http://download.microsoft.com/downlo...wsSecurity.pdf
something a bit interesting...
I don't want to comment or someone would acuse me of being part of some malicious end-of-the-world conspiration, like the people who made that article.
http://download.microsoft.com/downlo...wsSecurity.pdf
something a bit interesting...
I don't want to comment or someone would acuse me of being part of some malicious end-of-the-world conspiration, like the people who made that article.
The point here really isn't who gets the updates and security fixes faster, but who is better with handling the computer and OS itself.
And, yes, windoze can be more or less secure, but only if it's in hands of a knowing person. The real difference between linux and windoze is how customizable and low-level the security (and the OS in general) is. In win you must sweat to get any kind of log of what system is doing; in linux it's just some clicks (or commands) away. Because of this transparency linux is better off than windoze in the first place.
We see many companies that have chosen windoze as their primary OS. And that is really fine, but the problem is that they have (usually) no idea of how to maintain the security at a acceptable level. They get a person to come over and look at their system sometimes (often too rare), but otherwise are not really concerned about the security at all, as if the computers maintain themselves.
My school is a such institution. To crack anything is so easy that it should have been prohibited to use those computers at all. Practically anyone can view others' grades (which is in itself prohibited by law). Situation is the same for MANY online servers. If you want, you can get in really fast. (it is not always the OS security that matters, but anyway)
Also those who use windoze in their private homes are vulnarable. They are often not really good at computers (and that is why they in practice choose windoze), and therefore are not able to maintain a sufficient security level.
The same will probably apply to linux users. If you are not able to handle the system and do not know its "in-s and out-s", security may be at risc. Though you don't see many not professional linux users at all these days. Those who choose to change OS to linux are usually experienced people.
The OS requirements were Windows Vista Ultimate or better, so we used Linux.
Interesting. In Sweden the grades (and written exams) for every student are public domain.Originally Posted by MathFan
Last edited by Sang-drax : Tomorrow at 02:21 AM. Reason: Time travelling
Oh, we are "neighbours" then? Live in Norway...In Sweden the grades (and written exams) for every student are public domain.
Here it's much more strict. When writing an exam, you are given a specific Student ID nr, which should be kept secret and all that. When the results are published, only the ID and the grade are printed next to eachother, so that each student can find himself, but not any other person. (of course it's up to you if you want to give your ID to anyone else)
Even teachers are forbidden to look at the students' grades. So a geography teacher can't see what I got in mathematics and so on...
The OS requirements were Windows Vista Ultimate or better, so we used Linux.
You have to sweat to even install something in Linux.
Also, using your school as an example - If the administrators can't crack down on Windows security, what hope would they have with Linux? The only good thing about using linux is half of the kids wouldn't know anything about it to break anything.
What I'm saying is if a company has no idea how to secure something, it doesn't matter what they use. Sure, Linux might come more secure out of the box (although Windows 2003 Server is locked down very tightly, and Longhorn will be too), but for anyone to even be effective in installing it, they either
A) have to be a linux expert (and so could probably have configured Windows just as easily).
B) Will see something is blocked and unblock it to make it work, without realizing the consequences. Then the system becomes just as vulnerable.
You could lock your Datsun, or you could put an electric fence around your Bentley, but but if you give the keys to a monkey they're both as likely to get stolen.
I certainly haven't found that to be the case. I have Linux and air conditioning running in the same room, and they don't interfere with one another.
Yes.Is Linux More Secure Than Windows?
Away.
If you are a windoze user, yes.You have to sweat to even install something in Linux.
Why not look at it the other way? First of all, you have to be an expert to configure both properly. In my point of view, linux expert will be much better - as he/she can always switch to windoze without any difficulty (besides those difficulties that come supplied in large amounts with windoze itself); while a windoze expert won't switch to linux as easily.have to be a linux expert (and so could probably have configured Windows just as easily).
Why bother configuring, installing and paying a bunch of money for the expensive M$ software? Why not download something for free, configure it properly and get a much more stable, expandable and customizable system?
The OS requirements were Windows Vista Ultimate or better, so we used Linux.
You spelt Microsoft as M$. Theres really no point continuing.
Yes, and?You spelt Microsoft as M$
The OS requirements were Windows Vista Ultimate or better, so we used Linux.
And only a 14 year old would try to debate security by spelling a Microsoft as "M$" or referring to Windows as "Windoze". Either you're a young teenager, have never worked professionall or you're an academic. Given the spelling, I'll go with the 14 year old theory. But given the photo (edit: and age) in your profile, I'll guess academic.
