General discussion

Locked

Windows vs Linux - Business

By rkuhn ·
Scenario - Time, money, some experience, ability to hire more experience if necessary, can get support or pay for it, more expensive/branded components, multiple servers like web, application, file, backup, email, etc, network (say maybe 100+ users), multiple network and local printers, remote locations.

Please address all aspects...AD like directory, file and print sharing, web and email, security, backup, end user support, database, etc.

Let's hear your thoughts.

This conversation is currently closed to new comments.

111 total posts (Page 1 of 12)   01 | 02 | 03 | 04 | 05   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Mostly a personal choice

by Deadly Ernest In reply to Windows vs Linux - Busine ...

I have been doing IT tech work at different levels since 1985, and went full time pro about 8 year ago. Much of the PC work has been MS Windows since it came out and use both Windows and Linux at home.

When I was first exposed to Linux, Red Hat 6, about 8 year ago it was as easier to load and use than DOS 6 and Windows 3.1, and tech support needs were at the same level as Win 3.1. In recent years I have had a lot more exposure to Linux as a server operating system and have found it to be far superior to Windows in server and gateway work. Linux for end user and desktop had lagged behind but has caught up now.

Yes there are many Linux versions and you need to examine what you want and choose the one best suited to your needs - kind of like a few years back with Windows XP Home - XP Pro - 2k Server - 2k Advanced Server - CE etc. You could use 2k Adv server for a desktop but it is not the best option and you could use XP Home for a file server but it is not the best option - same applies with the Linux varieties; although most Linux versions are closer to being universal than the Windows systems.

With MS Win Vista due out and the high end tech specs it appears to need I am seeing more and more people who do NOT want to go that way for their business software as they see that level of hardware and media support excessive for the business environment. Estimated cost of a Vista capable machine in Aust is expected to be several hundred dollars more than an equivalent Linux capable machine, add in the MS software and you start to look at a cost difference of a A$2K to A$3k per unit on the desk; an important point for small business. The problems come in regarding third party software running in Linux, which WINE and Crossover now resolve for most applications.

With this in mind I started looking at some of the latest Linux versions in light of non-tech end user ease of use. To that end I have found that Fedora Core 4 is easier to install than XP Pro and with WINE runs all the office applications I have and use. For gaming I just subscribe to Cedega and run the Windows based games within that - all I have tried work well (many better than in Windows).

Linux has a better record regarding the fixing of vulnerabilities than does Windows, and there are less holes in its security to begin with. It is not a perfect operating system but it is technically better and better coded than Windows.

IMHO Windows vs Linux is very much a personal choice or cost choice not a technical decision for the majority of people.

Collapse -

Games and 3rd party

by mmullinix1 In reply to Mostly a personal choice

In your one response you answered all the questions I had regarding my gaming, etc when I make the switch to Linux. Thank you so much. It may not be perfect, but I really want to try Linux.

Collapse -

more a religious debate

by The Ref In reply to Mostly a personal choice

I agree with your comments that it is a personal choice - I prefer the term "Religious debate". This does not mean it has anything to do with God, but that people have deeply rooted beliefs that will not be swayed by the opinion of others.

I do not believe that Linux has a better record of fixing vulnerabilities than Windows, just that Windows gets more visibility of the flaws - mainly due to the virus writers attacking it and reports in the media. I recently threw out an article that said that the time to fix a known security flaw in Windows was less than the time taken for Linux ? and that Linux suffers more successful attacks as a server.

There are a multitude of articles written that indicate that XXX is a better/ more stable/ easier / more secure OS than its rivals. Most people have an opinion on this subject and nearly all are biased.

The bottom line is that both are valid OS choices and that different people have different requirements that may be better suited by one OS over another.

Unfortunately I don?t believe it is possible to have a reasonable debate on this subject without peoples inherent biases coming out and wasting everyone?s time.

Collapse -

Thanks

by rkuhn In reply to more a religious debate

For the comments.

Very unbiased, very balanced.

We need more of that.

Collapse -

lies, damned lies, and statistics

by apotheon In reply to more a religious debate

Depending on how you report them, statistics can be made to say anything. All it takes is some careful omission of facts that don't support your conclusions, generally.

I have no way to verify average patch times for Linux and Windows in a truly objective and absolute fashion. I have seen a report that Windows patch times average less than Linux patch times, though. This report was prepared by a vendor of Windows-based security software, which raises the specter of a conflict of interest, of course. The statistical data also included only things covered by Windows Update for the Windows side of the equation, though, and included patch times for thousands of applications, many not included in default installs of most major distributions. In fact, many of the applications counted toward Linux patch times have Windows versions of the same software packages available. As such, it was largely an apples to oranges comparison, and easily discarded.

My personal experience leads me to believe that patch times are much, much shorter for Linux than for Windows, particularly for core components and critical vulnerabilities. The fastest-ever patch time for a Windows security flaw, for instance, was reported to be the recent WMF vulnerability, at less than ten days. The average for the Linux kernel is, as I recall, less than a week. While this doesn't include all of the core Linux operating system components, it certainly provides a very wide range of vulnerability patch response times to pick and choose the fastest turn-around in the case of the Windows patch, and it doesn't fare as well as one might have hoped. I have seen Linux security patches appear in a matter of a few hours, in some cases as few as two of them, by contrast to the Windows fastest of ten days.

I'm further skeptical of reports of Windows patch times, considering the clearly documented cases of Windows vulnerabilities taking eighteen months or more to fix, and in some cases being declared unworthy of patching entirely. I think it likely that anything that Microsoft has decided it will never patch isn't included in these statistics, because it's difficult to include "never" in an average of patch times.

Furthermore, one must wonder what is meant by "known security flaw". Since Microsoft has managed to strongarm security firms into refraining from reporting flaws to anyone but Microsoft until after a patch is released, that could simply mean that a flaw known to Microsoft that takes them eighteen months to patch will be reported as a zero-time patch because it was not known publicly. Meanwhile, Linux vulnerabilities, in the open source development communities, tend to get publicly reported immediately, and still end up patched before anyone gets around to exploiting them.

I'm highly skeptical of claims that Linux servers get successfully exploited more than Windows servers, and would require some documentation before giving them any credence. I've never seen any such reports, though I have seen some that indicate they are in fact attacked more often, regardless of success rate. Even if they are "successfully" exploited more often in terms of absolute numbers, however, it's possible that this is merely a statistical artifact of the greater number of Linux servers in certain implementations than Windows servers, where a lower percentage of successful attacks might involve such a huge number of servers that the absolute number of successful attacks might be higher. Even then, however, I'd be skeptical without some solid evidence, based simply on my knowledge of OS architecture and security practices. Another possible interpretation might involve measuring only certain types of security compromises.

Collapse -

Same Old Argument

by rkuhn In reply to lies, damned lies, and st ...

Windows users have been saying this for years and it was constantly discredited by Linux users.

Yet, now you choose to use it in your arsenal of arguments. Ironic indeed!

"Even if they are "successfully" exploited more often in terms of absolute numbers, however, it's possible that this is merely a statistical artifact of the greater number of Linux servers in certain implementations than Windows servers, where a lower percentage of successful attacks might involve such a huge number of servers that the absolute number of successful attacks might be higher."

Collapse -

um, no

by apotheon In reply to Same Old Argument

See, the problem is that while the absolute number of successful compromises of Windows systems is widely recognized as being greater in part because of the sheer number of Windows systems, the number of exploits is a percentage rate, not an absolute quantity. Thus, the exploitability per Windows system is still exponentially greater than for most other modern operating systems. This, in combination with the numbers factor, means that the absolute number of compromises is geometrically greater for Windows.

What Windows users have been using as arguments for years is the claim that the only reason there are more exploits is the greater number of Windows implementations in certain niches. While that's a valid explanation for more compromises, it's not valid for more exploits -- and, regardless of where there might be more compromises in certain niches for Linux systems, there are still not more exploits, anyway.

Collapse -

RE: Successful exploits of linux servers

by Jaqui In reply to lies, damned lies, and st ...

I remember someone making such a comment here on TR in a discussion.
I looked at the exploit they were saying was a linux server exploit.

It was not a linux server exploit.

It was a cross site scripting exploit, that affected any site running the scripts, no matter what os the webserver was running on.

it didn't damage anything but the website.
[ sql injection exploit ]

What is becoming more common is cross platform vulnerabitities based on cross site scripting errors, as a lot of website designers do not include site security other than basic authentication in a website. The most frequent reason cited for a vulnerability is a lack of sanitisation of user supplied input.

I've also seen an exploit in a php scripted website called a linux exploit. [ oddly, apache runs on windows, with mod_php, microsoft's iis can use php if you jump through the hoops to add it, making any php script exploit cross platform, not os specific. ]

There have been found recently exploits based on ruby and openssh.

Collapse -

OpenSSH?

by apotheon In reply to RE: Successful exploits o ...

Are you sure that wasn't OpenSSL? I thought there was an OpenSSL vulnerability discovered, not an OpenSSH vulnerability.

Collapse -

oops

by Jaqui In reply to OpenSSH?

it was openssl

but then, that leads to the question, was the exploit in a lib that openssh could be using also?

if so then the one patch would fix 2 apps.

Back to Linux Forum
111 total posts (Page 1 of 12)   01 | 02 | 03 | 04 | 05   Next

Related Discussions

Related Forums