Posted on 09/15/2003 1:30:06 PM PDT by HAL9000
Another business-technology executive estimates his company's IT department has wasted more than 1,000 hours patching Windows systems....
Yet, business better get used to it. CIOs need to "literally put a line item" in IT budgets to cover the ongoing cost of patches, advises Kerry Gerontianos, president of systems integrator Incremax Technologies Corp. On the old goal of administration-free Windows, Gerontianos says, "that was a dream."
Microsoft is going to need that $50B to finance a slush fund to discount their products in order to keep customers from defecting. They're already trying this with government customers.
Even so, these businesses are going to have to raise their prices to offset their costs of maintaining their legacy Windows computing infrastructure. So their customers (i.e. "us") get to pay yet another Microsoft Tax.
Thanks again, Microsoft.
Hint, viruses are transmitted by email... they have a different name when they break in directly over a TCP/IP, and this is the only kind *NIX boxes are really susceptible to...
Hint, viruses are transmitted by email... they have a different name when they break in directly over a TCP/IP port, and this is the only kind *NIX boxes are really susceptible to...
Heh. You still haven't responded to my assertion about Windows clustering -- show me evidence that basic features like process migration and memory ushering is supported. I see you decided to declare victory and run away.
Gee, then I must have hallucinated those countless executables I launched from email in the years I worked on Unix systems...
Hint, viruses are transmitted by email...
Bigger hint: Email is only *one* of many methods by which viruses spread.
they have a different name when they break in directly over a TCP/IP port, and this is the only kind *NIX boxes are really susceptible to...
You are grossly misinformed.
I see that your legendary poor reading comprehension is biting you in the ass once again. You apparently missed that Linux systems are typically rooted because of poor system administration, not underlying software vulnerabilities. Linux security can be fixed with good administration, but all the administration in the world on a Windows server won't help you if there is an exploit due to a software defect. Poor administration is not an intrinsic "vulnerability" of the OS, it is a person defect. A properly managed server without a defective OS should be safe on the Internet without a firewall. In terms of intrinsic OS vulnerabilities to hacking (i.e. software and design defects), Windows is far more vulnerable than Linux.
Which is why FreeBSD, which serves a remarkable percentage of pages on the Internet despite it being a relatively small percentage of servers, also had only a small number of exploits (in this particular study). The OS itself is as secure as any in common use, but all it takes is a stupid admin or lack thereof to be exploited.
Incidentally, the statistics in that particular study are dubious, primarily because the population was selected oddly out of all the exploited systems out there. There a couple specific documented incidents of rooted Windows servers alone that in sum total generated a larger number of incidents than the total they report. Unless they count a single hacker rooting over 2,000 Windows servers through one exploit a single "attack" (to give a real-world example out of many). But that would be liberal math.
I've just started using the latest Mozilla Firebird build - I've seen so many Freepers extolling Mozilla that I decided I ought to check it out. So far I really like what I see - it runs much more crisply than IE 6.
Ummm... Perhaps you should compare apples to apples. Many (most?) of those "security patches" under Linux are to fix behaviors that aren't really server exploits. In fact, some of them are to secure behaviors that aren't secured at all under Windows, due mostly to architectural differences; I think it is a bit much to assert equivalence. (Also, your count is wrong -- many of those security patches are actually bundles of multiple patches.)
Beyond this there is a need to test these patchs before they are moved into production.
You need to count your list of patches more closely.
I could only find 11 of your "Linux patches" that were actually for the Linux kernel. The rest of them were for open source software applications that are only bundled in Linux distributions. They also run on a variety of other Unix platforms (both proprietary and open source versions).
There's also a problem with comparing them directly. Microsoft is free to release security fixes along with other patches or service packs, without anyone but them knowing they are fixing security problems. They are only identifying patches as security problems when the exploit becomes publicly known.
On the other hand, an open source software vendor can't bundle a security fix into a larger patch and sneak it into the system, because everyone can see the code changes.
We are working tword getting the last of out NT servers out of the mix (domain controllers) and the next move from 2000 will be to *nix whenever possible..
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.