Message boards :
Politics :
Why I hate everything Apple!
Message board moderation
Previous · 1 · 2 · 3 · 4 · 5 · 6 . . . 9 · Next
Author | Message |
---|---|
bobby Send message Joined: 22 Mar 02 Posts: 2866 Credit: 17,789,109 RAC: 3 |
You'd clearly be surprised how widely *nix is used by business today. You seem to be under the misapprehension that desktops and smaller are the only markets that are worth considering. Sure the desktop business is large, but *nix servers are not exactly small concerns. *nix is the most popular home for Oracle RDBMS, Oracle Corp is the world's 2nd largest software company (after Microsoft), they own about 1/2 the RDBMS market and > 3/4s of their license revenue comes from *nix. The Windows based RDBMS market is less than 20% of the total RDBMS market by revenue (and mainly MS SQL Server). Why do you think companies big and small put their business critical data on *nix rather than Windows? I think you'll find it's a bit more complicated than that ... |
OzzFan Send message Joined: 9 Apr 02 Posts: 15691 Credit: 84,761,841 RAC: 28 |
Not at all. I'm well aware that there's a very large server market out there, and that many large corporations are using Unix/Linux. The reason why I've discounted this market is because servers require people with letters after their names to run them. These people are highly educated and thus are not the focus of malware attacks in most cases (perhaps some, sure). Most malware writers are looking for the "dumb" users, and thus the primary attack target is desktop systems. It's akin to a petty theif or pickpocket targeting the clueless passerby instead of planning an all out attack on Fort Knox. Even those companies running Windows Servers have people who are paid to "harden" them and keep them safe. Why don't we hear more often about these companies and the "massive" exploits in Windows causing lots of data loss or the like. Because they have good SysAdmins to prevent that. The home user does not, and hackers know this. |
Gary Charpentier Send message Joined: 25 Dec 00 Posts: 30608 Credit: 53,134,872 RAC: 32 |
Even those companies running Windows Servers have people who are paid to "harden" them and keep them safe. So even Microsoft's server products are so prone to malware that they require an IT Pro to do a lot of stuff to them so they are secure. I suppose that is why *nix is used in most public internet facing boxes. |
Luke Send message Joined: 31 Dec 06 Posts: 2546 Credit: 817,560 RAC: 0 |
|
ML1 Send message Joined: 25 Nov 01 Posts: 20147 Credit: 7,508,002 RAC: 20 |
... Most malware writers are looking for the "dumb" users, and thus the primary attack target is desktop systems... Two issues there... 1: I know some "very educated people with letters after their names" that use and rely on computers every day. They literally have no idea how the things work and have no interest in knowing or worrying about how the things may or may not work. They certainly ain't "dumb". Just as many people drive vehicles and have no idea how the engine or transmission might work, let alone notice or understand the nuances of what the engine noise might indicate. 2: I thought that an important part of Microsoft's Marketing was the 'message' that their products are easy enough for anyone to use them... So the Microsoft desktop is not so 'fit for purpose' after all? Regards, Martin See new freedom: Mageia Linux Take a look for yourself: Linux Format The Future is what We all make IT (GPLv3) |
ML1 Send message Joined: 25 Nov 01 Posts: 20147 Credit: 7,508,002 RAC: 20 |
Good summary for this thread! Cheers, Martin See new freedom: Mageia Linux Take a look for yourself: Linux Format The Future is what We all make IT (GPLv3) |
OzzFan Send message Joined: 9 Apr 02 Posts: 15691 Credit: 84,761,841 RAC: 28 |
I know some "very educated people with letters after their names" that use and rely on computers every day. They literally have no idea how the things work and have no interest in knowing or worrying about how the things may or may not work. They certainly ain't "dumb". Just as many people drive vehicles and have no idea how the engine or transmission might work, let alone notice or understand the nuances of what the engine noise might indicate. You're totally right. Linux truly is the best OS to just plug in and go. No viruses. No trojans. No hassle. I thought that an important part of Microsoft's Marketing was the 'message' that their products are easy enough for anyone to use them... Yeah, silly me. Microsoft is simply not fit for consumption by the general public. Not even ordinary uses can just go about their business without trojans and viruses. Windows should just be pulled from the market and never released again. Linux rocks. |
