sick of Linux bias

Discussion in 'Computer Security' started by Alastair Smeaton, Jan 4, 2004.

  1. On Thu, 08 Jan 2004 23:06:39 +1000, Dazz spoketh
    guess you've never applied a kernel update...

    Lars M. Hansen
    (replace 'badnews' with 'news' in e-mail address)
    Lars M. Hansen, Jan 8, 2004
    1. Advertisements

  2. amen.

    Colonel Flagg

    Privacy at a click:

    Q: How many Bill Gates does it take to change a lightbulb?
    A: None, he just defines Darkness? as the new industry standard..."

    "...I see stupid people."
    Colonel Flagg, Jan 8, 2004
    1. Advertisements

  3. Alastair Smeaton

    Dazz Guest

    If you're talking about a *complete* move from a Micro$oft based
    environment to a Linux based environment, then yes.

    The same could be said for any environment facing major changes though
    (regardless of OS).

    But you also have to look at the situation as a whole, ie to what
    extent and for what purposes you'll be using Linux for, and do you
    already have the IT staff to support it.

    For instance, if you're using Linux to provide file and print sharing
    with an admin who has both the experience and knowledge with Linux,
    than the cost is dramatically reduced, because from the clients point
    of view, there is no visible change. They get to continue working,
    and will probably be completely oblivious to the change.

    However, if you're talking about replacing all the clients desktops
    with Linux, then yes, you are going to be talking about high costs,
    mainly involved in the training of the users.

    I am aware of a couple of businesses (both large and small) that have
    done away with Micro$oft desktops, and replaced them with Linux
    desktops, running Citrix on top of that and using Windows Terminal

    This reduces the cost (to a degree) but also offers the flexibility of
    users being able to use Windows Applications.

    I have seen what once were Mac environments doing essentially the same
    thing as well (ie retaining the Mac desktop, but using a citrix client
    on top).

    Surprisingly, in both situations, the users were very comfortable with
    the change.


    I agree with you, but it was good to see that they were at least
    recognizing the fact that there were MCSE's out there that were
    largely incapable of doing their jobs.

    Thankfully, it's no longer a case of "why learn the OS, when you can
    learn the test".

    Well, to a small degree. ;-P
    Once again, I agree with you.

    Dazz, Jan 8, 2004

  4. fbsd == use of "ee" :)

    vi compared to ee is the devil. ;p

    Colonel Flagg

    Privacy at a click:

    Q: How many Bill Gates does it take to change a lightbulb?
    A: None, he just defines Darkness? as the new industry standard..."

    "...I see stupid people."
    Colonel Flagg, Jan 8, 2004
  5. Ximian Evolution.

    Colonel Flagg

    Privacy at a click:

    Q: How many Bill Gates does it take to change a lightbulb?
    A: None, he just defines Darkness? as the new industry standard..."

    "...I see stupid people."
    Colonel Flagg, Jan 8, 2004
  6. Alastair Smeaton

    Dazz Guest

    Well, I was more referring to security patches than updates to the
    kernel, so I do stand corrected. :)

    Obviously, any changes to the kernel itself, require a reboot.

    Dazz, Jan 8, 2004
  7. That all depends, for some nix you can drop to single user, unload and
    reload and techinically you didn't reboot. That will also trick the
    uptime counter. Of course the server really wasn't up and available
    during that.

    Stephen K. Gielda, Jan 8, 2004
  8. Another advantage is the number of admins per server count required for
    each. Most mixed env I've seen have at least twice the number of admins
    for the windows side than for the nix side. If you move to dumb
    terminal/thin client (ah yes, back to mainfraim designs), your cost is
    even lower because you need less desktop support people. There has been
    many articles about companies, and even one whole municipality in
    Florida, who cut costs by millions a year with virtually no trouble for
    end users by going thin client linux.

    Stephen K. Gielda, Jan 8, 2004
  9. Alastair Smeaton

    Mike Guest

    So Linux Kernel patches and upgrades don't require a reboot or are you
    saying you don't keep your Kernels up to date because of that erroneous holy
    grail called "uptime"? :)

    Mike, Jan 8, 2004
  10. Alastair Smeaton

    Mike Guest

    Just because it annouces itself as firewalld in the logs doesn't mean it
    aint iptables. I may have to stand corrected but my understanding was that
    they funded development of iptables I sort of extrapolated that they
    would use technology they funded in their own products:)

    Mike, Jan 8, 2004
  11. Alastair Smeaton

    Mike Guest

    Woah! Hold the phone! I never said sendmail was a replacement for Exchange!
    They are two completely different things.
    Ah, but with sendmail all you would probably need to do is restore the
    configuration files and re-run the M4 config. No hunting through reams and
    reams of different GUI screens and digging about in the registry. A doddle!
    Of course it is VERY difficult for non root users to get anywhere near
    sensitive configuration data so the need to call anyone about a screwed up
    sendmail is far less likely unless you screw it up yourself of course:)
    I totally agree with you.

    Mike, Jan 8, 2004
  12. Alastair Smeaton

    Mike Guest

    Spoken like someone who doesn't understand what Exchange server is or what
    it can do.

    Mike, Jan 8, 2004
  13. Alastair Smeaton

    Leythos Guest

    Actually, I'm trying to say that you don't need to apply every patch and
    if you consider the system you don't even need to apply every service
    pack. It's all in how your environment is setup. In the case of
    protected servers behind well maintained firewalls, I've seen Windows
    2000 DC's with more than 1 year of up time, and NT 4 PDC's with more
    than 2 years.
    Leythos, Jan 8, 2004
  14. Alastair Smeaton

    Leythos Guest

    If the users are running TS clients then it's not really a change - they
    are still hitting and using MS products.

    That's almost like saying I have a Nix box running VNC connecting to a
    MS workstation so that I can do my work!

    In your example, I know that Citrix is not free- so a cost again. Moving
    to TS is not free, having a beefed up server with enough capacity to run
    apps through TS is a cost....

    If they are still running a MS app then it's not much of a switch.
    Leythos, Jan 8, 2004
  15. Alastair Smeaton

    Leythos Guest

    I love the thin client idea - easy to ghost a clients workstation and
    get them back up in 10 minutes.
    Leythos, Jan 8, 2004
  16. Alastair Smeaton

    newcastle Guest

    Linus Torvalds IS God, you fool!

    newcastle, Jan 8, 2004
  17. Alastair Smeaton

    newcastle Guest

    Personally, I think the answer has yet to come. We really don't know
    which OS has 'more holes'. Those being being patched aren't the end-all
    be-all to holes in the system.

    On the other hand, one could make a hypothesis about which OS is
    'better' when it comes to security. Both OSes are vulnerable, this you
    pointed out. But which is easier to fix? Which is likely to have more
    unfound holes than the other? The answer of course, is Linux. Linux
    code is incredibly tighter and cleaner compared to the bloated Windows
    code, making Windows a bitch to fix. Then there is the Open Source
    methodology that allows the code to be scrutinized closely by anyone.
    Perhaps your finding that RH releases more patches than Windows is
    because people find vulnerabilities /faster/, not necissarily because
    there are more vulnerabilities in Linux.

    Linux appears to have advantages in implementation that Windows does
    not, which can help us make predictions about which OS may be more secure.

    newcastle, Jan 8, 2004
  18. Alastair Smeaton

    newcastle Guest

    What does that have to do with the man's point?

    newcastle, Jan 8, 2004
  19. Agree with a lot of what you're saying.. so, where have you posted this MS
    code for us all to look at?

    (Sorry, didn't want to be picky, but I see this quite a lot in a few other
    froups - seen quite a bit of maintainable Linux code, lots of
    not-very-maintainable code. Not seen *any* Windows internal code)

    The "OS methodology" is a nice idea, and - assuming that anyone follows it -
    could/should be superior.

    Assuming programmers at least as dedicated and skilled (at /least/), the raw
    figures would tend to suggest (no certainty - just "suggest") that there
    aren't all that many people out there doing code walk-throughs.

    Straw poll - given the nature of the two groups in the thread - how many
    people actively code-walk new Linux releases, or directly know at least one
    person that does? (FOAF doesn't count)

    I also have to disagree about the implementation point (can't really see any
    difference at all, unless one is talking about staff availability), plus the
    assumption that easy implementation = security. (It's far easier to
    "implement" a car without airbags, ABS, and a seatbelt. Ditto for software)

    Hairy One Kenobi, Jan 9, 2004
  20. Don't use sendmail. Its configuration is designed to be parsed
    easily by the computer.

    There are alternatives such as Postfix that do a better, and
    inherently more secure job.
    Everything compares to Outlook 2003. :)
    Bernd Felsche, Jan 9, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.