Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Patchy coverage
ZDNet Australia ^ | 02 September 2003 | Josh Mehlman

Posted on 09/08/2003 5:31:52 PM PDT by ShadowAce

COMMENTARY--Yep, it's Windows vs Linux time again. as usual, the facts go out the window in a points-scoring battle that completely ignores the important issues.

At the annual Tech Ed conference in mid-August, Microsoft's chief security strategist Scott Charney said "Half of all crashes in Windows are caused not by Microsoft code, but third-party code". Why would he say that?

For about a year, Microsoft has been implementing its Trustworthy Computing initiative, and has gone to great effort to improve its practices and get better security and reliability in its products. Being Microsoft, a lot of the work has gone into new products such as Windows Server 2003 rather than fixing holes in the software everyone's using, such as Windows 2000. Spend more money, get better security.

But it's slow going. Building better software is evolutionary, as is earning the industry's trust when your reputation is as bad as Microsoft's. It doesn't help when, as you're making this announcement, a worm exploiting a vulnerability in your code--not someone else's--is spreading around the world.

A ZDNet Australia Web site reader noted, "In decent operating system design it is recognised that programs may go feral and the OS must cope with this gracefully. Any OS that crashes because of bad applications is basically badly designed."

Charney's statement also ignores the problems many developers face trying to interact with Windows when they can't access the operating system source code, and sometimes can't even get proper documentation of the application programming interfaces. Third-party developers can hardly be blamed for instability if they don't know what they're working with. Charney was, at best, being disingenuous. Dodging the blame does very little to improve your reputation.

Charney's statement moved columnist Sam Varghese at the Fairfax newspapers to decry the terrible state of IT journalism today. "One should question why such statements are repeated verbatim, without even a hint of doubt, by journalists," he wails.

Varghese also writes misty-eyed pro-Linux puff pieces in his spare time in which he freely admits "I am not a techie". Yet in a column the day before, he quotes Linux evangelist Con Zymaris as saying "open source systems have a far lower risk profile" than Windows--verbatim, without even a hint of doubt. Pot, kettle? Or is it OK to report unsubstantiated propaganda if it's propaganda you agree with?

This is a highly contentious point, and not one that lends itself to being quoted without analysis by any journalist who wants to claim a shred of credibility.

Zymaris claims keeping patches updated is far easier in Linux "due to the well thought-out and well-executed package management technologies". This is a highly contentious point, and not one that lends itself to being quoted without analysis by any journalist who wants to claim a shred of credibility.

Patch management is complicated. The Blaster worm was easily defeated if systems had been updated with a months-old patch, but a lot of systems didn't have it installed. This does not give the Linuxheads reason to be pleased with themselves.

Linux certainly beats Windows hands down in the number and frequency of patches, but this is not as good as it sounds. Every time a sysadmin needs to patch a system, particularly a business-critical server, he or she needs to be sure it isn't going to cause problems with what's already running. When new patches come out every other day, as they do with Linux, you can imagine the nightmares this could cause.

There is also a wide range of, words fail me, well thought-out patch management software available for Windows. And while Linux patches are--obviously--free, vendors like Red Hat charge fees to subscribe to their update services that help minimise dependency issues, which can be a big problem with Linux.

In an interesting approach, Sun Microsystems' Orion strategy means Sun will be sending customers quarterly patches for all its software on CD. These patches will be pre-tested for compatibility and integration issues. While this doesn't eliminate the need for emergency patches, at least it takes one big worry off admins' minds.

If it works well, expect to see Microsoft and the Linux vendors taking up the same idea--and slugging it out over which one of them thought of it first, which works better, and which has the lowest TCO.


TOPICS: Business/Economy; Culture/Society; Technical
KEYWORDS: linux; patches; virii; windows

1 posted on 09/08/2003 5:31:52 PM PDT by ShadowAce
[ Post Reply | Private Reply | View Replies]

To: rdb3
Would you do the honors? I do not have my tech ping list available at this moment.
2 posted on 09/08/2003 5:32:37 PM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: John Robinson; B Knotts; stainlessbanner; TechJunkYard; ShadowAce; Knitebane; AppyPappy; jae471; ...
The Penguin Ping.

Wanna be Penguified? Just holla!

Got root?

