wouldn’t advocate using a non-MS OS, even if it did help with MS security.
Assuming the initial costs (which would be huge) and the ongoing costs (which might be higher – lower is not a given) don’t outweigh the existing costs over a reasonable timeframe.
Although costs of migration can be substantial, you do realize that corporations and government have to upgrade their equipment and licenses at some point, right?
Similarly, it is not a given that ongoing costs would be higher. In fact, due to reduced management and license costs, as well as money saved from less downtime and security issues, I’d say switching to Linux makes economical sense if you’re about to overhaul your systems anyway.
I’ve read numerous TCO studies, and the only ones who favored staying with MS for large corporations were MS-sponsored ones.
Anyway, this has gone under the radar, so don’t bother replying, I won’t be reading your replay. Though with your obsession to have the last word, I’m betting you will answer anyway. Too bad, it will be wasted energy because no one will read your response…
Then it’s not a practical issue for you, but a political one.
Where’s the politics in:
a) observing that embracing non-OSS drivers would result in more hardware support; and
b) observing the Linux communities’ attitudes is the reason a lot of hardware develops don’t support their hardware on Linux ?
You’re grasping at straws.
Evidently they’re the same straws the hardware developers are grasping at.
If they open-source their drivers, it’s not going to cost them anything.
Except the loss of control of over their IP and exposure of any trade secrets it might contain. Apparently you think code and the ideas in it can’t have value.
And how do other “communities” do it?
They make it possible for binary drivers to be practical.
No you wont’t. Having an heterogenous OS ecosystem doesn’t mean having to support multiple OSes within a single company, just that every company shouldn’t have to use the same OS.
“Every company” doesn’t “have” to use the same OS now. They choose to.
Have you been following our conversation? That was precisely the point: increase Linux/Mac OSX/FreeBSD’s market share, and Windows security will improve.
I have, and the attitude you constantly convey is one of “Linux uber alles”, which is the attitude I was responding to.
I disagree. XDMCP over a 100MBit network (which requries what, a 10$ card these days?) works very well. It runs on older hardware as well, and saves a bundle in licensing and maintenance costs.
I never said it didn’t. However, RDP works just was well, works on just as low end hardware and similarly saves a bundle on licensing and maintenance costs.
Not to mention that while a 100Mb network card might only cost $10, getting a 100Mb communications line outside of a single building is substantially more expensive, if its possible at all.
This is why Terminal Services is a superior technology. It’s just as good in ideal conditions and substantially better in less than ideal conditions.
Again, you haven’t demonstrated that. Don’t confuse opinion and facts.
Managing heterogenous environments is more expensive. That *is* a fact.
BTW – in case you were feeling targeted – I wasn’t implying that you were an astroturfer. Just that there are astroturfers on this and other sites, and of course these people wouldn’t advocate using a non-MS OS, even if it did help with MS security.
Well, you made the comment in a reply directed at me, under quote of something I wrote, after having several times in the past either directly called, or strongly implied, that I’m just a “Microsoft troll”. I’m not sure how many other interpretations there might be other than that is was “targeted” at me.
Not that I really care what you want to call me (sticks and stones, and all that), but if you’re going to have an opinion, at least have the balls to stick with it when you get called.
Although costs of migration can be substantial, you do realize that corporations and government have to upgrade their equipment and licenses at some point, right?
Upgrading hardware, licenses and even software packages is *not* the same as a platform migration – not even close.
Similarly, it is not a given that ongoing costs would be higher.
I never said it would be higher, I said it *might* be higher.
[i]In fact, due to reduced management and license costs, as well as money saved from less downtime and security issues, I’d say switching to Linux makes economical sense if you’re about to overhaul your systems anyway.
You haven’t demonstrated that. Don’t confuse opinion and facts.
I’ve read numerous TCO studies, and the only ones who favored staying with MS for large corporations were MS-sponsored ones.
I’ve yet to read a credible TCO study that wasn’t sponsored by someone who had something to gain from the recommended result.
Anyway, this has gone under the radar, so don’t bother replying, I won’t be reading your replay. Though with your obsession to have the last word, I’m betting you will answer anyway. Too bad, it will be wasted energy because no one will read your response…
Oh, someone might – and it would be unfortunately if it was your opinions they were left with isntead of mine.
I do have to wonder, however, why it’s only my replies that are an “obsession to have the last word”.