OzzFan Send message Joined: 9 Apr 02 Posts: 15691 Credit: 84,761,841 RAC: 28 |
Even those companies running Windows Servers have people who are paid to "harden" them and keep them safe. Yes. That's exactly what I just said. Linux rocks! |
bobby Send message Joined: 22 Mar 02 Posts: 2866 Credit: 17,789,109 RAC: 3 |
I'm not sure what you're saying here, given a choice corporations use *nix over Windows for hosting their business critical data. Sure they have experts on their staff to ensure the systems are suitably configured and secure, but if it's possible to make Windows secure, why would corporations choose *nix instead? As for not hearing about companies suffering from Windows exploits, when the Windows Metafile vulnerability was revealed, many companies shutdown their Outlook/Exchange email systems until a fix was installed. When the SQL Slammer Worm reared it's ugly head, many corporations had to shutdown their databases (perhaps another reason why corporations generally avoid MS SQL Server). Doesn't this second example show that hackers do target business software? Isn't it reasonable to assume that if there are exploits to turn *nix machines into spam generating zombies, hackers will find them? Patch Tuesday costs businesses, Windows requires businesses apply critical patches on a monthly basis followed by system reboots, the vast majority of *nix patches do not require system reboots, and it's not rare to find *nix servers with > 300 days continuous uptime, with patches applied every 3 to 6 months. This month many corporations have had to take 2 outages to apply critical updates (a situation that shamefully isn't that rare), at a time when companies are trying to close out their finances for the previous year, send out W2s, etc, these outages are not simply a nuisance they cost companies, and in turn all of us as customers, money. This MS bulletin describes the reason for the second outage. I say this as a person who has, for the last 20 years, had Windows as my primary desktop OS. I intend to switch over to Linux on my next build, it's certainly mature enough and simple enough to install for my needs. On the installation side I'm making things difficult for myself as an intellectual exercise (in all likelihood going with Gentoo), but I could have gone the simple and secure Ubuntu route, or any one of many, many other distros. Once set up, Windows will be confined to VMs. I think you'll find it's a bit more complicated than that ... |
bobby Send message Joined: 22 Mar 02 Posts: 2866 Credit: 17,789,109 RAC: 3 |
This has to be one of the most misguided, insulting and silly criticisms of *nix going, the mythical "pimply faced youth". Misguided because companies large and small (not just hardware manufacturers) employ staff to contribute to driver development, it's in their interest to have stable device drivers. Insulting because Linux is big business, the market cap of RedHat (RHT) is about 5 billion USD, for comparison Sun Microsystems (JAVA) is about 7 billion USD (Microsoft/MSFT is about 250 billion, Oracle/ORCL about 115 billion). Redhat employs 2500 people, having met some I can assure you that they are not all "pimply faced youths". Go to a LinuxWorld event and you'll get an idea of the kind of people that are involved with Linux, (hint, it's all sorts). Silly because, well, have you seen pictures of Bill Gates from around the time Microsoft started as a going concern? Looks like a "spotty faced youth" to me ... I think you'll find it's a bit more complicated than that ... |
OzzFan Send message Joined: 9 Apr 02 Posts: 15691 Credit: 84,761,841 RAC: 28 |
I'm not sure what you're saying here, given a choice corporations use *nix over Windows for hosting their business critical data. Sure they have experts on their staff to ensure the systems are suitably configured and secure, but if it's possible to make Windows secure, why would corporations choose *nix instead? Corporations often go to the professionals to help decide what to run, and many IT Admins choose *nix simply because of the often-fed idea that it's somehow more secure and has more uptime, which means less work for the IT Pros involved in maintaining the servers. Then there's the fact that, given a talented enough staff, *nix has practically no cost, it's easy to see why corporations would choose *nix instead. Gotta save the bottom line. As for not hearing about companies suffering from Windows exploits, when the Windows Metafile vulnerability was revealed, many companies shutdown their Outlook/Exchange email systems until a fix was installed. When the SQL Slammer Worm reared it's ugly head, many corporations had to shutdown their databases (perhaps another reason why corporations generally avoid MS SQL Server). Doesn't this second example show that hackers do target business software? Isn't it reasonable to assume that if there are exploits to turn *nix machines into spam generating zombies, hackers will find them? I never said we don't hear about exploits at all. What I said was, we don't hear much about them, as in frequency. Sure, on occasion the news media likes to grab and sensationalize headlines, and when it has to do with a major company, they like to blow it up even more. You say "many" companies have shutdown or switched their databases and other Windows servers due to bugs/flaws, and I'm sure many have switched, but there's still a percentage that switches to Windows Servers too. I do believe I stated in parenthesis in my last post that some hackers do target business software, just as there are bank robbers that target large banks. It is reasonable to assume that if there are exploits to turn *nix machines into spam generating zombies, and if they thought they could get away with it, I'm sure they would. I'm also sure that if a hacker did compromise a *nix server, *nix wouldn't be mentioned by name, but would instead read as, "Company looses data due to hacking". Even if hackers do compromise a server, servers are monitored very closely for performance by those IT Pros running them, and any stolen cycles would be noticed right away (same goes for Windows Server OSes), and often the problem is taken care of immediately. Why bother spending so much time finding an exploit that you can't even reap the benefits from for very long? This is why the corporate world is far different from the consumer world, and why the server market cannot and should not be used as a representative sample of security in operating systems. The ball game is completely different when you have professionals involved. Most thieves stay away from people who look like they know how to handle a situation (even if looks can be deceiving). Patch Tuesday costs businesses, Windows requires businesses apply critical patches on a monthly basis followed by system reboots, the vast majority of *nix patches do not require system reboots, and it's not rare to find *nix servers with > 300 days continuous uptime, with patches applied every 3 to 6 months. This month many corporations have had to take 2 outages to apply critical updates (a situation that shamefully isn't that rare), at a time when companies are trying to close out their finances for the previous year, send out W2s, etc, these outages are not simply a nuisance they cost companies, and in turn all of us as customers, money. This MS bulletin describes the reason for the second outage. OK, this entire paragraph has to do with server uptime and patches. Both of which are very important to companies, and very important to those running servers. Yes, downtime and cost are factors in this as well. It also doesn't cost much to configure *nix on a server and leave it alone. As a specialized device, it's not required to do a whole lot, so it's easy to have as few active services on it as possible, reducing the attack surface. Desktops need to be far more flexible, and therefore have far more installed on them, increasing their risk and attack surface. These are the primary target for any hacker who knows that most people won't notice their machine's cycles have been stolen until they've reaped hundreds if not thousands of dollars in money for having rented out their zombie machine to some unscrupulous dealer for a mass marketing email campaign. I say this as a person who has, for the last 20 years, had Windows as my primary desktop OS. I intend to switch over to Linux on my next build, it's certainly mature enough and simple enough to install for my needs. On the installation side I'm making things difficult for myself as an intellectual exercise (in all likelihood going with Gentoo), but I could have gone the simple and secure Ubuntu route, or any one of many, many other distros. Once set up, Windows will be confined to VMs. That's great for you. You're a very intelligent individual who has enough brains to figure out how to run *nix as an everyday OS. I'm afraid this isn't the case for countless other people I run into. I don't mean that as an insult to those people, simply that they don't care to deal with Linux's hassles (if you at least care to admit it has them, unlike other Linux afficionados). [Edit] I am an IT Admin myself, I have been using computers for 20 years as well, and I constantly find myself frustrated with all the hype attributed to Linux, as my expectations have not been met with reality. I find many of the arguments given by Linux afficionadoes for switching from Windows are often over-exaggerated or somehow disillusioned at best. |
Blurf Send message Joined: 2 Sep 06 Posts: 8962 Credit: 12,678,685 RAC: 0 |
I was a Mac guy for years as a kid---but now I'm frustrated with my fav browser. I know it's not PC only but still.... This has been my standard existence tonight... |
Gary Charpentier Send message Joined: 25 Dec 00 Posts: 30608 Credit: 53,134,872 RAC: 32 |
I was a Mac guy for years as a kid---but now I'm frustrated with my fav browser. I know it's not PC only but still.... If you would stop visiting those exploder only web sites ... |
Gary Charpentier Send message Joined: 25 Dec 00 Posts: 30608 Credit: 53,134,872 RAC: 32 |
http://www.youtube.com/watch?v=PYP1Tjgt1Ao |
bobby Send message Joined: 22 Mar 02 Posts: 2866 Credit: 17,789,109 RAC: 3 |
Indeed the corporate world is different, the point is that if there are *nix exploits in the corporate world, for the most part those same exploits can be taken advantage of in the consumer world. You made the point that *nix is not attacked because the percentage of systems with *nix is small compared to Windows, this is simply not true. The virus directed at jailbroken iPhones clearly demonstrates this. That *nix proponents claim that it is more secure than Windows is most likely a red rag to hackers, that there aren't reports of widespread security issues with *nix provides some indication that it's attack surface is substantially smaller that Windows'. I think you'll find it's a bit more complicated than that ... |
bobby Send message Joined: 22 Mar 02 Posts: 2866 Credit: 17,789,109 RAC: 3 |
Quite so, and notice that in the Windows x Windows Fan part of the grid, the monitors are off? Could it be that the safest machine with Windows installed is one that remains powered down? I think you'll find it's a bit more complicated than that ... |
Luke Send message Joined: 31 Dec 06 Posts: 2546 Credit: 817,560 RAC: 0 |
The safest machine is the one that doesn't install Linux or Mac. Call me a windows fanboy, but if there is one company whose side I would want to be on, it would be the rich and powerful one. Microsoft. Because Apple makes everything, if they choose to drop a product of theirs, it can leave many users stranded. But since so many companies make PC's, there is little if no chance of every being stuck, unlike Mac OS X. It's good to have your eggs in separate baskets. - Luke. |
Sirius B Send message Joined: 26 Dec 00 Posts: 24876 Credit: 3,081,182 RAC: 7 |
Wow, a Linux fanboy stating that there is alternatives to Linux......Let's see.... Unix/Linux, Microsoft & Apple........ Who else is there? My alternative to linux is Windows........ |
OzzFan Send message Joined: 9 Apr 02 Posts: 15691 Credit: 84,761,841 RAC: 28 |
Please re-read what I typed again. I never said that *nix is not attacked. What I said was, if *nix is attacked, it won't ever show up on the news by name. It'll come up as "company loses data due to hacking". I have to believe that given the fact that any hacker who is determined will get into any system regardless of operating system, that *nix has already been hacked but it doesn't get nearly as much attention. Nothing will keep a determined hacker out. I will, however, agree that *nix's attack "surface" is smaller than Windows Server simply because Microsoft's older server operating systems left a lot open in order to be easier and "friendly". *nix, on the other hand, defaults to a lot of things closed and you have to manually open them, thus reducing the attack surface. A point of note though, is that Windows Server 2008 has taken security seriously, and Microsoft has tightened down the hatches as hard as they did with Windows Vista and Windows 7. Particularly safe is when you use the "core" modes of Windows Server 2008 which relegates the server to a specific role, with only that role's ports open. If anything, *nix being hacked is savored to only the best of the best hackers. These are not your typical script kiddies or spam kings. The ones getting past *nix's security are the serious industrial espionage or worse type of computer crimes. |
Luke Send message Joined: 31 Dec 06 Posts: 2546 Credit: 817,560 RAC: 0 |
|
©2024 University of California
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.