By Paul Ferris
This is a rebuttal “opinion” in response to an article
in The Business Times
(Singapore) by Microsoft desktop product manager, Danny
Ong.
The article is chock full of half-truths, bait and switch
techniques, and references to outdated benchmark data that was
proven unreliable at the time it was published (over a year and
half ago). As a Linux community member, I simply can’t let it slide
by without exposing most of it to the light of day.
It’s another shining example of Microsoft marketing in action.
Read on.
Many people want it to be a robust, scalable and cost-effective
enterprise operating system (OS) that doesn’t come from a big
proprietary supplier. I believe Linux will have problems living up
to its hype.
Gee Danny, that’s a pretty good description of Linux you’ve
provided there. It’s right on the money, actually. By the way —
since Linux doesn’t have a PR department, I wonder where this idea
comes from that it’s getting “hyped”? There are some operating
systems that aren’t living up to their “hype,” and maybe this
motivates you to start with that assumption.
As for many people “wanting” it to be what it is — you and I
both know it’s more like many people “know” or “claim” it’s what it
is. That’s because a lot of the “hype” is actually grass-roots
support. It’s generated by people actually using the
product.
Conversely, I wonder what operating system is not gaining the
market share that Microsoft hoped it would? I wonder what bad
experiences by customers might be fueling such dissatisfaction to
fuel your so-called “want” of a better thing?
Couldn’t be Windows 2000, now could it? Let’s take a quote out
of context from your own Steve Ballmer (current CEO of Microsoft):
“Windows 2000
… could be doing better”. I hope you don’t mind me using your
marketing techniques like this — it’s hard to resist.
in May 1999 that Microsoft was unreliable “but Linux is worse. In a
non-PC environment, it just won’t hold up. If you’re using it on a
single box, that’s one thing. But if you want to use Linux in
firewalls, gateways, embedded systems and so on, it has a long way
to go”.
Great! you’re tapping into one of the original creators of Unix
for sound-bytes against Linux. It’s odd that you leave out one of
the main things going on in the interview — praise for Thompson’s
design skills and something Microsoft doesn’t support and has for
the most part, spent the last couple of decades fighting: Unix.
I have a lot of respect for Thompson, but his comments about
Linux are simply wrong, and that’s that. A lot of people in the
Linux community have the
same opinion as well — Linux’s stability is far above most of
the Microsoft operating system products in use today.
I also find it quite damning that the only quote you can find
that’s bad about Linux in any kind of credible context includes the
following as a precedence: “Microsoft is
really unreliable …”
that Win NT Server 4.0 was 2.7 times faster than Linux/Samba on a
four-processor file server for Win 95 clients and 1.9 times faster
for Win NT clients; Win NT Server 4.0 was 2.2 times faster than
Linux/Apache as a web-server on a four-processor system and 1.4
times faster on a one-processor system. “Linux performance does not
scale well between one and four-processor systems for file or web
servers,” the report said.
Oh gee, not Mindcraft! You’re not going to quote a
study, paid for by Microsoft, on
Microsoft hardware, no less, as if it’s independent
are you? This report is ancient, and has practically equated
“Mindcraft” with the words “Suspect Results.” Oh, wait, they likely
have just a tad more credibility than Microsoft’s marketing
department.
It all makes sense now!
Danny, I
predicted this years ago. Your employer, Microsoft had to run
benchmarks back then while Windows NT was even in the running
against Linux. I predicted that you would quote from these
benchmarks for a long time coming. Why? Because Windows 2000 would
turn out to be a real porker in the speed department.
I can’t help but notice the primary benchmark being cited here
in this document is one of Windows NT against unoptimized Linux
(over a year ago). I’d hope you might be able to come up with
something just a bit more relevant. Why aren’t you
including some Almanac data from say, 1776, or possibly a quote
like “Man will never be able to fly!”.
I wonder why you didn’t quote from
this report instead? Now there’s a relevant comparison between
Windows 2000 and Linux. It clearly shows Linux beating the pants
off of Windows 2000 in the web serving arena.
Unix-like OS. Unix relies on 30-year-old OS architecture designed
for the technology of the day. Linux was not designed from the
ground up to support SMP (symmetrical multiprocessing), GUI
(graphical user interfaces), asynchronous I/O, fine-grained
security model, or many other key characteristics of a modern OS.
These are fundamental barriers to cost-effectively deploying
scalable, secure, and robust applications.
Gee Danny, do the words “Bait and Switch” apply here! First you
want to say “Linux isn’t as good as Unix!”. Then you begin to talk
about how BAD Unix is. It’s 30 year old technology! Wait
— if Linux is Unix, then why is Ken Thomson bashing all over it in
your quote above? Then you go on with some of the most confusing
sound-bytes of FUD that
I’ve seen in quite a while.
