General discussion

  • Creator
    Topic
  • #2184314

    The Gauntlet (What’s missing in windows?)

    Locked

    by ungle ·

    I’ve been reading/participating in the discussion around OS bashing. My impression is that people have a favorite OS and will bash others out of, primarily, ignorance.

    This is particularly predominant with Windows bashing by the Linux group.

    Having worked with about everything, I have favorites for particular tasks (Windows on the desktop, Linux for Web, Sun for rich people, for example. Not necessarily saying they are the best, mind you. Just my preference) and I feel they are all pretty much on a par. However, I’m most interested in the Linux crowd who like to bash Windows.

    Let’s here specifics from the Linux crowd (“I can do this, can you?”) and see if the Windows admins/developers can’t answer their doubts.

All Comments

  • Author
    Replies
    • #3194414

      yep, pretty much…

      by akalinowski ·

      In reply to The Gauntlet (What’s missing in windows?)

      I dont feel windows is secure so i use HP-UX or Redhat(linux) for my mission critical servers, nothing beats AD, i’m sorry, its easy, and it works (for the most part)

      on the desktop, its a close tie between OSX
      only reason i’ve been sticking w/ windows on the desktop is because of the ease of management between AD and windows XP

      for laptops, i have been using Mac’s (unless some a windows only app is needed)

      and at home i use a windows box only because battlefield2 isnt on the mac 🙂

      • #3195736

        Prefer NDS to AD

        by oz_media ·

        In reply to yep, pretty much…

        Having grown into a Novell environment, I prefer NDS as far as capacity and security and overall manageability goes.

        • #3194947

          Are you kidding?

          by cyberjunkie21 ·

          In reply to Prefer NDS to AD

          Wow, I didn’t know if there was anyone besides my main network admin who likes NDS. NDS doesn’t offer any capacity or security over AD. I’ve always thought it makes sense to add a third-party client software to a pre-existing windows desktop environment. Talk about safety.

        • #3194926

          I like NDS /edirectory

          by lord deonast ·

          In reply to Are you kidding?

          I like NDS / eDirectory as well. It is technically still superior to AD and still scales larger than AD. Although in recent years AD has been catching up. The problem with eDirectory is lack of third party development these days, AD has that and also the problem that windows desktops management essentially pushes AD into more and more companies, so less people support alternatives which is sad.

          eDirectory is also pretty much platform
          independant these days, runs on linux, solaris, and windows – I like that.

          Too bad, our New network manager has pushed AD and win2003 out every where now, Novell systems and NDS are being displaced.
          Would have been nice if our company didn’t just take the Network manager’s word for every thing and acutally weighted up the pros and cons of alternatives.

        • #3194915

          Interesting

          by cyberjunkie21 ·

          In reply to I like NDS /edirectory

          That’s interesting, because it’s the same thing at my job, just reversed. My main net admin is stuck back in NDS glory days. There’s never even a discussion of making things AD. What he says goes, bottom line.

        • #3194910

          I guess you get that everywhere

          by lord deonast ·

          In reply to Interesting

          I’m a linux/ novell fan, but I’d just be happy to have the options on the table and the best fit/ features / price evaluation win.

          The problem is when soneone backs something to the hilt, like linux only, windows only, then their credablity goes on the line – there can never ever be a problem with their platform (strategy of choice).

          I see this with my network manager, when there is a problem caused by AD or Windows, directly or indirectly he will go to great lengths to put the blame else where, it is his reputation on the line, he is implementing it. This is a sad state of affairs from whatever side of the fence you happen to be on.

          Better if there was no fence, just herd the sheep where ever they need to be.

        • #3194904

          Agree

          by cyberjunkie21 ·

          In reply to I guess you get that everywhere

          I agree 100%. I do like Windows, but understand that *nix and Novell (cough, cough * sorry caught some flem) have their places. Back in the day I was much looking forward to the MS empire finally taking over, but there’s no sense in something like that.

        • #3195340

          amen!

          by vjcskid ·

          In reply to I guess you get that everywhere

          The benefits of a mixed environment can’t be stressed enough. Replacing Windows where it makes sense to do so, can achieve significant cost savings. Here, I manage Windows, Citrix, SLES9, and Netware. The way I look at it is that I get the best of all worlds…..

        • #3196253

          it’d be nice to stay with novell but the cost…

          by heml0ck ·

          In reply to Interesting

          Our corporate costs are such that upgrading our support for our novell servers and migrating the tree to newer hardware is such that, with the desktop manageablity of AD, it would cost far too much money to essentailly duplicate the windows file server environment…
          Maybe when Novell is little more mature in the Linux world it’ll be worth exploring…

        • #3196291

          expertise

          by korgmeister ·

          In reply to it’d be nice to stay with novell but the cost…

          i think it doesnt make much different because it is all about expertise 🙂

        • #3051612

          ROI indeed

          by chriske911 ·

          In reply to it’d be nice to stay with novell but the cost…

          the site I work for at the moment still runs on Novell 4.x
          they are desperately trying to get away from Novell
          however for the sake of their main application running on DBAdvantage they still need the novell client

          I’ve used NDS and I have to say it is not only very costly in terms of licensing but also too damn confusing, the options and tabpages in the user administration console never seem to end

          and the novell client has in my experience always been the brake on network speed experience
          everything comes to a crawl the minute it gets installed on a workstation
          also the deployment of all kind of innovations get hold back, eg a biometric authentication

          grtz

        • #3051297

          ROI Comment

          by lord deonast ·

          In reply to it’d be nice to stay with novell but the cost…

          Yes Licensing can be costly, but then you get what you pay for. You say you are still running 4.1x, you won’t be getting much value, that is an old platform, Think winNT equivalence. You say no biometric, well newer versions of edirectory (what the new NDS is called) support this, you just need to move forward.

          You can’t complain about not getting value from a platform and new features when you stay with an ancient version. The same would apply if you were on WinNT and tried to achieve the same things.

          Netware 4.1x isn’t even supported anymore, so for your licensing you will get nothing, move forward and you will get a better value proposition.

        • #3119851

          You’ve missed the point

          by calithor ·

          In reply to it’d be nice to stay with novell but the cost…

          Novell is very mature in Linux already…Novell being the forward thinking company that it is is right now the only company with a Linux solutiuon form the desktop to the enterprise… Maturity comes with eDirectory…Novell has had a directory story way longer…eDirectory manages windoiw sna Linux server better that windows and lInux themselves…
          All of the very best of NetWare has been ported to Linux so you may have the best of both worlds…and if you still need windows..then it operates extremely well in a heterogenous environment…PS server down time is more costly

        • #3181798

          I always thought NDS a better design.

          by petedude ·

          In reply to I like NDS /edirectory

          AD is just a catch-up attempt by M$, and a poor one at that. How many servers do you need just to have AD security features available?? With NDS, the same server could not only host NDS, but be running GroupWise, NetWare for SAA, MySQL and a web server, and hardly break a sweat.

          It’s a shame though. It’s VHS vs. Beta all over again, just with networking. I hope Novell can find a new market in its Linux products.

        • #3196307

          it will

          by jaqui ·

          In reply to I always thought NDS a better design.

          be a battle for them to do so.
          since most linux users have open source, free software that offers the same functionality, any linux based novell customers will most likely come from established customer base or people new to both linux and novell.

        • #3048361

          so true…

          by jcwuerfl ·

          In reply to I like NDS /edirectory

          Managers if you are reading this beware sometimes you make decisions that are worth of dilbert comic strip and yes, we do send all of those into Scott Adams, and you wonder why they are sound so familiar… =)

          Managers really need to listen more and stop making knee jerk decisions and going with something without doing the due dilligence it needs. so true..

        • #3194916

          Do I look like I’m kidding? :)

          by rick.leonard ·

          In reply to Are you kidding?

          First, if you’ve ever managed distributed environments with over 5000 users you’d understand NDS’s full-capability over AD. There’s no comparison.

          NDS is a true directory that stores essentially all the data on all the apps for every server, so everything can be managed from a single tool. Which Active Directory tab do you use to manage DHCP? DNS? Exchange (Server, not the client options)? IIS? Can you manage both the user objects and the complete server file structure from AD?

          The answer to all the above is no, and for NDS the answer is you use ConsoleOne. So I have a single source of management for >95% of my activities, and I can manage my Novell, Windows and Linux boxes from the same tool, which runs on my desktop. Using that tool I can reserve a DHCP address for a particular user, or workstation. I can create a new security group, create a new folder, assign the group to the folder, assign users to the folder, and modify the login script for just that group to add a new map..again in one tool. Imagine doing FULL email server management in the same tool you use to add/remove users.

          I was at Novell’s Corporate Sales/Training center in Seattle in 1994 when they explained the transition to NDS from Bindery. That Novell 4.0 implementation of NDS was about feature for feature with AD today. By 4.11 in ’95 it was beyond what they’re talking about in “Vista”…and this was over 10 years ago.

          When everything, and I mean just about everything, that makes your servers run is in a single DS tool (no registry, no separate databases, no .ini files), when every service you install is managed from that same tool, when you can control all of that from your desktop across multiple platforms at a nearly infinite number of locations, THEN AD is equal to NDS…as NDS is now. Once MS catches up in 5-6 years, how much further ahead will NDS be?

          That said, I’m transitioning my last Novell box to Win2k3 and completing the move to a homogeneous, windows-only network. It’s not like I’m a Novell booster, but I’ve worked with both in large environments and small, and I know which I’d rather use. Now, only if they hadn’t lost the battle…maybe my corporate overlords would be less windows-centric.

        • #3194911

          Some how your post lacks the mention of MMC

          by madcow9597 ·

          In reply to Do I look like I’m kidding? :)

          I noticed you said when AD can have all the tools in one it would equal NDS. The MMC does do that. Also It’s custamizable. Is ConsoleOne? You can build your own console to control everythning you want in one console! It’s called MMC, just add the snap-ins. Well, thought I would mention you left that out.

        • #3194894

          Not the same…

          by rick.leonard ·

          In reply to Some how your post lacks the mention of MMC

          MMC is merely a framework to manage muliples “apps” where ConsoleOne is the app that gives a full-view of the directory. If you’ve ever used both you’ll see the difference between say managing DHCP in the directory and managing a DHCP add-on application in the same window. It’s a subtle difference, but the more I used AD in things like Unified Messaging and distributed environments, the more I wanted a TRUE directory and an application to manage it..

        • #3194888

          Pleasure

          by cyberjunkie21 ·

          In reply to Not the same…

          I personally enjoy the amount of system resouces ConsoleOne takes to start. *snickers*

        • #3194868

          except that…

          by Anonymous ·

          In reply to Not the same…

          You can’t do EVERYTHING in console one. I still have to use NWADMIN32 for a few things. And No Imanager has been added to the mix, to replace Console one, but it still doesn’t do everythingeither, so you still have to go back to console one.

        • #3194802

          AD like one repository for ALL…!

          by rashid breedy ·

          In reply to Do I look like I’m kidding? :)

          You can manage DNS, DHCP, USERS, etc with AD! Just use de MMC tool and arrange all the the consoles in one place!! Try it, is simple!

        • #3194773

          It’s all about speed

          by rockinra ·

          In reply to Do I look like I’m kidding? :)

          I just had to say something 🙂
          I remember those Novell days. I used to love Novell too. But I also remember how slow Console One was. Then what about when it decides to crash? Who cares if everything is in one program. If it takes forever to load or uses up all the resources then it is counter productive in my eyes. For example, if I want to quickly reset someone’s password why should I have to load the whole network just to do that.
          I guess I am just a happy convert. For me life is much, much better since we went to AD. I can do what I need to do much quicker. And most of all, the programs don’t crash!
          If that isn’t enough said… When we switched to AD from Novell our helpdesk call volume dropped to about half as many calls as we had before.

        • #3194754

          AD, and not kidding

          by too old for it ·

          In reply to Do I look like I’m kidding? :)

          I grew up in command line environments for everything and anything and I so much prefer the point-click-done scenario AD offers.

          But I realize that there are still those who think vi is a superior alternative to Word 2003 for every secretary in the enterprise, so go figure.

        • #3053168

          Vi?

          by keyguy13 ·

          In reply to AD, and not kidding

          Don’t compare apples to oranges.

          Vi is an editor and it kicks Notepad’s (and notepad is the only fair comparison) ass.

          Openoffice works almost as well as word 2003 and yet costs nothing.

          Go figure…

        • #3051715

          Vini, Vidi, vi

          by too old for it ·

          In reply to Vi?

          I worked for a guy right around Y2K that used vi for everything … word processor, development environment, web page editor .. might have used it to edit spreadsheets too for all I know.

          Refused to buy Dreamweaver to replace vi for the web development staff because “why would anyone want to do that?” They are out there, and generally in management.

        • #3051594

          one for each of ya

          by apotheon ·

          In reply to Vi?

          keyguy13: I’d say, actually, that OpenOffice.org is better in many ways than MS Office, even aside from price. It’s also not quite as good in some areas. It’s a trade-off that needs to be examined before choosing one or the other on technical merits.

          Too Old For IT: That guy sounds like a problem child, and judging vi based on his example is not a smart approach. I use vi as a code editor, text editor, text processor, system configuration tool, and email editor. I also use OpenOffice.org, Thunderbird, Webmin (for CUPS), SciTE, and a slew of other things that overlap. I find vi to be much more effective for those tasks for which it is fully functional than anything else I’ve used for those tasks, but it’s not the panacea for all conditions at all times.

          If the vi user to whom you refer refused to let others use tools that would make them more productive, that’s a problem with him, not with vi.

        • #3051586

          Emacs rules vi drools

          by jmgarvin ·

          In reply to Vi?

          *sits back and waits for the flames 😉

        • #3051521

          Emacs?

          by apotheon ·

          In reply to Vi?

          Why would I need Emacs? I already have an OS!

        • #3051497

          Emacs is way better than Vi

          by jmgarvin ·

          In reply to Vi?

          I can check my mail, read newsgroups, program in multiple windows, have perty colors, AND talk to a psychologist!

        • #3051493

          software evolution

          by apotheon ·

          In reply to Vi?

          Every application gains functionality and features until it eventually incorporates the capabilities of an email client, at which point it becomes obsolete. It’s some kind of a law of computing, like Moore’s Law (processing speed doubles every 18 months) or Parkinson’s Law (data will grow to fill available storage), but I’m having a little trouble tracking it down online right now.

        • #3050436

          Why Vi is better than emacs

          by jdclyde ·

          In reply to Vi?

          If I have to go work on someone elses server, I KNOW that it will have vi.

          If I have a server go down and is in a limp mode, I KNOW vi is on my boot disk.

          What is the “best” tool isn’t always what makes it the best tool. Being able to use it anytime, anyplace means more to me than if one has more features or not.

          But that is just me.

        • #3052046

          availability

          by apotheon ·

          In reply to Vi?

          That’s why I initially decided to concentrate on vi more than emacs. Now, much later, I keep seeing reasons I’m glad I went with vi as my primary CLI text processor instead of emacs. One of these days, though, I should get around to being functional in emacs as well.

        • #3051860

          Honestly, anymore I’d like to see pico/nano as the “default” text editor

          by jmgarvin ·

          In reply to Vi?

          Pico seems to have enough functionality and nobody really loves or hates it…

          The whole vi vs emacs thing is strange, but understandable…but NOBODY can get excited about pico 😉

          I should probably more proficient in vi (I can edit, save, open multiple windows, etc), but I’m not a speed demon like most vieeks are.

        • #3051805

          bahh

          by jaqui ·

          In reply to Vi?

          only reason vi is available is it’s in the standards for lsb.

          I’m trying to get them to change it to something that is modeless, like joe.

          since this command mode to tell app what to do and edit mode to change files is from the stone age, and should be killed.

          emacs isan’t any better, an antiquated design that has seen it’s heyday and needs to be put to rest with the other dinosaurs.

          one of these years I’m going to go through the sources for building a system and rip out all sections that require vi(m) and change it to a better editor.
          then I can have a system that doesn’t require an app I’m never going to use.

        • #3052453

          Modeless?

          by apotheon ·

          In reply to Vi?

          How do you move around and perform complex editing tasks with a modeless text processor without ever having to leave the home row on the keyboard? The whole point of the mode style of control is to speed up the editing process by allowing one to perform certain operations very quickly, which requires as little deviation from the keyboard home row as possible.

          Hmm. I’ve been thinking of looking into learning the Dvorak keyboard layout, and it suddenly occurs to me that this would mightily screw with my use of CLI applications like Vim.

        • #3052444

          you mean

          by jaqui ·

          In reply to Vi?

          they refuse to update vi(m)’s interface to keep with the home row of the keyboard?!?!?!

          it still sucks.

          I would rather use ms” notepad than vi(m) or emacs for text editing.

          or the old dos edit.
          far simpler usage than either of them

          you don’t need a million features in a text editor that is required so that you can edit configuration files.

          editing to add:

          besides, for some reason unkown to me I work best when using one hand only ( left ) and not even looking at the keyboard.
          so an interface designed for 8 finger usage is completely at odds with my keybarding style.

        • #3052422

          Uh, what?

          by apotheon ·

          In reply to Vi?

          I don’t know what you’re saying about updating vi. If you’re referring to my comment about Dvorak keyboards, I’m just saying that I don’t know whether the used for movement and other functionality would be the same letters or the same locations, and in either case the adjustment would screw with my head.

          In any case, as I tried to convey, I’m a touch-typist home row kinda guy, and like vi’s approach to that.

          By the way, when you talk about all you need from a text editor for editing configuration files, you seem to be forgetting that vi is designed to do more than simply edit text files. It’s not a text editor: it’s a text processor. It’s capable of everything a word processor can do, and then some, with the mere addition of a couple of things like tex for formatting, and it does it much faster and more efficiently for the experienced vi user. It’s also fantastic for development, with parenthetical matching and context highlighting, scripting, macros, and so on, all without the sort of security issues endemic to office suites.

          . . . and it’s nowhere near as bloated as emacs, for all that.

        • #3052409

          Problem with Vi

          by jmgarvin ·

          In reply to Vi?

          Here it is…the total problem. I was teaching vi to a few students and they had trouble grasping the whole concept of running command line stuff in a text editor. It seems the “command” area of vi (to them) should only be for text processing and not for navigating the system and running commands there.

          The other problem is that “modern” computers come with keys to the right of the enter key. This is pretty problematic in vi. Another point is navigation doesn’t map to what they know, FPS games. HJKL does NOT map to WASD at all…so students have trouble rembering that L means RIGHT!

          I joke about Emacs, but honestly, there are far better text processors than vi. It takes a LONG time to learn and many admins just aren’t good with it. I think something like joe (as metioned) or at very worst pico/nano should replace vi ASAP.

        • #3052390

          hey . . .

          by apotheon ·

          In reply to Vi?

          If all you want is a text editor, use ed. If you want a text processor, that’s where vi is strong.

          I really don’t know a whole lot about joe, pico/nano, and all the rest of that half-measure stuff. I’m sure it’s great. On the other hand, vi is available everywhere, and I like it a darn sight better than emacs. For a CLI text processor, it works great.

        • #3052346

          apotheon,

          by jaqui ·

          In reply to Vi?

          but vi isn’t included because it’s a text processor.
          it’s required for standards compliancy for it’s use as a text editor for fixing config problems.

          like using a 20lb sledge hammer to drive a finishing nail.

          the lightweight editors are all that is needed for that purpose, yet the standards say that vi(m) is the editor to be used.

          note, standards say editor, not processor.

          why do the standards require overkill for the default editor of ttext files?
          that’s my issue with them.

          I just don’t think that any app that is running “moded” should be continued.
          ( includes emacs you know )
          the modeless editors don’t have the complexity of switching modes to move around the file, and edit it.
          yet they don’t all lack the abilities of vi(m)

          emacs is more a complete user interface.. a cli windows. 😉
          kludge after kludge with it.
          try reading emacs tutorial in console.. carefull it will dis-appear on you and lock emacs up.
          ( happened to me 6 times. un-installed emacs. )

        • #3052284

          why vi

          by apotheon ·

          In reply to Vi?

          I’m pretty sure that vi is included for reasons of A) compatibility with the hundreds of applications that integrate with vi, and B) historical reasons of its ubiquity on unix systems, as well as C) the fact that it operates perfectly well as a mere text editor when it needs to but also allows for a helluva lot of power in the hands of someone that knows how to exploit it.

          I don’t disagree that something much leaner might be a better choice but, in a world where even Debian is including less in the “minimal” installation now, you’re not going to see vi thrown over for something smaller. In fact, if you actually change anyone’s mind about replacing vi with something else, they’ll probably pick something more bloated at this point. If you want something smaller, you’re going to have to simply assume LSB noncompliance.

          “[i]I just don’t think that any app that is running ‘moded’ should be continued.[/i]”
          I disagree with that. There are things that vi(m) can do because of the modes it uses that it would not otherwise be able to accomplish with any efficiency. Please stop arguing for making it into abandonware just because you don’t like the interface. A lot of other people do.

        • #3067768

          Here’s something you never hear

          by nighthawk808 ·

          In reply to Vi?

          “I use both vi and emacs.”

          We should ask Laura DiDio which one she would use, then use the opposite. That should settle things once and for all.

        • #3182077

          MMC

          by james ·

          In reply to Do I look like I’m kidding? :)

          I beg to differ, I have a custom MMC console where I can manage all the services you mentioned and more…..You need to study up on the MMC console. You would be suprised how much of your environment you can manage from one MMC console.
          James R. MCSE, MCSA

        • #3196250

          I agree ’bout the MMC

          by heml0ck ·

          In reply to MMC

          I use a single MMC to manage AD and 50ish individual boxes, plus the handy-dandy Symantec snapin…
          Now if only I could find a snapin for WSUS….

        • #3181875

          Unix

          by rodneyjensen ·

          In reply to Do I look like I’m kidding? :)

          Have all forgot the power and security of Unix. Unix is the Server OS that is used and started the Internet. Unix is what linus wants to be, however, will never be. Server people should learn amd operate Unix. It is power, security and lovely, Not Linus. Linus is little sister of Unix.

        • #3196247

          riiight…..

          by heml0ck ·

          In reply to Unix

          there are just as many security flaws in Unix (doesn’t matter the flavour) as nay other OS…
          the difference is difficulty in scripting hacks….
          If/when *nix become the big kid on the block, I fully expect to see a dramatic increase in vulnerabilities reported for those systems…

          However, I agree about power! NOt much beats a RISC processor or 16….. 🙂

        • #3196193

          True

          by maldain ·

          In reply to riiight…..

          Except the basic architecture of both Unix and Linux limit the amount of damage a hack can go with the exception of the root user. Anybody who allows remote login to root is asking for trouble even if you need to use root for management you can always switch user to root while already logged in.

        • #3053164

          Another myth born of ignorance

          by keyguy13 ·

          In reply to riiight…..

          No, Linux nor Unix do NOT have the same amount of security vulnerabilities. The difficulty of scripting hacks is due to less vulnerabilities…

          And while Windows networks tend to get hacked more because of their popularity, they also get hacked because they are less secure.

          It’s stupid comments like yours that keep people from going with Linux or Unix. Some people actually believe you and therefore we all lose, because windows IS much less secure than Linux/Unix. Period.

        • #3053167

          Ummm Linus?

          by keyguy13 ·

          In reply to Unix

          Since you don’t even know how to spell the OS that you are claiming is inferior to UNIX, you don’t really have much credibility…

        • #3052366

          Ummm, be nice.

          by dominic_2002 ·

          In reply to Ummm Linus?

          Hey, be nice or I will tell everyone that Linu”s” is for mean people…

        • #3195365

          Gets your facts straight

          by mill3502 ·

          In reply to Do I look like I’m kidding? :)

          Not sure of your AD background but all the things you say you cannot do are not correct. Ever hear of MMC and snap-ins of course not because you say it won’t do it. of course you can put all of your snap-ins in a single console and from one location administer all optins either on the existing system or on another. If you would sit and actually learn the op system you woun’t find that they all have there good points nad there bad points. It just what you know…

        • #3195232

          Develop your own tools

          by mikestilesky ·

          In reply to Do I look like I’m kidding? :)

          Using ADS toolbox with all of the dll’s, you can make your own ‘1 tool’ applet to do everything you need to.

          We transitioned from NDS to AD in 2003. I did not like having to go to several different programs to do all of the things I needed to do to manage my AD. So, I sat down and wrote my own ‘AD Management’ program. I even shared it across all of our divisions. Works great.

          Create users, manage and assign groups, create DACL’s and CACL’s. Without this, I would have to go into Active Directory Users and Computers to create a user. Then, I would have to go to the filesystem to make a home folder, remove default permissions, manually assign DACL’s and CACL’s.

          Be as it may, AD has it’s advantages and disadvantages. Take the disadvantages and improve upon those

        • #3195153

          I’m with you!

          by calithor ·

          In reply to Do I look like I’m kidding? :)

          You nailed it…NDS blows AD out of the water 🙂

        • #3051553

          Well Done!!

          by philchil ·

          In reply to Do I look like I’m kidding? :)

          I definitely have to agree with you. I’ve managed several thousand shops with NDS and it works wonderfully, securely, and easily, if you are proficient in what you do. It all boils down to the learning curve. All the OS’s have different aspects that are both good and bad. It’s up to us, as the implementers, to maximize the good, limit the bad. Do the job right, do it well, and don’t get sloppy just because, lets say, Windows 98 is too hard for you to understand, or you think a tree is what fruit is grown on.

        • #3194882

          No difference? What a surprise!

          by darwin1 ·

          In reply to Are you kidding?

          The lack of difference is only a result of NDS being licensed to Microsoft and renamed as AD. Just as NT is Netware 2.11 (reverse engineered with a GUI interface) I guess it was only coincidence that NT came out about 3 months after Novell stopped supporting 2.11

        • #3182075

          NT is not Netware

          by dvawter ·

          In reply to No difference? What a surprise!

          NT was co developed by Microsoft and IBM, not MS and Novell. NT was built from the ground up based on TCP/IP, not IPX/SPX. Get your comp history straight. The only part of NT that is licensed from Novell, is the IPX/SPX specs with witch they built the Novell client.

        • #3182064

          Okay – question for Linux users

          by digi-tal ·

          In reply to NT is not Netware

          Is there a feature like shadow copy to help offset stupid user tricks? I mean can I recover files throughout the day that some inept user deleted by accident instead of going to last night’s tape? Just curious. I haven’t used Linux/Unix for a long time. Also, I came from a Novell background and I see pros and cons to both.

        • #3181887

          Shadow Copy a la Linux

          by crake ·

          In reply to Okay – question for Linux users

          LVM, clustering, commercial products… Yes indeed, Linux offers many ways to provide real-time data mirroring and high availability.

          This aside – and no disrespect to your users – but it sounds like your organization should emphasize end-user training given the fact they have administrative privileges to data.

          I work on various platforms on a daily basis, and I must say that most *nix systems do not allow users enough privileges to inadvertantly delete data. Some do, but not most.

          Prevention is always the best solution.

        • #3195439

          Craik, suspect you don’t know what Shadow Copy is?

          by ungle ·

          In reply to Okay – question for Linux users

          Crake,

          Shadow copy is a technology aimed at file servers. The idea is that if you overwrite a file then later you can revert to the old version of the file, for 1, 2, 10 copies, whatever you want.

          This is not about access as it’s designed to save users from themselves on file servers where they are MEANT to have access under any scheme/OS.

          Data integrity is another issue…

        • #3195221

          One bad aspect of Windows AD

          by mikestilesky ·

          In reply to Okay – question for Linux users

          No undelete method. Atleast with NDS, you could go into Purge/Recover and recover accidently deleted files, or those Excel files that got corrupt with the last save. You could go back in time to 1 hour ago and retrieve the last save state of that darn corrupted file…

        • #3196188

          Several programs actually

          by maldain ·

          In reply to Okay – question for Linux users

          There are a number of programs like that or that can be configured like shadow copy. sync would be one which lets you synchronize somebody’s home directory capturing changes to the files there on a timed frequency that you set up. It works quite well. I use it to keep our warehouse inventories safe and secure from those stupid user tricks. I use a simple sftp to pull down grap back up data from our stores on a nightly basis. Both do exactly what I need them to do.

        • #3052042

          versioning

          by apotheon ·

          In reply to Okay – question for Linux users

          Just run a versioning system, like Subversion or CVS. Unlike in the Windows environment, it’s a trivial task to turn a versioning system into an incremental compressed backup system allowing you to “roll back” data states to earlier versions, thus duplicating the functionality of tools like Shadow Copy.

          There are also direct rip-offs of such tools available for DEs like KDE, and as stand-alones, but I’d really tend to prefer something using a versioning system because of the leaner operation of it, greater flexibility, greater orthogonality of functionality, and greater potential for use of one tool for many jobs.

        • #3182028

          what a bozo …

          by donald.ewers ·

          In reply to No difference? What a surprise!

          go back to playing checkers.

        • #3052349

          The difference between NDS and AD.

          by oz_media ·

          In reply to No difference? What a surprise!

          It’s obvious that MS had nothing to do with NDS, NDS works.

          As for NT being a spawn of NW, MS would LIKE peple to believe that anyway. THys don’t hold a candle to whet they have been competing with from Netware.

          MS offers cool features and that’s about it.

        • #3194865

          Policy’s

          by wdewey ·

          In reply to Are you kidding?

          The one thing that I have hear about that is a positive for AD is that when you create a policy you have a choice to not enable an individual policy. In NDS once you choose a policy block then all the policies in that block either have to be on or off with no option to be disabled.

          Bill Dewey

        • #3195228

          AD=NDS

          by sschafir ·

          In reply to Are you kidding?

          If you study the underlying structure of NDS and then look at AD you will see they copied NDS. They use similar terminology, trees and forests for AD, you can’t see the forest for the trees lol. And NDS has been using a tree structure with branches since Netware 4.x. Microsoft copied their security from NDS and NDS is much more secure because they have been perfecting it for years. So the comment wouldn’t hold true. NDS is much more secure because it has been around longer and has had more time to work the bugs out which Microsoft despite being around since the 90s has yet to be able to put out a product that can’t be hacked. It is much tougher to hack a Netware OS because of all the security built into the OS.

        • #3051602

          AD= Banyan Street Talk

          by bfilmfan ·

          In reply to AD=NDS

          Although there are probably few of the younger engineers have ever even seen Banyan, those of us that used it find AD a nice upgrade to Street Talk.

        • #3050973

          X.500

          by Anonymous ·

          In reply to AD=NDS

          Interesting. It was my understanding that they were both separately derived implementations of X.500 standards (NDS adhered to the standards more closely than AD, but that is no real surprise.).

        • #3181972

          Novell vs. MS Networks

          by techcleaner ·

          In reply to Prefer NDS to AD

          I read the litany of how great NDS is vs Windows and AD. Here is why Windows won and Novell failed: With a Windows (or, actually, a NetBIOS box), pull the network cable, and you lose connectivity to the network, but that’s it. Pull the network cable on a Novell client box, and the machine crashes. NetBIOS was forgiving, and Novell was like the Network Nazis. “Pull the cable, and we pull your plug.”

        • #3181968

          not a problem

          by lord deonast ·

          In reply to Novell vs. MS Networks

          I’d say that was probably more a problem with a novell client than NDS.

          I can’t say that I’ve ever had that happen in my company they were using novell client on 95 when I started. The most you would have happen is if you left it unplugged for a while you’d loose your authentication with the server, as it is time and ID based.

        • #3181890

          Novell

          by wdewey ·

          In reply to Novell vs. MS Networks

          Novell is much more forgiving of that now. With Native file access you don’t even need a client to do file sharing.

          Bill Dewey

        • #3137024

          Duh

          by lonnie ·

          In reply to Novell vs. MS Networks

          Pretty much what happens when you unplug a thin client on any network.
          Haven’t noticed a Linux or Windows box crash when I pull their network cable, and I don’t recall any of the computers on the last Novell network I worked on crashing if the network cable was pulled.
          At least TRY to make sense in your responses.

      • #3194925

        The problem with WIndows Security…

        by mmcdonal ·

        In reply to yep, pretty much…

        The Microsoft philosophy has always been to create installs with the product WIDE open, and leave it up to the administrator to close the security holes as they saw fit.
        The bigger problem is that MCSE training never included instruction on how to close the security holes in Microsoft products.
        A properly maintained and secured MS Server can do as well as a Linux server against attacks.
        The biggest problem is that since MS is found in practically everyone’s server farm, it makes sense to write your malware for the OS that is most likely to be found.
        Mark my words, if Linux overwhelms MS and completely takes over the market, malware will be written for Linux exclusively, and succeed as well as it does now for MS. People will bemoan Linux then, and some will long for the relatively secure days of MS.
        We use NetWare in our network (updating to MS in a year or so) and we are super secure because no one writes malware for NetWare. Why bother!?! No one uses NetWare.
        If you want a name for yourself in the black hat arena, you have to write malware for what’s out there, and what will most likely propagate your code.

        • #3194906

          New Windows,

          by gphoto45 ·

          In reply to The problem with WIndows Security…

          Windwos 2003 server, SP1 and XP Sp2 solve your “wide open” problem. They ae locked down by default. Not wide open. However, I agree completely with your thoughts on why malware is rare for Linux. Now that it is becoming more mainstream, virus, spyware and exploits are hitting it. Even a simple fork attack will drop most linux, with the noted exception of Debian. That attack stopped effecting Windows with 98. As for the vulnerabilities, a lot of people are more than a little shocked to visit http://www.osvdb.org/search.php and find the Nix OS’s have almost as many problems ass Windows.
          I noticed that when Firefix was found to have a huge hole in it, and had to be completely rewritten, there was no way to patch it. When the exploit was found in Kerberos, a critical exploit that allowed anyone to access your security, only aa single line mentioned that exploit did not affect Windows, just Nix os’s. If it has been th other way around, it would have been headlines. Linux has a great PR machine. And it is best to remmebe that a Fanatic with a befeif is far more dangerous that and Hell Angel with a chain.

        • #3182020

          Almost as much?

          by jgroetsema9 ·

          In reply to New Windows,

          How about Widnows had more than twice as much. Did you not count?
          Malware will still be rare for Linux as people like Linux and us it because they want to, not because they have to. Also, being open source, everyone can look at the code to see what is or might be exploited. If something is exploited, it is much easier to fix and you don’t have to wait for a company with another agenda to fix it. With MS products, you must wait for MS to fix the problem.
          P.S. We are moving to AD from NDS and had to add 11 servers just to support AD. These servers do nothing else, they do not run any applications. For this same multicampus consolidation, we Novell admins planned on adding 2 servers just because it made us more comfortable. None of the tasks I do in AD are as easy to do as they are in NDS. We are over a year into a single sign on project and still are not over half way. Novell came in and showed how we could have done this with a point and click tool and have taken only a few months to implement. But the powers that be have M$ on the brain and would not pursue a Novell solution.

        • #3181962

          Nice FUD, now a fact

          by damunzy ·

          In reply to New Windows,

          Nice FUD from both mmcdonal@… and gphoto45@…, and now a fact:
          Apache runs 68% of web servers and IIS runs 21% – but more attacks are made on IIS. So much for the myth that there is safety in small numbers. 😉

          Information from:
          http://www.theregister.co.uk/security/security_report_windows_vs_linux/

          Background: I use what works, whether it be MS Windows or Linux, so please do not try to paint me as a Linux lover. 🙂

        • #3181876

          The fork attack

          by crake ·

          In reply to New Windows,

          The fork attack is why most of my friends and I switched from Red Hat to Debian a long time ago.

          I am under the impression that most Linux users are still unaware of this vulnerability.

          BTW – as with Debian, the BSDs are not vulnerable to the fork attack.

        • #3196217

          Disable the user stack

          by jmgarvin ·

          In reply to The fork attack

          NT

        • #3181881

          Interesting but wrong

          by crake ·

          In reply to The problem with WIndows Security…

          Your statement, “MCSE training never included instruction on how to close the security holes in Microsoft products,” is completely inaccurate. I’m currently earning my MCSE (since my old one has been amortized) and can tell you that both the old NT4 and the current 2003 MCSE certifications require knowledge on how to lock down Windows.

          On another note, according to Netcraft, *nix servers are still the dominate platform in server farms around the world.

          See the following URL:
          http://news.netcraft.com/archives/web_server_survey.html

        • #3181872

          Reply To: The Gauntlet (What’s missing in windows?)

          by jmschattke9 ·

          In reply to The problem with WIndows Security…

          Obviously, you don’t have an “under the hood” appreciation of what makes *nix secure.

        • #3051786

          Not entirely true

          by keyguy13 ·

          In reply to The problem with WIndows Security…

          Yes it’s true that the dumba$$ malware writers write their code for the prevalent OS. However, they also do it because it’s easy. It is NOT easy to write malware for Linux/Unix because Linux/Unix is more secure. And A LOT more secure.

          A more appropriate analogy would be that more theives break into a house that has a security system they know and is easy to defeat, than a house that they don’t know and actually has a good security system.

          I don’t care what you M$ lovers want to say out of ignorance, Linux/Unix is WAY more secure than windows.

      • #3182030

        KickStart Windows?

        by george.phelps ·

        In reply to yep, pretty much…

        There is just no way to “kick” or “jump” a huge amount of servers quickly within Windows. We use kickstart and jumpstart servers to quickly configure, upgrade, patch, and install Linux/UNIX OS’es to servers in the hundreds within an hour. Let’s see Windows do that. Kickstart is also a great DR plan. OK so I have to buy a third party to half way do that but not well.

        • #3196138

          Yes, you can…

          by ungle ·

          In reply to KickStart Windows?

          and I have done so. During a recent headoffice move I was involved in I built 70 machines in under an hour.

          It’s really just a matter of understanding and using the tools at hand.

      • #3051648

        Did we miss the point?

        by roger ·

        In reply to yep, pretty much…

        I have a serious response to your question! I believe your question was what can’t you do with the ??? operating system? My response is that I can not run a web server, FTP server and web browser on Microsoft Windows XP SP2 at the same time due to speed issues. Also, I can not install applications on my Windows XP SP2 without requiring restarts for the machine to function correctly. However, I have a RedHat Linux 9 system running as a web server, ftp server, web browser, game server, instant messenger server, email server, (Can I think of anything else?) and it’s still way faster than my Microsoft system. By the way, the Linux machine is 900Mhz and the Windows machine is 1.2Ghz. I am having difficulties getting linux to correctly initialize the GUI so I don’t do the majority of my web browsing with Linux. However, lynx was very useful in searching for a solution when my Windows system mysteriously crashed after I tried to speed it up. My Linux system has been running for 11 days and 20 hours, my Windows system has been running for less than 24 hours. Tbe only reason my Linux box has not been functioning longer is that my UPS died, and took the power down with it! Unfortunately the reliability of the OS is not the only thing one needs to consider when looking at how to keep a system running reliably.

    • #3195775

      There is a lot missing in Windows!

      by billbohlen@hallmarkchannl ·

      In reply to The Gauntlet (What’s missing in windows?)

      Just take a look at the official Resource Kit for any version of Windows to find all the little goodies that should have been in the operating system but aren’t.
      Just a couple of examples:

      1) Event Log management. As any admin knows, Windows event logs contain important troubleshooting information, but aside from basic size and overwrite parameters, there’s no native way to manage the events.

      2) Auditing and Reporting. There is no good native way to audit and report on system and file security.

      There are plenty of companies who will charge you thousands (even hundreds of thousands) for software that was developed to handle “missing” tasks like these. I’ve also used ADSI and WMI scripting to create automated reports and audits. But the OS should have native capability for this.

      • #3195717

        No gui based, simple way to do it that you can start from the start menu

        by ungle ·

        In reply to There is a lot missing in Windows!

        I understand the complaint, but please remember that these tools under Linux are simply applications sitting on top of the OS.

        I have written several different applications for doing just what you describe. I have scripts to dump the security of the entire directory structure, analyze event logs, and in fact have automated reports sent out every morning with this data within my company.

        I don’t believe the functionality is missing, personally, and I’me sure you can find good tools like this on Sourceforge (for example) which is probably where they originated for Linux.

      • #3194928

        native?

        by krichmond ·

        In reply to There is a lot missing in Windows!

        I was under the impression that WMI and ADSI were both “native” to windows. On another note there are many other functions you can perform with standard windows Event viewer interface. You can order the items on any field, you can filter the view on specific error numbers, decription, or date, and other paramerters. You can connect to and view any event viewer on any windows machine to which you permissions. You can export the contents as csv or text files to be imported and manipulated by manym any tools, such as excel, access, crystal reports (crystal reports will connect and format event viewer info out of the box), the equivelant star office products, etc. None of the prodicts listed even come close to the thousands of dollrs you mention in the post. Lets not forget either, that the resource kit doumentation and tools can also be downloaded for microsoft at no cost to the consumer. You can use SNMP and an SNMP trap server to pick up real time events.
        Remember the event viewer is a reactive tool not a proactive tool. If you are trying to use the event system as a tool to help proactively prevent a failure, then maybe SNMP would be a better choice. SNMP support is also freely included with the windows operating systems.

      • #3194917

        ah but that is what SMS server is for

        by lord deonast ·

        In reply to There is a lot missing in Windows!

        You can get SMS server for monitoring and collecting event information and server status data. All data is collected into an SQL database.

        Of course you will also pay a pretty penny for this, M$ is about making money, they will supply you with basic tools – to get the more advanced and perhaps easier to use functionality you will have to expect to pay for it. M$ don’t write tools for the love of it, like some open source programmers.

        Open up that corporate cheque book, dig deep into that budget and see if it is worth it.

    • #3195742

      What’s missing doesn’t really bother me

      by oz_media ·

      In reply to The Gauntlet (What’s missing in windows?)

      It’s what’s there that is. I use a mix myself but other than on my personal notebook, I prefer SuSE Linus for it’s leightweight in corporate environments.

      I prefer a less cumbersome and unused feature ridden OS.

      Other than that, there have been some good comments on how Windows could improve the search function in the one-sided BASHING you refer to.

      I don’t see it as bashing, as much as an example of how many IT people in so many different areas of expertise prefer Linux flavours.

      • #3195715

        I think you misunderstood me…

        by ungle ·

        In reply to What’s missing doesn’t really bother me

        Yes, there has been some good suggestions, and yes I agree that there are a number of unnecessaries in Windows (Have you ever done a default install of Redhat??).

        However, there was a lot of “Microsoft sux” from people who did not want to really expand on what they felt was inherintly bad in Windows. I’m more interested in what people feel is so horrible about the OS and see if it is not simply a case of not knowing how to achieve what they want. To me it felt like a witch hunt.

        I really mean this as a legitimate attempt to find out what people dislike so vehimently about the OS, I apologize if you do not agree with what I am trying to do.

        • #3195699

          It’s redundant then

          by oz_media ·

          In reply to I think you misunderstood me…

          Search the TR archives, this one’s been done to death and even with the same premise for replies.

          More of an old worn pair of slippers than a gauntlet. Sorry, but that’s the way it is here.

        • #3194921

          agreed.. here is why i hate windows

          by jez ·

          In reply to I think you misunderstood me…

          I used to be a ‘windows sux’ linux user, but now i feel there is are some good uses for every OS.

          I like to know what is going on in my system and i always felt shut out from windows… error messages that are incomprehensible and unsolvable annoyed about windows – and the documentation was useless.

          But the main reason i use Linux is because of the wealth of applications out there for free. The initial learning curve may be steep but it is worth it and now i know how windows works much better (especially the boot process).

          I have never had a virus on Linux, and when a site tries to download malware it is amusing to watch it fail.

          HOWEVER, I recently got my 75year old uncle onto the internet with his first computer and yes i installed windows. I would like to have put linux on there, but i am not confident enough in the state of the desktop for a complete novice user.
          I myself am currently having fun (?) trying to get my DVD burner working in Linux and also my PVR card. If i was not a developer, I would probably feel a little differently about hacking config files etc.

          Now six months on from his first computer, my uncle has told me that when he upgrades he wants a mac. (he has taken to the whole computer thing better than i could have ever hoped).
          His reason is that it does not get virus’.
          I myself have toyed with the idea of getting a mac (cos they are like linux with out the hardcore config), but they are too expensive for me at the moment.

          Windows works on the idea that anyone should be able to just work it. This is a respectable ideal, but is a bit short sited as it leaves so many holes for expert hacker to take advantage of.
          Would you allow people on the road without any kind of driving training?

          There is a place for everything, and sooner or later the place for windows is in the bin (once you have prgressed to anything but a complete novice).

        • #3182092

          well said!

          by htos1 ·

          In reply to agreed.. here is why i hate windows

          I agree,linux is now at the point that windows was in 1986,running on an upgraded 086 to a 286xt with an ems card.It has a ways to go,but linux will be exciting to watch for the next ten years.Then the winXX format will retire to rom cards like win3x has done(embedded systems).Just give me 16 processors…

        • #3182063

          I have to agree with you.

          by dvawter ·

          In reply to agreed.. here is why i hate windows

          However I have to make one small point. We do let people on the road with insuffecient driving training.

          I think Windows gets by on a system of diminishing returns. Chances are, the windows machines worth hacking are maintained by an IT Staff that “SHOULD” know how to keep them secure (this is not always the case.) The Windows Boxes that are the least secure, are the ones that the dial-up internet users have, because they have never downloaded any patches. What hacker wants to break into Grandma’s machine, and steal her secret apple pie recipie at dial-up speed.

          Since it is possible to secure windows, and keep it running reliably, it can be a very strong choice for an OS, but a business better make sure that they are getting it installed by someone that knows what they are doing.

          If you are putting Linux in, you can be pretty sure it’s being installed by someone who knows what they are doing, the Install alone will befuddle most novice’s

          David
          want a Free Ipod?
          http://www.freeiPods.com/?r=9181869

        • #3195258

          Recipes?

          by mswanberg ·

          In reply to I have to agree with you.

          Are you aware that a good portion of attacks these days are designed to corrupt machines into serving/relaying spam and the like? So, yes, grandma’s machine is a prime target (not the grannies on dial-up, of course).

          Not all attacks are designed to steal data.

        • #3194920

          my biggest complaint against windows

          by fadelza ·

          In reply to I think you misunderstood me…

          The fact that windows users accept as a fact of life that they have to reformat and reinstall everything once a year astonishes me. In my old Mac days I never had to do that and un-installing a program was as simple as draging and drpoing to the trashcan of the program’s directory. Can anyone in the window’s camp beat that?

        • #3194905

          Reply To: The Gauntlet (What’s missing in windows?)

          by larry.winfrey ·

          In reply to my biggest complaint against windows

          “The fact that windows users accept as a fact of life that they have to reformat and reinstall everything once a year astonishes me.”

          I have had the same windows installation running for 3 years now. No reinstall, no format…I have even upgraded hardware around the OS a couple of times. All it takes is some occasional house cleaning (removing files and programs that I no longer use) and I get great performance again. This is the situation on my office pc, home pc, my laptop and my wife’s laptop, I have not had to format and reinstall a single time. Things have just worked.
          Your statement is not accuate, in fact it is a fallacy. I am a contract IT guy for several companies, there are only a handful of the corporate computers that I touch that have had to have a format and reinstall, and those were because the user went to some pretty nasty places and got some pretty nasty bugs that gummed up the computer, and cleaning would have taken longer than rebuilding.

          As far as Windows being the most insecure…I agree with the user who stated that if Linux, or Mac, or anything else were the top dog in market share, you would see these same security complaints raised against them. The black hats are going to go after what ever will get the biggest reaction. Which do you think will make the news – knocking out 1000 linux boxes or 100,000 windows boxes? I think you know the answer to that.

        • #3181882

          Try knocking out some linux

          by tony hopkinson ·

          In reply to Reply To: The Gauntlet (What’s missing in windows?)

          apache boxes then instead win IIS ones. Much bigger target so you are bound to make headlines.
          Lets see I’ll just use IE to .. No
          Hmm Outlook to … No
          Ah ActiveX … No
          RPC to … No
          Client Side Script to … No
          Log on as Admin …. No

          Ah here’s a windows Box, off we go.

        • #3052039

          nice

          by apotheon ·

          In reply to Try knocking out some linux

          That was hilarious.

        • #3067746

          I do know the answer to that…

          by nighthawk808 ·

          In reply to Reply To: The Gauntlet (What’s missing in windows?)

          …and it’s not what you think. Knocking out 100k Windows machines isn’t news precisely because it happens all the time. Knocking out 1k Linux boxen would be on Micro$oft’s Get the FUD website faster than you can say Slammer. They would ship out 60″ monitors to anyone who asked just so they could read the 512-point font headline. Laura DiDiot would laugh so hard that she’d have to wear Depends for a week just to keep her pants dry. A major–hell, even a minor–Linux-based worm would be big news precisely because it doesn’t happen every single day. That old, peabrained argument about Linux being safe because of its market share is plain, unadulterated BS: it would be on every single news program in the world if Google went down because of a worm. And they have thousands of computers running what? Yes, that’s right: Linux.

          All of this hasn’t happened and won’t happen any time soon because of the different structure of the two operating systems. Comparing the security of Windows and Linux is like comparing bleu cheese and a Ferrari.

        • #3194899

          It astonishes me too

          by gareth.rowlands1 ·

          In reply to my biggest complaint against windows

          I’ve not had to reinstall my OS at work since NT came out (nor at home since XP SP1 came out). I really don’t believe I’m exceptional.

          As for uninstalls, you’re right, MacOS was traditionally much better than Windows. But Windows is getting better – dramatically so since Windows Installer and Fusion came along.

        • #3194897

          reinstall old news

          by bhunsinger ·

          In reply to my biggest complaint against windows

          Windows 98 and Millenium < ME especially, needed to do that IF you install and uninstall lots of programs. On the other han, I have been running 98SE for 5 years on my home machine and it has never needed reinstalled. The wipe and reinstall is usually needed now when someone does not safeguard against a virus and/or spyware, These trash the system and it is quicker to backup and reinstall than track down every bit of garbage. W2000 and Wxp are more stable but you have the same issue with the operator.

        • #3194814

          The same could affect Linux

          by mswanberg ·

          In reply to my biggest complaint against windows

          The reason that reinstalls become favorable is that applications don’t uninstall themselves all that nicely sometimes. They leave crap hanging around.

          But think about most Linux apps. They will frequently sprinkle config files into different locations. Simply dropping the binary’s folder into the trash doesn’t fully clean up behind the app.

          Of course, conf files only take disk space and don’t affect performance. But that’s part of the basic flaw that is the Registry in Windows.

          As well, Windows tries to provide so much to applications, that they all get their hooks into the OS. I disagree with this as well. Linux seems to have that set up much better. But, OTOH, the Windows way reduces a lot of redundant code.

          It’s the age-old dilemma. If 30 programs use the same subprogram, then updating the subprogram updates it for all of them. But you run the risk of breaking a bunch of them. The alternative is to have the subprogram be unique for each app. Then you have to upgrade it 30 times. It’s catch-22.

          The analogy here is that since Windows apps use the OS a lot more, yes, they can get kludgy. But they will work together better. The Linux way seems to be more like the old DOS days where each program was an island. Getting WordPerfect talking with dBase talking with Lotus 1-2-3 was a nightmare.

          -Mike

        • #3052035

          bah humbug

          by apotheon ·

          In reply to The same could affect Linux

          Apparently, you’re not familiar with Linux software management tools. You want to ensure that everything installed is also uninstalled? Try this:

          # apt-get –purge remove [packagename]

          Voila. Complete, clean uninstall.

          The Windows way of doing things with the Registry instead of config files doesn’t reduce code: it just reduces orthogonality. The windows way of doing things with OS hooks doesn’t reduce code, either: it just reduces orthogonality as well, since Linux provides the same level of avoidance of redundancy through the use of non-OS-integrated libraries.

          If you use a well-maintained distribution like Debian, you don’t have to worry about dependency upgrades breaking things, and (unlike Windows) it’s even possible to have multiple versions of the same dependency installed if you really, really have to have different versions of the same library or the same “subprogram” (to use your term) to support separate applications. You get the best of both worlds: redundancy if you want it, and not if you don’t.

        • #3051920

          Humbug? A new food?

          by ungle ·

          In reply to bah humbug

          apotheon…not to cause trouble…

          All you describe is also available with Windows…multiple versions, clean uninstalls.

          That said, you need to know how – and there in lies the difficulty.

          The whole SxS thing was introduced to remove the dll hell problem you mentioned, and it was extremely effective. Now I can have shared libraries or “shared libraries” that aren’t.

          Windows installer is very effective at installing and uninstalling cleanly – but again, packages need to be built right.

        • #3051887

          true, but

          by apotheon ·

          In reply to Humbug? A new food?

          It’s a hell of a lot easier to type “apt-get –purge remove” than it is to do an interative search through the registry trying to memorize what changes in the registry when you install something, compare it with what changes when you install other stuff, and make changes to the registry to bring it back in line with what it would be if you’d never installed a given program but hadn’t ever done anything else differently. In fact, it’s pretty much humanly impossible. The same isn’t true of clearing out Linux config files.

          Yes, it’s technically possible to do the same stuff in Windows, but I’m not about to do the Windows Registry equivalent of playing a grandmaster chess game entirely in my head. Nor are you, for that matter, especially since the chess grandmaster would fail at this task.

          Major Linux distributions have centralized package configuration control and, even if such control fails and something slips through, it only affects that one program and disk space. It certainly doesn’t affect your entire system in a manner that no human being is going to be able to fix, as Windows registry problems do. Worse yet, with the registry, if the data gets corrupted, you’re screwed unless you have a backup of the entire registry [b]in its current configuration[/b] on-hand. God forbid you might have accidentally installed and/or uninstalled two or three things in the interim. Meanwhile, with Linux config files, unless your entire hard drive gets hosed up, you’re unlikely to have to do more than fix some text in a single config file.

          The real benefit of Linux over Windows for configuration is twofold:

          1. It’s orthogonal.

          2. It’s human-readable and human-editable with nothing more than a text editor.

          Combine those two, and all problems become trivial to fix.

        • #3182058

          Format Once a Year?

          by dvawter ·

          In reply to my biggest complaint against windows

          Where in the world did you get this “”Best Practice.”” If you have to format and reinstall, it will simply be because you have cluttered your drive to a point that you can no longer function. XP can run for decades without having to be reinstalled.

          You do make a good point about uninstalling programs though, much easier on the Mac. Windows has started down that road, when you trash a shortcut, it asks you if you want to uninstall the program, if you say yes, it takes you to add/remove programs. You still have to find, and manually uninstall the program, but it’s better than letting you believe that you did, just by trashing the shortcut.

          David
          want a Free Ipod?
          http://www.freeiPods.com/?r=9181869

        • #3052443

          actually,

          by jaqui ·

          In reply to Format Once a Year?

          proper filesystem ( partition included ) maintenance, by system developers says 6 months then rebuild partition structure and format.

          any longer is asking for un-acceptable error levels.

        • #3181880

          As much as I dislike some aspects of

          by tony hopkinson ·

          In reply to my biggest complaint against windows

          windows, it’s nowhere near as bad as that. In fact I can’t think of any occasion where I’ve had to wipe and reinstall the OS except through operator error.

        • #3181837

          Not beat, but equal. Its’ all in the development

          by ungle ·

          In reply to my biggest complaint against windows

          You may not know this, but as of XP/2003 you can install applications just as you say. It’s a little known feature called “side by side dll”.

          Effectively, if you want to use your own version of a COM object, you pop it in the same directory as the executable and then create a manifest for teh exe.

          However, you’ve ALWAYS been able to do this, it’s just you had to develop in a different way. There’s always a compromise between simplicity and efficiency.

        • #3067736

          That’s too easy.

          by nighthawk808 ·

          In reply to my biggest complaint against windows

          I think the closest you’ll get to beating that is the line “That’s a feature, not a bug*. Rebooting is good. Resistance is futile.” There’s a reason that Windows has no simple equivalent to Linux’s “uptime” command out of the box. If you want to coax the uptime out one of them, you have to sort through a bunch of system info junk or download an extra program. In Linux, you simply type “uptime” and you get something like, “8:42 a.m. up 154 days 11:07, 3 users, load average: blah blah blah”.

          It’s one of life’s little ironies that Linux, which rarely needs to be rebooted, has at least three ways to do it from a CLI: “reboot”, “shutdown -r now”, or “init 6”. If you want to reboot Windows (like, for example, if you just edited a letter to Grandma in Notepad, played a game of Solitaire, or some similar heavy-duty work that requires a reboot) you have to type “shutdown -r -t 00″.

          *”It’s a feature, not a bug” is a registered trademark of the Microsoft Corporation.

        • #3068081

          reboots

          by apotheon ·

          In reply to That’s too easy.

          Actually, the three-finger salute works on both Windows and (at least from a tty) Linux, too. Of course, that’s not really issuing a command so much as unceremoniously killing all processes. Then, of course, there’s the GUI option, for which there’s one choice in Windows (the Start button) and any number of choices under Linux, depending on which GUI environment you have decided to use.

          There’s so much functionality lacking in Windows that I usually don’t even know where to begin when asked to compare and contrast the two.

        • #3137173

          I understand

          by halibut ·

          In reply to I think you misunderstood me…

          I have been a windows admin for a number of years now and do like the OS. But some issues I find with the OS that Linux does not have for the most part has to be the command line functionality.

          Windows focuses way too much on the GUI side of the OS having to have a good portion of their tools GUI only based. Whereas Linux usually has the opposite, CLI based tools first and then someone wraps a GUI frontend to it for the less experienced Admins.

          So many “IT professionals” I have heard from speak how unstable windows is and how stable Linux is in comparison. But I have found that any OS that runs a GUI is exponentially more unstable than one running a CLI only. Linux or windows or Mac, it doesn’t make any difference.

          With that being said, all the OS’s have improved substantially in the past couple years but I still find this fact is still true.

        • #3119096

          GUI stability

          by apotheon ·

          In reply to I understand

          GUIs tend to be unstable. That’s true. It largely has to do with sloppy coding and the increased likelihood of bugs in increasingly complex code.

          Luckily for Linux users, if the GUI crashes, you still have a running, fully functional OS. On a Windows machine, if the GUI crashes, you’re hosed.

        • #3118880

          Common misconception

          by ungle ·

          In reply to GUI stability

          Not only are you not hosed, if you don’t like thg GUI change the shell to cmd.exe and you won’t use one!

          The GUI is not an integral part of Windows, it’s a convenience…that’s why a large number of servers run happily while almost never being logged on to…

        • #3118264

          nonsense

          by apotheon ·

          In reply to Common misconception

          It’s an integral part of most of what you can actually do with a Windows machine. What good is a Windows desktop without a GUI?

          Besides, my point wasn’t that the Windows computer is “unusable” without a GUI (though it might as well be, for most implementations), but rather that when the GUI crashes, so does everything else. Sure, you can get it running again without the GUI running, and with some work you can even get it running again with the GUI, but unlike a unixy OS, you can’t just kill the problematic GUI processes, fix the problem, and restart them.

        • #3117642

          Not at all

          by ungle ·

          In reply to nonsense

          You can do just the same. GUI causing you a problem? Kill it, start over. DESKTOP causing you a problem? Kill explorer.exe and re start it.

          Killing explorer does not hurt running applications, nor does killing applications hurt explorer.

          What good is a desktop machine without a GUI, *nix OR windows? Clearly I was talking about servers.

          Look, reading your posts it’s clear you know a LOT about Linux (*nix?). You should assume that there are people out there who know a LOT about Windows. Maybe even more than you.

          Let’s learn from each other. Antagonism is boring, and not constructive.

        • #3119403

          What are you, stupid?

          by apotheon ·

          In reply to nonsense

          “[i]Kill explorer.exe and re start it.[/i]”
          Big difference between a crash and a restart. Maybe you should read more carefully.

          “[i]Clearly I was talking about servers.[/i]”
          Clearly, you’re not paying attention. Clearly, you’re the only person that thinks that only servers were being discussed. Clearly, you should try having the same conversation as the people to whom you’re responding.

          “[i]You should assume that there are people out there who know a LOT about Windows. Maybe even more than you.[/i]”
          I do assume that. I also can tell from what you’ve said that, at least in some areas, you’re not one of them.

          If you want to avoid antagonism, don’t tell people they’re wrong when you don’t have a clue what you’re talking about (or, alternatively, are just lying — but I tend to guess you’re clueless rather than malicious: Hanlon’s Razor, and all that).

        • #3119318

          Maybe I’m stupid…

          by ungle ·

          In reply to nonsense

          but due to strict process and memory space separation, a crash of an application IS the same as killing it. Explorer crashing does not kill everything else. If that’s your experience, get off win98.

          I have NEVER seen an application crash cause any problems on the OS itself.

          Wanna talk razors? Occam’s razor.

          I have managed up to 25,000 high demand (traders) desktops worldwide including multi-lingual systems (Mainly east asian) without any of the problems you are describing.

          Occam’s razor says you are doing something wrong.

          I amy be stupid, but that makes you deliberately rude, and I know which I’d rather be.

        • #3119241

          you can keep your preference

          by apotheon ·

          In reply to nonsense

          I’d rather be “rude” (blunt) than stupid and convinced of my infallibility — and you certainly do seem to think that, despite the fact that you’re basically defending one of Microsoft’s worst mistakes for security and stability purposes.

          Maybe you’re removed from the trenches, where one deals with a wide range of problems unrelated to single-purpose high-demand systems. Most of my clients when I was consulting had to press their PCs into a wide range of duties for each system, rather than having dedicated single-purpose workstations. Under the sort of controlled circumstances to which you seem to be referring, Windows doesn’t have nearly the problems that can arise when describing the business purpose of a system is more like trying to specify the exact pattern of a twenty-yard 00 buckshot hit than a well-aimed throw at a dartboard. The more diversified the implementation, the more problems arise with closely integrated system services and applications that draw on overlapping areas of system configuration.

          Maybe you’ve just been lucky.

          Maybe you’re lying.

          Whatever the situation, your anecdotal argument that you “[i]have NEVER seen an application crash cause any problems on the OS itself[/i]” is patently absurd.

          “[i]Occam’s razor says you are doing something wrong.[/i]”
          Nonsense. The fact that problems exist for tens of thousands of people the world over, all involving this one OS, and that you’re the only person I’ve ever run across who has never had problems with applications cause problems for the OS when dealing with Windows, indicates that William of Occam would probably say Microsoft did something wrong.

          Maybe the problem isn’t so much that you’re stupid. Rather, perhaps you think everyone else is stupid, and will eat up your BS.

        • #3117731

          Huh?

          by jmgarvin ·

          In reply to Common misconception

          You missed the point. You should probably go back and read Apo’s post.

          Also, it is damn near impossible to setup MANY tools in Windows without a GUI. Try to setup Exchange without the GUI…

        • #3119245

          You’ll have to explain

          by ungle ·

          In reply to Huh?

          What made you think I missed the point?

          On a desktop OS, you need a gui, linux or Windows. If your desktop crashes on Linux, run startx. If your desktop crashes in Windows, run explorer. Wasn’t that the point? You running apps will not die in Windows if explorer crashes. Start it up again and all the running windows are still there. Wasn’t that the point? I think I got the point, but Apo didn’t relise it was possible in windows.

          BTW, part of what I do is creating unattended (non-interactive, or doesn’t require a gui) installs. Including Exchange. I can configure all of exchange start to finish without ever loading the GUI – if I wanted to, and in my job I do, and I do 🙂

          Yep, there’s still stuff you can’t do without the GUI…but not very much any more.

        • #3119236

          oh great guru of the Windows Registry

          by apotheon ·

          In reply to Huh?

          “[i]Apo didn’t relise it was possible in windows.[/i]”
          I did indeed know that it is possible to restart explorer.exe in Windows. I’ve certainly done it enough times. That’s not very useful when you get an unrecoverable BSOD, though (for instance).

      • #3194957

        Whats missing is my wallet not losing 3 lbs

        by nick ·

        In reply to What’s missing doesn’t really bother me

        After I get a new copy of windows my wallet does
        seem to be lighter compared to when I get a new
        distro release.
        But I really think windows has its place, I just
        dont have a real need for it anywhere near me. It
        can sit on a couple desktops and run Dreamweaver
        and Photoshop, yes cxoffice is nice but it is a
        little slow.

      • #3194956

        So many Linux?

        by alex.hart ·

        In reply to What’s missing doesn’t really bother me

        Well I think msot Windows IT profesionals just ignore all the ranting and raveing. So you tend to hear only from those IT people that are Linux supporters. I personally like Windows and use it (just wish it was cheaper – R/$). But does not mean I do not use other o/s when it would serve better. I find that the hardcore Linux users bash windows and use Linux for everything even when it does not server the purpose.

        And lets not get into the “FREE” and “OPEN SOURCE” argument becuase we all know if everything was really open source and free. Then msot IT pro’s would die of starvation.

        Just my two bits. 🙂

        • #3181891

          Windows for decades Linux, about two years

          by tony hopkinson ·

          In reply to So many Linux?

          Wouldn’t call myself hardcore and I’d bash windows even harder if there wasn’t an alternative, because I’d have no alternative, which is effectively true in the desktop market given business inertia.
          Up and at ’em it is then.

        • #3195328

          Can’t we all just get along…

          by rockline_2000 ·

          In reply to So many Linux?

          I agree…I don’t subscribe to the “one OS for all things” school of thought, and each OS brings it’s own set of assets/liabilities. I’m develing into Linux as an alternative to explore new and/or better ways to “trap the mouse”. I like the challenge and discovery aspects and learn a great deal in the pursuit.

        • #3195236

          Nope

          by dvawter ·

          In reply to Can’t we all just get along…

          Unfortuanatly we can’t just all get along. You will always have fanatics that can’t see the strengths in alternative products (both sides of the fence on this one).

          David
          want a Free Ipod?
          http://www.freeiPods.com/?r=9181869

        • #3196306

          but what is

          by jaqui ·

          In reply to So many Linux?

          linux missing?
          I use linux for everything, and have yet to find anything missing in it’s capabilities.

    • #3195734

      The real killer

      by tony hopkinson ·

      In reply to The Gauntlet (What’s missing in windows?)

      Separation of user level priveleges and space from system/kernel ones. 90% of the complaints of your so called ignorant linux crowd raise about windows come from that one architectural decision.

      In your spare time explain

      Why on a server I have to carry the overhead of a GUI.

      Also one I’m really interested in as a programmer, what can be done to successfully propagate error conditions though the multitude of excutables in the OS so the actual fault is reported correctly as opposed to to the one some bored programmer decided to test for and report 30,000 instructions later. Admittedly there’s no specific reason aside from peer review why you couldn’t write such pathetic code for a linux box but this sort of foolishness is abundant in windows code.

      • #3195711

        Fair comment…

        by ungle ·

        In reply to The real killer

        I appreciate you actually trying for the spirit of the discussion.

        I myself have wondered about the unnecessary overhead of a GUI. When I first moved into the Windows environment it was my first complaint, in fact.

        Since then I’ve discovered that the overhead seems to be minimal (especially when no one is logged on) and the ease of building GUI apps makes it worthwhile, in my opinion, as does the simplified administration.

        I agree with the bad programming and error reporting of software. I spent several years in the Windows engineering department of a company trying to teach the inhouse developers the error of their ways! I’d have trouble classifying it as an OS issue, though.

        I have to be honest, I’m still trying to ascertain the differences between Windows and Linux with regards to User/system(Kernel) separation. You want to expand on that?

        Finally, I did not want to suggest that the Linux crowd is ignorant. I maintain a fairly large pool of Linux servers and find them stable and really good at the tasks I assign them. As do I find the Windows servers…

        • #3190954

          You can fix your

          by tony hopkinson ·

          In reply to Fair comment…

          code, can’t fix MS’s though and they can’t be bothered.
          As for the no GUI, the overhead is in ten fact that it’s closely coupled with the OS.

          The Linux way is to separate the the user insterfaces from the code that performs the actions. This is the same as the split that should exist between a windows service and it’s service control application window.

        • #3195068

          Expand on this?

          by ungle ·

          In reply to You can fix your

          Not quite sure about the refernece to the split between the Windows Services and the control window application.

          The service control manager is not a windowed application – there’s no link to and user interface. However, ther is a MMC object that can TALK to the service control manager to report the status of the services.

          Can you expand on your meaning here?

        • #3195053

          That’s the fella

          by tony hopkinson ·

          In reply to Expand on this?

          I was referring to. Service control manager or any other service does not have to carry the overhead of a UI, nor is it in anyway concerned with how the UI is implemented, all it has to do is make correctky formatted commands to the service. A lot of ‘nix applications are written like this, which is why you can have a commandline of graphical UI or any other sort you can think up with the same program.

        • #3194922

          How about stability and response

          by beilstwh ·

          In reply to That’s the fella

          One of the biggest differences is that I has a linux oracle database server which ran with NO problems or stability issues for 2 years and a windows oracle server that got slower and slower and more unstable if it wasn’t rebooted at least once a month.

        • #3194883

          That might be more to do with Oracle on Windows

          by gareth.rowlands1 ·

          In reply to How about stability and response

          That’s not something that’s happening to my production boxes (running IIS and SQL Server). Our Oracle boxes are pretty unstable though.

          That said, many Windows boxes are rebooted every month or so for security patches.

        • #3194860

          Stability of 3rd party apps

          by wdewey ·

          In reply to How about stability and response

          3rd party app stability seems to be an issue with windows. From what I have seen MS doesn’t play well with others and to me that is a major downfall.

          Bill Dewey

        • #3181893

          Without looking at the OS source code

          by tony hopkinson ·

          In reply to How about stability and response

          we’ll never really know how much of our third party code ‘faults’ are down to internal errors in windows or to a less than perfect interface to the OS.

          If you keep up to date with a patches a windows box it only has to last a month anyway, somewhat convenient that isn’t it.
          If you don’t want to fix a fault, make it a feature.

        • #3194863

          GUI

          by wdewey ·

          In reply to Fair comment…

          Netware and Linux allow you to start the GUI from the command prompt. This gives the capability and ease of use without even the minimal overhead.

          Bill Dewey

        • #3194804

          User/System seperation

          by xrayecho ·

          In reply to Fair comment…

          “I have to be honest, I’m still trying to ascertain the differences between Windows and Linux with regards to User/system(Kernel) separation. You want to expand on that?”

          I could never do a better job of that than the folks over at radsoft.net.
          http://www.radsoft.net/resources/rants/20040731,00.html
          This is admittedly a rant by some one who hates MS, but buried in the bitterness and ire are some very key concepts.

          Among them are:

          Give each user their own ‘Program Files’ area. Only system modules should be global. Add-on or third party software should never enter a system area.

          Do not allow use of system modules by other than a superuser or administrator.

          Do not allow directory modifications to system areas. This means files in these areas may not be modified or deleted, nor can they be renamed, nor can new files be added.

          Do not allow dynamic privilege escalation through code. Allow privilege escalation only through file permissions and regulated authentication.

          Make sure no files on the system are writable by everybody.

          It goes on, but if you read the entire article you will know more about security, and why windows will never have it, than 90% of the MCSE’s who infest the IT environment.

        • #3182078

          User/System separation

          by chotman ·

          In reply to User/System seperation

          I think Microsoft would love to separate this stuff better. The problem is that there are so many third-party Windows apps still in use that were designed for Windows 95 or even 3.1 and expect to have complete control over the OS.
          If you’ve ever had to give a user Power User (or, heaven forbid, Local Administrator) rights in order for the accounting software to work, you’ve seen the problem I’m talking about. Office runs fine logged in as a regular user. Third party apps frequently don’t.

        • #3181986

          I did read it…

          by ungle ·

          In reply to User/System seperation

          …and frankly, with the exception of the “make the kernel opensource”, as with all rants I felt he is either wrong of misinformed. To address just the few you mentioned:

          “Give each user their own ‘Program Files’ area…”

          Given that Windows is most widely used on the desktop, and is a multi-user OS, this in itself does not make that much sense. Imagine if every one of the 10 users who logged into one machine had their own install of Office?? What microsoft have done is gone what I see one step better. They put the main program files into a “system space” which individual users should not have write access to – Program Files -, and put the user specific files into the profile – Application Data. File security on desktop machines should never allow users to enter the “system area” with write privileges.

          “Do not allow use of system modules by other than a superuser”

          This IS how Windows works…unless an inept administrator allows administration privileges to end users. This is not how Windows was ever intended to be used.

          “Do not allow directory modifications to system areas”

          Ditto above.

          “Do not allow dynamic privilege escalation through code”

          This is only ever seen, without proper authentication, in the event of bugs. Albeit they are often, it was never the intention of Windows to allow privilege escalation without authentication, and assuming everything is working right, it does not.

          “Make sure no files on the system are writable by everybody…”

          Good point this one. Originally there was a temp folder on the root drive accessible to everyone. Bad. Thus with Win 2000 MS realized the error and moved the Temp directory for each user to the profile. Every user has their own Temp folder. Thus the only files accessible to everyone are the ones…our inept admin allowed access to! There is one other time…I will expand.

          In my time in the Windows Engineering department for a major investment bank one of my responsibilities was to ensure that no application required admin privileges to run. I was only ever beaten by one application: a promiscuous packet sniffer, not something joe average needs!.

          However, I came across inumerous badly designed applications that required the user be granted access to the program folder. I say badly designed, because this data was, by windows design, supposed to reside in the Application Data folder within the profile. This is a shell folder, meaning there is a simple API call an application can make to find the location of the Application Data folder.

          Finally, if anyone would like me to address any of the points made in the link you mention, I’d be happy to.

          Please note again, I do not believe that Windows is perfect – far from it!, I do not think that Linux is bad – far from it!, but I do believe that each OS has it’s place, none is inherently evil (even if their creators are 🙂 ), and I believe that there are a lot of people with grudges against dorky billionaires who are willing to bash what they do not understand (the guy in the link fits the last category!)

        • #3181966

          Admin priviledges to run

          by wdewey ·

          In reply to I did read it…

          It sounds like you did a lot of work to keep programs from requiring admin priviledges to run. So everyone should have a Windows engineer at home so they can do the same?

          Bill Dewey

        • #3196205

          This is why Windows is Insecure

          by jmgarvin ·

          In reply to I did read it…

          “They put the main program files into a “system space” which individual users should not have write access to – Program Files -, and put the user specific files into the profile – Application Data. File security on desktop machines should never allow users to enter the “system area” with write privileges.”

          Which is all well and good, but once again smudging the line from user space to kernel space. Insecurity

          The problem is that Windows doesn’t know how to NOT share DLLs and NOT give users access to system areas. This leaves it open to all kinds of nifty attacks.

          “This IS how Windows works…unless an inept administrator allows administration privileges to end users. This is not how Windows was ever intended to be used.”

          However, Windows FORCES many places to give users local admin privs because various programs won’t run without it. Totally insecure.

          While I’m on the fence if this is the fault of MS or the app designer, I am sure that it is a mess that needs to be addressed ASAP.

          “‘Do not allow directory modifications to system areas’
          Ditto above.”

          But it happens all the time. It is too easy to write hand scripts and circumvent the code. The biggest issues is that various APIs LET you do this without a second thought.

          “‘Do not allow dynamic privilege escalation through code’

          This is only ever seen, without proper authentication, in the event of bugs. Albeit they are often, it was never the intention of Windows to allow privilege escalation without authentication, and assuming everything is working right, it does not”

          However, it is very common. Privilege escalation is far too easy and far too common to call it a simple “bug.” It is a vulnerability that needs to be addressed.

          While MS is addressing issues, they still don’t seem to be serious about security or about addressing all the spiffy issues that force programmers and admins to do “stupid” things.

        • #3196137

          Only if you don’t know how…

          by ungle ·

          In reply to This is why Windows is Insecure

          I’ll say it again: I worked for a number of years ensuring that applications did not require users to have admin access to any area of the machine, and was only beaten by one – which we then did not allow in our environment.

          I was also heavily involved in a big drive for “application isolation” meaning that applications did not need shared dlls. We chose to allow it occasionally, it it is NOT required. This was, of course, in the post XP/2k3 world. Seems we’re headed back to where we started??

          Yes, the escallation bug is common. It would be my number one complaint with MS. They need some code auditors.

          I don’t know of any area of Windows that “forces” developers to do stupid things…they can handle that all by themselves!! 🙂 I could be corrected on this, though…Examples?

        • #3196281

          privilege escalation

          by apotheon ·

          In reply to Only if you don’t know how…

          There’s a reason that privilege escalation is such a common bug, beyond simply a need for code auditing. The reason is, simply put, that it’s difficult to write code that doesn’t allow privilege escalation on a Windows system.

          Much of the functionality written into the Windows environment bypasses user-level security and, as I’ve seen jmgarvin put it, “smudges” the line between user space and other supposedly separate operational spaces. When that happens, development of new privilege escalation exploits approaches triviality.

        • #3196278

          Stupid Programmer tricks

          by jmgarvin ·

          In reply to Only if you don’t know how…

          Without going into tons of detail, DirectX is one big stupid programmer trick.

          The idead is to make you code secure, but you have to fight like a dog to even figure out where things are going sometimes…While DirectX is a god send in many ways, it also helps to kludge up the some of the kludgy APIs and “system calls” that you have to make.

          A prime example is when you need video card memory access, it gets pretty ugly esp if you need DirectX or need to isolate specific memory for simulation data…gah!

        • #3196274

          Meh…

          by tncpeterd ·

          In reply to User/System seperation

          I’m not sure why people bash windows myself, Linux would have just as many virus’s and be just as unsafe if it had as many users. Windows users make up something like 98% of the worlds computer users. Mac os X is not only a great system because its based of Unix, its a great OS because so few people use it, the hackers have no reason to spend theyre time hacking OSX. They Hack where the money is, and the money is where the people are, the people are using windows. There are big bucks in spyware, addware and other maliscous software these days. Information is worth a lot of money to the right people.

          I personally think that compatibility is #1 and reliability is #2. You can re-boot a machine, re configure its system, but finding a piece of important productivity software for an unsupported OS will turn anyone off to any OS.

        • #3196225

          Give me a break

          by tony hopkinson ·

          In reply to Meh…

          If you want a some software to execute a task you can buy it, rent it , or even write it yourself, you aren’t going to fix windows reliability issues though.
          Reliability should never number two in business, especially when so called compatibility is the result of vendor induced obsolescence.
          Interesting figure that, 98%, tell Bill that didn’t work either.

      • #3194844

        Reply To: The Gauntlet (What’s missing in windows?)

        by mtg42 ·

        In reply to The real killer

        In the late 90s, (when my tech stocks were worth something) I considered getting a new Toyota Land Cruiser. When I talked to people who owned one, the biggest problem with the Land Cruiser was that you had to get it from a Toyota dealer. I’ll paraphrase that thought, and say one of the biggest issues with Windows is that you tie yourself (and your future) to Microsoft. That may be an acceptable risk for a home user, but I think it’s not wise for a business.

      • #3182048

        Who says you have to have gui?

        by dvawter ·

        In reply to The real killer

        You can run every windows server since NT in CLI if you want to, just change the shell. Good luck configuring anything. But you could simply launch the gui for config, then go back to CLI afterward. You are not required to run GUI in Windows. I guess you were Ignorant of this feature.

        David
        want a Free Ipod?
        http://www.freeiPods.com/?r=9181869

    • #3195659

      options..

      by jaqui ·

      In reply to The Gauntlet (What’s missing in windows?)

      during install it installs all sorts of stuff, most of which I’ve never had any use for.
      ( like the online services that was absolutely required by the 9x series )

      why is netmeeting and outlook express and windows messenger required to be installed?
      why, if you uninstall them, can you not remove the directories from the program files tree?

      why can I not have a console ONLY interface? I hate having to loose 20% of system resources to a gui.

      why will windows not start firewall, av, adware scanners, until AFTER the user logs in?

      why, when the stated intention of the version called nt ( which includes 2k and xp ) was interoperability with other os, including reading other file systems, does the os still lack the ability to recognise any non ms file system?
      ( despite ms claims that win nt would do so? )

      • #3195573

        Exactly!!!

        by tomsal ·

        In reply to options..

        Part of what I meant with trimming the fat…

        You know how much of a performance kick our systems would get if there was a “console” only mode? I’d say probably even 25% gain wouldn’t be unrealistic to expect.

        Excellent point about how the av/spam scanners don’t start until AFTER you are logged in.

        Finally yep — I want Firefox not IE — don’t even install it. I never use messenger…E-V-E-R so why do I have to have it? Same thing for Outlook express.

        • #3190879

          Another one huh

          by oz_media ·

          In reply to Exactly!!!

          I have NEVER used Messenger in my life. Never wanted to, never needed to, never have.

          I have NEVER evem USED Outlook Express (other than troubleshooting someone else’s system), never intentionally installed it, never configured it, never used it mself, never will.

          But I have paid for it several times and I have been forced to fix it several times all the same.

        • #3194929

          I know what you mean

          by pivert ·

          In reply to Another one huh

          My company has a select agreement for ms-licensing. No problem with that but I just can’t buy an ibm, hp,… pc with no os-installed when I replace an old system. So every time I read an article on how many new licenses they have sold I’m thinking “yeah right”.

          I also agree on the non-gui part. Our main db runs on an as/400. just start-up and forget about it. When I have to do an upgrade or so, along with the cd’s comes a checklist and step-by-step scenario (if x then go to step y else follow these instructions…). No “install and hope all goes well'” scenario there.

          I do notice that many advantages (transactions, multiple (redundant) processors, ht,…) these machines have/had are showing up on other platforms (often at a lower price 🙂 )

          I think competition is a good thing but I fear it’s limited to pointing out what x can and what y can’t instead of looking for new technologies. The only company that is doing that is ibm, and they are bad in marketing their often brilliant ideas.

        • #3194927

          Unnecessary Apps

          by cyberjunkie21 ·

          In reply to Another one huh

          MS obviously isn’t the only one with the unneeded apps tied to installation. When I’ve done clean installs with RedHat the same thing happens. You always do have the option after, of removing most of those troublesome (annoying) apps.

        • #3194913

          windows is the operating system

          by peter_es_uk ·

          In reply to Exactly!!!

          The real delight of any *nix is literally everything is a small add-on to the underlying operating system. You can start a server or a workstation in a kernel of your own choice (and design and compilation if that’s what turns you on) and start and stop a gui of your own choice whenever you want.

          IMHO a fantastic productivity boost is the ability to switch between different desktops, terminals and kernels – I miss that a lot when I’m mucking about with Windows.

          But Linux still doesn’t have the level of driver support of Windows – I still use Windows 2000 for support of my Casio exilim digital cam!

      • #3182041

        NT does read other file systems

        by dvawter ·

        In reply to options..

        As do all of it’s successors, the support for these file systems is not loaded by default, but I have personally gotten Windows NT Workstation, to connect to Servers running Novell, Apple, and even OS/2. What Filesystem are you unable to connect to?

        David
        want a Free Ipod?
        http://www.freeiPods.com/?r=9181869

        • #3181888

          No I don’t

          by tony hopkinson ·

          In reply to NT does read other file systems

          want a free ipod, the batteries are too expensive !

        • #3196123

          um.. filesystems..

          by jaqui ·

          In reply to NT does read other file systems

          get an nt box to access an ext2fs partion on the same hard drive.
          or a reiserfs, or ext3fs, or any of the other *x filesystems.

          on the same physical drive as the ntfs nt system.
          no network connection.
          not shared resource connection
          straight disk access.
          if it can’t, then nt doesn’t have the ability to access other filesystems.

          all *x systems will read ms filesystems on any drive physically attached to the machine.

    • #3195579

      For me they could start by trimming the fat

      by tomsal ·

      In reply to The Gauntlet (What’s missing in windows?)

      I don’t know about everyone else but one constant thing I can’t stand is the bloat of Windows.

      Maybe my 3 ghz machine at home would be even faster if Windows wasn’t so damn bloaty. I think they could code much more efficiently and streamline some things — making apps load faster, windows open/close faster, etc. (heck make the OS itself load faster).

      Btw, save your “its your computer not the OS” arguments — I’m talking on more computers than just mine at home. And varying specs on each box. I’m no apple lover myself — but I gotta tell you my buddy’s Tiger OS seems a helluva lot faster than XP with opening apps and just general “gui fluidity”. (yes I just made that term up).

      It would be nice if security was for real on a Windows OS as well, instead of the joke it is right now with Microsoft.

      A more efficient file system would be a plus as well and one that didn’t take 9283 hours to index a stinking 200 gb drive.

      Better memory management…granted XP has come a LONG way from 3.1 in this area, but still it could be improved – this would help increase the OS’s overall stability for general use.

      Oh yeah and one more thing, Microsoft — the next time you make a pitch for an OS at the “professional world” — in fact even putting the word “professional” in a product’s title …can you please take out all the cartoony/kiddie features and animations please?

      Thank you!

      • #3195460

        Addendum

        by firstpeter ·

        In reply to For me they could start by trimming the fat

        I would throw my hat in the ring on the file system. I was SO looking forward to WinFS in Longhorn/Vista/Name-Du-Jour, but alas – my dreams were dashed.

        I’d also echo the bloat. Understanding that a large portion of that bloat is related to trying to be backwards compatible…stop trying to give me compatibility back to 3.1. Or at least give me the option to have a “scaled down” version that’s more efficient without the ability to use old 98 apps. (and I do understand the implications of that request, but heck – I thought we were dreaming here…)

        • #3190961

          Backwards Capable

          by bfilmfan ·

          In reply to Addendum

          If they took out support for anything but AD-aware clients, half the world would break that is running these old home-grown DOS , Windows 9x and NT applications.

          Frankly, I think Microsoft should take the stand that they won’t support this older technology and move forward with new operating systems.

          Companies could see if it would run on a Novell, Linux or Unix box or whatever they could cobble together. And the argument that there are other versions is not part of the challenge. You have to make DoodleDOS9XAccounting 2X run on those systems as the companies don’t want to spend any money to upgrade. I think a lot of the Linux folks wouldn’t want this challenge at all and would wisely use the MS line, “It doesn’t work on the new platform anymore…”

          And has anyone noticed that Microsoft hasn’t (as of yet) challenged any companies pushing the (free) Linux as violating “free-trade” as they don’t charge for the software or licenses?
          Anyone happen to remember that was exactly what got Microsoft in trouble? I am rather suprised their lawyers haven’t flooded the FTC with complaints about using their own schemes against them.

          What does Microsoft do better than ANY other company in the world? Marketing. They have convinced the majority of the people in the world that they sell the best software. And as long as most people believe that, all the other operating systems will be a percentage of the market.

        • #3190851

          Bingo

          by firstpeter ·

          In reply to Backwards Capable

          Especially with the push to use virtual technologies. I run a full network on my development desktop – Windows 98 on one VM, 2000 on another, and XP on a third, all routed to a Win2K3 server.

          If the real issue is backwards compatibility purchase a virtual machine license for each PC/server that needs it there you go. MS could make their licensing a little easier to deal with, too…

        • #3190769

          Novell

          by oz_media ·

          In reply to Bingo

          Backwards compatibility and has offered as much forever.

        • #3185986

          Generally True of Novell

          by bfilmfan ·

          In reply to Novell

          Open Enterprise Server (OES) does not support NetWare 3.1X.

          Want to take a guess at how many Novell 3.1X installations are still lurking around out there?

          Tons I can tell ya.

          Because there is no support for IPX or IPX compatilibty mode (SCMD) on Linux, the OES Linux servers cannot communicate with any of the NetWare 4 servers.

          That could cause a LARGE issue in Linux-driven shops that just happen to have a Novell server lying about.

          My point was that a huge amount of the bloat in Windows is from supporting anient technologies. No other vendor in the world supports 15 year-old technology, but if Microsoft doesn’t do it, then everyone is screaming.

        • #3185889

          3.1X?

          by oz_media ·

          In reply to Generally True of Novell

          Wow, nobody I deal with woul dget away with it. I upgrade clients or won’t bother dealing with them to begin with.

          Novell has SO MUCH MORE to offer since the 3.11 days. My god, it’s barely the same NOS. I assume that these installations would not be for client server issues though, perhaps just some backend stuff or otherwise in very outdated businesses?

        • #3194851

          Yikes Bindery

          by lord deonast ·

          In reply to Generally True of Novell

          Forgive me if I’m wrong but wasn’t 3.1 still in the days of bindery, before the NDS came out with the Netware 4.

          I’d be draging them kicking and screaming into something a little more relevant these days. There would have to be one damn good reason for being on that. You certainly won’t get support from novell for anything Pre Netware 5 these days.

        • #3190748

          Going VM

          by pgm554 ·

          In reply to Bingo

          I love VMware,but M$ has got to look at what VMware can do to a Windows activation scheme.

          Suppose you create an XP orW2K3 machine,because the machine is virtualized,you can clone it after registration and move it to any other machine and not have to worry about the HW activation popping up because it is on a different piece of hardware.

          Because all of the HW is virtualized ,the HW activation is essentially defeated and M$ can’t do a thing about it.

          And with ESX,it really takes care of all the M$ actvation garbage.

        • #3194950

          What Microsoft Does Best???

          by kevinf ·

          In reply to Backwards Capable

          I take issue with this comment. “What does Microsoft do better than ANY other company in the world? Marketing. They have convinced the majority of the people in the world that they sell the best software. And as long as most people believe that, all the other operating systems will be a percentage of the market.”

          More like they have crammed some flawed system down everyone’s throat and the vast majority of people or not smart enough to figure out how to say “hell on this, we’ll use something else.”

        • #3194942

          so in conclusion…..

          by azariatech ·

          In reply to What Microsoft Does Best???

          Glass Half Full / Glass Half Empty

          Whichever perspective you choose, it’s still the same glass with the same water.

        • #3194924

          What Matters

          by johnaaaaaa16 ·

          In reply to What Microsoft Does Best???

          I guess it is true, people love to bash the guy on top. Isn’t what’s important the fact that most people use Windows so most companies use Windows so most people use Windows?

          Nobody is being forced here. Each person is making a conscious decision. You think companies choose Windows because the executives are stupid?

          I’ve been an IT consultant for 10 years and from my experience, if you can making a compelling argument for a change in technology, you can get your way at just about any company. Everyone is looking for ways to save money. If you can show a company how they can save a big chunk of money every year on software licenses by using Linux, present that. They’ll listen. Just be prepared to answer some serious questions. If you respond with “Well, you’d show how smart you are by choosing something other than Microsoft” you’d be laughed out of the office.

          Back to the original post, what are the real points? Some extra GUI overhead? The fact that Windows doesn’t give me access to the source code? I’ve yet to meet an IT exec who wants to build their own flavor of an operating system.

          Compelling business arguments. That’s all they ask for.

        • #3182085

          Adequacy

          by too old for it ·

          In reply to What Matters

          I think, John, that you echo my adequacy argument: Microsoft got where they are by providing an adequate OS to most every PC sold.

          Currently they provide an adequate OS, with adequate ease-of-use, and adequate apps that a person of adequate competence can use to perform business functions.

          Which is all business execs (or more so, their admin assistants) really ask for. Something familiar, something that generally works and is adequate.

          At any point in time from MS-DOS 1.0 forward, there always was a better OS, a better app, and better hardware … most of which now resides in the dustbin of history. Why? While it was clearly superior to someone, what it was attempting to replace was (a) there already and (b) adequate.

          Show me a LAMP box that is easier than a Windows 2000/IIS box for getting a small web site up and testing, and I may actually switch. Show the admin down the hall where OpenOffice loads faster than Word 2003, looks exactly the same and has all the Word features used every day, she’ll switch.

          Heck, show me a Linux distro (other than Red Hat) that will run Yahoo Instant Messenger, and likely my daughter will switch too.

          Until then, adequacy of what arrived with the PC will stay in place.

        • #3052031

          show and tell

          by apotheon ·

          In reply to Adequacy

          You want LAMP that’s easy to set up? Try RHEL, SuSE, or even Debian with Tasksel.

          If you want something that looks exactly like Word 2003, you’re probably going to have to get Word 2003. Then again, Word Vista (or whatever comes along with the Vista platform’s release cycle) won’t look exactly like Word 2003 either, so if that’s your real set of criteria, you’re at an evolutionary dead-end for office software.

          If you want Y!M, MSN Messenger, AIM, and ICQ on your Linux box, [b]choose any major distro at all[/b]. Come on, now, don’t tell me you didn’t realize they’ll all run Gaim, Centericq, and a slew of others. Do you really think only RH can do it? In fact, Gaim is a far better graphical IM client than any other I’ve used, including the native clients for any IM protocols, Trillian, and several others of which I’m sure you haven’t heard.

        • #3181971

          Thanks, John…

          by ungle ·

          In reply to What Matters

          That was a sensible response. I’ve been in that position: Argued for the switch to Linux from Sun. They listened. Argued for certain services to switch to Windows FROM Linux. They listened.

          What managers are most concerned about is TCO.

          Demonstrate a reduced TCO without reducing service and they’ll listen. Service levels is what THEY set; Most administrators forget that!

        • #3195107

          Good Point

          by black-eyed pea ·

          In reply to What Matters

          This harks back to the conclusion of Pirates of Silicon Valley, when Steve Jobs said to Bill Gates: “We’re better than you. We’ve got better stuff.” Bill Gates responded: “But don’t you see? That doesn’t matter!”

          I found myself wishing Mr. Gates would continue the dialog and explain what did matter. Right or wrong, I’ve drawn my own conclusions. Microsoft’s timing mattered. Their various business decisions mattered: developing a GUI for their OS, marketing their technology, signing license agreements with Apple and others, convincing companies like Aldus to develop software for Windows, the success of Windows 3.x-9.x, the acquisition of innovative companies, and on and on… Due to those decisions and so many others, they became the 900-pound gorilla they are today.

          So what matters to IT customers? TCO matters. Communication with business partners using compatible apps matters. Return on Investment matters. The cost of an exit strategy matters. Bottom line? There is one underlying thing that matters in business: Money. Money matters…

        • #3051777

          Converse for some government agencies

          by lord deonast ·

          In reply to Good Point

          I work for an Australian government agency. Money doesn’t matter to them. Well to put it bluntly saving tax payers money doesn’t matter.

          Our federal government has an allocation system, if a department doesn’t spent all the budget, they get less allocated the next year. Result, they don’t want to save money, they want to spend it. In this environment TCO doesn’t count. I once saved them $40 000 AUD on a project (back when I hadn’t realised this), I expected praise only to find they were unhappy as they had to find a way to spend the money.

          TCO matters to business, unfortunately to some government departments the converse is true.

        • #3051672

          True, Lord Deonast

          by black-eyed pea ·

          In reply to Good Point

          I too work for a government agency. I agree that money may not matter for some government agencies or their decision makers. That is why I wrote that what matters in *business* is money. What is supposed to matter to a government is protecting a countries interests, assets, and people. What also seems to matter in my government is communicating and using a common platform – even to the detriment of security and common sense.

          Consequently, there is a move in my agency to centralize IT operations, streamline communication, and use Microsoft products as much as possible. This includes the largest ever implementation of Active Directory. I do not know whether or not that rollout was because no other vendor could effectively accomplish such a common directory service for so many objects. The fact is that they did and it actually works well – much to my surprise. (I had to include the last bit lest someone accuse me of steering away from the topic of this discussion board.)

        • #3194877

          see….that’s not how i remember it

          by jimbaber ·

          In reply to What Microsoft Does Best???

          i am not exactly a member of the microsoft minions, but when the 9x kernel hit with win 95, and the NT kernel hit in earnest with nt4, i was there on the IT lines then. And it wasn’t a matter of craming anything down anyones throat. MS did a good job of selling the public an operating system with a user-friendly gui (xwindows, etc., was still just a dream), and the public, not being IT guys, fell in love with an OS they could actually use without calling us every ten seconds. So give MS their due, they didn’t cram anything down anyone’s throat. The majority of people may not be particularly smart on their ability to use an OS, but they are spending the money, and it’s theirs to spend. They chose to spend it on an OS they could use.

        • #3194858

          Adding to the sales pitch over apple

          by bhunsinger ·

          In reply to see….that’s not how i remember it

          which was the other os available, Users did not have to pay more for the hardware because it was owned by the same people selling the hardware. After being locked in to Big Blue. ( knew a law office that had spent $8000 to buy his leased wordprocessor from IBM 2 years before I spent $500 to buy a used sanyo with word star) They were far more interested in the competion for hardware, not software.

        • #3047765

          Valid Point

          by johnaaaaaa16 ·

          In reply to see….that’s not how i remember it

          You are absolutely right. MS had produced a fine OS that just about everyone can use and enjoy. Of course, this factors into larger decisions but this gets factored into the TCO calcs – after all, fewer users needing to be trained on the US equate to lower training costs and lower TCO.

        • #3194869

          Microsoft does…..

          by lstnthwoods ·

          In reply to What Microsoft Does Best???

          I’ve come to view Windows in a new light since my induction into the world of macintosh. I was a Windows user for several years and found it especially useful back when I could barely type my name into the computer because it took care of everything for me and helped me learn what I needed to know to function in the world of computers. Now that I’ve learned enough to take off my training wheels and run another machine with OSX I have found that the Microsoft is fine to play with on the internet and for some applications whereas macintosh is more for the people that can’t afford to be down and mess with the messy reinstalls and formats.

        • #3194861

          They really aren’t that good at marketing.

          by Anonymous ·

          In reply to What Microsoft Does Best???

          Their marketing campaigns are quite unimpressive. Most of the time, they do a lousy job of touting their best features. What they are good at is change and simplification. It is EASY to configure Networking in WinXP and Server 2k3. Why? because they have removed many of the options that the ‘average’ user doesn’t care about. Originaly MS didn’t think much of the internet, saw it as a fad, the world said otherwaise, and MS adapted to it. IE became the browser of choice.

        • #3181878

          Yiou were doing real well there

          by tony hopkinson ·

          In reply to They really aren’t that good at marketing.

          until you mentioned IE.
          What exactly are the default options for browser choice in windows ?
          That was an option they definitely removed, choice.

        • #3050985

          Nothing prevented you.

          by Anonymous ·

          In reply to Yiou were doing real well there

          From running other browsers. But most people didn’t want to bother. what was already there was “good enough”.

          Yes, MS leveraged their OS dominance, and took unfair advantage of Netscape by subsidizing their browser. No one is suggesting that MS business practices are especially Moral.

          But that has little to do with their ability to market their products to the public. How many people even know what Biztalk server does?

        • #3050969

          browser choices

          by apotheon ·

          In reply to Yiou were doing real well there

          The problem isn’t with not being able to use other browsers. Obviously, you can use Firefox or Opera if you really want to on a Windows system (and I would, if I really wanted to use a Windows system at all). Nothing prevents me from doing so. That’s absolutely correct.

          The problem is with not being able to avoid using IE. Internet Explorer is integrated tightly with the OS, and its rendering engine is ubiquitously used throughout the operating environment of Windows systems. There’s no way to avoid it. You have no choice in the matter, as long as you’re using Windows.

        • #3194864

          Hold on to that need to upgrade stuff

          by bhunsinger ·

          In reply to Backwards Capable

          I know 2 businesses in to industries, that have been stuck in Dos hell. On is a srap company that uses Shared Logic the option for a Windows based version came in last year. They run their entire business off of it
          My brother has a laundry, with 5 licenses he bought for a dos program that included windows based upgrade ‘soon’. he is still waiting 4 years later.
          These are early adopters, they grasped the useful ness of the system, it was a small niche market and they plunked down big bucks ( for them) to implement it. And is still does the job.
          That’s the face of people you want to dump with your statement

        • #3194841

          Plug ‘n Play responsible for most of “bloat”

          by eric.p ·

          In reply to Backwards Capable

          Most of the “bloat” in Windows is due to the extensive Plug ‘n Play system. And, in contrast to your opinion, marketing only plays a small part of why Windows is by far the most-used OS in the world. After all, one could argue that Apple has had far better marketing campaigns. As a developer who has developed for MS, Apple and Unix platforms, I can tell you that developing for Windows is much easier and more cost-effective than for competing platforms. I believe this is a major reason why there is so much more software available for Windows, and this is the real reason the OS is far more popular – there is so much more software available to run on it. Where Microsoft excels is in providing a very rich and relatively easy-to-use development platform which is far more attractive to software developers. Apple has perhaps leap-frogged Microsoft in recently adopting Unix as the foundation for its OS, but it’s just way too late. If Apple or Linux ever succeed in overcoming Microsoft’s huge market lead, it will be a very long and difficult road.

        • #3194822

          Have to agree

          by wdewey ·

          In reply to Plug ‘n Play responsible for most of “bloat”

          It may be that I don’t want to pay for the tools or that I learned on MS, but I find myself going back to windows because I can easily make an Access DB dump something into a MS Word document and print it. Call it bloat ware or what ever, but it’s quick and easy and I don’t have time for much else. Does open office have a graphical form designer that I can dump some code into and create a mail merge type of template? I would really like to do things like this without having to spend a great deal of time learning a whole new system. I am not talking about a programming language since I know Linux runs C (and many others), but windows has API’s for all it office software and documentation available at the click of a button on the syntaxes of said API’s. I think the F1 key is my most used key while programming. You could say the reason I develop (as minor as it is) on Windows is because of the F1 key.

          Bill Dewey

        • #3181873

          OOPS

          by tony hopkinson ·

          In reply to Plug ‘n Play responsible for most of “bloat”

          OOPS

      • #3194951

        The real question

        by csappenfield ·

        In reply to For me they could start by trimming the fat

        isn’t what does Linux do that Windows doesn’t, but rather, what does Windows do that an OS shouldn’t? Windows is more like a suite of applications than an OS. In order to make things “easy” for people to use, Microsoft has made Windows far more complex than an OS should be, and that’s why it has more security issues than Linux, and that’s why it’s not as stable as Linux. What Microsoft needs to do is hire some real engineers (not software “engineers”) to dismantle that Rube Goldberg contraption, and decide what belongs in the OS, and what belongs in an application.
        And when the do, they’ll just rebuild Unix.

        • #3051611

          I Object

          by tony hopkinson ·

          In reply to The real question

          I’m a real software engineer.
          Windows is like any aging un-refactored un-reengineered piece of software. Never had anything to do with engineering crieria for a long time, business criteria, well lots.

          Taking a wild stab in the dark I’d say every competent software engineer who looks at the source must have to be physically restrained from fixing it, take at least six bean counters to hold the guy down.

      • #3083116

        search dog

        by cerdmier ·

        In reply to For me they could start by trimming the fat

        I hate that friggin dog!

    • #3186142

      OS issue

      by doproiu9 ·

      In reply to The Gauntlet (What’s missing in windows?)

      I myself have wondered about the unnecessary overhead of a GUI. When I first moved into the Windows environment it was my first complaint, in fact.

      Since then I’ve discovered that the overhead seems to be minimal (especially when no one is logged on) and the ease of building GUI apps makes it worthwhile, in my opinion, as does the simplified administration.

      I agree with the bad programming and error reporting of software. I spent several years in the Windows engineering department of a company trying to teach the inhouse developers the error of their ways! I’d have trouble classifying it as an OS issue, though.

      I have to be honest, I’m still trying to ascertain the differences between Windows and Linux with regards to User/system(Kernel) separation. You want to expand on that?

      Bills,
      http://www.my-credit-directory.co.uk/

      • #3182311

        re user /system / kernel

        by jaqui ·

        In reply to OS issue

        the cpu has rings where different functions are supposed to go through.

        ring 0: kernel
        ring 1: system services
        ring 2: ( can’t remember right now )
        ring 3: user space

        windows treats all 4 as one ring.
        linux uses all 4 as they were intended.
        that’s where windows really breaks the security rule

        it’s in the kernel firmware that user apps get restricted / are subject to authorisation when starting an app.

        windows bypasses this.
        ( not even the little issue of 90% of windows machines are running as admin all the time, with unlimited / unrestricted access included in the security of windows design flaw )

        • #3182079

          nice exercise in OS theory but…

          by Anonymous ·

          In reply to re user /system / kernel

          I am not sure what you are telling us about what windows is missing.

          Virtually everyone uses the security speech as windows downfall. Time to let that one go. Unix/Linux models haven’t fared much better. You don’t hear as much because they aren’t such big targets, but they aren’t really that much more secure(able). And While the Anti-MS crowds are sitting around talking about how Bad MS security is, MS keeps improving it, by adding malicious code checking, app-aware firewalling…

          No, I think it’s time to let go of that one.

        • #3181907

          Look just above you head

          by tony hopkinson ·

          In reply to nice exercise in OS theory but…

          you’ll see the point flying over it.

          I’ll aim lower for you.

          The thing that is missing is when you are authorised to get onto a linux system, you are still outside the security perimeter, and no amount of cajoling will get you inside unless the guy who’s system it is agrees explicitly to let you in.
          You don’t have to be anti MS to be anti BS.

        • #3050978

          except that everytime you turn around.

          by Anonymous ·

          In reply to Look just above you head

          Someone has found yet another flaw in a libray or app which can be exploited to gain root priv’s on the machine.

          So the effective level of security is the same.

        • #3050874

          Give me 10 examples of modern root exploits

          by jmgarvin ·

          In reply to except that everytime you turn around.

          Ok…give me 10 examples of app/lib exploits that can give me root.

          They can’t have been in the 2.4.20 or below kernel or the 2.6.9 or below kernel. They also can’t be in apps that should have been patched many moons ago.

          If you bring up the fork attack, I’m going to put a dunce cap on you and sit you in the corner.

        • #3050790

          re root priveledge escallation

          by jaqui ·

          In reply to Give me 10 examples of modern root exploits

          check out the last 4 issues of @risk from sans.org
          there were 2 or 3 newly discovered root priveledge exploits in most of them, for linux, unix and bsd systems.

        • #3052617

          Wow! Missed that one

          by jmgarvin ·

          In reply to Give me 10 examples of modern root exploits

          I usually get the SANS news letter, but I must have missed that one!

          That just stinks. Is it just me or the the 2.6 kernel a little less secure?

        • #3052927

          Fork…

          by Anonymous ·

          In reply to Give me 10 examples of modern root exploits

          I’d much rather use a spoon!! (“It’s dull you twit, It’ll hurt more!”) 😉

          Just to clarify a bit. I am not saying the Linux is just as bad as windows where security is concerned. I am just saying windows is catching up really fast. Therefore I don’t think security differences are a valid argument anymore. The most recent service packs have made great strides towards locking down unnecessary services, adding firewalling (more specifically app-aware firewalling), malicious code detection, etc.

        • #3048340

          Ah I see your point

          by jmgarvin ·

          In reply to Give me 10 examples of modern root exploits

          Ya, I agree. Windows is making great strides to be secure, but they STILL mudge the user space and kernel space so that executing malicous code is too easy.

          I hope Vista fixes many of the “typical” security issues we’ve seen so far…

        • #3048320

          shardeth – I’d disagree, ALL OS’ suck . . ;-)

          by justame@work ·

          In reply to Give me 10 examples of modern root exploits

          After being in the industry for 10+ years, there has not been one OS that has not at one time or another (all for their own individual reasons) sucked! The likes of BSD, Windows, Redhat, AIX, Solaris, Netware, etc. . . I?m starting to think manually optimizing memory under DOS/Win 3.11 was really not that bad :-).

          Mind you, I?m not complaining . . . It?s the developer?s faults that I have a semi-lucrative career, so all and all, I can?t be to bitter. Now, before some zealot gets on their soapbox and tried to ?deliver me to the light? by preaching their OS, save your time and don?t insult the intelligence of some people here. Lets face it, if any one OS’ was all that great, we would not have some many different companies working so hard to grab our IT dollars.

          I?ve seen the FUD, the embellishments, the fabrications, and just the plain outright lies that so many developers have stepped up with, and well, my personal feel is that many of them need to be shut down for false advertisement. Keeping me employed due to complex system and integration problems is one thing, but for some of these vendors to release the sheer crap they do, well, they need to have their fingers lopped off.

          ??by following the paths of lies and deceit, and one can not help but to discover truth and honesty?.?

        • #3182007

          So your saying

          by dvawter ·

          In reply to re user /system / kernel

          That Windows Treats all API’s as if they were System calls. I think you are overstating the problem in windows.

          Windows has the same abstraction layers that other OS’s have. The problem is, windows has made accomadations for various reasons, and allowed certain application to have direct access to the hardware. This is a big no no. But if you want to be backward compatable, you need to have this. Also If you are a Gamer, you don’t want the OS between your game and the Video Card, this overhead costs you FPS. In the past in an effort to keep everyone happy, Microsoft has violated the concept of an OS by allowing application direct access to system calls, and hardware. but Windows certainly does not treat layers of the architecture the same.

          David
          want a Free Ipod?
          http://www.freeiPods.com/?r=9181869

          PS. Also as a side note CPU’s don’t have Rings, The OS has Rings, and the CPU resides at Ring 0.

        • #3181918

          CPU’s rings

          by solyom9 ·

          In reply to So your saying

          AFAIK under Windows the CPU runs in protected mode where it has special access privilage levels called ‘rings’. Kernel code runs in ring 0 while user code in ring 3. This is why the CPU gets HW exception when a code running in ring 3 wants to execute a ring 0 instruction like direct access to ports. So Windows versions >= NT does not allow a user program direct access to ports unless a driver code is inserted into the kernel. Games do not use the hardware directly but through either an emulation layer or DirectX.

        • #3195186

          Today

          by dvawter ·

          In reply to CPU’s rings

          This is not true of 9x and ME

        • #3196316

          nope,

          by jaqui ·

          In reply to So your saying

          I’m saying that windows uses the hardware as if it’s one ring, not the 4 it should be.

          the way windows itself tries to fix thier corruption of the hardware design isn’t relevant.

      • #3194866

        am i missing the point?

        by mike ·

        In reply to OS issue

        I think that if the server had a console only version, then we would have admin tools, using gui’s that ran on other conputers, like your laptop. This way you would have access to admin the box from somewhere else, and be able to use the nice gui from your os. Having the OS run the gui on each of my 20+ servers, is a total waste of time. Mostly i only use RDC to connect to the box, when i cant do something using MMC.

        If there was a non-gui version, maybe the mmc woudl be better, and have more snap-ins.

    • #3194961

      Ok, here we go…

      by angelohl ·

      In reply to The Gauntlet (What’s missing in windows?)

      I’ve been a WindBlow$ fan for a long time…but now that I’m a freakin network guru, I use it only for games :o) …lol.
      Seriously though, windblow$ took after the Mac and made it easy for anyone to use a pc (and get one in every home), so nowadays it requires very little skill to use. Now, I’m pushing all my clients to goto Linux (RedHat is my favorite), simply becuase MS has forgotten about us, the people who got them/it where they/it is today – and their customer service sucks the big kahona, if it’s broke, it’s a buzzword – “it’s an Undocumented feature”, and we’ve constantly been pushed to learn new OS’s and get certifications only to have the ball dropped quite a few times that it “will no longer be supported”…. Anyway, on the linux side, there are far too many tools and software packages that get the job done “for free” that you’d spend an arm and a leg for on the M$ side of the house… Oh, did I mention security??!! Linux is secure right out of the box – and M$, well, security is an after-thought….and, do things stay fixed in the M$ world? NO… Well, i’m sure there are pro’s and cons for both (but significantly fewer on the Linux side – and probably only the lack of cots software available for it) but, I’m pushing Linux folks… Shhhhh, don’t tell M$, or I could be stripped of my MCSE credentials….oops.

      • #3194936

        Markusiscariot

        by mcollins1 ·

        In reply to Ok, here we go…

        I think the whole problem with switching from Windows to Linux (As I myself have done on my home machine), is that it is not compatible with the Windows file system (Without installing an additional application). I think the problem with the whole idea of this is that, like ti or not, the majority of the world’s computers are running Windows. For users to switch across there has to be a level of compatibility, otherwise people will simply give up trying and stick with Microsoft.
        From a personal perspective, i honestly feel that for the average home user, Windows is ideal. User’s tend toi be brought up using Windows environments, and generally the same will be said for anyone learning to use an os.
        I feel that Linux will always be seen as “Techy” and “complicated” because it is something very different.
        While I’m with the arguements on command line vs. gui, the average user is going to want to see pretty pictures,a dn click on buttons, rather than learn a new language to be able to control their machine.
        In my experience, Windows and Linux servers are both about as reliable as eachother, but I will agree that Windows has a lot of unavoidable Bloatware.
        Macintosh are making their machines more compatible with Windows, and I honestly feel that Linux will go down the same route eventually…
        It’s all a personal choice at the end of the day! Anything to add, anyone?

        • #3194871

          this is eactly the point….

          by jimbaber ·

          In reply to Markusiscariot

          we, as IT people keep looking at this from an “us” perspective all the time. WE are not the point. WE are a necessary evil in most cases. Our companies can’t function without us, but rarely do we produce the product or services that our company sells. The people that are important are the end users of our systems, and to them, windows is familiar and easier than anything else to use. That’s what they want. security holes, bloaty gui, etc., etc., that’s OUR problem guys, not theirs.

        • #3194831

          I was hoping someone would say that

          by jrod86 ·

          In reply to this is eactly the point….

          Finally someone that makes sense. We can complain all we want because WE don’t like something, but let me tell you something…Joe Snuffy out selling your product doesn’t want to take the time to learn how to do things all over again. He doesn’t want a different icon (a little dinosaur?) that will get him to the internet, he likes his blue E.

          I think someone else mentioned that if everything ran like Linux…we’d all be out of a job (either that or Linux would suck as bad as Windows).

          I’ve been fortunate enough to have been on the receiving end of horrible costomer service often enough that I know I need my customers pc’s to work, and work well. If that means I have to put up with Windows errors that aren’t easily decipherable, I don’t care. My customers are happy, I haven’t imaged there PC’s in a LONG time, services can be turned off, almost all the complaints I’ve read through can be overcome in windows (minus the user/kernel separation). Think about your customers…I don’t like MS, but I use it at work and at home. I take the time to tweak it a little so that it appears programs open faster. My customers are happy, they don’t want to learn a new OS, and Joe Snuffy can be happy too.

        • #3181869

          Have to agree with that

          by tony hopkinson ·

          In reply to I was hoping someone would say that

          Course that won’t stop me mentioning all the problems in windows that could be fixed without impacting the ‘user experience’.

        • #3195317

          I agree

          by jrod86 ·

          In reply to Have to agree with that

          and I try to make it play nice too.

    • #3194945

      Scripting, tools and options

      by michael.ramirez ·

      In reply to The Gauntlet (What’s missing in windows?)

      Let us look at the OS itself. Let?s not forget that it is the progeny of UNIX?which is mature and robust.

      Consider ?|? which provides a means to redirect the result of one command into a second. Secondly, your scripting options. (C, Korn and Bourne) Finally look at the various tools to choose from. While perl is now available on windows, what about various tools and commands such as awk, cut, find, etc?

      • #3194815

        Some ports

        by wdewey ·

        In reply to Scripting, tools and options

        There are some ports of these tools, but I agree that the basic functionality isn’t there.

        Bill Dewey

      • #3181868

        You can get AWK

        by tony hopkinson ·

        In reply to Scripting, tools and options

        for windows. You could probably find equivalents for the others. The thing is the way windows works and the application files types that are regularly on it, straight text facilities aren’t all that useful.
        Whereas on a ‘nix box which is very file based they most deginitely are.

        Can you imagine trying to teach Gerry the Grocer how to use commandline tools to create, configure and implement his web site.
        That’s where windows wins big time.
        FP is absolutely awful.
        File New website fill in your name and choose a theme, hey I’m a web developer and a grocer now is very attractive to the man in the street.

    • #3194944

      source code

      by whitesanjuro ·

      In reply to The Gauntlet (What’s missing in windows?)

      certain *weird* problems and features can only be solved/added if you have access to the source code of the kernel.

    • #3194938

      SUDO, “Rus As” is SU at best

      by t313c0mun1s7 ·

      In reply to The Gauntlet (What’s missing in windows?)

      I frequently need SUDO. It seems I frequently run into situations where standard users are not able to run applications without admin access. Power User gives more access than I wish to allow and I don’t want to provide a password to a privileged account. This is exactly what SUDO is for and I have not been able to find a Windows equivalent. Not even a third party one.

      • #3194891

        I agree, plus chroot…

        by fafafooey ·

        In reply to SUDO, “Rus As” is SU at best

        IMHO, the things Unix/Linux do better are:

        setuid – allow privileged process to impersonate another user. Windows cannot do this without supplying that user’s plain text password

        chroot – restrict file accesses to a subdirectory

      • #3194855

        Agree

        by wdewey ·

        In reply to SUDO, “Rus As” is SU at best

        I had to give admin rights to a user to get Office 2003 to do it’s little setup when a user first logs in. Maybe I set things up wrong, but it seems kind of hokey to require rights at that level just to set up a new user profile.

        Bill Dewey

        • #3181958

          You’ve definitely done it wrong

          by ungle ·

          In reply to Agree

          although admittedly, getting it right can be tricky.

          I suggest you do some more reading on MSI.

        • #3181948

          Must have done something wierd

          by dvawter ·

          In reply to Agree

          I Deployed Office 2003 network wide, and never need admin password for new users, it just runs the setup and off they go.

          David
          want a Free Ipod?
          http://www.freeiPods.com/?r=9181869

      • #3194854

        Absolutely, also…

        by Anonymous ·

        In reply to SUDO, “Rus As” is SU at best

        It really should be eaiser to do a controlled privilege elevation. Hacking the registry is a cumbersome way to accomplish this. If you are in a W2ks domain it is much easier, but still…

        I’d like to see an easier way to create “service accounts” which aren’t allowed to log in to the system. linux seem to make this easier.

        I still find linux holds a better set of tools for text manipulation (regex, grep,etc…).

        It also seems to have a more scala ble memory architecture. (I have frequently blown up excel, access with data imports from linux. Too bad their is no easy gui-app for DB building in Linux, so I didn’t have to try to port to acess)…

        • #3194820

          Right on!

          by wdewey ·

          In reply to Absolutely, also…

          I would have to try and port Access as well. I just finished a comment about that earlier.

          Bill Dewey

        • #3182054

          Try Cygwin

          by fafafooey ·

          In reply to Absolutely, also…

          >> I still find linux holds a better set of tools for text manipulation (regex, grep,etc…).

          Linux does, but you can easily get these tools for Windows using the free Cygwin software.

          I moved a number of fairly complex shell scripts and interactive shell environment from Unix to Windows using Cygwin and it worked out very well.

        • #3181957

          Can you explain?

          by ungle ·

          In reply to Absolutely, also…

          Just curious, what is it you find difficult about creating service accounts that don’t have interactive rights?

          BTW, Regex is available through WSH. It still annoys me that it’s not available through the command line!

        • #3050959

          Service Accounts

          by Anonymous ·

          In reply to Can you explain?

          In Linux it is a minor modification to a text file, and the account is blocked from logging in.

          In Windows, well quite honestly, I am not sure what all needs to be changed. In the User Righrs assignements in policy (group or local), There are quite a number of entries to allow/disallow logon locally, via terminal services, etc. I realize it is ignorance on my part. But it would be nice if I could just hit a checkbox when creating the user account.

        • #3181865

          I’ve never been mad keen on GUI DB

          by tony hopkinson ·

          In reply to Absolutely, also…

          builders, nor on web page development tools come to think of it. They always lean towards building what the devloper of the tools thinks I should not what I wanted to. I do use them to rough things out then it’s text editor time to put the professional touches in.

          Saying that the absolute worst GUI DB builder I’ve ever had the misfortune to use is the MySQL tools that sit under windows, total garbage they are.

          For things like creating tables it’s quicker to do it in text anyway. By the time you’ve clicked in all the dropdowns the old index finger needs a rest.

        • #3196222

          Why I use

          by wdewey ·

          In reply to I’ve never been mad keen on GUI DB

          I don’t create databases much and the one’s I do tend to be small and for a simple purpose (at home use). The other thing I use Access for is a front end to some other database. I can drag and drop several forms together and I have a simple quick app to input/extract info out of a DB with basically no money up front.

          Bill Dewey

        • #3196200

          There you go, most of the apps

          by tony hopkinson ·

          In reply to Why I use

          I work on any desktop database is a total non-starter.
          The GUI tools in SQL Server are quite good but as soon as you get past twenty tables with more than ten fields it’s faster to type.
          The other problem I have with GUI tools is when you want to alter the structure of a table. Recreating the entire table and importing the content, then dropping the original and renaming because you could have changed anything in the GUI when all you wanted was to expand one field by 10 chars is risky. Must be, I’ve seen it go nipples up several times, which was why I started using Notepad.

      • #3181961

        Yes, you’re right…

        by ungle ·

        In reply to SUDO, “Rus As” is SU at best

        …although I suspect it would not be difficult to develop one.

        There are already certain applications that can allow elevated rights: MSI, for example, will allow elevated privileges during install.

        On the other hand, I’ve never needed anything like this. What would you use it for? If there was enough interest, I may be willing to produce something…

        • #3050957

          App installs

          by Anonymous ·

          In reply to Yes, you’re right…

          Being able to grant elevated priveleges required for app installs is the main value I see. Certain progs (ACAD for instance) require the user to be Admin to install.

        • #3050808

          trivial, sorta

          by apotheon ·

          In reply to Yes, you’re right…

          It would be trivial to develop some third-party application for managing admin installs when signed in as a non-admin user. The problem, of course, is that in a Windows environment you’d have effectively created an exploit, because rather than having separate user operational spaces Windows just uses file and directory permissions coupled with weak privilege separation to fake it. This prevents proper assignment of operational space for admin operations vs. non-admin user operations, and thus prevents limited applications of single-action admin capability.

          Rather than assigning limited capability from the system level, you’re doing so from the application level, if you write a third-party app to manage admin permissions for one-shot installations. This means that the only thing preventing full admin access if you create and use such a third-party utility would be the utility itself, and not any characteristic of the mechanism for granting elevated permissions.

          Now, granted, if you write your application to control that sort of thing, it will itself be fairly secure, but such a utility would essentially be a proof-of-concept for an endemic Windows security weakness.

          The proper way to do it would be to separate user spaces and use strict privilege separation. Thus, you’d be able to both provide tightly controlled limited privilege escalation for allowed users, and you’d allow users the ability to install and run anything they like within their segregated user spaces in such a manner that they affect no other users’ operational spaces. Since Windows only barely separates privileges and doesn’t have any true operational space segregation at all, it’s incapable of providing the same level of security when also providing the same level of flexibility to users.

          I feel like I’ve mangled the phrasing of all this. I blame the late hour and the strange evening I’ve had. Suffice to say it involved a girl. Heh.

        • #3050778

          Not bad!

          by ungle ·

          In reply to trivial, sorta

          apotheon,

          You didn’t mangle it, in fact you did a pretty good job of describing how Windows Installer works!

          I was going to write an in depth description about how the whole thing works, but time…ya know!

          Anyway, in regards to your comments…

          Windows installer is actually a service that runs as system. Msiexec.exe, when run interactively, connects to the service and allows user interaction. The actual install is performed by the service, the windowed application you can see is just reporting on the service’s activities. Thus MSI can offer privilege escallation securely, since the system space and user space are not compromised. Note that Windows INstaller is a part of the OS effectively…

          There’s a lot more to it, I’d be happy to expand on it if you’re interested. There isn’t much written on the topic, unfortunately.

          NTW, if an application is certified under the Made For Windows logo program, the way to get a clean uninstall is similar to you r earlier description – msiexec.exe -x . Part of the logo program states that an installation must full uninstall itself.

      • #3181951

        XP / 2k3 have this

        by dvawter ·

        In reply to SUDO, “Rus As” is SU at best

        You can right click on the program, and choose run as. Enter the credentials, and choose, “always run with these credentials, or run once with credentials” It is esentially the same thing.

        David
        want a Free Ipod?
        http://www.freeiPods.com/?r=9181869

    • #3194898

      Unification

      by cmo ·

      In reply to The Gauntlet (What’s missing in windows?)

      What Windows offers which Linux does not is a single name and operating platform.

      It is missing security and I hope this will be rectified in Windows Vista. There needs to be more interoperability with Linux filesystems within Windows so you can work both ways securely on a dual installed machine.

      I think though based on some comments here though Linux will not dominate the desktop market until there is a compatibility layer for Windows and a single or better bigger marketed Linux for the desktop.

      There is one Windows, there are hundreds of Linux distros, what one does average Joe buy/download for his home machine?? There are several UI to choose from, why use KDE or Gnome, etc?

      Where do applications install to? For example Firefox update needed, does it install to where the previous version was…..no…it defaults to your shell/home area. Windows offers home users and less familiar users ways to just get on and work with their machine and install applications and updates without having to be an expert. I know this is flawed in many areas but not everyone can control a GUI interface let alone be left with a command line interface.

      The successful Linux desktop will be one that offers less choice to the average user and installs like Windows with a configured interface, modular application installation and updating, etc. Until Linux can install and run what most people run i.e. games, educational software for the kids and such like then it will not penetrate the home market.

      Linux is great but I think in offering too much choice and applications it makes it harder to decide where to go and what to use……I guess the marketing works its a no brainer to go buy Microsoft Office to run on your Microsoft Windows machine, etc….what do you use on Linux, Openoffice, KOffice…..the list goes on…..no unification, no path to follow means the average user will go with what fits and whats known to work….Microsoft……

      • #3194843

        I agree to a point

        by wdewey ·

        In reply to Unification

        I would more say no user has a choice. I have tried to install stuff to a different location, or change default settings and end up reinstalling the application with default settings because it doesn’t work right.

        Have you ever tried runing Office 2003 on Windows 98, or ME? “I bought a new machine and now all my old apps (which I was perfectly happy with) don’t run, or they installed, but now my computer keeps rebooting it’s self every 30 to 40 minutes.”

        There are a number of different versions of windows and there are more comming (XP 64, Media Edition, Home, Pro all versions of XP). They don’t all work or run things the same.

        If linux was preinstalled on a desktop the way windows is then the home user almost wouldn’t know the difference (Office software is a different matter, and I use MS because I haven’t found a different Suite that works better). The average home user doesn’t really make a choice about buying Windows, it’s made for them by the vendor that sold them their computer.

        As for installing applications, many commercial vendors make great installers for Linux that make all those decisions for you.

        Just my 2 cents.

        Bill Dewey

      • #3194840

        Reply To: The Gauntlet (What’s missing in windows?)

        by mikeb_11 ·

        In reply to Unification

        If you’re looking for the “easy, newbie freindly” operating system that is Linux based, then go to WalMart and pickup a cheap machine with Linspire installed. It does exactly what you say Linux doesn’t do. You can also purchase Linspire directly from their site, if you have a machine that you would like to try it on.

        You’re right in that there is way too many choices for the average user, but there are distros that eliminate the confussion and others that are built for the average user to enjoy right from the start. Knoppix comes to mind as a solution that the average user doesn’t have to do a thing with except hit the Enter key at boot.

        As far as the question, someone else has already mentioned one of my pet peeves with Windows. The inability to gain adminstrator rights temporarily on a users machine is a pain in the butt. I would love to have a sudo/su clone for Windows. A second pet peeve is the requirement to “reboot” for almost every security update, settings change, new install (this one is getting better). The only updates that should require a full reboot are those that directly change the kernel. All others should be a service/process restart.

        • #3194817

          Reboot

          by wdewey ·

          In reply to Reply To: The Gauntlet (What’s missing in windows?)

          Viruses and trojans can overwrite DLL’s in memory, why can’t Windows (MS came up with new memory protections to keep this from happening, and I believe it was released with XP SP2. Correct me if I am wrong)?

          Bill Dewey

        • #3181941

          Reply To: The Gauntlet (What’s missing in windows?)

          by cmo ·

          In reply to Reply To: The Gauntlet (What’s missing in windows?)

          You are right and some distros do address the Windows transition BUT they do not allow as far as I know people to run applications that can only be obtained under Windows e.g. edutainment, games, etc.

          IF there was *one* LINUX 2005 distro with the add/remove programs, security update, etc functionality then it would be a big seller but 100’s of distros just does not cut it. Whatever happened to the groups of vendors that tried something like this, I recall numerous vendors trying to get a single distro up for Desktop linux…?

          With the Linspire option you mentioned, if you still downloaded an update for Firefox it would not update/replace the existing version, it would prompt to install locally for the user and then you end up with 2 versions of Firefox.

          I run Linux and Windows on the same machine at home but always end up going back to Windows as the frustration of updating,tweaking, etc just drives me nuts. i have used several distros from Novell, SUSE, Mandrake, all have the same usability issues. On the plus side to Linux though device detection has come on amazingly and almost all my hardware works now…..

      • #3181862

        I use Open Office

        by tony hopkinson ·

        In reply to Unification

        on windows !
        LOL

        • #3195322

          Reply To: The Gauntlet (What’s missing in windows?)

          by cmo ·

          In reply to I use Open Office

          Same here(!) I also recommend it to everyone as the best alternative to MS Office for people who cannot afford to pay such high prices but need something for school work, small business, etc.

        • #3196223

          Well I could afford MS Office I suppose

          by tony hopkinson ·

          In reply to Reply To: The Gauntlet (What’s missing in windows?)

          the point is why should I ?

    • #3194875

      Architecture,. Understanding of prior art, etc.

      by bamford ·

      In reply to The Gauntlet (What’s missing in windows?)

      As an ex-Microsoft employee who is also very familiar with Unix, I feel confident in saying that MS has never understood good OS design principles — the kind that are so prevalent in Unix. Principles like: everything is a stream of bytes. Write small programs that do one thing well, and provide powerrful mechanisms for compounding programs.

      There’s a scientist’s rule of rule of thumb: two years in the laboratory can save you two weeks in the library. Networking — including TCP/IP — was pretty well understood when Brian Valentine reinvented the wheel in the form of NETBEUI — know known as Windows Networking, and the source of endless pain. In Unix, when you write a program, you decide it’s essential function, and implement it so that it can combine that function with other programs — getting a whole that’s greater than the sum of its parts. When Windows programmers do ANYTHING, they almost always start with the GUI — which is why it has taken Microsoft 30 yearrs to realize that Open Document formats are a good thing — an idea first expressed in Unix. The short answer: Windows is an OS built by amatuers with noi regard for quality or elegance — just feture sets and release dates.

      • #3194798

        Well said

        by jackuvalltrades ·

        In reply to Architecture,. Understanding of prior art, etc.

        Bamford, you cut right to the heart of the matter. Microsoft has done an admirable job of creating a generic, fairly well-integrated OS and app servers for profit (which is what makes the world turn), but their major malfunction has always been re-invention and stupefyingly unnecessary complexity.
        We, like many of you, use a variety of OS’ to accomplish our goals, including *nix variants and Windows. None of them are perfect but they are all capable of fulfilling the jobs we require. IMHO, the major downfall of Windows is the “everything-but-kitchen-sink”approach with the GUI being interlocked with the kernel. The beauty of *nix is it’s modularity, which increases not only security and stability, but greatly simplifies the life of Joe Administrator.

        In sum, *nix is great, although I would not personally use some open-source variants to run mission-critical apps. Windows is useful to build a relatively stable and easy to use network for the masses.

        Love ’em (and hate ’em) both .

    • #3194859

      Scripting

      by just a guy from spain ·

      In reply to The Gauntlet (What’s missing in windows?)

      Hello, folks. Not an important issue. But this is something wich happened to me some time ago.

      I had to write a little “c shell” script in Linux to perform the following task:
      1) Look for files in the “temp” folder older than one week.
      2) Send one email (and only one) to each owner of those files, alerting them about their files being wiped out next week.
      3) Delete files older than two weeks.

      Could this be worked out in Windows ???
      (Answers like “write a C program” are not valid!!!)

      • #3194837

        VB Script or Perl

        by wdewey ·

        In reply to Scripting

        VB Script or Perl will do this fairly easily. VB Script has many API’s that tie into the system file structure easily.

        Bill Dewey

        • #3181823

          Seamless Interoperation

          by stomfi9 ·

          In reply to VB Script or Perl

          I don’t know VB script, but I can use Runtime Revolution to make GUI interfaces and the shell to do the processing in Linux.

          I tried to do it with RunRev on Windows with cygwin but it hangs on script execution, waiting for a key press.

          I don’t have these interoperation problems in Linux, being able to use just about any program’s output for the next event, which means that I can solve just about any problem with a combination of any tools and applications I happen to think of with a high degree of automation and simplicity.

          I find Windows restricts my thought processes by making me use tools I find hard to understand and implement.

        • #3051604

          Lets face it

          by tony hopkinson ·

          In reply to Seamless Interoperation

          remembering ‘abtruse’ commands multiple switches and redirection operators is not what Microsoft are selling, if you want a compound task you pay for an application.
          VBS doesn’t even come close to a scripting environment as a ‘nix or even a VMS head would define it.

        • #3051593

          no kidding

          by apotheon ·

          In reply to Lets face it

          VBScript isn’t a scripting language, it’s a fondue fork in the eye.

        • #3051907

          Chuckle

          by tony hopkinson ·

          In reply to no kidding

          F’ing horrible isn’t it. The annoying is like javascript if they were interested in it being real application scripting language they could fix it very easily, it’s not as if it’s new tech or anything. You know what they were after when one of your less technical colleagues approaches you with a small problem with his multiuser business wide … admininstration application with it’s powerful access database, that isn’t performing up to spec in the real world.

      • #3182047

        Download Cygwin

        by fafafooey ·

        In reply to Scripting

        Get Cygwin from http://www.cygwin.com (free).

        I’m not sure about the e-mail part, but you could probably use your C-Shell script unmodified (or almost) by running it through Cygwin’s C-Shell port.

        Cygwin provides many Unix tools under Windows, including the shells (csh, ksh, etc.).

        I moved several fairly complex Unix scripts and an interactive shell environment from Unix to Windows and it worked quite well. There were some modifications needed (due to file path differences mostly) but it was a lot less effort than trying to rewrite the scripts as .BAT files or vbscript.

      • #3181945

        Good question…

        by ungle ·

        In reply to Scripting

        ..and I appreciate the spirit of the question.

        Yes, it would be a relatively trivial excercise and the kind of thing I do an a regular basis.

        The Windows Scripting Host is very versatile and extremely extensible. VBScript seems popular because of it’s simplicity and readability. JScript is also poular, but there are plugins to it for numerous languages (including Perl as mentioned). The bit I like about it, though, is I can mix languages in my scripts! I never liked VB string manipulation (although at least WSH does give us Regex) or math routines, so I do them in JScript.

        Did you want and example? Or were you trying to find out if it was possible?

      • #3181855

        There are plenty of scripting languages

        by tony hopkinson ·

        In reply to Scripting

        that could do tasks of similar ‘complexity’ for windows. Perl for instance. Piping a series of system utilties to do this would be a little more problematic though as they aren’t all written to do that seamlessly.

    • #3194836

      Reliability is missing in WinX

      by mark.paris ·

      In reply to The Gauntlet (What’s missing in windows?)

      The biggest problem with Windows (Server or desktop) is 24/7/365-type reliability. It’s simply not there; even Microsoft admits it. Anything -ux runs fine in this regard. Running machinery that MUST be always up and can’t stand an indiscriminate reboot because it’s “stuck running” or “won’t respond” or “won’t Emergency Stop” (which endangers personnel) because Windows froze is simply unacceptable. Period. Windows is a toy, and I don’t expect ‘Vista’ to be any different, because Microsoft just doesn’t get it.

      I have taken PCs that were considered “unreliable junk” and turned them into handsome machines that run 24/7 by simply installing Red Hat and redundant SCSI drives. It takes megadollar additions and a live person who constantly monitors the OS to do this with any Windows OS: unless it’s Win NT, it simply can’t be done with current Microsoft products. NT Server can at least hand off the tasks to another NT box while it’s dying, so the other one can hand it back after a reboot. I’ve never been able to accomplish this with Win2k servers.

    • #3194828

      All Noise…

      by gbig@customerselects.com ·

      In reply to The Gauntlet (What’s missing in windows?)

      Microsoft has already preempted the idea of the utility OS. Why? Because if you really understood the Microsoft family of products you would immediately see that they all play together, that is, the sum of the parts is far greater than any individual piece. Windows OS supports Sharepoint, and commerce servers, IIS, ASP and even Frontpage fill in web pieces as extensions of Windows server. The development languages and tools work best with other microsoft tools, and especially running under Windows. Taken together, Unix is a joke. The open sourcers still try to fight back offering desktop, and other me-too tools, but its a vanity effort. Microsoft controls all apects of the entire offering, and continue to push ahead offering the next generations FIRST. Client windows, with Exchange, and Microsoft web are the most cohesive way to get the business done. IF you want to tinker, and hack, then using Unix in bits and pieces may give you a tiny orgasm for a second, but it wont make the babies in the long run.

      • #3194809

        SO?!?

        by metaballo ·

        In reply to All Noise…

        What do you call your ‘OPINION.’ Not noise? The truth (as you see it)? Does that mean we should roll over and let MS rule the world? Windows is an integrated app (written in C) that makes it hard, no, discourages innovation in the name of profit. Yes, business is for profit; Point for you. The sexual comment is arrogant, hypocritical, and unnecessary mister red Porche with the teeny weeny. You can masturbate in the back room with Bill, I’ll be doin it with my girlfriend!

      • #3181853

        FrontPage ?

        by tony hopkinson ·

        In reply to All Noise…

        IIS I can live with, ASP, well if you have to do a scripted solution under windows OK, but don’t cite frontpage as a reason to use windows professionally, it just plain sucks.

      • #3050757

        80% does little good.

        by mark.paris ·

        In reply to All Noise…

        Microsoft does many things with many programs. Playing well together is not one of them. Witness their own service pack approach to fixing their own products. Case in point: when Win2k shipped, it shipped with over 25,000 known bugs (Microsoft’s own admission, check it out). Four service packs and a “major revision” to W2003 later, it still needs rebooting twice a month in our 24-point network, more often in the larger 100+ point network.

        In the world of communications, high-speed multitask switching, serious uptime (>99.9%), WinX stands alone: it cannot do any of it. Everything else can.

    • #3194818

      So much DUH going around!

      by metaballo ·

      In reply to The Gauntlet (What’s missing in windows?)

      I’m only a weekend techie, tho I’m working on a 4 yr. + degree in softwate engineering. I have both Windows and Mac machines, which I scrounged or built, so no big $$$. I also use multiple op sys’s on my Windows XP Pro box. For internet and stuff, I just switch to Linux, for games back to XP, or whatever, and the Mac for multimedia. I don’t bash systems, I find solutions. The main diff I see tween XP & Linux is ease of use since 95% of the pop is ~newbie. Linux is from/for techs @ this time. Remeber DOS? Now it’s XP. Once Linux evolves, it will have to go thru growth stages, just like Windows! Linux’s BIG adv is FREE – Everyone likes free! Since all else will be locked down to thwart piracy, while corp spying will inc… All who can need to sit down and write stuff for Linux, so it can compete with Windows! You know, fancy widgets, game support, or just better emulation for Intel based apps! :p

      • #3181777

        Might I suggest Cedega for Windows based games in Linux?

        by jmgarvin ·

        In reply to So much DUH going around!

        It works very well and saves the trouble of rebooting. I quite like it and it seems to work very well with minimal issues.

        I highly suggest you give it a shot…at $15 bucks it is cheap!

    • #3194805

      Pre-Emptive Multi-tasking

      by grant22 ·

      In reply to The Gauntlet (What’s missing in windows?)

      Yes, I know that MS claims that it is there in NT and its successors, but evidence from a user perspective is contrary. My favorite example: While waiting for a database query to return in one application (TOAD) I am unable to open an unrelated text file in a simple text editor (TextPad,) however, when the query returns, everything I clicked while I was waiting for it (opening the text file, switching active windows, etc.) happens, in the order I clicked it, in a flurry. ANy time every other application can be made to wait for one application, and it is not a resource conflict (what conflict can there be between waiting for a query from Oracle and switching already open windows) this seems to say that pre-emptive multi-tasking is either missing or it is a broken implementation.

    • #3194799

      Yes, I can

      by ke_xtian ·

      In reply to The Gauntlet (What’s missing in windows?)

      1. Installing software without the ridiculous Windows Registry. Talk about a farce. The Registry is possibly the biggest joke in the entire computer industry.
      2. Installing software that does not share DLLs with any other software. That is a tremendous weakness in Windows. I know MS has built in some safeguards to keep this from being a problem, but the safeguards are not foolproof.
      3. Scalability. Windows is more scalable than ever, but still lags far, far behind the Unix world in scalability. Yeah, I know that benchmarks exist that show SQL Server getting into Oracle territory, but read the fine print on those. MS cobbed together a huge scaled-out DB to get those numbers. That is not something you would want to try yourself unless you were desperate to justify your decision to go with MS and had the budget to do it.

      I would agree with the idea of “favorites for particular tasks”, except I would modify it to say Windows for desktops and Unix/Linux for everything else. The choice between Unix and Linux would be based on a large number of factors. As Linux matures and grows in acceptance by industry, the number of factors will shrink.

      Using Unix/Linux for servers is much more desirable for so many reasons. I cannot list them all here, and others have done a good job of it already. For me, though, one of the most important reasons is scalability. The boxes that Windows runs on just do not have the guts to scale up. That is a real issue, no matter how loud the MS bigots yell. Bill Gates himself has admitted that scalability is a problem. I love this quote from him:”We don’t scale up. We scale out.”

      Scale-out sounds good unless you have tried it. On my job I am saddled with 5 scaled-out DBs. We have 5 DB instances (each one running in active-passive clusters) doing the work of one Oracle DB instance running on a reasonably small Sun box. For redundancy the Oracle DB would run in a cluster also, but it would be an active-active cluster.

      MS bigots will read this but not understand it because they don’t want to. I sound like a Unix bigot, but I am not. I have tons of experience on both sides, so my opinions are informed by facts, not by claims. Bigots are so prejudiced against the other side that they don’t even listen to facts.

      • #3181921

        Up to a point..

        by ungle ·

        In reply to Yes, I can

        I’m curiouse about:

        1. Registry. You give no reason why you don’t like it, or why you feel it’s bad. Yes, I’m afraid this does come across as bygotry. Would you mind expanding?

        2. Shared DLLs. Of course you can install software on Windows that does not share DLLs, if that’s what you want to do. This I’m surprised you raised. It’s not so different, except that there is ALSO the option of COM.

        3. Scaleability. This is probably a fair point. I’ve never understood why my clusters should be restricted to 4 nodes, although I’ve never had reason to want more. Probably Oracle is not a good example here (others have commented on this), but it’s still a true statement. Windows has not given the scaleability I’ve seen in Linux. Then again, I’ve never seen a 24 proc. windows machine either, but I know it’s possible.

        • #3181774

          Why the registry is mess up

          by jmgarvin ·

          In reply to Up to a point..

          1) The registry is two files* that act as one. So if one gets messed up, that is it…you are finished. Sure, the backup registries help, but they typically get borked too. The biggest problem I have with it is that it is cryptic!
          * I guess you could argue that the registry is really 4 files that are system.dat, system.ini, user.dat, and win.ini

          2) Ug…COM (DCOM) and shared DLLs…both are a mess and both need fixin’

        • #3181767

          Still not sure…

          by ungle ·

          In reply to Why the registry is mess up

          With the fear of descending into a long, drawn-out discussion…

          I would consider the registry to be the following files:
          NTUser.dat, Sam, Security, Software, System and Default.

          Cryptic? Why would you find it cryptic? It’s a database, after all, with heirarchical data in it. It’s very simple once you get to know it and a lot more robust than all those disclaimers would have you believe.

          For a good starter on the registry, look here: http://www.microsoft.com/windows2000/en/server/help/sag_ntregconcepts_mply.htm

          I have seen inept packagers kill machines by writing raw data to the registry, though – You can’t completely protect yourself against idiots, right?? I’ve never come across anything unrecoverable yet.

          I know you meant COM when you said shared DLL…all OS that I’ve seen use some form of shared libraries. COM is one implementation of it. but you don’t have to use COM in Windows if you don’t want to.

        • #3196195

          Registry, COM, and the joy of shared Libs

          by jmgarvin ·

          In reply to Still not sure…

          1) I agree with your assessment of the registry. I was being overly general and I didn’t want to leave out the older OSs. SAM is pretty good, but it is too easy to get to and steal. I wish MS would also work on the predictable hashing (did they fix this in Win2k3?) for passwords.

          2) The registry is VERY cryptic, esp with 3rd party apps. Various keys don’t quite describe what they do or what they are for. I also had AD not turn on all the AD keys, so I had to go manually find all the AD keys and update them.

          I also agree with the protection against idiots, but I also think the registry should be able to defend itself against simple things like writing raw data into it.

          I had an unrecoverable registry when I was poking around in Windows looking for something to do with AD or Kerberos…I managed to munge something up and that was that. It propogated to the temp backups on the system and it was a nightmare…I’m not saying it happens often, but it can happen.

          3) Ya…Shared DLL/COM are what I’m talking about. However, Windows does shared libs in such a wonky way, it is hard to code securely. The APIs aren’t always documented very well and sometimes you can get into places you didn’t mean to go.

          IMHO people tend to use COM because it is documented pretty well and is VERY common across the platforms.

          What do you use in place of COM? I’m curious because I hate COM with a passion!

        • #3196131

          Couple of ideas…

          by ungle ·

          In reply to Registry, COM, and the joy of shared Libs

          1. I assume you’re refering to LM hashes (which were particularly weak)? These are generated if the password is less than 15 characters and stored in AD…unless you turn this off…which is a valid point people have been making, windows security is often left wide open.

          You can turn it of by (you’re going to love this) editing the registry. Here’s a link: http://support.microsoft.com/default.aspx?scid=kb;en-us;299656&sd=tech

          2. Agree on the 3rd party apps. It drives me NUTS. I have spent YEARS (Literally) trying to teach developers where and how to store stuff in the reg. On that count, I guess it is cryptic. I blame THAT on MS for nto educating a developer properly during thier MCSD!

          To help recover from these errors I recommend getting a copy of WinPE. It’s a cut down version of windows you can boot to on a CD. From there you can load the hives on your system and correct the problems.

          3. OK, I conceed this point. 🙂 It is hard to code securely. Another education campaign I’ve been on. I’m suprised about your comment re APIs though, I’ve always been pretty happy with MS documentation on that one. Can you think of an example?

          I remember when I first started on Java, I hated the online docs. After a while, though, I discovered they weren’t bad…just very different to what I was used to.

          Agreed the final comment on COM. It is easy to use. I often create COM objects for people to use in scripts…because that’s the only lib you can access from script (I’m going to duck here from the return swing 🙂 )

          Rather than COM? Develop in C++ and you’ll find COM is PAINFULL to use. Just use a standard C/C++ lib and link the headers into your main app.

          Then, you drop the DLLs into the same dir as the app, and you app uses them exclusively.

          In your app you can decide if you want to use shared libraries or specific libraries. Declare the full path to the lib within your app (it can be relative) and you will always use that lib. Specify only the name of the lib itself and the DLL loader first looks in the app directory, then system folder, then the rest of the path. You can control this behaviour through manifests (you can put your libs into assemblies)

          Does this help?

        • #3196277

          Ah!!

          by jmgarvin ·

          In reply to Couple of ideas…

          1) Thanks…I had no idea.

          2) I was under the impression that WinPE was slow (or at least took a long time to boot). I think I’ll check it out for myself though…

          3) One of the buggaboos I ran into was thin documentation when it came to lower level APIs. While they explain what it does, they don’t really get down to the nitty gritty. Some are VERY well documented. Hmmm…Threading comes to mind with poor documention. IIRC it was something with creating multiple user threads somewhat dynamically.

          4) *Swing* Ya, I wish that MS would finally kill off COM stuff and move to something a little more strict like the C++ libs.

          Thanks for the ideas with the DLLs and “soft” linking them into my app…that will help when building for multiple platforms that may or may not have the same directory structure…ug!

          hmmmm…You aren’t so bad after all 😉

        • #3053287

          threading

          by apotheon ·

          In reply to Couple of ideas…

          Windows handling of threading is sorta faux, anyway, jmgarvin. It’s difficult to make threading easy to code when the OS doesn’t implement it worth a damn (and, depending on your definitions, doesn’t implement it [b]at all[/b]).

        • #3053283

          Wow! Thanks!

          by ungle ·

          In reply to Couple of ideas…

          I’ll take that as a compliment!

          2) WinPE is PAINFULLY slow to boot…once it’s up and running screen refreshes are slow – it uses a generic driver. Move a window around you’ll see the CPU usage go through the roof! But it’ll help getting a dead machine up again.

          3) Comment on docs – yeah, I’ve never looked at the MS documentation on threading. When I started threading way back…:-)…I had a couple of top notch developers scare the living daylights out of me in regards of thread synchronization…so I invested mega bucks on a couple of good books on threading. You may be right. I’ll look at it.

          4) They are. It’s called .NET 🙂 Take a look at the WinSxS stuff – they are slowly trying to wean people off shared libraries.

          Despite some people’s complaints, I’ve found .NET excellent to work with…it’s strictly type cast, and since it’s running managed…no more buffer overruns. Of course it was another MS theft. I learnt the most about c# while doing a Java course! There is of course .NET runtimes for Linux (http://www.mono-project.com/Main_Page) which means you could develop your c# projects on a linux box using SharpDevelop (http://www.icsharpcode.net/OpenSource/SD/) – it’s all written in c#

        • #3051600

          Threading?

          by ungle ·

          In reply to Couple of ideas…

          Apotheon, I assume you are refering to the Apartment threading model of the COM world? In which case, I agree with you in part. Fortunately COM does also support the free threading model. Your choice is determined (as an overview) on whether you require cross thread communication. Apartment threading incurs an enourmous overhead in this case.

          Fortunately in the non COM Windows world threading is pretty standard and simple…laden with all the usual gotchas of thread synchronization.

          Dare I say MS offers a choice??? OK, that’s going too far 🙂

        • #3051590

          Hmm, threading . . .

          by apotheon ·

          In reply to Couple of ideas…

          It’s possible I’m slightly out of touch with that subject in the Windows world. I haven’t paid too much recent attention to how threading is handled on the Windows platform for the last couple years or so. In fact, for the last year I haven’t touched any application development or administration scripting on (non-PocketPC) Windows at all, threading or no. I’ll have to check into that.

    • #3194755

      Recompile a Linux Kernel? OK – Now a Windows kernel ;-)

      by justame@work ·

      In reply to The Gauntlet (What’s missing in windows?)

      Just one example of where Linux is more usable and configurable. Why would one want to do this?
      -Custom application
      -Improved performance
      -Internet hardening
      -etc

      • #3182094

        all those — plus innovation

        by jprohner ·

        In reply to Recompile a Linux Kernel? OK – Now a Windows kernel ;-)

        As we go from kernel to kernel we also get to add those inovative things that Monopolysoft won’t for years.

        Linux did and still does “multiple” processors not something MonopolySoft does well.
        Even in this age of dual cores..

        Maybe that is why the server manufactures are “certifying” to Linux and not MS.
        Repairs happen faster too.

    • #3182097

      Winderz works in it’s place – Under Linux

      by jprohner ·

      In reply to The Gauntlet (What’s missing in windows?)

      My desktops are now all dual core AMD 64 bitters and MonopolySoft XP has no clue how to use Dual core. But Suse 9.3 does and well.
      Some years ago I discovered VMware.
      Since then I run good ol reliable winderz 95 in the VMware window under My Linux Desktop.
      This did two things.
      1. all the CAD/CAM software I had invested in and worked relaibly in 95 actally ran better in the VM window. And when it failed all i needed was to close that window and reopen. Poof a bunch faster that re Booting. Still works that way today and with the Linux multiple processor support is fast as well.
      2. I saved a bunch of money as I did not have to pay to “upgrade” all my CAD/CAM stuff. NOR did I have to pay for XP. NOR did I have to go through
      “update” after service pack update to further slow my machine down and add more stuff I don’t use or want or add more memory usage to slow everything down. Nor all the headaches that these “updates” have brought. So I SAVED a BUNCH of money in both CASH and TIME.

      MonopolySoft OSes are the best of it’s world, “Over Gloated and Inefficient Operating Systems”. Too bad they could not be just an operating system, as Linux is, and compete in the real world without forcing their crap on us.
      The latest IE and beta for “VISTA” show what they can do. Install IE and lose all of anything except their links.

      On my servers I use Linux. On my Laptop I use Lindows (Linspire now) and on my development machines I use Suse 9.3. BUT, on my GAME machine I would use XP Pro, since all the games are written for it.They cornered that market pretty good.

      So for the best of both worlds I run 95 under Linux. It is the Best of all choices.

      Secure reliable Linux with good ol reliable 95.

    • #3182006

      Still – like always – very few REAL answers

      by digi-tal ·

      In reply to The Gauntlet (What’s missing in windows?)

      I feel Ungle has a valid point here. Many I.T. professionals are curious about the fervor surrounding Linux/Unix. However, no one wants to change everything unless there is a ROI (return on investment) that makes sense – no not the cost of the OS, because the training and staffing issues far outweigh that. What are tangible pros to Linux? Security is an issue for BOTH OS’s same old argument. Some are touting NDS – please forgive my ignorance but is that a part of Linux? I know Novell developed it when I was administering a Novell network and moved from the bindery. If that is part of the linux system – great. Does Linux use X-windows?

      • #3181942

        Yes

        by ke_xtian ·

        In reply to Still – like always – very few REAL answers

        Linux can use X.

        As far as retraining goes, you retrained to use Windows.

        Also, every time a new version of Windows comes out, there is some retraining involved. Else, why would re-certification be required? What’s the big deal?

        Linux is different from Windows, but once you learn it, it is much easier to administer in an industrial-strength server environment because of its incredible scripting capabilities. You can save a bunch of money and get exactly what you need with scripting.

        Yes, I know Windows is coming out with improved scripting. But you have got to ask yourself why they have been announcing that capability every year for over a decade. If they wanted to do something, why don’t they just create a truly native version of ksh or bash? Yes, they have “Services for Unix” but it is a real pig. I think they hobbled it on purpose.

        I could show you tangible pros from my activities of last weekend where we moved some massive SQL Server DBs from an old SAN to a new one. Windows and SQL Server are so brittle that we ended up having to re-install the OSs and SQL Server. And because we are using SQL Server our app needs multiple scaled out DB instances running on multiple boxes, all of them clustered for redundancy. Talk about a kludge. All brought to us by MS.

        I am not saying Linux is perfect, but Oracle on Linux is a heck of a lot easier to manage than SQL Server on Windows, especially if you are trying to run industrial-strength, web-based, money-making apps. Take it from somebody with a bunch of experience being a DBA in both worlds. I am not coming from the perspective of a person who only has Linux experience.

        Also, from a money point of view, if you have an app that can fully utilize an Oracle license running on a heavy-duty server, you will get much more bang for your buck running it on Oracle than on SQL Server. You will have to buy a multitude of SQL Server licenses (and attendant hardware) to do what one Oracle license can do. You save money not only in licensing and hardware, but you save a bunch of time in administrative costs. I would much rather administer one heavy-duty Linux box running Oracle than a bunch of what pass for high-performance Windows boxes running SQL Server. Don’t let the SQL Server benchmark tests fool you…MS uses a highly imaginitive and extremely impractical collection of hardware utilizing scaled-out SQL Server instances to achieve the results they get. Nobody would build something like that for a real-life application.

        It is easy to argue MS if that is all you know.

        I must admit that I would rather administer a shop full of Windows desktops than Linux. But part of that has to do with the fact that I have never had to administer a shop full of Linux boxes. I suspect that experience would give me a better perspective. Plus, with time, Linux will get there. The price point is right.

      • #3181917

        Thanks.

        by ungle ·

        In reply to Still – like always – very few REAL answers

        …I felt like someone understood what I was trying to do.

        Although we hate those acromyns, ROI and TCO should be the first thing off our lips when trying to justify an OS.

        Us techies seem to forget: We’re here to serve our clients, nothing else. All the other neat juicy stuff is a nice bi-product of the service we provide, not the goal of what we do.

        One would have thought the .COM bust would have finally got the message through, I guess some of us are slow learners…

        • #3196216

          .COM bust

          by tony hopkinson ·

          In reply to Thanks.

          was down to business heads. The technology they were using was very run of the mill.
          Those boys tried to create a market with a product, they got it wrong big style.

        • #3050945

          Nail on Head

          by Anonymous ·

          In reply to Thanks.

          That is really the big sticking point. Much as MS has annoyed me over the years. I still continue to use them the most. Why, cause it “just works”.

          It may not be as efficient in resource use, or as fundamentally secure, but The fact that 90% of the programs work – with no tweaking, patching, hunting for dependancies, or digging through obscure documentation to find the right arg to add to the cmdline or the cfg file – keeps me coming back.

      • #3181839

        Which question first ?

        by tony hopkinson ·

        In reply to Still – like always – very few REAL answers

        Yes Linux uses X-Windows.

        You can get Linux desktops that look, smell, feel, and taste like windows now, so training is only as much of an issue as say switching from Lotus to MS office or vice versa.

        Staff for MS stuff are cheaper, but that’s as much supply based as anything else.

        The difference between competent experienced professionals is negligible in the UK.

        NDS was touted against AD in a Novel Vs Windows argument.

        ROI may not matter !

        The real difficulty is the existing business specific software investment you have.

        Windows vs Linux does not even come in to that argument, it’s whatever you are on now vs what you are thinking of switching to.

        As a job lot organisation wide process you are never going to get a business to sign up, you’d have to be stark raving mad to even propose it.

        Last place I worked at they had Fortran code over thirty years old on hardware fifteen years old (DEC (100 boxes)) running under venerable VMS.

        The development effort to rewrite it would be hideous, testing awful, implemention fraught with difficulty, management problematic and safety a real issue in 24/7 manufacturing environment.

        Bit by Bit piece by piece is the only practical solution, and then you have to get management to see the wall approaching.

    • #3181912

      whats missing in linux?

      by rich ·

      In reply to The Gauntlet (What’s missing in windows?)

      for the usage i have gotten out of linux its a standard gui on each and every program.
      when you sit down in front of that windows computer everyday programs have the same standard buttons. I am still trying to figure out copy and paste from one windows to the next in linux but i do it every day in windows even from a dos prompt.

      • #3181854

        Clipboard?

        by crake ·

        In reply to whats missing in linux?

        Are you referring to the Clipboard to Copy/Paste text and files? Most Linux GUIs offer a clipboard.

        If you’re using XWindows, to paste, you’ll need two windows open–a window to copy from (the “source” window) and a second window to receive the information, sometimes called (the “target” window). Follow the steps below:

        1. Locate the material you wish to copy in the source window.
        2. Minimize all the windows you don’t need–keep just the source and target windows up, with the source window on top.
        3. Press the left mouse button at the beginning (the upper left) of the text you want to copy. Drag the mouse to the end (the bottom left) of the selection you wish to copy.
        4. As you move over the selection, it will be highlighted (usually in yellow) on the source window. When you have reached the end of the desired selection, release the mouse button.
        5. Move the mouse cursor to the target window. RIGHT-click to point to the place in the target window where you would like to have the text inserted. Then MIDDLE-click (Ctrl+click). The text that was highlighted in the source window will be “pasted” into your receiving window.

        • #3053306

          also . . .

          by apotheon ·

          In reply to Clipboard?

          In GUI applications, generally, Ctrl-C copies, Ctrl-X cuts, and Ctrl-V pastes, just like in Windows. Just don’t use Ctrl-C to try to copy at the command line: that’ll close a CLI application.

          The reason such functionality exists in Linux GUI environments is, of course, that Linux developers decided to accomodate Windows users trying to migrate to Linux.

      • #3181772

        In Xterm

        by jmgarvin ·

        In reply to whats missing in linux?

        You can copy and paste any way you want by alias. IIRC it is for paste and for copy.

        Anywhere else it is v .

    • #3181831

      Here’s an answer.

      by bixbyru ·

      In reply to The Gauntlet (What’s missing in windows?)

      Some Linux advantages:

      – Linux is manageable even when the video’s out;
      – Linux works well in embedded applications;
      – Linux has a MUCH more responsive repair/
      hole-patch process, and will likely always have;
      – Linux runs well on older hardware;
      – Linux is can be highly customized without
      million-dollar licenses;
      – Linux is a far better real-time OS, although it
      is by no means the best;
      – Databases have much better performance under
      Linux;
      – Linux and the apps for same do not endanger
      ownership of one’s data;

      While Windows *can* be a tidge more friendly out of the box, it’s really a 32 bit version of a 16 bit shell on top of an 8 bit OS origilanny coded for a 4 bit processor and purveyed by a 2 bit company which cannot stand 1 bit of competition.

      Bix

    • #3181827

      Cinerama plus

      by stomfi9 ·

      In reply to The Gauntlet (What’s missing in windows?)

      For graphics work, having multiple screens displaying one graphic, with another high res one showing the render is a huge plus for Linux.
      Add that to a 3 x 4 screen wrap around for cedega game play and Windows is out the door.

      If you can’t afford lots of multiple screens you can use two and set up an alternate window manager like fvwm in one of them, 20 or so desktops with zero edge resistance, and drag a scanned in graphic across them so that one scanned in or output dot equals one screen pixel. Then you can view edges and shading as they will be in reality.
      I haven’t seen this in Windows.

    • #3181826

      Reverse

      by dogknees ·

      In reply to The Gauntlet (What’s missing in windows?)

      I’m going to respond from the other direction, why I use Windows.

      Basically because I spend my day supporting PCs, that last thing I want to do when I get home is battle with my PC. So, my requirements are that it runs reliably, that it can run the latest games. And that there is a good range of useful and powerful software available.

      Now I’ve heard the Linux story of lots of apps available. Problem is that the ones I’ve tried are brain-damaged or don’t have half the facilities of the commercial windows software.

      Case in point. I’m into graphics. The sort of tools I’d expect would be the equivalent of Photoshop and Painter, and I mean ALL the tools. GIMP just doens’t cut it if you are used to Photoshop and Painter.

      Similarly, the Office clones don’t have half the features I’m used to and aren’t compatible with MS. Example, all my spreadsheets contain macros. They won’t run in Office clones.

      This seems to be the norm. The Linux software just doesn’t cut it if you want to do more than the basics.

    • #3181776

      Reply To: The Gauntlet (What’s missing in windows?)

      by sudheer_tp ·

      In reply to The Gauntlet (What’s missing in windows?)

      Hi Friends,

      Do u all know that because of Microsoft in the world more than 10lac peoples are getting there Food, Cloths and Shelters.

      Don’t get angry on me,

      Here is the real picture for u all,

      0round 100thousand people in side Microsoft are there in development, marketing, sales, support etc.,

      Microsoft Venders in marketing, sales, and support. Unauthorized venders for Microsoft products, system administrators etc.

      (Finally countless people uses Microsoft products like back office and Office products.)

      This is the major contribution to the world from Microsoft. But at the same time no other company is having the wide range of people like this.

    • #3196279

      a few items

      by apotheon ·

      In reply to The Gauntlet (What’s missing in windows?)

      I know some of this has already been mentioned, and for all I know it might all have been mentioned already in this discussion. I’ll list ’em anyway.

      1. strict privilege separation

      2. strict operational space separation (user/admin/executive/kernel)

      3. configuration separation (Do the words “corrupted registry” mean anything to you?)

      4. built-in enterprise-class firewalling capability (iptables vs. “Windows Firewall”)

      5. SELinux

      6. avoidance of intrasystem RPC abuse

      7. services independence (nothing necessarily loaded that you don’t want)

      8. rapid patch development (thank the fact it’s open source for that)

      9. no vertically integrated “hostageware” problem

      10. heterogenous systems compatibility

      11. platform portability Windows can only dream of

      12. supercomputers

      13. a cool mascot

      14. LUGs and other incredibly good community support options

      15. admirable security record

      16. legal free copying and distributing

      17. completely customizable GUI environment

      I forgot about five or six while I was coming up with those. Maybe I’ll come back to add to this if I remember them later.

    • #3050895

      Wanted: Mature Resource Manager

      by gary_griffith ·

      In reply to The Gauntlet (What’s missing in windows?)

      What – with all these dual-core Opteron + 64-bit Windows OS options available, you can really make a fine server, but you’re missing a mature resource manager (like HP-UX’s PRM, AIX’s WLM, or Solaris’ SRM) to keep individual processes from taking the whole box. Get good PRM, and you can safely consolidate apps onto these potentially scalable machines. WSRM looks OK, but from Microsoft’s presentations on the technology, it appears to be lacking. Is anybody out there using this?

    • #3052650

      I wish Windows had…

      by phoward ·

      In reply to The Gauntlet (What’s missing in windows?)

      What I really like about linux is the flexible command line.

      Lets me do things like synchronize directories on different computers by just typing.
      rsync 192.168.1.100:/home/philh /putfileshere

      Copy a file from a remote computer
      scp 192.168.1.100:/home/philh/myfile file here

      Piping and command redirection lets you chain together programs and commands
      more textfile | cat anothertextfile

      I really like having software written with security seperation in mind (Most Windows apps assume Administrative priveledges)

      I like the speed of editing files directly from the command shell.

      I like how easy it is to install software
      yum install newsoftware

      Most of these things could probably be done on Windows but not without significantly more effort, and probably additional cost.

      • #3052918

        Some of this works in winodws

        by Anonymous ·

        In reply to I wish Windows had…

        copy from a remote computer – copy \\host\share\file

        piping and redirection work, you just don’t have as many cool commands (I miss less)

        Security separation… Not sure whether this really differentiates. You see the problem on both platforms, but it doesn’t have to be on either. It’s mostly lazy programming.

    • #3048941

      C64 is the way to go….

      by parier ·

      In reply to The Gauntlet (What’s missing in windows?)

      I’m still happy with my C64…I keep hearing of these IMB’s, or IBM compatibles coming out soon….Im tired of hearing that, when are they coming out, and what are they compatible with, the microwave?

      C64 Lova’

      • #3119334

        Best spreadsheet was on C64

        by stress junkie ·

        In reply to C64 is the way to go….

        The best spreadsheet program that I ever saw was called Multi-Plan. It ran on C64 and Microsoft Xenix running on Tandy Model 16 computers. It had features back in 1987 that you still don’t see in other spreadsheet programs today.

        And the C64 graphics were way ahead of other platforms for years after the C64 was created.

        And the C64 was easy to program.

        And the C64 had great games. My favorite was Winter Olympics.

        The C64 designers had the good sense to divide the computer functions between specialized chips. This gave the computer much more power than the specs would have suggested. ( 1MHz CPU and 2MHz tri-state data bus.) This kind of division of labor is only partially implemented in today’s home computers. Imagine the potential performance increase if today’s home computers were to fully implement the idea of a different card/circuit for each type of function. The CPU would be freed from network card interrupts and graphic memory updates and disk i/o interrupts. This would leave the CPU available for CPU type work such as number crunching. Wouldn’t that be something?

    • #3119150

      Admin, not the OS

      by 3kl ·

      In reply to The Gauntlet (What’s missing in windows?)

      The danger and insecurity is largely in the admin. The vast majority of system hacks (windows or otherwise) come due to lack of patching and securing a system. Windows 2003 is “more secure” than Windows 2000 largely because M$ turned more features off by default. A poorly configured *nix system is at risk as is any OS that isn’t locked down. I won’t disagree with anyone that feels Bill Gates could be compared to the spawn of satan at times, but I’ll take my locked down M$ systems over the old *nix systems that got hacked due to lack of proper securing by their sys admins. (and yes, I am speaking from personal experience on that one.)

      • #3119082

        here we go again, again, again

        by apotheon ·

        In reply to Admin, not the OS

        You seem to be unaware of the significant, fundamental system architecture flaws in Windows that decrease its security viability. For instance, weak privilege separation (an improvement over earlier Windows versions’ “no privilege separation”) is a terrible problem with Windows security: sure, you might make it difficult for someone to break in using a firewall, but once they’re in, it’s a relatively trivial thing to achieve privilege escalation and own the box in very short order. Another issue: RPCs are a security risk (any service is a security risk), and it’s true that basically every modern system runs RPCs no matter what OS, but if you want to see how pervasive RPC use is on a Windows system, how widely it spreads its vulnerabilities, and tightly integrated those vulnerabilities are with core OS functions, try turning ’em off. You’ll suddenly find that without RPCs you can’t even log in to the system.

        These are only a couple out of thousands of individual problems in the way the Windows line of OSes have been designed from the ground up.

        • #3118902

          The registry needs to die

          by jmgarvin ·

          In reply to here we go again, again, again

          This is, in essence, a portal to the kernel. Why should the user have such privelged access to such a sensative part of the OS?

          Also, why do all the users “share” the same registry? It just doesn’t make sense!!

        • #3118888

          Registry…

          by ungle ·

          In reply to The registry needs to die

          Sorry, you have missed the point of the registry. It’s not one big repositry, it’s just represented that way.

          The user has free access to HKEY_CURRENT_USER (which is the ntuser.dat inside the user’s profile). This contains user specific settings, kind of like a user accessible config file in linux.

          The critical machine settings are under HKEY_LOCAL_MACHINE\System, and in it’s correct config the user does not have access – and it’s contained in a separate file in an area not accessible to the user. If users have access here, fire your admin.

          The main reason people object to the registry is lack of understanding – again it’s represented as one big repository for simplicity. My biggest complaint is not so much the concept of the registry, but rather the way it is used by application developers who simply don’t know enough about Windows!

        • #3118881

          *sigh* Again????

          by jmgarvin ·

          In reply to Registry…

          Ok fine:

          HKEY_CURRENT_USER – Contains info on the current user

          HKEY_USERS – Contains info on the actively loaded user profiles on the computer. HKEY_CURRENT_USER is a subkey of HKEY_USERS.

          HKEY_LOCAL_MACHINE – Contains configuration information particular to the computer (for any user).

          HKEY_CLASSES_ROOT- Is a subkey of HKEY_LOCAL_MACHINE\Software. The information stored here makes sure that the correct program opens when you open a file by using Windows Explorer. Starting with Windows 2000, this information is stored under both the HKEY_LOCAL_MACHINE and HKEY_CURRENT_USER keys. The HKEY_LOCAL_MACHINE\Software\Classes key contains default settings that can apply to all users on the local computer. The HKEY_CURRENT_USER\Software\Classes key contains settings that override the default settings and apply only to the interactive user. The

          HKEY_CLASSES_ROOT key provides a view of the registry that merges the information from these two sources. HKEY_CLASSES_ROOT also provides this merged view for programs designed for earlier versions of Windows. To change the settings for the interactive user, changes must be made under HKEY_CURRENT_USER\Software\Classes instead of under HKEY_CLASSES_ROOT. To change the default settings, changes must be made under

          HKEY_LOCAL_MACHINE\Software\Classes. If you write keys to a key under HKEY_CLASSES_ROOT, the system stores the information under

          HKEY_LOCAL_MACHINE\Software\Classes. If you write values to a key under HKEY_CLASSES_ROOT, and the key already exists under

          HKEY_CURRENT_USER\Software\Classes, the system will store the information there instead of under
          HKEY_LOCAL_MACHINE\Software\Classes.

          HKEY_CURRENT_CONFIG Contains information about the hardware profile that is used by the local computer at system startup.

          So you are trying to haze me. You skipped out on HKEY_CLASSES_ROOT, which as defined BY MICROSOFT can effect ALL USERS on the local machine.

          Yes, some of us DO know what we are talking about and won’t be hazed by your overly general BS.

          It isn’t a lack of understanding it is a FACT OF HOW THE REGISTRY WORKS. Don’t try to BS that the registry is pure as the driven snow and can only be accessed by ‘privileged’ users. If that was the case malware wouldn’t exist in Windows world.

          Windows does not properly separate user and kernel space (or user and user space for that matter). It has issues that are FAR deeper than the registry, but that is a good start.

        • #3118878

          Hmmm.

          by ungle ·

          In reply to *sigh* Again????

          OK, very nice.

          Now tell me the permissions that should be granted to each key, and why the previous statement about users having a free for all on the registry was wrong…

        • #3118249

          I guess you just don’t have an argument.

          by apotheon ·

          In reply to Hmmm.

          When in doubt, fall back on asking obscure questions that lead off the topic at hand so that hopefully people will stop arguing against you where they’re on solid ground. Confuse the topic. Great tactic.

          Your previous comment about how application developers are at fault for not understanding how Windows works is just precious. Really. Think about the ramifications of that concept for a moment.

          You’re talking about basically saying “Well, the registry is difficult to use the way it was intended, there’s no clear guidance on how to use it so that everything always works, it’s fragile enough that idiots that don’t know what they’re doing can screw it up, and it provides a simple, centralized interface for any old security cracking malware developer to screw with system settings in some very frightening ways. Obviously, it’s the developers’ collective fault. Blame them.”

          . . . and if you think there’s any kind of worthwhile privilege separation and protection in the registry, you just aren’t paying attention. It is, in fact, you who fails to understand Windows, and/or what privilege separation means.

          Before you start telling me that I don’t understand the registry, by the way, it might help to know that I made my living for a couple years registry hacking from the command line to recover systems so screwed up that was the only way to “fix” them enough to recover persistent application state. Don’t assume that just because some of us use Linux more than Windows at present we don’t know anything about Windows. It was, in fact, my increasing and more in-depth knowledge of Windows that drove me into the arms of other OSes in the first place.

        • #3117728

          What?

          by jmgarvin ·

          In reply to Hmmm.

          Ok, your inital post was that people “don’t understand the registry.”

          Ok, I showed you that not only do I understand it, but WHY it is insecure…

          Now you are throwing in strawmen…So what doesn’t make sense in my post? What SPECIFIC question(s) do you have about having access to the registry that users shouldn’t have?

        • #3117617

          For your benefit

          by ungle ·

          In reply to Hmmm.

          jmgarvin, I will not BS you.

          As you mentioned, HKEY_CLASSES_ROOT is a view combining local machine settings and current user settings. Some entries are contained in HKEY_CURRENT_USER\Software\Classes and override the entries that which are help in HKEY_LOCAL_MACHINE, which contains the default settings. This, obviously, does not affect other users. Well designed separation. It means I can, for example, change file associations for user x while user y remains unaffected. Current user settings are owned by the user, and as such they have the power to change them. Don’t like the settings you’ve got? Delete them (from current_user) with no risk to the machine, and restore the defaults.

          HKEY_LOCAL_MACHINE contains the defaults, and is accessible by power users and above. There’s a good reason for this – it affects everyone. If one was so foolish as to give regular user accounts power user rights they could indeed affect all on the machine, but of course we’d never do that, would we? By default, members of the local users group has read only access to the defaults. Seriously, I will not BS you. If you were to talk about 16 bit Windows (95/98) there is serious problems with the registry. I do not consider these applications to be os’s and I’m sure you’d agree. They were and are crap.

          Now, let’s talk priviledge separation, Mr. Apotheon.

          In Windows registry, I can set a security descriptor for each and every registry entry. Comparable to *nix, that would be like controlling access each separate line in your config files. *nix has terrible priviledge separation (that was obviously a joke – not a very good one)

          I have not, and do not, claim that the registry is difficult to understand and/or use properly. Rather I suggest developers are lazy. My living is made teaching these developers the right way to program a Windows machine. Where they can and where they cannot write registry values, for example. What will and what will not require a user to have elevated priviledge, and how to overcome the necessity.

          The registry has flaws, but I believe it’s a good system overall (the biggest being there’s no easy way to compress it!). It’s an in-memory database I can use to store application configuration data, meaning access to it is FAST. All you have to do is spend a bit of time on the MS website finding out where is appropriate for your values!

          As for users destroying machines throught the registry…you’ve got me on that one. If you are using NT based OS (and heaven help you if you are not) then the ONLY thing a user can do (and by user I mean someone with user piviledges only) is to screw up his own environment. If he screws it up, log him off and delete his profile. See the description about merged views for CLASSES_ROOT.

          The ONLY time I’ve had a problem with the registry is when one of the guys who worked for me wrote a script he ran under admin credentials, and wrote a blank environment value to the session manager during an installation. This rendered the machine unbootable, but was easy to fix – but it requires an above user-level knowledge of Windows. He was nearly fired for that stunt.

          If he had followed my instructions and installed his application with MSI, it would not have happened. Msi will not allow you to do that.

          If either of you have SPECIFIC questions about the registry, I’d be happy to answer them. This is what I STILL do for a living. 3 years ago the company I was with did a study on TCO/ROI between Windows and Redhat for certain jobs within our environment. Windows was cheaper to buy, cheaper to get support for and cheaper to manage FOR THOSE TASKS. There were no advantages that made the extra cost of Redhat FOR THOSE TASKS justifiable. I made the decision to stay with MS…for now. I review that decision regularly for each task I manage.

        • #3119407

          Condensending much?

          by jmgarvin ·

          In reply to Hmmm.

          I’d post my points now, but I don’t have the time. Needless to day:

          A) There is no clear seperation of user and kernel space in Windows. This is a huge issue that must be fixed before much more can be done.

          B) If the registry worked as you described, than we wouldn’t have malware issues. The biggest gripe I have is the mudging together of user “stuff.” HKEY_USER is still a superset of HKEY_LOCAL_USER…this is problematic because we can have global keys for users that shouldn’t be…tyically LOCAL_USER is limited in scope and USER contains the values (even those it shouldn’t) for even LOCAL_USER in many cases.

          C) Permissions and privelege seperation ARE an issue. It is too easy to get admin privs and too easy to just step past any barriers in your way.

          D) Code can do things that it shouldn’t be able to do. I can execute as admin without even being admin or asking, pretty silly if you ask me. I can write values to the registry (esp with things like .Net) and create special environments outside the scope of my user.

          E) Power user isn’t the problem. THERE IS NO SECURITY.

        • #3119394

          for the benefit of anyone that might believe what you’re shoveling

          by apotheon ·

          In reply to Hmmm.

          “[i]In Windows registry, I can set a security descriptor for each and every registry entry.[/i]”
          That’s not privilege separation. Go back to school. Privilege separation is keeping users from invading each others’ privilege space. What you describe is privilege definitions, which are not separated worth a damn since privilege escalation is such an absurdly easy thing to do. This ties into the point jmgarvin brings up (repeatedly, though you don’t seem to be paying attention) regarding kernel and user space, among other things.

          “[i]Comparable to *nix, that would be like controlling access each separate line in your config files.[/i]”
          You really need to start paying more attention. Perhaps you’ve heard of SELinux, TrustedBSD, SEBSD, PitBull LX, LIDS, Trusted Solaris, basic Solaris zones and containers functionality, and similar kernel-level security tools in the various unices. You want fine-grained security control? Windows isn’t the place to find it.

          “[i]I have not, and do not, claim that the registry is difficult to understand and/or use properly. Rather I suggest developers are lazy.[/i]”
          No, you said that the developers don’t (or won’t) understand the registry and use it properly. Of course, if it’s that big a problem trying to use it properly, that most developers just say “screw it”, I’d say that’s a huge problem with the registry. Good design encourages proper utilization, and protects against improper utilization. Something as fragile as the registry-based system, wherein the entire friggin’ system comes crashing down around your ears because some idiot developer didn’t spend the extra month learning about the registry keys he’d have to use, is a huge issue that needs to be addressed.

          “[i]It’s an in-memory database[/i]”
          There’s another problem, by the way, that creates a great number of following problems.

          You’ll never see configuration corruption causing problems for the whole system in unices. You’ll never see a need to reboot the entire friggin’ computer to take advantage of a configuration change in unices. You’ll never see a large memory footprint on systemwide configuration. You’ll never see a lot of problems that the RAM-based flatfile database (which is exactly what it becomes the moment all those configuration values are loaded) of the Windows Registry causes when you’re dealing with a unix system. I suppose you’ve never heard of orthogonality of design, though.

          “[i]access to it is FAST[/i]”
          Sure, if you need access to [b]the whole thing all at once all the time[/b], and as long as you assume you’ll never need access to the persistent configuration data while the machine’s running. It’s fast only for specific purposes, and those purposes are for the most part useless in a well-designed system where you’re not trying to integrate the operation of every single process with that of every other simultaneously. With that sort of lack of modularity, it’s no wonder Windows is a house of cards in a storm.

          “[i]the ONLY thing a user can do (and by user I mean someone with user piviledges only) is to screw up his own environment.[/i]”
          I guess you haven’t noticed the absurd requirements for administrative privileges to perform common, everyday tasks.

          “[i]Windows and Redhat[/i]”
          Great. Price is one of the reasons I don’t use RHEL when it’s not necessary — and so far, when it is, Fedora has sufficed.

        • #3119350

          OK.

          by ungle ·

          In reply to Hmmm.

          jmgarvin, if I came across condescending, I apologise. I trap myself in that which I hate.

          I would be interested in discussing/questioning your points:

          a) I’ve heard this before, but no one can actually demonstrate it. There are some good discussions on the Microsoft website around this topic. Having said that, I can’t put my finger on one at present! It does exist in the modern Windows environment. Again, I do not include Win 95/98/ME in my discussion! That said, it is different from *nix, but hey, change is not bad in and of itself!

          b) Im not sure what you’re saying here. Yes, HKEY_CURRENT_USER\Software\Classes does contain entries that belong to HKEY_LOCAL_MACHINE\Software\Classes – the local user’s instance of those settings. Any changes made here do not affect other users or the global settings of the machine. I’m not sure I understand your complaint – how this could directly create malware vunerabilities? The biggest vunerability sits in front of the keyboard.

          Case in point: My wife is one of the most technologically impared people I know (sob), but LOVES to web surf. So I locked her machine down tight. She has never been infected by virus/malware/spyware/etc. That’s not an accident, believe me 🙂

          c) You keep repeating that. Do you have an example? Maybe I can help you lock down your system to prevent it. Aside from bugs (yes, they are plentiful) I have never seen unintentional priviledge elevation. I would very much like to see an example.

          d) Again, I’d love to see an example of this. Only thing I can think of is that MSI allows priviledge escalation during install – but you have to deliberately enable that, by default it’s not enabled. I’ve done a lot of .NET development (C# is my current language of choice), I know of no way the .NET assists you in sidestepping security, but I’d be interested in hearing about it. Actually, I’d say that non-managed laguages ar a far bigger threat

          e) OK, you’re p*ssed. You’re exagerating, obviously. If there was no security virus writers wouldn’t need to find buffer overrun vunerabilities… In a previous life part of my job was to lock down standard builds for an international investment bank – they take security seriously. Yes, we had a couple of virus breaks, but our security was never compromised. There were two reasons: A really good firewall team, and a tight build of the desktop OS.

          Please, let’s call a truce. I am interested in your opinions and I’d like to review some of them. I’ve noticed on this forum (I am not including you here) people making sweeping statements born of ignorance with no foundation – for example “How come windows virus scanners don’t start untill you log on?” – and these I have no interest in. I AM interested in genuine issues/complaints against Windows. Yes I do have a couple myself. You might be interested to know I started this discussion looking for ideas for a new adminstration product I am designing.

          apotheon…as I sit in front of a Fedora machine in my test lab writing this response on Mozilla, it would seem to me this is a religeous war for you. Please read between the lines in my response, you seem like a smart fellow I don’t expect to have to spell everything out. As before, if you have specific points you want addressing, please ask. Otherwise, good bye. Yes, this comment is condescending. A measured level to be comparable to your response.

        • #3119234

          irrelevant responses

          by apotheon ·

          In reply to Hmmm.

          Nice how you ignore specific points and, in return, demand specific questions. Have fun with that.

      • #3118976

        You’ll take your locked windows

        by tony hopkinson ·

        In reply to Admin, not the OS

        systems over an unlocked ‘nix one.
        Well yes, and the point is ?

Viewing 31 reply threads