3 posted on 09/08/2003 5:53:10 PM PDT by rdb3 (Which is more powerful: The story or the warrior?)
[ Post Reply | Private Reply | To 2 | View Replies]

To: ShadowAce
Half of all crashes in Windows are caused not by Microsoft code, but third-party code

That’s like Ford saying half of all fatal car crashes were caused by driver error and not by the car failing.

4 posted on 09/08/2003 5:56:14 PM PDT by Flashman_at_the_charge
[ Post Reply | Private Reply | To 1 | View Replies]

To: Flashman_at_the_charge
Or Boeing saying, "Half of all crashes of our planes are due to the Microsoft navigation system, and not the overly-hyped problem of engines being mounted backwards".
5 posted on 09/08/2003 6:10:08 PM PDT by thoughtomator (Israel is the canary in the coal mine of Islamofascism)
[ Post Reply | Private Reply | To 4 | View Replies]

To: thoughtomator
Nice tagline.
6 posted on 09/08/2003 6:12:32 PM PDT by Flashman_at_the_charge
[ Post Reply | Private Reply | To 5 | View Replies]

To: Flashman_at_the_charge
Nice screen name. How's Elspeth?
7 posted on 09/08/2003 7:21:32 PM PDT by jammer
[ Post Reply | Private Reply | To 6 | View Replies]

To: ShadowAce
Lol in one hand he bashes somebody for wirting a one side piece and then he goes and writes one himself pot kettle anyone?

I have never, I mean NEVER put a patch on an AIX, Solaris, or Linux system and had it break anything! My time for test to production patches is a couple of days for a low risk, and at most a day for high risk. On the windows side of things three times last year I had a patch break something else (usually an application it would be SQL server, or ...) My time from test to prod is at least a week on critical systems and around a month on low risk.

Windows update is fine for the desktop but anyone who would update Windows without extensive testing is nuts..

8 posted on 09/08/2003 8:26:23 PM PDT by N3WBI3
[ Post Reply | Private Reply | To 1 | View Replies]

To: Flashman_at_the_charge
I know I love this one, blame the app. An application exception should NEVER take down an OS the only time I have ever seen that on Unix was with a really wierd SAMBA mount that I can not replicate..
9 posted on 09/08/2003 8:27:55 PM PDT by N3WBI3
[ Post Reply | Private Reply | To 4 | View Replies]

To: ShadowAce
Zymaris claims keeping patches updated is far easier in Linux "due to the well thought-out and well-executed package management technologies". This is a highly contentious point, and not one that lends itself to being quoted without analysis by any journalist who wants to claim a shred of credibility.

No, it is NOT a highly contentious point. What is contentious is "which package system is better, RPM or Debian .deb"? But ANYONE who has ever dealt with both Win2k and either RPM or .deb knows full well that Linux wins hands down on this matter.

10 posted on 09/08/2003 8:44:29 PM PDT by ikka
[ Post Reply | Private Reply | To 1 | View Replies]

To: jammer
As dotty as ever, still not sure about her though. :-)
11 posted on 09/08/2003 9:19:05 PM PDT by Flashman_at_the_charge
[ Post Reply | Private Reply | To 7 | View Replies]

To: N3WBI3
Hardware abstraction is the key. Check out iSeries.
12 posted on 09/08/2003 9:31:24 PM PDT by Flashman_at_the_charge
[ Post Reply | Private Reply | To 9 | View Replies]

To: N3WBI3
I once took down the OS with a SAMBA mount. I use DHCP on my local network for IP distribution. I had recently taken down the machine that acts as a DCHP server because of a power failure, but I forgot to resume the DHCP client when I restarted (yeah, yeah, I should have a script to do it, but I'm too lazy and the machine rarely goes down). The other machines on the network still had IP addresses, howver, because their previous DHCP leases hand't expired.

Anyway, I was burning a CD, but the source image was stored on a different machine with a Samba network share. Unfortunately, the DCHP lease on the burning machine ran out. As a result, the share on which the CD image -- still being read from for CD burning -- was suddenly and ungracefully unmounted. Result: kernel panic (which is perfectly understandable under such conditions).
13 posted on 09/09/2003 1:44:35 AM PDT by Dimensio (Sometimes I doubt your committment to Sparkle Motion!)
[ Post Reply | Private Reply | To 9 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson