Discussions

News: Microsoft heed a key lesson learned or suffer the consequences

  1. developerWorks Editor-in-chief Michael O'Connell explores how Microsoft's concerns about Linux have impacted its behavior, and suggests that Microsoft should heed a key lesson IBM has already learned or suffer the consequence of selective ignorance.

    Perhaps it'll take some sort of near-death experience for this seemingly invincible company to recognize the need to reform, and embrace open industry standards.

    Read: Supporting development on demand: Open, cross-platform standards

    Threaded Messages (105)

  2. I think this is right on. There is enormous economic value being driven by Open Source in services, complinentary product sales, and to users. I went through a somewhat similar evolution on a personal/professional level. I started out firmly in the proprietary camp, and then shifted towards Open Source. I saw, first hand, the value created through the Open Source product and services model.

    That doesn't mean I think that there isn't a place for proprietary software. If proprietary companies can differentiate, they'll still succeed.

    I think the open source community recognized that the value could be large for business, education, and government. More importantly, business, education, and government are quickly beginning to see these values as well. Of course, at this point, you might not consider me to be a casual or independent observer.

    IBM was prescient in this case. They were ready well ahead of most organizations to take advantage of these economic drivers.

    Jason McKerr
    The Open Source Lab
  3. 1) Ballmer: "They make no money on software; they make no money on hardware. They make money only in services."

    Michael: "IBM drove nearly $100 million of eServer sales"

    Ballmer's statement must be considered to be definite, particular, exclusive and sufficient. $100 million is a mere nothing compared to IBM revenue of $100 Billion a year.

    2)Michael: "instead of creating yet more FUD.."

    MS FUD is just a trickle against the FUD from for instance the Big Java EJB Server vendors.

    3)Michael: "minimizing the fearsome -- and real -- vulnerabilities in its (MS) own products"

    Linus has since long taken over the position as the most breached OS on the web. In May 2003, 19,208 successful breaches were recorded against Linux based systems, compared to 3,801 against MS Windows based systems
    http://www.theinquirer.net/?article=9845

    That attacks on client computers are more numerous may not come as a surprise as 95% of all client systems run Windows. There are just not any other interesting targets.

    4) Michael: "for this seemingly invincible company to recognize the need to reform, to embrace open industry standards"

    How is "embrace open industry standards" going to help security? If they are so successful that they are seemingly invincible why should they change their strategy?

    5) Gerstner: "Every time I meet with customers, I say the same thing. I urge them to demand compliance with open industry standards"

    No technology should be accepted as standard that doesn't have a real life implementation and has not showed its worth in real life competition. Gerstner's words is the opinion of a looser. He wants the most succesful software company in the world to sell services?

    Regards
    Rolf Tollerud
  4. Linus has since long taken over the position as the most breached OS on the web. In May 2003, 19,208 successful breaches were recorded against Linux based systems, compared to 3,801 against MS Windows based systems
    http://www.theinquirer.net/?article=9845


    First of all, I am very suspicious to any survey published, without knowing who is making it.

    Second, there are many other parameters to take into account before making a conclusion:
    - was the survey accurate in its methodology?
    - are the linux system users more or less disposed to reveal their security breaches (e.g. if some boxes are in important institutions, they may not declare them)?
    - is the nivel of breach identical in all cases? I.e. what were the consequences? Just web page defacement, data stealing, etc...
    - was the system or the application in fault? Or was it bad administration?
    - what was the security level of the boxes? If 2000 of the compromised machines were simple home machines acting as servers?
    - what type of servers were targeted and compromised? (web servers, file servers, servers that shouldn't have been on the net, ...)
    - what is the real proportion of OSes in the targeted systems? i.e. if 99% of the compromised servers are web servers, how many are are Linux/Windows?
    - ...

    Numbers like that mean nothing alone.

    J
  5. I searched for the origin of the claim that Linux has more breaches. The mi2g web site contained no further information - just the press release. Personally I prefer to see some meat to any claims - a detailed description of the source of the statistics or the methodology of the study performed.

    Others have had things to say about about mi2g and its press releases - I have never personally never heard of mi2g. But neither have I heard of any of these others. You should do a google search on "mi2g security firm". There are many reports on the web that dismiss much of what mi2g puts on in its press releases. Suggest you look first at http://www.attrition.org/errata/charlatan.html as this has at least gathered various links - mostly links to a group called "vMyths". Can you sort the coal from the dross?
  6. Ahhh rolf...I missed your troll garbage.

    You claim that the article is full of errors, yet the company (MI2G) that you use to discuss the number of Linux exploits has been consistently attacked for, at minimum overblowing and at maximum making up numbers regarding security breaches. MI2G has slung around more garbage than just about anyone.

    Aside from that: In that particular study, MI2G discounted loads of windows worms and viruses in their study. They only reported "overt" attacks. Why? Who knows, but the data has been long-thought to be a bit suspect.

    Do you really want to claim factual errors in the IBM article based on MI2G's information? Come up with better than that. Now windows and linux can both be pretty secure in the right circumstances and with the right people managing the computers. But you just called "FUD" with a bunch of FUD of your own.

    Besides that, it's not just Linux we're talking about here. It's Open Source. i.e. Mozilla use is up somewhat as people have complained about IE security issues.

    Jason McKerr
    The Open Source Lab
  7. Jason,

    Before I create a big fuss I have to check, perhaps we agree?

    Is it a little strange that you start your post with "I missed your troll garbage", then longer down you say "Now windows and Linux can both be pretty secure in the right circumstances and with the right people managing the computers".

    So what is your opinion? Which OS is most secure, Linux or Windows? I am referring to Windows Server 2003 OS of course.

    While you are pondering read this page,

    25 June 20042/IT Management: Security statistics show surprising finds

    Regards
    Rolf Tollerud
  8. This article gives you neither proof nor advantage...
    At the very bottom it says:
    Secunia agreed that straightforward comparisons are not possible, partly because some products receive more scrutiny than others.

    Microsoft products are researched more because of their wide use, while open-source products are easier to analyse because researchers have general access to the source code, Kristensen [Secunia CTO] said.

    "A product is not necessarily more secure because fewer vulnerabilities are discovered," he added.
  9. what is your opinion?[ Go to top ]

    I say to you the same as I said to Jason, do you think that Linux is more secure than Windows Server 2003 OS?

    Regards
    Rolf Tollerud
  10. OT[ Go to top ]

    My "opinion" is: I don't know. Strange that you should ask opinion of some random guy, when even experts on the subject can not be certain... In my post I was merely pointing that your argument (the link to the article) holds little substance to prove superiority of MS OS above others.
  11. OT[ Go to top ]

    Denis: (My "opinion" is: I don't know.

    Thank you. +1 for correct answer. But the thing is, that for only one year ago every Java guy would have said "Windows is full of holes" as a knee-jerk reaction, on reflex only.

    Regards
    Rolf Tollerud
  12. OT[ Go to top ]

    But the thing is, that for only one year ago every Java guy would have said "Windows is full of holes" as a knee-jerk reaction, on reflex only.

    Can't blame them. Windows outstanding performance in the security area than, was examplary. For any new windows server release, we should give them a chance to prove themselves first. Time will tell.
  13. OT[ Go to top ]

    Denis: (My "opinion" is: I don't know.Thank you. +1 for correct answer. But the thing is, that for only one year ago every Java guy would have said "Windows is full of holes" as a knee-jerk reaction, on reflex only. RegardsRolf Tollerud
    Rolf,
    I work for a very large cable company here in the US - we've got a very mixed IT environment located all over the country. The SAs are quite good. The unix servers - mixtures of HP, Solaris, Linux do go down. No doubt about it. But they never ever have security issues. Our Windows environment always has security issues costing us tremendous sums in lost productivity. Not to mention they crash much more than any of the unix boxes and are harder to recover. This past month has been particularly bad. Windows is full of holes - and that's from experience. No knee-jerking going on here.

    The unix boxes are the big iron, running all of our enterprise databases and enteprise apps. The MS boxes run email and a few app server instances.

    I don't know if Windows Server 2003 is/will be any good but your heros at MS have a long way to go before they convince anyone at our company they need to be used for any serious enterprise work. The history is not good (and neither is the present).


    Cheers
    Ray
  14. security[ Go to top ]

    But the thing is, that for only one year ago every Java guy would have said "Windows is full of holes" as a knee-jerk reaction, on reflex only.
    Well, Windows was full of holes. Maybe Windows 2003 is perfect .. then again, we've already seen some pretty major exploits.

    OTOH, I've been surprised how many low-level vulnerabilities showed up in various UNIXes and Linuxes (oops I mean GNUs) .. so it's not like there is a perfect system out there.

    However, if you gave me the choice of having my valuable data protected by a well-configured UNIX box with a good UNIX admin, or having it protected by a well-configured Windows box with a good Windows admin, I'd feel much more comfortable with the UNIX choice. How about you?

    Peace,

    Cameron Purdy
    Tangosol, Inc.
    Coherence: Clustered JCache for Grid Computing!
  15. security[ Go to top ]

    It is very strange to see this comparition, Doe's somebody use windows on server ?
    I am not sure it is possible to install it on server.
  16. more Unix hypocrisy[ Go to top ]

    However, If you gave me the choice of having my valuable data protected by a well-configured UNIX box with a good UNIX admin, or having it protected by a well-configured Windows box with a good Windows admin, I'd feel much more comfortable with the UNIX choice. How about you?
    Why do you say Unix when we are discussing Linux? Commercial Unix are going out of business don't you know? Only Linux is interesting. The answer is no, I keep to my Windows Server 2003 OS in spite of all thousands of (in addition to script-kiddies) experienced *nix users (the double-tongued old wowsers) that waste their time fabricating windows attacks. And that are helping Microsoft aka "All that not kills you are making you stronger". And before you scream remember what happened to SCO. :)

    You don't need to be a good Windows admin. All that is needed is to update your protection once every month or so.

    Regards
    Rolf Tollerud
  17. more Unix hypocrisy[ Go to top ]

    Why do you say Unix when we are discussing Linux? Commercial Unix are going out of business don't you know? Only Linux is interesting.
    I use both Linux and Windows on PC, I have never tried to install one of them on server and probably nobody will let me to give a chance for toy. PC has more use cases, it is true, but only UNIX is interesting.
  18. more Unix hypocrisy[ Go to top ]

    Commercial Unix are going out of business don't you know? Only Linux is >interesting

    Who told You that?

    >You don't need to be a good Windows admin. All that is needed is to update your >protection once every month or so.

    What about all that unfixed critical vulns in IE, are You sure this update once a month is enough? I don't think so.

    Artur
  19. more Unix hypocrisy[ Go to top ]

    You don't need to be a good Windows admin. All that is needed is to update your protection once every month or so.

    LOL!!!!! A good one!
  20. more Unix hypocrisy[ Go to top ]

    You don't need to be a good Windows admin. All that is needed is to update your protection once every month or so.
    Being American, I can't tell if you are serious or if that is your famous dry wit.

    (Oh, the irony .. ;-)

    Peace,

    Cameron Purdy
    Tangosol, Inc.
    Coherence: Clustered JCache for Grid Computing!
  21. more Unix hypocrisy[ Go to top ]

    Any system is crap without good admin, it is possible to break anything and It is more easy to destroy than to build, is not it ? All admins I have ever saw in serious companies are very smart people.
  22. I am waiting.[ Go to top ]

    Ok, I willing to accept that perhaps I only have been lucky these years. No problem. It is not a shame to admit being wrong!

    But then you must name the virus, trojan or attack that you were vulnerable from with an updated Windows XP and Norton antivirus the last 2-3 years or so! And please do not mention Outlook which I of have course been using extensively the whole time. Only a moron opens a unknown file.

    Regards
    Rolf Tollerud
  23. I am waiting.[ Go to top ]

    I hope nobody uses Outlook on server, are we talking about PC ? As I said I use both Linux and Windows on PC and I see no major difference, both are crappy on PC, but I deploy some of my toys on Linux too and there are no problems with OS on this kind of servers (I PC use as server for toys), there are more problems with my sofware than with OS kernel, most of applications do more stuff than any OS kernel.
  24. I am waiting.[ Go to top ]

    !But then you must name the virus, trojan or attack that you were vulnerable from with an updated Windows XP and Norton antivirus the last 2-3 years or so! And please do not mention Outlook which I of have course been using extensively the whole time.
    i may be wrong but i have this strong feeling that the updates, patches and fixes come after the attack :) or is the windows update center now attack anticipatory.
  25. more Unix hypocrisy[ Go to top ]

    You don't need to be a good Windows admin. All that is needed is to update your protection once every month or so. RegardsRolf Tollerud
    This is one of those priceless Rolfisms.
  26. what is your opinion?[ Go to top ]

    Rolf,

    This is really a useless question. There are so many environmental issues.
    Do you mean out of the box? Do you mean in terms of remote exploits? Ability to exploit social engineering? How difficult it is to "batten down?" Most importantly what's the cost in terms of dollars, time, and opportunity cost to reach the desired level of security or to deal with existing security problems? There are plenty of companies with great firewalls at the network border. But all you have to do is sit down at a computer inside the "border," then all of that is now useless.

    Can Windows 2003 Server be secure? Probably. As secure as Linux? Probably. Out of the box? Maybe not, maybe so. Is the cost to secure it worth it? Maybe. I don't know. And the answer is gonna be different for differnt orgs.

    If I took Gentoo Hardened (NSA SELinux integration) out of the box, sure it's likely more secure. It's likely more secure than another Linux distro out of the box too. It is designed to be a security hardened operating system. Other Linux OS's, Windows aren't designed that way.

    My personal experience, and I've worked in windows shops (a number of them), is that the Linux/Unix model lends itself towards dealing with security better on the server. The Linux places I've worked have better up time and lower time/dollar costs in securing Linux just because of the way it's built. That doesn't mean it's more secure. It means that managing security related issues is easier and costs less. It also could mean nothing. I've worked in a few windows shops and a few *nix shops. Maybe we just had better admins in the Unix.

    The key for me, though, is simple economics. I can have 1 system admin handling 60+ linux servers, efficiently, securely. My licensing cost is exactly zero. My contract mangement and license tracking costs are exactly zero. I have more choices (we currently run three different flavors of Linux for different, appropriate tasks). We can mess with the internals, innovate our own IT infrastructure, and not rely on anyone. We can help others do the same. We have well-documented setups for our builds. If one of our linux distros fell of the world, we could rebuild. If there are security/operational issues we can deal with them ourselves. One of our sysadmins is even on Gentoo-dev (how often do you have an MS operating sytem dev on staff!).

    We like these economies and options. A lot of the people we work for like them. If they didn't exist, we wouldn't be in business.

    Jason McKerr
    The Open Source Lab
  27. what is your opinion?[ Go to top ]

    Jason,
    Its impressive your able to manage all 60+ Linux servers with just one admin.
    I agree with you that Linux/Unix has had a better track record concerning securuity. MS exec's themselves admit that MS's security track record is at best mixed. 2003 is better, but MS realized they need to improve in this area, and its not just lip service; they finally realized they need to focus on security, rather then exclusivelly on features.
    Obviouslly, as your company has shown, Linux can be made to work extermelly well, but requires a lot of speciallized knowledge. The question of choice is an interesting topic. There will always be companies like yours that has the expertice to manage an environment containing 3 different flavors of Linix/Unix. I know its a bad word, but MS "one vender" approach can add some value. Its my expectations that around the Longhorn release, along with Whidhey, and Yukon, the MS server side products will be so intergerated the pedulumn will swing into MS favor concering cost of ownership. Linux, with all the different players will be hard pressed to keep up. Thats only my opionion obviously, and I'm sligtly biased, I used to be a MS systems developer. Personally, I love Java, .Net too, and as a developer, of cource would love to have access to any source code I'm working with, but would question how helpfull that is in most cercumsntaces. For the record, MS can provide the source in some circumnstances, but it defintly comes at a price. The whole free software thing is another topic.
  28. While you are pondering read this page,

    >25 June 20042/IT Management: Security statistics show surprising finds

    Well, as I said - "Lies, Damned Lies and Statistics". Have You ever seen linux distro and how it compares to Windows system? In typical linux distribution there are usually more than 5000 packages - web servers, application servers, daemons and much, much more. They counted *all* vulns in *all* packages on *all* platforms and compared to vanilla Windows on x86. Please don't compare apples and oranges.

    Talking about security, you can "google" figures in 5 seconds - how expensive were latest virus/woms attacks against Windows and, then, compare this figures and costs of attacks against linux boxes.

    Artur
  29. Rolf,

    Claiming "Windows Server 2003 is the most secure webOS"
    is a very arrogant statement.
    Even MS did not dare make such a claim.

    If you really want to make such a claim, please prove it with facts.
    Since you claim "most secure webOS", please compare it with solaris,
    HP-UX, AIX, OS/400 and mainframe OS. This is because the world does
    not consist of only MS Windows and Linux.

    There are also lots of linux variants; each with its set of security
    features. To claim that "Windows Server 2003 is the most secure than
    linux", you will need to prove that Win2003 is more secure than each
    of the linux variant.

    I understand you reference an article at computerweekly.com based
    on studies by a commercial entity Secunia. Even then, "Secunia agreed that straightforward comparisons are not possible". How then can anyone in
    the world claim "Windows Server 2003 is the most secure webOS"?

    If you are unable to produce the evidences, please withdraw
    your claim that "Windows Server 2003 is the most secure webOS"


    rgds,
    Josiah
  30. 3)Michael: "minimizing the fearsome -- and real -- vulnerabilities in its (MS) >own products"

    >Linus has since long taken over the position as the most breached OS on the web. >In May 2003, 19,208 successful breaches were recorded against Linux based >systems, compared to 3,801 against MS Windows based systems
    >http://www.theinquirer.net/?article=9845

    Have you ever heard this: "Lies, Damned Lies and Statistics"?

    Back to the "report", seems that my, 20 years old, C64 machine is even more secure than your favorite MS Windows - since mi2g (former www.carlounge.com:) hasn't recorded any events regarding C64. Have You ever read discussions about this "famous" report and it's value? Do you know something about mi2g - the (wanna-be) "security" company? Some links:
    http://www.attrition.org/errata/charlatan/mi2g-history.html, http://www.infowarrior.org/articles/2002-12.html, http://www.theregister.co.uk/content/55/28233.html, http://www.nwfusion.com/news/2002/1107msfoul.html, http://vmyths.com/resource.cfm?id=64&page=1

    So don't talk about FUD, please.
  31. I had a quick look into your 5 links,

    Attrition.org
    An anonynous site that provides no information or clue whatever of what persons that are behind the site other than that they are fanatics of the worst kind.

    Infowarrior
    A minimalistic page set up by an unknow person named Richard Forno.

    The Register,
    Infamous newsletter for constant MS bashing.

    NetworkWorkFusion,
    Another notorious newsletter.

    Vmyths.com
    An ordinary anti-MS site, yawn..
    ____________________________________________

    Notice that none of them are respected specialist or companies that have any revenue whatsoever from IT consulting or risk analysis. In other words, only run-of-the-mill Open Source zealots.

    On the other hand I give you my links (I add 3 more to match your five),

    Jan 2004 The truth about the Linux vs. Windows level of security
    http://www.zone-h.org/en/winvslinux2
    Zone-H- IT Security Information Network

    March 30, 2004
    Linux vs. Windows: Which Is More Secure?
    http://www.eweek.com/article2/0,1759,1557459,00.asp
    Forrester Technology research and advice.

    As of monday there were 73 critical vulnerabilities listed for Linux vs. 3 for windows 2k/2k3 in ICAT.
    http://icat.nist.gov/icat.cfm?function=results&startrow=1

    Notice that all my links is links to well-know and repected companies that makes their living from IT consulting and/or security analysis.

    Secunia,
    Security and Virus Information consulting

    Mi2g,
    Respected Digital Risk Specialist company

    Zone-H- IT
    Security Information Network

    Forrester
    Technology research and advice.

    ICAT
    Vulnerability Notification Systems

    Regards
    Rolf Tollerud
  32. So, if you think it is the truth, then you must drop both. How does it prove UNIX is not interesting ?
  33. Juozas, How does it prove UNIX is not interesting ?

    So what particular brand of commercial Unix do you prefer? Solaris? AIX? Other?
    Please specify.

    When even Arthur, a Bona Fide Open Source zealot writes "I don't try to say: "linux is the most secure OS" then we can drop this matter and go on to other things. For instance, I have two computers that are always on and has been up for almost three years now. Each has its own IP address and has no firewall except the small firewall in XP. In that time I have had 1 (one) attack which was easily fixed (SQL Slammer). That rhymes badly with the general opinion.

    And still less trouble would it be if vulnerabilities were not published. But that will not happen because,
    The majority of the attacks is on the client which is not a surprise as 95% of all clients run Windows. There are just not any other interesting targets.
    People then confuse client and server and arrives at wrong conclusions.
    Therefore the Unix/Linux world want the vulnerabilities to be published, to get at Microsoft which is unfairly accused of neglecting security. That it hurts third party doesn't matter, they couldn't care less.

    What is your opinion of the experienced Unix user that fabricates attacks and then goes out in media/forums and accuse MS of neglecting security? And follow up with unfounded claims on Linux security?

    To become a misanthropic is the only viable option in the end. The whole human race is shit! :)

    Regards
    Rolf Tollerud
  34. When even Arthur, a Bona Fide Open Source zealot writes "I don't try to say: >"linux is the most secure OS"

    It is funny to be marked as a "zealot" by a person who permanently writes (completly out of topic in most cases) opinions about Windows, MS and .NET on the java-centric forum, regardless it is, or is not linked with particular topic.

    regards
    Artur
  35. Arthur,

    When you put up links similar to the ones you gave you must stand for to be called a zealot. Take comfort in that zealot not always needs to have a negative meaning.

    Regards
    Rolf Tollerud
  36. I prefer everything my customer prefers. My customers prefer solaris at this time for many reasons so it is my favorite OS too, but I will drop solaris and I will start to code for Windows again if my customer will need it(I used to be COM/DCOM programmer).
    Security is a political aspect too, it depends on security procedures and specific requarements. OS choise can be dictated by hardware requarements too, it can be dictated by server sofware (I must drop solaris or MS SQL Server)
  37. For instance, I have two computers that are always on and has been up for almost three years now. Each has its own IP address and has no firewall except the small firewall in XP.
    I thought you said earlier that you update your machines once a month or so? Just about every security patch I've installed on my Windows box has required a restart of the system, so an uptime of 3 years is impossible unless you never patch it at all.

    Maybe the actual *PC* has been on for 3 years, but you certainly haven't had Windows up for 3 years if you have been diligent about applying your security patches.
  38. still waiting..[ Go to top ]

    Dustin; Maybe the actual *PC* has been on for 3 years, but you certainly haven't had Windows up for 3 years if you have been diligent about applying your security patches.

    That is correct. I was not meaning uptime as in Web server uptime. In this context I am only saying that they have been running the whole time connected directly to Internet. Of course I have rebooted, installed hardware, switched OS, hard disks etc. It still happens that I wake in the middle of the night, with sweat dripping from my face because of the nightmares I have been suffering from since I installed dual boot with Red Hat 9...

    Regards
    Rolf Tollerud
  39. still waiting..[ Go to top ]

    Dustin; Maybe the actual *PC* has been on for 3 years, but you certainly haven't had Windows up for 3 years if you have been diligent about applying your security patches.That is correct. I was not meaning uptime as in Web server uptime. In this context I am only saying that they have been running the whole time connected directly to Internet. Of course I have rebooted, installed hardware, switched OS, hard disks etc. It still happens that I wake in the middle of the night, with sweat dripping from my face because of the nightmares I have been suffering from since I installed dual boot with Red Hat 9...RegardsRolf Tollerud
    Well, when people talk about uptime they do not mean that the physical hardware is on, but no OS is loaded and/or no services are running (Web, FTP, etc). Uptime, in the non-Rolf world, means that your box is up, OS loaded and all services running. If you reboot the box, then your uptime just got reset to 0 days. :)

    Nice try Rolf! :)
  40. not so smart try Dustin[ Go to top ]

    The issue we are discussing is virus, trojans, attacks. That "if windows is so vulnerable, how is it that a computer can be so long time exposed direct to internet without a firewall (I mean a real firewall) without any breach". Not uptime. It is not in your best interest to try to turn this discussion into a question of uptime.

    So here we go. Of all web server solutions, the Big EJB Elephant Servers has the worst uptime. I put a watch on TSS for instance, from the July 3 to the July 17.

    The first week it was up only 93.55%, the second week 98.31 together 96.11 for the 2 weeks, a medium downtime of six and a half hours per week.

    That is still better than the most!
    "..less than 96 percent availability for their J2EE applications.."
    http://www.eweek.com/article2/0,1759,1388603,00.asp

    So you see, uptime is not the question in this thread, but in trying to set me up for something I didn't do, you did yourself a disservice. Do everything but avoid at all cost the mentioning of uptime. That is my advice.

    Have a good day and good mental health!

    Regards
    Rolf Tollerud
  41. not so smart try Dustin[ Go to top ]

    Rolf: For instance, I have two computers that are always on and has been up for almost three years now.
    Rolf, you seem to like to practice revisionist history. I believe the above quote settles the matter of who brought up uptime in relationship to the topic of this forum thread.

    So, once again, nice try Rolf :)
  42. not so smart try Dustin[ Go to top ]

    The issue we are discussing is virus, trojans, attacks.
    Linux has tools such as jails and honeypots to respectively minimize damage and maximize alertness. Does MS-Windows have anything similar? MS-Windows has workgroups, which are similar to domains, and strangely for a machine to join a workgroup it must disable its own firewall.

    Here's a CNet article, interestingly titled, "MSBlast epidemic far larger than believed". Particularly noteworthy is are the millions of machines that Microsoft admits declined to be patched:

    "Since the January [2004] release of the [Microsoft repair] tool, more than 16 million of the systems that connected to Microsoft's Windows Update service were found to be infected with MSBlast and were offered a patch and the use of the disinfecting tool, the software giant told CNET News.com. During the same period, about 8 million systems actually called on Update to patch them..."

    -- http://zdnet.com.com/2100-1105_2-5184439.html
  43. not so smart try Dustin[ Go to top ]

    Hi again Rolf the misanthropic joker !

    Can you tell us why MS support asked me how often i reboot my server ?

    Can you tell us why such a site as ebay (i billion requests per day...), one of the first to make big money on the web, switched from IIS/COM/ISAPI to IBM/J2EE/Websphere ? Just to decrease their uptime (or increase their downtime) ? Or to get more viruses ? :o)))

    Can you tell us why requests to hotmail.com are so often discarded ? Hey, you see, i can take samples off my hat just like you and your 2 desktops :o)

    Can you tell us why by experience all my co-workers, knowledgeable in Windows AND Unix/Linux, ALL claim stability provided by the Unix/Linux boxes is much greater than Windows' ? And i am not talking about viruses here...

    By the way, i got my PC connected to the internet most of the time. And i agree that a firewall plus some good practice such as not opening a strange attachment prevents from getting most of the viruses. But only as far as your firewall prevents most if not all of the ports to be accessed... in which case your server accepts not connection from nobody... LOL ! Oh sorry, i forgot, you were not talkling about servers, maybe we should all switch to this other website, www.theCLIENTside.com ? :o)))

    If i ever need strong security, i would not go for Windows. One of the main reason being that most of the viruses are built for infecting Windows machines. This is a direct consequence of Windows client and departemental success, for sure. But is is a fact...

    And if i need server stability, i don't go for Windows either... Until i experience a version of Windows as stable as the Unix/Linux we are using. It might come, but still is not there...

    MS has plenty of cash (thanks to monopoly they "dishonestly" built, i have a personal example of MS bribing a senior executive to enforce migration from Unix to WindowsNT, but who ever said honesty is a paying quality ? :o))). They have some good developpers and architects, and in the future they might come with a superior server OS. Time will tell. But it is simply not there...

    Christian, ready for a good laugh again (TM)(C)(Patent pending...) :o)))

    PS : At first sight i don't care about MS or Linux or Solaris or BSD as far as i get my monthly check. At second sight... i let you figure out the answer :o)

    PPS : All that glitters is not gold ! Alea jacta est ! In vino veritas ! Veni vidi vici, arrivederci ! Look dad, i can look brillant by adding some pedantic sentences to my post too ! :o)))
  44. For instance, I have two computers that are always on and has been up for almost three years now. Each has its own IP address and has no firewall except the small firewall in XP. In that time I have had 1 (one) attack which was easily fixed (SQL Slammer). That rhymes badly with the general opinion.And still less trouble would it be if vulnerabilities were not published.
    ...
    To become a misanthropic is the only viable option in the end. The whole human race is shit! :)RegardsRolf Tollerud
    Hi Rolf !

    So you have been running a windows box for about 3 years with no reboot ? Congratulations ! Now you can apply for an entry in the Guiness Book of Records, as you must be the only person on earth ! Maybe eBay will switch BACK to Windows/IIS from WebSphere/J2EE again after you tell them your little secret ? Or would you be a liar ? :o)

    I have been doing Windows server administration in 2001 (hopefully not anymore), and my first call to MS support regarding a SQLServer bug got me this question from the support rep : "How often do you reboot your SERVER ? Once a week or once a day ?". It really did not make me laugh at this time, as i had to manually do the reboot. So we wrote a script that would check for the problem symptom and force a reboot of the server, so i could get back to a full 8 hours night sleep...

    So please stop lying. One of the main reasons of the instability of our Windows servers was the mix of different incompatible versions of "same" DLLs, so just installing a new product or upgrading your old one would drive the system randomly creasy. The solution we took was to install one component per server (i.e. SQLServer, IIS, Applications)... and not to touch a running server. We had better uptime, although still rebooting about once a week, few blue screens, Dr. Watson the helpless... It was an internal server in a medium size corporation.

    On the contrary our Linux file server on Intel hardware was rebooted a few months ago, because of OS full upgrade, after more than 1 year of 100% uptime (one hundred per cent, in case you can not read).

    I doubt that in 2004 the situation changed that much on the Windows side even though it can only improve... as i am also using WindowsXP (client OS, but you named it...) and having lots of problem still. I am not talking about viruses here, but installation and usage of, i.e, MSWord... Another corrupted document last week after a blue screen could not be recovered by Word. Fortunately OpenOffice could do the recovery...

    Keep on being misanthropic, 100% (one hundred percent) please (i.e. don't even speak to other people, at least on these forums)...

    :o)))

    Christian
  45. So purposeful misunderstanding is just normal behaviour for you.
    No fair play, no cricket, squirmy excuses, you name it, all in a days work.

    How un-english.
  46. So purposeful misunderstanding is just normal behaviour for you. No fair play, no cricket, squirmy excuses, you name it, all in a days work.How un-english.
    LOOOOOL !
    That is correct. I was not meaning uptime as in Web server uptime.
    LOOOOOOOL again... You are the ONLY IT professionnal i know who is talking about UPTIME for CLIENT computers ! Styop playing with your Fisher-Price toys for a second, please. Everybody knows Windows client are so often rebooted, either manually by user because end of day/week or because of software/OS failure... i would not dare talk a bout client uptime. But maybe you are not that professional... And in my previous post i also mentionned about WindowsXP client experience, Mr Fair-Play, specialist of off-topic trolling ! :o)

    And it seems you even lost your sense of humour on this one, too bad, i like reading you so much, for a break between 2 serious readings i mean, particularly when you show us how knowledgeable you are in litterature !

    Cheeeers ! :o)))

    Christian
  47. You are the ONLY IT professionnal i know who is talking about UPTIME for CLIENT computers ! Styop playing with your Fisher-Price toys for a second, please. Everybody knows Windows client are so often rebooted, either manually by user because end of day/week or because of software/OS failure... i would not dare talk a bout client uptime.
    I had pretty good luck with Windows 2000 and now Windows XP. It's not as stable as UNIX was 10 years ago or anything, but I only have to reboot every couple of weeks. And I use a notebook with that standby feature .. ;-)

    However, I don't think that Windows is a server-class OS yet. I haven't gotten to use Windows Server 2003 much, so maybe it's getting better, but Windows 2000 Server really wasn't up to par. It's not all Microsoft's fault .. their software is pretty good quality. The problem is that the hardware and software vendors that write drivers for Windows and crappy software for Windows don't bother testing much, because they aren't writing for a system that has any uptime expectations. There are exceptions, but most PC drivers and most PC software are shite.

    OTOH, that Windows can be made unstable by its drivers and GUI software is pretty scary, since they are selling it as a server OS.

    Peace,

    Cameron Purdy
    Tangosol, Inc.
    Coherence: Clustered JCache for Grid Computing!
  48. a present to Cameron[ Go to top ]

    Hi Cameron,

    What is your opinion on this?

    Miguel de Icaza calls J2EE academic crap

    Regards
    Rolf Tollerud
  49. a present to Cameron[ Go to top ]

    What is your opinion on this?

    Miguel de Icaza calls J2EE academic crap
    I think it's a brilliant claim -- look at how much press he is getting.

    By the way, who is he?

    Peace,

    Cameron Purdy
    Tangosol, Inc.
    Coherence: Clustered JCache for Grid Computing!
  50. Interesting thread isn't it? This is my favorite,

    the attack of the clones

    Regards
    Rolf Tollerud
  51. It is indeed interesting.

    Alot has to fall in line for the .NET "rule the world" dream to come to fruition. One example is that a large portion of the current Windows tools and applications are of the non-managed code elk. What this means is that Microsoft will either have to leave alot of the old school APIs in the mix or they will have to abandon complete backwards compatibility and somehow force the industry to rewrite all of their tools and applications using all the new wizbang APIs. This of course takes time and money for all parties involved.

    The transition is certainly possible. Apple did it with the transition from OS9 to OS X albeit on a much smaller scale the Microsoft will. Even on that small scale, it took a few years for the major Apple software and hardware vendors to make the transition to OS X. IMO, the forced move from non-managed code to managed is THE major risk for Microsoft, and certainly is a risk they have to take in order for everything to run on the CLR.

    Microsoft did not come to this epiphany on it's own though. All the bullet point items in Michael's .NET's accomplishment scenario have already more or less been accomplished by the JVM. The JVM may lack the spit and polish that we would all like to see, however, the core system is there already and has been for quite some time.

    What marvel's me more then Microsoft's marketing capability it's it uncanny ability to finally adopt what the rest of the industry has already learned (ie VMs coupled with open standards), repackage it, and then act is if they invented it all and that we all must bask in their glory.

    The moral of the story, if there is one, is that Microsoft better get it right this time because if they don't, the giant may collapse under it's own weight.
  52. the agile 800 pounds gorilla[ Go to top ]

    Dustin: ”The moral of the story, if there is one, is that Microsoft better get it right this time because if they don't, the giant may collapse under it's own weight”.

    Microsoft will not collapse under its own weight; it is a most agile 800 pounds gorilla. And you are over-dramatizing the "get it right this time" thing. If they don’t get it right on the first try they will try again, and again, and again, etc. As long as is necessary.

    All that is needed for success in this world is to gather together the best and the brightest for a long period of time under a good leadership. Instead of "hiring most of the staff thro some reference or someone who is related to one of the employees without proper screening or interviews".
    http://www.theserverside.com/home/thread.jsp?thread_id=17831#73715

    .NET is MS new operating system as I have said a couple of times. Most ridiculous is the notion that MS only are waiting to slap Ximian with a cease and desist order based on some patent and make the Java world happy. How it is possible to be so clueless! (Note that Cameron is in this category :)

    Regards
    Rolf Tollerud
  53. the agile 800 pounds gorilla[ Go to top ]

    Microsoft will not collapse under its own weight; it is a most agile 800 pounds gorilla.
    Very agile. That's why .NET was _only_ five years too late to compete against the industry standard Java / J2EE ;-)

    Peace,

    Cameron Purdy
    Tangosol, Inc.
    Coherence: Clustered JCache for Grid Computing!
  54. Very agile. That's why .NET was _only_ five years too late to compete against the industry standard Java / J2EE ;-)
    It was also very late with Internet Explorer (when IE came out, Netscape had about 80% of market share), but we all know where Netscape is right now :-)

    I am not implying whether .NET is better or worse, but MS has plenty of resources to play catch up.

    Regards,
    --Dmitriy.
  55. the agile 800 pounds gorilla[ Go to top ]

    Very agile. That's why .NET was _only_ five years too late to compete against the industry standard Java / J2EE ;-)
    It was also very late with Internet Explorer (when IE came out, Netscape had about 80% of market share), but we all know where Netscape is right now :-)I am not implying whether .NET is better or worse, but MS has plenty of resources to play catch up.Regards,--Dmitriy.
    Good point. But in this case they can't afford to give anything of value away.
  56. Microsoft gave away IE free to kill NetScape. Will they give Windows2003 free to kill Linux. Will they give VisualStudio.Net free to kill Eclipse. Will they give IIS free to kill apache and Tomcat/Jetty/JBoss.
  57. Microsoft cannot give things free anymore[ Go to top ]

    Microsoft gave away IE free to kill NetScape. Will they give Windows2003 free to kill Linux. Will they give VisualStudio.Net free to kill Eclipse. Will they give IIS free to kill apache and Tomcat/Jetty/JBoss.
    Will they give away MS Office to kill OpenOffice (etc.)?
  58. Microsoft cannot give things free anymore[ Go to top ]

    Microsoft gave away IE free to kill NetScape. Will they give Windows2003 free to kill Linux. Will they give VisualStudio.Net free to kill Eclipse. Will they give IIS free to kill apache and Tomcat/Jetty/JBoss.
    Remember that Netscape gave away Netscape as well...
    IIS is also free (and has been since at least 1996) when you purchase a Windows server version, but you wouldn't know that...
  59. Microsoft gave away IE free to kill NetScape. Will they give Windows2003 free to kill Linux. Will they give VisualStudio.Net free to kill Eclipse. Will they give IIS free to kill apache and Tomcat/Jetty/JBoss.
    Remember that Netscape gave away Netscape as well...IIS is also free (and has been since at least 1996) when you purchase a Windows server version, but you wouldn't know that...
    Comes with non-server versions too. But still gotta buy Windows.
  60. To all MS advocates[ Go to top ]

    Guys why bother with people that will eventually lose the battle in the next 5-7 years.

    Linux will still be wishful thinking as a Windows killer. Oh please !!!

    My company is a goto partner for MS when it comes to Migrating from UNIX to Windows.

    In the last 6 months we have migrated 6 companies from UNIX to Windows. Servers ranging from Solaris, AIX, HP etc...

    Long live MS!!
  61. To all MS advocates[ Go to top ]

    Guys why bother with people that will eventually lose the battle in the next 5-7 years.Linux will still be wishful thinking as a Windows killer. Oh please !!!My company is a goto partner for MS when it comes to Migrating from UNIX to Windows.In the last 6 months we have migrated 6 companies from UNIX to Windows. Servers ranging from Solaris, AIX, HP etc...Long live MS!!
    It is very difficult to predict the future.

    It is sad to see companies move to a closed system when the transition to a cheaper, better, etc. system with less pain could have been accomplished. Good sales job.

    Alot of Linux migrations, including the desktop do not make the news. I am hearing more and more. I think the predicted tidal wave of Linux is less realistic and more likely the frog in the cold pot of water slowly brought to a boiling.
  62. To all MS advocates[ Go to top ]

    Guys why bother with people that will eventually lose the battle in the next 5-7 years.Linux will still be wishful thinking as a Windows killer. Oh please !!!My company is a goto partner for MS when it comes to Migrating from UNIX to Windows.In the last 6 months we have migrated 6 companies from UNIX to Windows. Servers ranging from Solaris, AIX, HP etc...Long live MS!!
    Mainframes have been dying for how long? Unix has been dying for how long? Java has been dying for how long? Windows has been dying for how long?

    The answer is: there is enough space for everyone. Most big companies have a rather heterogeneous environment, and will continue to do so (they are not dumb to put all the eggs in one basket...), so this will probably go on forever.

    Sorry to spoil all the fun... ;)

    Regards,
    Henrique Steckelberg
  63. To all Linux advocates[ Go to top ]

    To pontificate "impartial and unbiased stuff" in a bombastic voice is the copyright of Cameron Purdy and he will not take lightly to that you are treading on his turf!
    "Mainframes have been dying for how long? Unix has been dying for how long?"
    You forgot to mention Cobol that it is not dead either!
    But it is completely unfashionable and you will get no status from it. You can also ask the Unix users how they liked the period around 1975 when Unix was at its lowest.

    Fact:
    There is a "lynching mob" out against Microsoft all over the world (envy against the leader) and as usual in such circumstances truth is the first to go. "Apache is the most used web server" (allow me to laugh). But you can only fool some people some of the time and the time is up!

    If you think that Linux has any chance to compete against OSX or Windows at the desktop that only shows that you are a person with a exceptional bad judgment.

    We will be writing 2005 in a five months and Linux still shows up as one(1) percent in Google Zeitgeist as usual...

    The Economist on Linux desktop growth, Google Zeitgeist
    http://www.ssc.com/pipermail/linux-list/2004-April/020608.html

    http://www.google.com/press/zeitgeist/zeitgeist-jun04.html

    Sorry to spoil all the fun... ;)

    Regards
    Rolf Tollerud
  64. To all Linux advocates[ Go to top ]

    But you can only fool some people some of the time and the time is up! If you think that Linux has any chance to compete against OSX or Windows at the desktop that only shows that you are a person with a exceptional bad judgment.
    Hmmmm.
    "Linux captured the No. 2 spot as desktop operating system in 2003," said IDC analyst Dan Kusnetzky. By 2007, IDC estimates that Linux will have 6 percent of the desktop market in terms of units.
    http://www.macminute.com/2004/08/04/linux (First link I came to using google. I've seen it multiple times elsewhere)
  65. "Linux captured the No. 2 spot as desktop operating system in 2003"

    Linux advocates have been saying that for years, along with "This year will be the year of Linux". But nothing is happening. Mac has 3%, Linux 1%, this year too in Zeitgeist. So that Linux is no 2 is just a myth. (Despite the greatest free publicity in the history of mankind).

    As the Apache servers 70% marketshare was. As the Commercial EJB Servers superiority was.

    Regards
    Rolf Tollerud
  66. "Linux captured the No. 2 spot as desktop operating system in 2003"Linux advocates have been saying that for years, along with "This year will be the year of Linux". But nothing is happening. Mac has 3%, Linux 1%, this year too in Zeitgeist. So that Linux is no 2 is just a myth. (Despite the greatest free publicity in the history of mankind). As the Apache servers 70% marketshare was. As the Commercial EJB Servers superiority was.RegardsRolf Tollerud
    Believe and interpret the numbers as you so desire. Just means less competition. :)

    Linux is harder to track in terms of market share. And the Zeitgeist numbers only prove that Windows users need more answers. :)
  67. To all Linux advocates[ Go to top ]

    You forgot to mention Cobol that it is not dead either!But it is completely unfashionable and you will get no status from it.
    For that kind of discussion, I suggest you go to www.TheMarketingSide.com ;)
    You can also ask the Unix users how they liked the period around 1975 when Unix was at its lowest.
    Lowest? Are we talking about the same operational system? Even is it was truly a "bad year" for Unix, I am sure there would be some Rolfs shouting "Unix is dead! Unix is Dead!". Now look at Unix today and tell me if those Rolfs were right back then... Funny thing is, the same thing can be said of Java today, for instance... :) As long as some technology has its use for someone, it will endure. Take VB, for example... ;)
    Fact:There is a "lynching mob" out against Microsoft all over the world (envy against the leader)
    Oh, poor IBM (Hardware leader) with its lynching mob! Poor Cisco (Network Eqpt Leader) with its lynching mob!! So tough to be a leader in these mean times... ;)

    Despite anything you may say, Unix, Java, MS, Windows, IBM, Mainframes, etc. will be around for a long time.

    Regards,
    Henrique Steckelberg
  68. To all Linux advocates[ Go to top ]

    But you can only fool some people some of the time and the time is up! If you think that Linux has any chance to compete against OSX or Windows at the desktop that only shows that you are a person with a exceptional bad judgment. Regards Rolf Tollerud
    I am sure that you, in your best judgment, know that OSX is as Open Source UNIX-based as Linux... So there is no need for them to fight for anything between themselves.

    Oh, that means you can actually add Linux's and OSX's marketshare, under one UNIX brand! :) Guess which OS is next to jump into the bandwagon, with all this Mono gossip going around??? ;)

    Regards,
    Henrique Steckelberg
  69. To all Linux advocates[ Go to top ]

    "I am sure that you, in your best judgment, know that OSX is as Open Source UNIX-based as Linux"

    Yes, thank you for assuming that! I am sure that you also know that before Apple converted to an OSX, when they had their own operating system, they had 6% market share! In other words, converting didn't help much. :)

    Regards
    Rolf Tollerud
  70. To all Linux advocates[ Go to top ]

    "I am sure that you, in your best judgment, know that OSX is as Open Source UNIX-based as Linux"Yes, thank you for assuming that! I am sure that you also know that before Apple converted to an OSX, when they had their own operating system, they had 6% market share! In other words, converting didn't help much. :)RegardsRolf Tollerud
    Depends on your measurement technique and what you are measuring. Keep the same percentage of market share? No it didn't. But maybe it did help them keep more than they would have lost if they had not converted. I think so. It has opened lots of doors.

    Gotta love statitics. Like "We doubled our output." Yeah, went from one to two. :)
  71. the agile 800 pounds gorilla[ Go to top ]

    Microsoft will not collapse under its own weight; it is a most agile 800 pounds gorilla
    "The bigger they are, the harder they fall."
    "Oh how the might have are fallen."
    Even the great ape eventually dies.
  72. An anonynous site that provides no information or clue whatever of what persons >that are behind the site other than that they are fanatics of the worst kind.

    >A minimalistic page set up by an unknow person named Richard Forno.

    >Infamous newsletter for constant MS bashing.

    >Another notorious newsletter.

    >An ordinary anti-MS site, yawn..

    So what? Are they laing or asking You to pay $$$ for their source of information? Isn't it true that mi2g started as a car lounge company, and changed it's profile few times - until, recently, they became "security" company? Didn't they publish complete mess earlier?

    > Zone-H- IT Security Information Network

    Saing (in this report): "YOU SHOULD SEND ALL THIS ANALYSIS AND THESE GRAPHS IN /DEV/NULL". Have you read this report?

    > Mi2g, Respected Digital Risk Specialist company

    Eh? Respected? Because they said so?

    About other reports. As I said earlier - these reports usually compare different thinks. They count all vulns in all packages for all architectures for given distribution and compare these numbers to vulns in vanilla Windows. Which is just funny. How many SQL servers, App servers, deamons, http servers etc. there are in vanilla Windows? Why they count vulns in different architectures - even if some particular vulns work only, for example on ALPHA but not on SPARC and Vice Versa? Why they don't count vulns in, for instance apache httpd - like a Windows vulns (but, of course, they count it as a Linux vulns) - isn't it possible to run apache httpd on Windows?

    Rolf, I'm not against Windows and I don't try to say: "linux is the most secure OS in the World" I just try to say - that there are some substantial problems comparing properties like "security".
      
    Artur
  73. Innovate first[ Go to top ]

    Open Industry Standards, is going to limit an individuals (or companies) ability to innovate. Does “Open Standards” mean that we have to wait for a standard to be in place before we create an innovative peace of software?

    IBM was not successful with many of its non-mainframe software products. OS2, Visual Age etc failed to compete with others because they did not live up to the expectation of users. IBM is successful now because it embraces a model that sells consultancy services bundled with software (Web Fear, DB2 etc) and not because it embraces "Open Standards".
  74. Perhaps it'll take some sort of near-death experience for this seemingly invincible company to recognize the need to reform, and embrace open industry standards.
    Is IBM actually suggesting that Microsoft should implement J2EE App Server and try to sell it to the community that generally hates them? I don’t think that this idea would make Microsoft any richer. Moreover, both .NET and Web Services _are_ standards into which Microsoft invested significantly.

    I don’t think that Bill Gates or Steve Ballmer will lose any sleep for as long as we all use Windows for our desktops.

    Regards,
    --Dmitriy.
  75. I don’t think that Bill Gates or Steve Ballmer will lose any sleep for as long as we all use Windows for our desktops.
    I think that is part of the point. And are you sure they aren't? Steve seemed to be pretty agitated.

    The desktop monopoly is being attacked on many fronts. Some publicized. Some not. ;) What you don't know might hurt you.
  76. still waiting..[ Go to top ]

    Every year is proclaimed as Linux year! But I think it was Cedric that said that this year more aptly could be named as the "Windows year". I wholeheartly agree. Now there are only two more chances, years, left. After Longhorn it is goodbye. :(

    Regards
    Rolf Tollerud
  77. still waiting..[ Go to top ]

    Every year is proclaimed as Linux year!
    Not lately. And that is not what I said. I am saying that things actually are happening. More than and instead of someone claiming that this is "Linux Year".
     But I think it was Cedric that said that this year more aptly could be named as the "Windows year". I wholeheartly agree.
     How could this be a Windows year?
     Now there are only two more chances, years, left. After Longhorn it is goodbye. :(
    So would that be goodbye Mono too? Again with the fortune telling. Longhorn is more of Microsoft saying who cares about openess and standards. And more blatantly so. The "opportunity" to move to Longhorn is also the opportunity to opt out. So it is a wait and see.
  78. How could this be a Windows year?[ Go to top ]

    Well, why don't you read Cedrics weblog?

    2004 the year of Linux? I don't think so

    Regards
    Rolf Tollerud
  79. Rolf,

    It may not be the year of Linux, but it's certainly doing OK. RedHat is doing ok despite Cedric's dismay for their withdrawal from certain spaces. I'm not exactly sure what reversal of fortune Cedric is referring to. They've reported 4 or 5 straight profitable quarters. Novel is advancing SuSE quickly, and Gentoo and Debian are growing like wildfire (I know that because we see more and more downloads for those two distros, and hear from lots of people using them. We are infrastructure hosts for both of those projects). Is Cedric talking about desktops? Maybe. But stats on servers show different numbers. Recent polls done by Wired and Netcraft showed:

    Email Servers: 41% powered by open source
    Database Servers: 18% (postgres and mysql)
    Web Servers: about 70%

    Now that doesn't qualify as the year of anything. But just a few years ago, those numbers were a heck of a lot lower.

    I personally don't like comments like, "It's the year of Linux" or anything else. But Linux is growing in a lot of spaces. We see it all the time, since people often ask the OSL for help with Open Source deployments.

    Jason McKerr
    The Open Source Lab
  80. Hello Jason,

    Puh.., nice to discuss with a normal and decent person again.

    For me it is totally incomprehensible that they don't understand that they are making an ass out of themselves, bringing shame over the community they represent.

    You wrote,
    Email Servers: 41% powered by open source
    Database Servers: 18% (postgres and mysql)
    Web Servers: about 70%

    But do you have the numbers for enterprise business? That's what's hot.

    For instance I know that the Apache server has 67% of the web server market overall, but I also know that IIS are twice as common in enterprise business as Apache.

    What interest do we have of the whole internet? (X-rated sites and all).
    None. Enterprise business is my business.

    Regards
    Rolf Tollerud
  81. For instance I know that the Apache server has 67% of the web server market overall, but I also know that IIS are twice as common in enterprise business as Apache.
    How exactly do you know that?

    Jason McKerr
    The Open Source Lab
  82. 53.5% against 19.3%[ Go to top ]

    I found it here,

    According to the survey, 53.5 percent of the sites surveyed ran Microsoft IIS. This was more than double the 19.3 percent running Apache.

    It is also the impression I have based on my own experience. The survey is based on the largest companies of US Fortune 1000 type. But the smaller the company, the more IIS IMO.

    Regards
    Rolf Tollerud
  83. 53.5% against 19.3%[ Go to top ]

    I found it here,According to the survey, 53.5 percent of the sites surveyed ran Microsoft IIS. This was more than double the 19.3 percent running Apache.It is also the impression I have based on my own experience. The survey is based on the largest companies of US Fortune 1000 type. But the smaller the company, the more IIS IMO.RegardsRolf Tollerud
    Found this there too:
    "Port 80, a Microsoft IIS software developer, released its first Web server survey using the fortune 1000 in December."

    BTW, you do know that IIS can be used as the WebServer for Java App Servers?

    I am glad you are finally qualifing your statements with "IMO".
  84. so, what is your opinion?[ Go to top ]

    Juozas:
    Are you talking about something like help desk for MS Office users or service for customers like stock exchange trading system?


    Are you forgetting that it was a survey of the largest companies (The US Fortune 1000)?

    Mark:
    I am glad you are finally qualifying your statements with "IMO".


    Mark, what is your opinion? Do you think that Java App Servers is more and more popular the smaller the company?

    Regards
    Rolf Tollerud
  85. so, what is your opinion?[ Go to top ]

    Service is more interesting for me than size or location if we are talking about "enterprise".
  86. 53.5% against 19.3%[ Go to top ]

    I found it here,According to the survey, 53.5 percent of the sites surveyed ran Microsoft IIS. This was more than double the 19.3 percent running Apache.
    And. according to the article _you_ linked to, Port 80 is an IIS Software developer - this is clearly not an objective source. So if IIS is on the up and your CIO tinks 'ooh this is clearly an unbiased article', who does it benefit, besides Microsoft - IIS developers which brings us neatly back to Port 80 Software

    Please stop posturing, Forrester and it's subsidiary Giga were paid by Microsoft to produce reports regarding suitability of Microsoft vs Linux.

    Money talks Rolf, and it's very good at convincing you to look the other way when something isn't going as you expected.

    You can point out all the alleged smoke and mirrors stuff about OSS, but believe me, there are just as many cloaks and daggers in your happy-go-lucky Microsoft world.

    When you want to quote numbers, get them from a real objective source.

    -Calum
  87. 53.5% against 19.3%[ Go to top ]

    I have a lot of interest in Apache vs IIS, and the general concensious ( I get most of this info from Netcraft) seems to be Apache has about a 60-70 percent of the market share for general WebServers, while Fortune 1000 companies tend to deploy either IIS or Unix, and are less apt to deploy Linux. Which makes perfect sense, if you are a small shop, Apache/Linux low licensing/hardware cost are very attractive. If you are a Fortunate 1000 shop, your are more interested in vendor support. The truth is both WebServers can be made to work very well.
  88. 53.5% against 19.3%[ Go to top ]

    .. while Fortune 1000 companies tend to deploy either IIS or Unix, and are less apt to deploy Linux.
    The only truth about big companies that you can count on is that you can't count on anything. These companies have hundreds and often thousands of simultaneous IT projects going on, in everything from VB and Delphi to C++ and Java, on every conceivable platform, and often getting glued together in the weirdest ways. They use every conceivable software technology and product. They often have tens of thousands of servers, of every type.

    I was at a certain insurance company in the past few years that was running enterprise RedHat with some sort of custom Apache in the DMZ on Intel 2x CPU (Dell or Compaq) servers, backed by FreeBSD firewalls on 1xCPU boxes, with clusters of Sun 4x CPU servers behind that running J2EE apps, both Oracle and Sybase databases, a couple different messaging systems, with custom enterprise connectors going to mainframes including some mainframe DB2 stuff, plenty of MQ Series and CICS stuff (all related to the mainframes I think,) a big HP-UX box for some specialized database, and although I didn't see it anywhere, someone probably slipped some Windows servers in there somewhere just to keep things interesting. And that was "just" one intranet app. The RedHat support cost on just the Linux tier was more than most people make in a year :-o ..
    The truth is both WebServers can be made to work very well.
    The problems with IIS have never been with it working .. it's always been a quick and easy server to use for most things. The IIS issues have been almost all related to security vulnerabilities.

    Peace,

    Cameron Purdy
    Tangosol, Inc.
    Coherence: Clustered JCache for Grid Computing!
  89. 53.5% against 19.3%[ Go to top ]

    Cameron:
    The problems with IIS have never been with it working .. it's always been a quick and easy server to use for most things. The IIS issues have been almost all related to security vulnerabilities.
    Ha ha, Cameron forgot to add IMO.
    It must be hard when even old myths die. (that the Apache server has 70% of the market is a stubborn one)The IIS is superior product in all aspects (performance is one of them, security is another) IMO.

    It is of course must attacked,

    1) Because it is a Microsoft product and,
    2) Because it is more than twice as common.

    The smaller the company the more IIS, IMO!

    Regards
    Rolf Tollerud
  90. paranoid delusional[ Go to top ]

    Rolf:
    The IIS is superior product in all aspects (performance is one of them, security is another) IMO.
    From what I've read, IIS seems to perform better and secure worse. Cripes .. there have been so many easy-to-exploit and completely-compromising IIS vulnerabilities that have been so widely exploited (e.g. worms) that it's hard to believe you can claim the above with a straight face. I've yet to hear of one similar Apache worm, which isn't to say that there are none, but they obviously aren't very effective, since most of the web servers out there are running Apache.
    It is of course must attacked,
    1) Because it is a Microsoft product and,
    2) Because it is more than twice as common.
    I didn't attack it. You're paranoid. I thought my comments were rather complimentary.

    Peace,

    Cameron Purdy
    Tangosol, Inc.
    Coherence: Clustered JCache for Grid Computing!
  91. 53.5% against 19.3%[ Go to top ]

    "Most of the web servers out there are running Apache" NOT! The myth has precisly died. None of us in TSS are interested in people that share a computer with 500 others...

    53.5% against 19.3% is confirmed in 2 seperate surveys. Almost 3 times more common for IIS. And is smaller companies should be taken into account probably IIS is about 4-5 times as common.

    "I didn't attack it"

    I didn't meant you Cameron, I meant all this people out there that doesn't have anythin else to do: virus authors. (for example a lot of experienced Unix users that trues to discredit windows no doubt). If Apache was targeted as much as IIS you would see how many holes there is in it!

    Regards
    Rolf Tollerud
  92. 53.5% against 19.3%[ Go to top ]

    Don't know why people still bother here. The level of discussion has dropped to the /. low (which is pretty low indeed) with the only acceptable voice being the one that attacks Microsoft over anything.

    Weird how people claim that statistics showing Microsoft does something right are skewed while at the same time trusting statistics that show Linux is on the rise at face value...
  93. 53.5% against 19.3%[ Go to top ]

    <blockquoteThe problems with IIS have never been with it working .. it's always been a quick and easy server to use for most things. The IIS issues have been almost all related to security vulnerabilities.Peace,Cameron PurdyTangosol, Inc.Coherence: Clustered JCache for Grid Computing!pretty much like most Apache bugs then, of which there seem to be a lot more.
  94. 53.5% against 19.3%[ Go to top ]

    According to the survey, 53.5 percent of the sites surveyed ran Microsoft IIS. >This was more than double the 19.3 percent running Apache.

    About authors of this report:

    "Port80 Software, Inc. develops software products to enhance the security, performance and user experience of _Microsoft's_Internet_Information_Services_ (IIS) Web server."

    Don't hesitate, paste some MS "facts" here ;)).
      

    Artur
  95. 53.5% against 19.3%[ Go to top ]

    According to the survey, 53.5 percent of the sites surveyed ran Microsoft IIS. >This was more than double the 19.3 percent running Apache.

    Blah, blah, blah - statistics, lies and damn lies. They showed only results which were positive for them.

    Check:

    http://www.biznix.org/surveys/

    "Microsoft IIS popularity is a U.S. phenomenon."

    global500 results are slighty different: 36 (apache) aginst 33 (IIS). Results for other countries are even better than Netcraft's surveys.

    Poor, old U.S. :).

    Artur
  96. Now we have numbers verified from two independent surveys. So port 80 weren't faking it after all then. Bought by Microsoft and everything.

    Now we just need another survey to confirm BizNix claims in Germany (Apache 64.7%, IIS 5.8%!) and Japan, Consider that they said "If small businesses were included in the survey the results would certainly raise Apache's ranking in the United States." I wouldn't bet too much on their credibility.
    "The Netcraft survey results are skewed in favor of those Web servers that are most commonly used for virtual hosting. Apache is the web server of choice for virtual hosting and this is one reason why the Apache numbers are so high."

    "The BizNix survey was designed to minimize the effect of virtual hosting by limiting the survey to large companies that would most likely run their own Web servers."
    Ok, good intentions, isn't it. After been screaming the Netcraft numbers for years. At least I can guerantee you that in Sweden the numbers for IIS is even higher than in US.

    Regards
    Rolf Tollerud
  97. Ok, good intentions, isn't it. After been screaming the Netcraft numbers for years. At least I can guerantee you that in Sweden the numbers for IIS is even higher than in US.RegardsRolf Tollerud
    As I understand SUN software and harware is the most popular in Sweden, I have a lot of work after companies from Sweden bouth some Lithuanian companies.
  98. Anyway I am tired of this. The Port 80 report must be doubted until confirmed by an unbiased agency. The BizNix survey, after examined it a little further, could quite possible be just a scam, some pages set up by one single person that have copied the Port 80 survey, changed a little to make them credible and invented the rest. The whole site looks very dubious, as the company that’s supposed to have them helped with the survey:

    Tailored Computers
    A garage company for selling PCs?

    Only one thing is sure. The Netcraft numbers are very, very wrong.

    But it is allowed to have an opinion and I bet my shirt that the Port 80 survey is about right!

    Regards
    Rolf Tollerud
  99. Ok, good intentions, isn't it. After been screaming the Netcraft numbers for years. At least I can guerantee you that in Sweden the numbers for IIS is even higher than in US.RegardsRolf Tollerud
    As I understand SUN software and harware is the most popular in Sweden, I have a lot of work after companies from Sweden bouth some Lithuanian companies.
    All I can say is that I was totally surprised by the Microsoft stranglehold in North America, after having moved here from Finland. I have come to a conclusion that the dominance has continued so long that many decision makers do not know anything else and are afraid to try something else. A lot of people have their time and skills invested in it as well so they often do not consider going anywhere else - which one is better does not really matter.

    I do not know about Sweden, but Rolf's comment sounds totally opposite from what I saw in Finland. I did not see major presence from Microsoft in the server room. The last company I worked for in Finland did not allow anything Microsoft anywhere near the server room. Any talks about it were promptly stomped by management. The main concerns were security and the fact that Microsoft does not play nicely with others. This made it very hard or impossible to accept Microsoft products in a space where stuff from vendor X has to work with Y, because one vendor was never allowed to bring in product lines and create a lock-in situation. I would be immensly suprised if Sweden was any different.
  100. with the head in the sand[ Go to top ]

    Tero:
    "They did not allow anything Microsoft anywhere near the server room. Any talks about it were promptly stomped by management"
    "

    But that was the same thing that was said about the US market too.I think you must be made of wood not to see the writing on the wall..

    Ponder,

    1) That stock from both BEA and SUN is at the absolute bottom.
    2) That the exodus of top leaders from SUN affects virtually every segment of Sun's operations.
    3) That EJB author Richard Monson-Haefel and others is jumping the ship
    4) That a Java advocate like O'Reilly can say: "There's an elephant in the room, the fact is that on Linux the Mono Project is implemented on .NET not Java. Microsoft has a foot in the door.
    5) That Miguel de Icaza says "J2EE is academic crap.
    6) That Java loose 5% user popularity in the TIOBE Index
    7) That the so called 70%- 29% dominance of Apache server in reality was 51%-19% to IIS
    8) that two anti EJB books is the top selling Java books on Amazon
    9) That Netcraft reports that ASP.NET sites is more common than Java sites.
    10)That C# has nearly doubled in the last six months
    11)That Microsoft dominates In web services space
    12)That J2EE has loosed all published performance benchmarks
    13)That scores of TSS members are denouncing EJB

    I'm too lazy to type. I have 30 more :)

    Regards
    Rolf Tollerud
  101. with the head in the sand[ Go to top ]

    Tero:
    "They did not allow anything Microsoft anywhere near the server room. Any talks about it were promptly stomped by management"
    "But that was the same thing that was said about the US market too.I think you must be made of wood not to see the writing on the wall..Ponder,1) That stock from both BEA and SUN is at the absolute bottom.2) That the exodus of top leaders from SUN affects virtually every segment of Sun's operations.3) That EJB author Richard Monson-Haefel and others is jumping the ship4) That a Java advocate like O'Reilly can say: "There's an elephant in the room, the fact is that on Linux the Mono Project is implemented on .NET not Java. Microsoft has a foot in the door.5) That Miguel de Icaza says "J2EE is academic crap.6) That Java loose 5% user popularity in the TIOBE Index7) That the so called 70%- 29% dominance of Apache server in reality was 51%-19% to IIS8) that two anti EJB books is the top selling Java books on Amazon9) That Netcraft reports that ASP.NET sites is more common than Java sites.10)That C# has nearly doubled in the last six months11)That Microsoft dominates In web services space12)That J2EE has loosed all published performance benchmarks13)That scores of TSS members are denouncing EJBI'm too lazy to type. I have 30 more :)RegardsRolf Tollerud
    So? Are out-of-the-hat list of things individuals said, questionable numbers, and other FUD going to change what I saw in Finland?
  102. How could this be a Windows year?[ Go to top ]

    For instance I know that the Apache server has 67% of the web server market overall, but I also know that IIS are twice as common in enterprise business as Apache.
    How exactly do you know that?Jason McKerrThe Open Source Lab
    He is clairvoyant and maybe even omniscient. Same way he "knows" everything else. Same way he "knows" that the TSS downtime is J2EE related. Makes me think of the joke "What is clear (see-through) and lays in a ditch?"
  103. but I also know that IIS are twice as common in enterprise business as Apache.
    Rolf - are you speaking of how many machines have IIS on them in an enterprise environment or are you speaking of how many enterprises use IIS? Of the windows boxes in our IT evnironment, there are quite a few that have IIS. It's typically completely disabled though.

    Cheers
    Ray
  104. Hi Rolf !
    Hello Jason,Puh.., nice to discuss with a normal and decent person again.For me it is totally incomprehensible that they don't understand that they are making an ass out of themselves, bringing shame over the community they represent.
    LOOOOL ! You're too good ! Some people like my ass, thanks :o)))
    My customers do appreciate me and my advices, and believe i am normal and decent person, and additionally i make them laugh for free so they can relax ! You know i am in the business field too, making money for quite some years in that IT industry... Particularly they trust me because i try to give HONESTLY all arguments (in favor and against my proposed choices, and THEY do the final choice). AS far as they call me back, i believe they appreciate this way of working.
    You wrote,Email Servers: 41% powered by open sourceDatabase Servers: 18% (postgres and mysql)Web Servers: about 70%But do you have the numbers for enterprise business? That's what's hot. For instance I know that the Apache server has 67% of the web server market overall, but I also know that IIS are twice as common in enterprise business as Apache.
    In many companies IIS is automatically installed when installing Windows as a 10 PC printer server, or file server, "i also know", how professional, LOL !!!. How is it counted in the stats ? By the way, there is certainly good money in the X-rated industry, you should have a look :o)))
    What interest do we have of the whole internet? (X-rated sites and all). None. Enterprise business is my business.RegardsRolf Tollerud
    If you do not see the interest of the whole internet... Some of my friends are making very good money with the "whole intenet"... and not in the X-rated industry...

    If you are only interested into small/medium departemental printer servers, then please let us know. I just (with others of course) delivered an architecture supporting a few million of massive transactional requests per day, who went pass the functional and load testing, and the customer is fully satisfied regarding price,performance,security,fault-tolerance, fail-over... Not a single Windows Server OS there... Maybe we are not talking about the same level of quality, uptime you know,... Go back and play with your 2 desktops...

    Christian

    Sorry, i forgot :
    Regards ! :o)))
  105. But do you have the numbers for enterprise business?
    Are you talking about something like help desk for MS Office users or service for customers like stock exchange trading system ?
  106. How could this be a Windows year?[ Go to top ]

    Well, why don't you read Cedrics weblog? 2004 the year of Linux? I don't think soRegardsRolf Tollerud
    Read it. So? One guy's thoughts. Glad he shared them. But they mean little more than that.