Linux Today: Linux News On Internet Time.

Rant Mode Equals One: Can Microsoft's Hype Machine Live up to Linux's Realities?

Oct 07, 2000, 14:20 (38 Talkback[s])
(Other stories by Paul Ferris)

By Paul Ferris

This is a rebuttal "opinion" in response to an article in The Business Times (Singapore) by Microsoft desktop product manager, Danny Ong.

The article is chock full of half-truths, bait and switch techniques, and references to outdated benchmark data that was proven unreliable at the time it was published (over a year and half ago). As a Linux community member, I simply can't let it slide by without exposing most of it to the light of day.

It's another shining example of Microsoft marketing in action. Read on.

LINUX is getting a lot of attention lately. Many people want it to be a robust, scalable and cost-effective enterprise operating system (OS) that doesn't come from a big proprietary supplier. I believe Linux will have problems living up to its hype.

Gee Danny, that's a pretty good description of Linux you've provided there. It's right on the money, actually. By the way -- since Linux doesn't have a PR department, I wonder where this idea comes from that it's getting "hyped"? There are some operating systems that aren't living up to their "hype," and maybe this motivates you to start with that assumption.

As for many people "wanting" it to be what it is -- you and I both know it's more like many people "know" or "claim" it's what it is. That's because a lot of the "hype" is actually grass-roots support. It's generated by people actually using the product.

Conversely, I wonder what operating system is not gaining the market share that Microsoft hoped it would? I wonder what bad experiences by customers might be fueling such dissatisfaction to fuel your so-called "want" of a better thing?

Couldn't be Windows 2000, now could it? Let's take a quote out of context from your own Steve Ballmer (current CEO of Microsoft): "Windows 2000 ... could be doing better". I hope you don't mind me using your marketing techniques like this -- it's hard to resist.

Co-creator of the Unix OS, Ken Thompson, said in May 1999 that Microsoft was unreliable "but Linux is worse. In a non-PC environment, it just won't hold up. If you're using it on a single box, that's one thing. But if you want to use Linux in firewalls, gateways, embedded systems and so on, it has a long way to go".

Great! you're tapping into one of the original creators of Unix for sound-bytes against Linux. It's odd that you leave out one of the main things going on in the interview -- praise for Thompson's design skills and something Microsoft doesn't support and has for the most part, spent the last couple of decades fighting: Unix.

I have a lot of respect for Thompson, but his comments about Linux are simply wrong, and that's that. A lot of people in the Linux community have the same opinion as well -- Linux's stability is far above most of the Microsoft operating system products in use today.

I also find it quite damning that the only quote you can find that's bad about Linux in any kind of credible context includes the following as a precedence: "Microsoft is really unreliable ..."

Another paper, The Mindcraft Report, stated that Win NT Server 4.0 was 2.7 times faster than Linux/Samba on a four-processor file server for Win 95 clients and 1.9 times faster for Win NT clients; Win NT Server 4.0 was 2.2 times faster than Linux/Apache as a web-server on a four-processor system and 1.4 times faster on a one-processor system. "Linux performance does not scale well between one and four-processor systems for file or web servers," the report said.

Oh gee, not Mindcraft! You're not going to quote a study, paid for by Microsoft, on Microsoft hardware, no less, as if it's independent are you? This report is ancient, and has practically equated "Mindcraft" with the words "Suspect Results." Oh, wait, they likely have just a tad more credibility than Microsoft's marketing department.

It all makes sense now!

Danny, I predicted this years ago. Your employer, Microsoft had to run benchmarks back then while Windows NT was even in the running against Linux. I predicted that you would quote from these benchmarks for a long time coming. Why? Because Windows 2000 would turn out to be a real porker in the speed department.

I can't help but notice the primary benchmark being cited here in this document is one of Windows NT against unoptimized Linux (over a year ago). I'd hope you might be able to come up with something just a bit more relevant. Why aren't you including some Almanac data from say, 1776, or possibly a quote like "Man will never be able to fly!".

I wonder why you didn't quote from this report instead? Now there's a relevant comparison between Windows 2000 and Linux. It clearly shows Linux beating the pants off of Windows 2000 in the web serving arena.

An often-touted benefit is that Linux is a Unix-like OS. Unix relies on 30-year-old OS architecture designed for the technology of the day. Linux was not designed from the ground up to support SMP (symmetrical multiprocessing), GUI (graphical user interfaces), asynchronous I/O, fine-grained security model, or many other key characteristics of a modern OS. These are fundamental barriers to cost-effectively deploying scalable, secure, and robust applications.

Gee Danny, do the words "Bait and Switch" apply here! First you want to say "Linux isn't as good as Unix!". Then you begin to talk about how BAD Unix is. It's 30 year old technology! Wait -- if Linux is Unix, then why is Ken Thomson bashing all over it in your quote above? Then you go on with some of the most confusing sound-bytes of FUD that I've seen in quite a while.

For the record, Linux was began in 1991, not 1968. That trivial thing, accuracy, what does it matter? Hey, you're only off by a decade or two... Not bad eh?

Whether or not Linux was "designed from the ground up to support SMP, GUI's and other intricacies -- it's doing them fine now. Let me pull a similar bait and switch on you. Windows 98/95 -- Microsoft top selling operating system wasn't "designed from the ground up" with any of those features either. As a matter of fact, it still has DOS lurking like an old troll, under the hood.

Windows 95/98 doesn't even support SMP to this day! Microsoft's top selling OS doesn't support SMP at all! FUD FUD FUD! There, ya happy?!

OK, so you get the picture (this is meant to be funny, so bear with me). Windows 2000/NT -- these products may have been designed with SMP and GUI's in mind, but a fairly healthy argument exists that they're not exactly the best solutions to Enterprise class problems. That argument (one based upon market share) goes with Unix.

Windows 2000's reliability has yet to be totally proven, but the word is that yes, it's more reliable than Windows NT. I suspect that a poke in the eye with a sharp stick is more reliable than getting pounded with a sledgehammer as well. The point may not be very obvious, so I'll spell it out: Why haven't you bothered to compare Windows 2000's reliability to Linux at all here? Isn't that what you're supposed to be comparing -- Microsoft's current offerings against current Linux products?

The word is also that Windows 2000 is much slower and requires a lot more hardware than Windows NT. What does that have to do with Linux at all? Nothing!. Talk about Linux and Windows 2000. I haven't a clue just how much less reliable Windows 2000 is than Linux -- I'll freely admit it too.

But one thing I can talk about -- Linux continues to improve and still runs well on hardware that would be basically unusable with Windows 2000 and Windows NT.

In last week's SayIT ('Can you rely on Linux?' in BizIT on Sept 25, page 6), the writer highlighted security and said Linux was "designed from the ground up as a networking system, with in-built multiuser security". In fact, Linux uses the same security model as the original Unix implementation, which was not designed "from the ground up" to be secure.

Linux provides access controls to files and directories only, and does not support key security accreditation standards. Configuring Linux security requires an administrator to be an expert in the intricacies of the OS and on how the different components interact. Misconfigure any part, and the system could be vulnerable to attack.

The lack of a centralised location or service for reporting and getting fixes compounds the problem. The result: Linux administrators could spend a lot of time getting to grips with Linux bugs and determining what to do about them.

Windows 2000, on the other hand, uses the industry-standard, tested and trusted Kerberos authentication protocol. Win 2000 also makes it easy for administrators to configure their systems and has policy-based security features that lets them control their environment more efficiently.

Danny, you want to argue that Windows products are designed to be secure?! Only for the past few months has there even been one C2 accreditation for Windows NT (in Europe) that included networking! That's right folks -- that C2 rating you've been trusting in your Windows NT documentation for years has been about computers not connected to any network. It's also applies only to special hardware and only certain versions with certain "service packs" -- and extra software loaded to boot.

Danny, you speak about Windows 2000 and Windows NT as if they were one in the same -- you're not mentioning security accreditations for Windows 2000 at all. You're not mentioning that Windows 2000 is not the same product as Windows NT. You're not mentioning the millions of lines of source code in Windows 2000 that haven't got the security credentials being touted here (for NT).

As for "industry standard" Kerberos, all I can say is "Don't inhale!" Windows 2000 uses a butchered nonstandard version of the "industry-standard" that, guess what? Doesn't work with anything but another Windows 2000 box. Some standard. Pray that Microsoft never makes "industry-standard" roads -- we'll all have to run out and buy new "industry-standard" Microsoft cars to run on them.

Finally, I have to take a few seconds to rant on the idea that security experts are not needed in today's Internet connected world. No matter what you purchase, whether it be a Microsoft product or not -- this is a problem. Businesses need people to evaluate their security.

Trusting any canned solution today, Microsoft or otherwise, is akin to putting valuable company data out on the web on an anonymous FTP site for easy download.

The idea that businesses can trust the "no-brainer" tools that Microsoft provides over any expert configuration is insane. Hackers use "well-known" default configuration problems to gain entry to systems -- Microsoft or otherwise. Security is never something that's done. It's a constant struggle to ensure that a system is secure, no matter who provides it.

On top of all of that, security holes need to be patched quickly -- not in days -- people need them in hours. The open source community tends to provide these patches much faster than Microsoft.

Add to this fact that Microsoft has on occasion simply refused to fix serious security holes in their products. With Linux, this doesn't happen, and the affected users have the source code on top of it all. This puts the control in the hands of the person looking for the security holes, and the people that care to fix them. Microsoft has even been criticized by the Gartner Group recently for not having the motivation that it should to fix serious security problems.

The other claim is that "there are a growing number of companies -- including SuSe, RedHat, and Caldera -- that provide Linux support". RedHat has a more cautious view of its own support capabilities. "We may not be able to effectively assemble and test our software because it consists largely of code developed by independent third parties over whom we exercise no control, which could result in unreliable products and damage to our reputation," says RedHat's Nov 1999 quarterly SEC Form 10-Q.

"Included within the 546 MB of code are over 700 distinct software components developed by thousands of individual programmers which we must assemble and test before we can release a new version of Red Hat Linux. Although we attempt to assemble only the best available components, we cannot be sure that we will be able to identify the highest quality and most reliable components, or to successfully assemble and test them. In addition, if these components were no longer available, we would have to develop them ourselves, which would significantly increase our development expenses."

Gee Danny, reading RedHat's SEC filing for damaging FUD is a pretty desperate attempt at marketing, even for Microsoft. The SEC filing has to include all of the things that could go wrong for RedHat. It might include being hit by a meteor as well, for all I care. (Note to Bob Young -- did you include Raleigh being hit by stray space rocks in your SEC filing?!? No? Bad, Bad Bob!)

On top of it all, I have to laugh, because the quality for RedHat Linux (and all the other major Linux distributors as well) is hands down far above your own products. Microsoft's own Windows 2000 when it shipped this year had something like 63,000 bugs in it.

Windows 2000 -- What a poster child for bad support and shoddy quality.

So Danny, what's Microsoft's excuse then? RedHat doesn't even make most of the code for the products they are selling and the quality is higher. Why, when Microsoft's got it all in-house -- and that's supposed to be an advantage -- does the company ship a product like Windows 2000 with thousands of bugs in it? The answer is obvious: The open source development model works much better than the one Microsoft is using.

On the other hand, is Win 2000 reliable? Since Jan 1 this year, Nasdaq has been running on it with 99.999 per cent uptime. In SpecWeb 99 and SpecWeb 96 testing, Win 2000 outperformed an Intel-based system running Sun's Solaris OS.

Is Win 2000 scalable? MSNBC supports an average 1.4 million users per day, and peaks at 2.5 million daily on Win 2000. Servers at Buy.com Inc can now handle 800 concurrent connections, after they upgraded to Win 2000.

Why in a document about Linux, are you quoting benchmark statistics regarding Solaris -- a totally different operating system altogether? Could it be that you don't want your readers to know the truth about Linux's performance and scalability against Windows 2000 in the web serving arena?

Is Win 2000 fast? Its installations occupy all five of the top five spots in the latest TPC-C (Transaction Processing Performance Council's benchmark performance rankings). Is it secure? Microsoft supplied Win 2000 source code to more than 80 universities, labs and government agencies, which have thoroughly tested it and provided feedback to Microsoft. It has a dedicated team to advise and respond urgently to any security issues.

I hope that "dedicated team" is really, really good. If you're into the belief than you should share your code with security experts in order to find the bugs, then you should be behind the Linux philosophy all the way. And why only 80 security experts? Why not thousands of them -- people who have a vested stake in that security? That's the crew behind Linux and other open source operating systems.

The bottom line: Linux may seem like a robust, reliable OS which comes with a free source-code. However, if you're serious about your business, it is best to pay hard dollars for your corporate peace of mind.

Well, the truth of the matter is that Linux really is a "robust, reliable OS" which does in fact come with the source code. People looking for truly reliable, scalable solutions today should trust the community that knows the score -- that would be the Linux community. We're not known for pushing half-baked marketing garbage like this, that's for sure.

Linux has the highest share of Internet web servers for a reason: It's all the things that it seems to be -- and more.

You'll find some of your favorite web sites are powered by it (this one is). It makes a great file server too -- with no client access license fees. It works reliably and scales nicely. All that, and it's based upon proven reliable technology, not millions of lines of buggy source code that your customers won't ever have a chance to see.

So my bottom line to future operating system customers is this: Give Linux a whirl. It's fast, reliable, securable, inexpensive -- and it's based upon truly open standards that don't lock you into bad solutions in other important areas. It's not got any "hype" at all (there's no time or money for it, trust me).

Linux: Because it's everything Microsoft doesn't want you to know it is -- and more.

Paul Ferris is the Director of Technology for the Linux and Open Source Channel at internet.com, and has been covering Linux and Open Source news for over 2 years. He is an editor for Linux Today and a contributing author on Linux Planet.

Related Stories: