Why UNIX is better than Windows... By Microsoft 974
BenBenBen writes "According to a whitepaper found on "a fairly insecure server", UNIX not only is more reliable and easier to maintain than Windows (2000 in this case), it's cheaper too. These shock results are reported on both The Register and (the source) Security Office."
Is This Necessarily Bad? (Score:5, Interesting)
Reliability of this? (Score:2, Interesting)
Bingo! (Score:5, Interesting)
Another strike against Windows is the GUI: "GUI operations are essentially impossible to script. With large numbers of servers, it is impractical to use the GUI to carry out installation tasks or regular maintenance tasks."
I love Unix. But a huge reason for this unnatural affection is the command line, and the enhancements Unix has made to it (pipes, file descriptors, everything-is-a-file, shell scripting). Even if Microsoft turned around tomorrow and made everything GPL, fixed their security holes and sent chocolates and hookers to Linus and RMS, I'd still prefer Unix for the power of the command line.
In Windows, the command line almost seems like an optional afterthought. In Unix, it's the other way around. (Disclaimer: I'm partly joking, and much more familiar w/U. than M [as I'm sure everyone can tell].) And I think for admin purposes, that makes Unix the more powerful choice.
Re:Huh? (Score:5, Interesting)
[#include unixfan_disclaimer], but honestly: look at the advantages of Unix over Windows in so many situations. I'd always kind of wondered if MS was ignoring those problems/advantages for marketing purposes, or if they Just Didn't Get It. Looks like the former, which is reassuring.
Why doesn't Microsoft... (Score:5, Interesting)
As much as we'd all like to think, they people over at Microsoft are not idiots. They have enough money to hire the best and the brightest. They do have some quality products (i.e. those whose securities problems are not much of a problem like games, and i personally like their Intellimouse Optical.).
Can anybody tell me why so many smart people won't see the light of day and dedicate big resources to overcome their biggest drawback?
Well Duh! (Score:2, Interesting)
Re:Does republishing these... (Score:4, Interesting)
more developer support? (Score:4, Interesting)
Since when has the windows community had more developer support? MSDN is a bloody nightmare... in 'nix I've had very little problems tracking down assistance, howtos, and code samples.
Interesting (Score:3, Interesting)
Re:Hotmail? (Score:5, Interesting)
Go to http://uptime.netcraft.com/ and type in one of the IP addresses that you find in the HTML source at Hotmail's login page.
Re:Huh? (Score:5, Interesting)
The fact that you can ask that question is a key issue. MS has made a decision to be backwards compatible. This represents a huge liability. It isn't such a big deal for BSD since upgrading is just a matter of typing "make." What MS is doing makes a heck of a lot more sense to me than what Appled has done. (Oh great, here goes my karma, but now I've started...) Apple built a culture of bravado about how advanced its OS (interface really) is. Then when they hit a wall they decided to just change the processor and the instruction set. They then did it again when going to OSx.
MS on the other hand is trying to evolve rather than start over. If they are willing to admit that there are flaws then they can make necessary changes. That is the reason that you can ask how old Windows is.
Personally, I wished that they had tossed out a lot of bad baggage a long time ago. I especially liked the last paragraph from the Guardian:
It is terrifying to contemplate the efficiency bonus MS would have enjoyed if it had only been willing to base its entire corporate operations on UNIX instead of eating its own dog food. The software monopolist might today be in the bizarre position of being the world's only consumer of unices.
Re:Wow, you guys have no shame (Score:4, Interesting)
See, that's the problem.
In almost every instance, The Register has been right. Yeah, it may still be irresponsible journalism - but as individuals, and as a company, these guys know what the hell they're doing. They check their stuff, even if it won't hold up to normal journalistic integrity checks.
It's kind of like the difference between talking to a judge and talking to a jury. When you're talking to a jury, you can still be telling the truth, but you don't need to present *nearly* so much hard evidence as you need were you trying to convince a judge.
Not that you couldn't present evidence everybody on the planet considers "hard", but courtrooms have their own standards (think about all the cases that were overturned because some extremely incriminating piece of evidence was thrown out of court on some technicality).
The Truth? You can't handle the truth (Score:3, Interesting)
First, is it a real document downloaded while an FTP server had some unsecured directories exposed recently? Possibly. So what? Does this mean that this is official MS scripture? Do you mean that if we review every file on your hard drive we won't find something that a) wasn't written by you, b) you probably don't want us to see, c) doesn't represent your current thoughts.
Ahh the C option... perhaps this was really written by someone who happens to be an MS employee. Perhaps this guy was just given the job; take Hotmail and move it from BSD to Windows and this guy is like many who might say; but it works as it is. Lets not break it to fix it - lets leave it as it is so I'll write up every reason I can think of not to do this!