For the record, Linux was began in 1991, not 1968. That trivial
thing, accuracy, what does it matter? Hey, you’re only off by a
decade or two… Not bad eh?
Whether or not Linux was “designed from the ground up to support
SMP, GUI’s and other intricacies — it’s doing them fine
now. Let me pull a similar bait and switch on you.
Windows 98/95 — Microsoft top selling operating system wasn’t
“designed from the ground up” with any of those features either. As
a matter of fact, it still has DOS lurking like an old troll, under
the hood.
Windows 95/98 doesn’t even support SMP to this day!
Microsoft’s top selling OS doesn’t support SMP at all! FUD FUD FUD!
There, ya happy?!
OK, so you get the picture (this is meant to be funny, so bear
with me). Windows 2000/NT — these products may have been designed
with SMP and GUI’s in mind, but a fairly healthy argument exists
that they’re not exactly the best solutions to Enterprise class
problems. That argument (one based upon market share) goes with
Unix.
Windows 2000’s reliability has yet to be totally proven, but the
word is that yes, it’s more reliable than Windows NT. I suspect
that a poke in the eye with a sharp stick is more reliable than
getting pounded with a sledgehammer as well. The point may not be
very obvious, so I’ll spell it out: Why haven’t you bothered to
compare Windows 2000’s reliability to Linux at all here? Isn’t
that what you’re supposed to be comparing — Microsoft’s current
offerings against current Linux products?
The word is also that Windows 2000 is much slower and requires a
lot more hardware than Windows NT. What does that have to do with
Linux at all? Nothing!. Talk about Linux and Windows 2000.
I haven’t a clue just how much less reliable Windows 2000 is than
Linux — I’ll freely admit it too.
But one thing I can talk about — Linux continues to improve and
still runs well on hardware that would be basically unusable with
Windows 2000 and Windows NT.
in BizIT on Sept 25, page 6), the writer highlighted security and
said Linux was “designed from the ground up as a networking system,
with in-built multiuser security”. In fact, Linux uses the same
security model as the original Unix implementation, which was not
designed “from the ground up” to be secure.
Linux provides access controls to files and directories
only, and does not support key security accreditation standards.
Configuring Linux security requires an administrator to be an
expert in the intricacies of the OS and on how the different
components interact. Misconfigure any part, and the system could be
vulnerable to attack.
The lack of a centralised location or service for reporting
and getting fixes compounds the problem. The result: Linux
administrators could spend a lot of time getting to grips with
Linux bugs and determining what to do about them.
Windows 2000, on the other hand, uses the industry-standard,
tested and trusted Kerberos authentication protocol. Win 2000 also
makes it easy for administrators to configure their systems and has
policy-based security features that lets them control their
environment more efficiently.
Danny, you want to argue that Windows products are designed to
be secure?! Only for the past few months has there even been
one C2 accreditation for Windows NT (in Europe) that
included networking! That’s right folks — that C2 rating
you’ve been trusting in your Windows NT documentation for years has
been about computers not connected to any
network. It’s also applies only to special hardware and only
certain versions with certain “service packs” — and extra software
loaded to boot.
Danny, you speak about Windows 2000 and Windows NT as if they
were one in the same — you’re not mentioning security
accreditations for Windows 2000 at all. You’re not
mentioning that Windows 2000 is not the same product as Windows NT.
You’re not mentioning the millions of lines of source code in
Windows 2000 that haven’t got the security credentials being touted
here (for NT).
As for “industry standard” Kerberos, all I can say is “Don’t
inhale!” Windows 2000 uses a
butchered nonstandard version of the “industry-standard” that,
guess what? Doesn’t work with anything but another Windows 2000
box. Some standard. Pray that Microsoft never makes
“industry-standard” roads — we’ll all have to run out and buy new
“industry-standard” Microsoft cars to run on them.
Finally, I have to take a few seconds to rant on the idea that
security experts are not needed in today’s Internet connected
world. No matter what you purchase, whether it be a Microsoft
product or not — this is a problem. Businesses need
people to evaluate their security.
Trusting any canned solution today, Microsoft or
otherwise, is akin to putting valuable company data out on the web
on an anonymous FTP site for easy download.
The idea that businesses can trust the “no-brainer” tools that
Microsoft provides over any expert configuration is insane. Hackers
use “well-known” default configuration problems to gain entry to
systems — Microsoft or otherwise. Security is never something
that’s done. It’s a constant struggle to ensure that a system is
secure, no matter who provides it.
On top of all of that, security holes need to be patched quickly
— not in days — people need them in hours. The open source
community tends to provide
these patches much faster than Microsoft.
Add to this fact that Microsoft
has on occasion simply refused to fix serious security holes in
their products. With Linux, this doesn’t happen, and the
affected users have the source code on top of it all. This puts the
control in the hands of the person looking for the security holes,
and the people that care to fix them. Microsoft has even been
criticized by the Gartner Group recently for not having the
motivation that it should to fix serious security problems.
number of companies — including SuSe, RedHat, and Caldera — that
provide Linux support”. RedHat has a more cautious view of its own
support capabilities. “We may not be able to effectively assemble
and test our software because it consists largely of code developed
by independent third parties over whom we exercise no control,
which could result in unreliable products and damage to our
reputation,” says RedHat’s Nov 1999 quarterly SEC Form 10-Q.
“Included within the 546 MB of code are over 700 distinct
software components developed by thousands of individual
programmers which we must assemble and test before we can release a
new version of Red Hat Linux. Although we attempt to assemble only
the best available components, we cannot be sure that we will be
able to identify the highest quality and most reliable components,
or to successfully assemble and test them. In addition, if these
components were no longer available, we would have to develop them
ourselves, which would significantly increase our development
expenses.”
Gee Danny, reading RedHat’s SEC filing for damaging FUD is a
pretty desperate attempt at marketing, even for Microsoft. The SEC
filing has to include all of the things that could go
wrong for RedHat. It might include being hit by a meteor as
well, for all I care. (Note to Bob Young — did you include Raleigh
being hit by stray space rocks in your SEC filing?!? No? Bad, Bad
Bob!)
On top of it all, I have to laugh, because the quality for
RedHat Linux (and all the other major Linux distributors as well)
is hands down far above your own products. Microsoft’s own Windows
2000 when it shipped this year had
something like 63,000 bugs in it.
Windows 2000 — What a poster child for bad support and shoddy
quality.
So Danny, what’s Microsoft’s excuse then? RedHat doesn’t even
make most of the code for the products they are selling and the
quality is higher. Why, when Microsoft’s got it all in-house — and
that’s supposed to be an advantage — does the company ship a
product like Windows 2000 with thousands of bugs in it? The answer
is obvious: The open source development model works much better
than the one Microsoft is using.
Jan 1 this year, Nasdaq has been running on it with 99.999 per cent
uptime. In SpecWeb 99 and SpecWeb 96 testing, Win 2000 outperformed
an Intel-based system running Sun’s Solaris OS.
Is Win 2000 scalable? MSNBC supports an average 1.4 million
users per day, and peaks at 2.5 million daily on Win 2000. Servers
at Buy.com Inc can now handle 800 concurrent connections, after
they upgraded to Win 2000.
Why in a document about Linux, are you quoting benchmark
statistics regarding Solaris — a totally different
operating system altogether? Could it be that you don’t want your
readers to know
the truth about Linux’s performance and scalability against Windows
2000 in the web serving arena?
five of the top five spots in the latest TPC-C (Transaction
Processing Performance Council’s benchmark performance rankings).
Is it secure? Microsoft supplied Win 2000 source code to more than
80 universities, labs and government agencies, which have
thoroughly tested it and provided feedback to Microsoft. It has a
dedicated team to advise and respond urgently to any security
issues.
I hope that “dedicated team” is really, really good. If you’re
into the belief than you should share your code with security
experts in order to find the bugs, then you should be behind the
Linux philosophy all the way. And why only 80 security experts? Why
not thousands of them — people who have a vested stake in that
security? That’s the crew behind Linux and other open source
operating systems.
reliable OS which comes with a free source-code. However, if you’re
serious about your business, it is best to pay hard dollars for
your corporate peace of mind.
Well, the truth of the matter is that Linux really is a “robust,
reliable OS” which does in fact come with the source code. People
looking for truly reliable, scalable solutions today should trust
the community that knows the score — that would be the Linux
community. We’re not known for pushing half-baked marketing garbage
like this, that’s for sure.
Linux has the highest share of Internet web servers for a
reason: It’s all the things that it seems to be — and more.
You’ll find some of your favorite web sites are powered by it
(this one is). It makes a great
file server too — with no client access license fees. It works
reliably and scales nicely. All that, and it’s based upon proven
reliable technology, not millions of lines of buggy source code
that your customers won’t ever have a chance to see.
So my bottom line to future operating system customers is this:
Give Linux a whirl. It’s fast, reliable, securable, inexpensive —
and it’s based upon truly open standards that don’t lock you into
bad solutions in other important areas. It’s not got any “hype” at
all (there’s no time or money for it, trust me).
Linux: Because it’s everything Microsoft doesn’t want you to
know it is — and more.
Paul Ferris is the
Director of Technology for the Linux and Open Source
Channel at internet.com, and
has been covering Linux and Open Source news for over 2 years. He
is an editor for Linux Today
and a contributing author on Linux
Planet.