Has everyone missed/forgotten the MS papers describing the reasons why and exactly how Hotmail WAS moved from BSD to Windows 2000 [microsoft.com]?
In this document you'll find how untrue so much of what was written in the stolen document. No scripting support in windows 2000 because it also includes a GUI? Are you fucking stupid or what? There is complete scripting control in windows 2000, always has been. You can control every part of windows 2000 networking and services and disks and users and security through scripting. Sure, you can use the GUI too. Does the fact that Linux can run a GUI mean that suddenly it's scripting goes away?
In the conversion to Hotmail they employeed scipts and automation tools builtin to windows. They moved because Windows 2000 was faster and more efficient. It is obviously stable as any honest person running W2K/XP can tell you.
I understand there is a need to attack MS at every step around here. I understand the desire to believe every antiMS piece ever submitted. But sometimes even the more ignorant *nix admin has to eventually read the facts and find that NO OS is perfect. That W2K is not utterly and totally flawed and that it actually is a real competitor for other Server OSes. Once you accept this you can drop the zealous approach and do things in a logic, calm and professional manner. If is really better - prove it to us with grown up responses and facts - not running around waving a copy of The Enquirer which tells us Michael Jackson and Bill Clinton were seperated at birth by aliens somewhere near Roswell.
Compatibility layer (Score:3, Interesting)
And Microsoft problem would be even easier. If even us, low-life unemployed Linux hippies, are able to emulate enough of Windows to run some versions of Office, MS can probably do it without even trying. And Microsoft doesn't really have to worry too much, if they can run all Office versions their userland would follow and rest of the development houses would be forced to stand in line too.
Re:Huh? (Score:5, Interesting)
How many years old is UNIX?
I'm unaware of any significant functional breaks during the evolution of UNIX. As far as I can tell there haven't been any, or if there has been it was on the order of the transition from DOS to NT; minor breaks here and there, but on the whole, compatability is maintained.
Re:Exactly. (Score:3, Interesting)
Indeed and it goes both ways. For example the open source community have been imitating features from commercial software for years - GIMP and Photoshop, KDE and CDE, ext3 and XFS, Mesa and OpenGL, OpenOffice and MS Office etc, etc. It's hardly fair to criticize a commercial entity for studying BSD. Or are the
Re:Bingo! (Score:4, Interesting)
Uh, sorry, but this is just plain wrong. Microsoft took the code they had from OS/2 and made it into Windows NT. Actually, more correct would be to say that when Microsoft and IBM were working on OS/2 3.0, they had a parting of ways by ending their Joint Development Agreement. There was a settlement, and in the settlement they split the OS/2 code -- Microsoft got the new stuff, and IBM got the old stuff. Ever wonder why the first release of Windows NT was called '3.1'? Now you know.
Having knowledge of the internals of all three operating systems, I can honestly say it would be *impossible* for Microsoft to have based much of Windows 95 on OS/2 code. Windows 95 is a DOS-based operating system. Its lineage from Windows 3.x is clear. The internals are almost identical, i.e., VMM32.VXD (aka DOS386.EXE) which has always been 32-bit since Windows/386. It's only the GUI and API that changed to 32-bit, the rest of the stuff is nearly identical.
Re:Hotmail? (Score:3, Interesting)
No, but this paper shows us that Microsoft already knew what we knew: that FreeBSD is much better in terms of reliability, configuration, and administration. I'd read the "marketingized" version of the (attempted, partially successful) Hotmail conversion before, but this document sheds light on what really happened and why.
Re:The goal in mind being UNIX? (Score:5, Interesting)
Word is a ripoff from WordPerfect
Excel a copy of 1-2-3
(and those copies of Visi-Calc and Visi-Text from early 80-s or was it late 70-s)
Yes Word and Excel has a lot of "features" like the ability to run viru^H^H^H^Hprograms and so on. But OOo is just as good for me (at a much nicer price tag)
Re:Huh? (Score:2, Interesting)
Windows is in the unenvious position of running some old stuff, but not all of it, so customers can't count on old stuff working, but enough legacy code is there to make the OS spaggetti coded. (ie, enough modules are left because "someone might be using that" that there will always be tons of security and stability holes)
Re:The goal in mind being UNIX? (Score:2, Interesting)
"The only problem with Microsoft is they just have no taste...I don't mean that in a small way--I mean that in a big way, in the sense that they don't think of original ideas, and they don't bring much culture into their product...So I guess I am saddened, not by Microsoft's success--I have no problem with their success; they've earned their success for the most part--I have a problem with the fact that they just make really third-rate products."
Here's another wonderful giggle... (Score:3, Interesting)
Regarding the much touted recent Windows 2000 Common Criteria Certification, see: Chapter 3 - Secure Configuration [microsoft.com] for this gem:
"Installation of applications conforming to Windows Installer-based package requirements will have difficulty installing from a CD-ROM on a computer running a Windows 2000 operating system in the Evaluated Configuration.
.Cap file directly from a CD-ROM.
"The reason is that the Windows Installer service is not a service that was evaluated and is therefore disabled in the Evaluated Configuration of Windows 2000. Additionally, the AllocateCDRoms Registry value that is set in the Evaluated Configuration will not allow Windows Installer to open a
"Therefore, to install an application conforming to Windows Installer-based package requirements, the Windows Installer service must be temporarily enabled and the "MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateCDRoms" Registry value must be temporarily set to 0 (this can be accomplished through the Local Security Policy interface)."
So, in order to install any apps on your "secure" Win 2K box, you have to hack the registry and disable the protections that the very Windows 2000 Common Criteria Certification itself were set up to require!
And of course, the "secure" configuration has to have the floppy drive removed, or made inaccessible!
But hey! who's gonna install Office 2K from floppies, anyway?
What are these people smoking?
t_t_b
Very interesting reading (Score:3, Interesting)
-IIS management is not easy (due to the metabase, and reloading their custom ISAPI module required an additionnal layer to do it without iisreset)
-there's actually no equivalents for rdist, cron, syslog. They ported them to win32.
-they had to hack the net driver to change MTU on the fly
More important to me: they had an hard time figuring out stuff because of the lack of documentation and all undocumented interfaces. They even didn't suspected all the CLI facilities of Win2000 (nor do I).
So, W2K Server is powerful, yet it's setup in a bloated way making it difficult to manage. I wish some good papers would be written on the subject for all of us stuck with administring such boxes to benefit of other's experiences.
Re:Is This Necessarily Bad? (Score:4, Interesting)
One of the things I like about my current job is that that doesn't happen. Okay, I don't work for a big corporation, but a university bookstore run by the student organization (employing something like 100 students).
The web-group (which does web design, development, and server administration) reports directly to the bookstore manager (we're the only non-staff employees to do so). The really cool thing is, he trusts our judgement and actually listens to our recommendations. Hell, the other day, we even got him to start using Mozilla!
But I know my manager's an exception. I don't know what it is with managers. I think it's a lot like politicians...the people who want to achieve power are the last ones to deserve it.
Re:Why doesn't Microsoft... (Score:4, Interesting)
I bet almost everyone who has tried to help Windows users over the last few years has heard actual people (not actors auditioning for the part of a moron on a sitcom) say things like this in real life:
Re:The Truth? You can't handle the truth (Score:2, Interesting)
Is it your implication that:
If the second, you are most assuredly wrong:. hotmail.com [netcraft.com]
http://uptime.netcraft.com/up/graph?site=ad.law10
Re:Pardon my scepticism (Score:2, Interesting)
the idea that a company's employees should eat their own dogfood is not meant to suggest that we believe the products we produce are dogfood. rather, "dogfooding" refers to running development versions of [whatever product is being worked on] on our own machines, so that by actually using the product being developed, we would understand what improvements are needed and where the user feels the most pain. since when is stepping in the user's shoes a bad thing? and do all YOUR projects still in development run with no glitches or bugs, and you love exactly how it works? i didn't think so.
i have no idea what the developers for the paperclip were required to do
Re:The goal in mind being UNIX? (Score:1, Interesting)
[rant]
I prefer Freelance Graphics, because it was designed with the goal of creating a business presentation in mind, and the UI makes that very easy to do. PowerPoint was designed with the goal of creating flashy, fancy-looking (unreadable) slides. If you read any material on how to give a presentation, it'll tell you to avoid most of the bells and whistels PowerPoint offers. (They're there in Freelance too if you really want them, but they're a little harder to find.) The result is that in 10 min, I can create a clear, organized presentation in Freelance Graphics that will be nice and legible even if I'm stuck with a bad projector. If I try to do the same thing in PowerPoint, it takes at least 3x as long (stupd paperclip!). It might look flashier too - at least until you try to put it on an overhead projector and find you can't read any of your slides. Conclusion: You want to make a presentation with charts, lists, 'n stuff? Use Freelance. You want to make a presentation with text that slides in and graphics that zoom around and sparkle? Use PowerPoint.
[/rant]
Re:Been there, Done that. (Score:2, Interesting)
VMS (change those to next letters to get)
WNT
Re:Hotmail? (Score:3, Interesting)
Now I see that 64.4.14.24 is Running IIS 5, but 64.4.14.23 is running Apache on FreeBSD.
At least loginnet.passport.com is running Windows.
Re:Exactly. (Score:4, Interesting)
The costs issues you quote was between Windows 2000 Advanced Server and Windows 2000 Server...nothing about *nix.
And $15M is nothing to sneeze at. That's probably on par with the hardware cost.
As for the whitepaper, it seems to me it was written by a *nix admin with little Windows server experience (which describes a majority of /. readers as well).
I dunno, looks fairly accurate - in windowsland, admins are prone to Retry, Reboot, Reinstall because it's often difficult or impossible to find out what is really happening. Also, keep in mind that this guy and his team probably have access to the devs who wrote this stuff, which is more than you can say for almost everybody else (on windows, anyway)
Oh...and interdependencies? Look in the Services console and click on Dependencies. Most even have a short description so you know what it does.
He's probably referring to the compex and non-obvious interactions going on in a windows system. When something breaks, your first clue is when something seemingly unrelated falls over. This is the problem with tight integration.
Once again, the Services console could really help this guy get a clue.
Where ddid he ssay that he had no clue? He merely stated that Unix made it easier
As for random ports being open, that's one reason we have these things called firewalls.
And you're supposed to use both. It's this thing called defense in depth - you don't want to be compromised by a single failure.
I think what he meant to say was, "it is never clear TO ME OR MY TEAM which services are necessary". Others do quite well at it.
Bullshit. given that he is working on a high-profile project within MS, it's probably as clear to him as to anybody. The fact is that another company, when doing a large deployment will have trouble.
You seem to have a rather large chip on your shoulder. Just because some admin says that some specific things in windows are lacking, or overly confusing does not make him a high school dropout with an MCSE.
Re:Huh? (Score:2, Interesting)
MS is backward compatible?? You have been brainwashed by the marketting hype.
Try running a 1994 software on a 1995 OS.
Try loading a 2000 OS on a1996 hardware.
Try running the latest OfficeXP on a Win95 (or Office95 on XP).
As for Apple, their transition from 68000 to PPC was smooth and completely transparent to the user (less so for OS9->OSX and even that is ok under classic). Other than the number crunchers, the average consumer did not care that the chip instruction set had changed; even most programmers did not care as long as the APIs remained the same. Thus, a circa 1988 ResEdit (MacOS 6/Mode32) will let you tweak high-level Sys resources even for OS9.2 (the latest pre-OSX version.) That's a 14 year life-span (OS9.2.2 update came out some time this year) Know of any circa 1994 system tools that would even load, much less be functional, on Win95 (1 year later)? Or a Win95 system-level tool that would run on Win2000 (5 years later)?
Backward compatibility is a marketing myth not supported by data. I have original disks for many older MS products (DOS6.21/Win3.11/NT3.5/Win95/NT4/98SE/2000/XP, along with most of the respective Offices). Come check it out and see for your self. You won't be proclaiming backward compatibility for long.
MS on the other hand is trying to evolve rather than start over
Win3.xx-> NT3.5 = Startover.
Win3.xx-> Win95 = Startover.
Win95->Win2000/XP = Startover.
NT to 2000 is probably the only evolution that may be argued, and even there the code base/dll has changed almost entirely (and to a lesser extant, the APIs as well).
The products has evolved all right -but it's more like a series of mutations gone awry.
Cheers- raga
Systemantics (Score:5, Interesting)
But it portrays, about as accurately as I've ever seen it, how systems are created to do one thing and end up doing something very different - and usually not something all that valuable.
The following is quoted (excerpted) from the back cover.
Re:Difference of approach (Score:3, Interesting)
Hmm, about about clean, documented registry keys? That's the approach GConf takes, it has a lot of advantages over raw text. Too bad all the keys aren't documented at the moment, but that's bugs with individual apps rather than a design flaw.
Re:You really don't get it, do you? (Score:4, Interesting)
Disclaimer: Windows is my lifeline. I'm paid to work on Windows machines. And to answer your question, I do it quite often if it's the most convenient way to get things done. Of course, I also have an admin workstation with MMC tools loaded, can telnet in, can run TightVNC, or Terminal Services for remote control, or can use a lot of tools (native Win2K + 3rd party) to administer from the CLI of my own box. Or, I can automate things via WSH using VBScript (my scripting language of choice) if it's something repetitive. Whichever suits me and the problem at hand at the moment and makes my life easier.
Not saying that UNIX is wrong in it's CLI, but saying that a GUI in Windows is not a good excuse for not being able to automate or run from the CLI if you want.
Servers DO go down, both UNIX and Windows. It's a cost of doing business. And you usually don't have to touch a Windows server after it's installed unless you want to change something. That's about the same as for UNIX, isn't it?
So, do you run *nix boxes on the internet without a firewall? I don't. I'd say it's pretty standard practice to put webservers of all kinds behind firewalls, so the paper pointing out open ports is a bit of a red herring.
When the "right way" takes more time, specialized skill, and effort, then it's the "more expensive way". And then you have to weigh the costs involved as well. A forward looking, intelligent individual uses the resources available to him to do the job in the most EFFICIENT manner. When hardware is cheaper than eeking out another .1% performance boost from recoding or optimizing, then throwing hardware at the problem is a viable solution. I can buy [crucial.com] 512MB of RAM for less than what it costs for a client to pay me for 1 hour. If that solves the problem, then it makes more sense to buy the RAM. That's business.
Yeah, multicasting a 900MB image requires fiber and 1000BT. And huge terabyte SAN's of course. Right. And don't forget the massive supercomputer cluster to process that huge load. My god, it's almost 1.5 CD's worth! That's half of the RedHat download! (I know, RedHat includes more than just Linux, but it's quite feasible to download all 3 ISO's on a DSL line, so I don't think Gigabit Ethernet is required for a 900MB image).Umm...you can kill every process in Windows that isn't necessary too. That's why they're called unnecessary. Admittedly, if your only tool is the taskmanager then you're not a knowledgeable admin, so Windows will protect you from yourself...but I see that as a good thing.
Like a reboot is that big of a deal. It takes all of 5 minutes, and can even be scheduled. Let's get off the uptime high horse, eh? If you need 24/7 uptime, there's ways to get it, but be prepared to pay for it...both with *nix or Windows.
Like I said, you're probably not a Windows admin. I am, and have never run into a service I couldn't stop. There are some I shouldn't have stopped, but that's another story. =)
Bottom line is that both Windows (2000) and *nix are good operating systems. Well suited to almost any task required of a server. They both require knowledgeable admins to be used to their fullest potential, but Windows has the edge in ease of use. A semi-technical manager can have a Windows network up in an weekend...not so for *nix. Of course, the price the manager pays is that his server isn't really set up correctly, but that's what you get when a manager or low skilled admin sets up a server. Same thing as when I work on my car, I know it's not up to the same standards as a professional mechanic, but sometimes it's worth the tradeoff. Linux and FreeBSD have advantages in that they're free, highly configurable, and can run on old hardware. Strong selling points for some, not so for others. Everything involves tradeoffs.
Re:The goal in mind being UNIX? (Score:2, Interesting)
"in those days people still thought IBM was running the show."
That whole PC compatable mentality killed off a lot of inovation IMHO. Commadore and Atari had had machines in the early to mid 80s that had came with 2 MB RAM and 3.5 floppies for less than what an XT with 640k cost with 5.25 floppy and that was a big difference in those days. It's kind of the same mentality that keeps MS in the drivers seat. What was needed then and now is open standards for exchanging data so everyone can use the tools that suit their needs best. Still, it's no ones fault not even the Romans or MS that early PCs couldn't support whizbang OSs.
Re:The goal in mind being UNIX? (Score:2, Interesting)
Hmmm, OS is in there. Maybe it didn't suffer from feature bloat, but it's not anything like the kernel on commodore computers, which really was a simple overlay of the machine's firmware (using PEEKs to read the directory and load files, indeed!).
I think the Disk part was named intentionally since, when it was released, not every OS had access to that sort of mass storage by default. Those lame cassette drives were quite popular, at least on a number of platforms. and at some point QuickBASIC was included, so at the very least it had a development environment as well. seems like it was an OS to me...
As to differences, UNIX and NT are fundamentally different from each other and DOS, but that doesn't make either one an overgrown BIOS (see above reference to Commodore Kernel).
NT and multi-user (Score:3, Interesting)
Client/server was a fad successor to timesharing, where the notion of logging in (timesharing) was really replaced by the notion of each person having their own client (a PC) that was powerful enough to do everything it needed, and it would only need to connect to (not login to) a server to do everything else. MS hoped that they could avoid designing based on crufty old multi-user timesharing approaches, catch the client-server wave, and have a nice architectural difference to market to people (NT is natively built for client/server computing!) But in the internet (and TCO-sensitive) era, it pretty much backfired on them.
That said, you could probably argue the technical merits and demerits of the single-user client/server approach depending on the circumstances.
--LP
Re:Bingo! (Score:3, Interesting)