Most apps are developed for the windows environment. It is easier for a company to use windows because of the availability of many program for that OS and the ease of use, they don't have to spend money training everyone how to use Linux.
>Most apps are developed for the windows environment.
Have you seen how many open source projects there are?
Something like this would be correct:
Most apps sold in stores are developed for the windows environment.
>they don't have to spend money training everyone how to use Linux.
No, you just hire people that know how to use it, just like their current job requirement is knowing windows... fire them, hire people with a job requirement of knowing linux, it's quite simple.
Hmm
I'm terrebly sorry if my spelling has irritated you so much. That was not intended; but let me tell you something. Yes, I'm a student and, yes, I'm trying to debate windows and linux security. If you don't like my arguments, you can comment on them and prove them wrong. But remember, both of us deserve to have a right to have our own opinions on different matters. My spelling in that case doesn't mean anything.
Yes, you are probably much more experienced both in programming and in computer technology in general, than me. You make it almost sound like just because of that I have nothing to say. That is not true; as long as we live in a democratic society, I do. Though, of course, I may not always be right, and in many cases I'm not. But I'm trying to learn, too. It is up to you to correct me and express your own opinion. I respect that, but, please then, also respect what I have to say.
Another thing is my view on Microsoft and their software. No, I don't like neither their general policy, nor the principals that they value most when producing software. In my point of view they focus too much on the commercial side. I don't need to repeat all the arguments in this debate. They have all been mentioned many times before on many forums, in many articles and on many occasions in the media. My spelling was ment to emphasize my attitude to Microsoft's activities. I now fully understand that you are provoked by it, and, again, I'm sorry, but it wasn't intended to do so.
In the end, let me be honest with you stovellp. Your avatar isn't really mature, either, is it?
The OS requirements were Windows Vista Ultimate or better, so we used Linux.
False. It is because of this democracy that you have the right to say things. It does not, however, guarantee that you have anything productive to say.
Away.
MathFan - touché with the avatar comment. You are quite correct though.
It is obvious that you have a dislike from Microsoft from what you said above and from the spelling. That spelling does irritate me because it is usually used by little kids who have no idea about anything. This is obviously not the case with you, which is also what dissapointed me about the spelling - it's really as immature as my avatar :P
To understand my reasons for not agreeing with you on Microsoft, you need to first understand your role as a programmer.
If you are looking to become a professional programmer some day, you will soon realise that there is no fantasy world where you are rewarded for creating the best software ever. No one will respect you or treat you like you're worth something just because you can write the fastest bubble sort or you invent a new type of data structure. The only people that might are other geeks, or fellow academics if you get a 60k grant to write some silly study.
As a programmer, your role is to help businesses. As much as you'll come to hate it, business drives technology, not the other way around. If you look back over the last thousand years, you'll realize that every major technology innovation took off and became popular because it helped businesses and/or the military. As great an invention as the car is, it wouldn't have meant anything if it didn't have any real world uses.
The same is true of businesses. Windows is popular because businesses like it, and open source isn't because businesses generally don't like it (for now at least). Yes, Linux has its roots in geeksland, but in the real world 99% of people have probably never heard of it.
Microsoft is in the business of producing software. That is what they do - they write and sell software. The selling part is probably the most important part. Their employees have a mortgage and a family, their shareholders want profits, everyone needs food to eat. They could write software all day and night that was beautiful and lovely and all that other fantasy software crap that open source developers tout, but at the end of the day they have bills to pay.
Businesses buy software from Microsoft because they have a job to do. They don't care if it has a few small bugs, or that they aren't using the best bubble sort algorithm, or that their encryption only takes ten-thousand years to crack rather than twenty thousand. They just want to type a report up in Word, and Microsoft is in the business of helping them do that.
Microsoft aren't in the business of creating the best software ever. They're in the business of creating software that is useful to its customers and that does the job. They also understand the concept of DEADLINES.
When Microsoft add a feature to word, such as the word-count menu, it's not as simple as opening visual studio and clicking a few buttons.
First, the feature request goes to the project manager, who writes a specification for it. This is done so that everyone understands what the new feature will do, because there are a lot of people involved in the process.
That specification goes to a panel of language experts, who check that there won't be any multi-cultural problems. One of these experts might come back saying "you need to increase the width between 'Pages:' and the number of pages, because blind, Mandarin-speaking Britons in Madrid using Windows 95 and a touch sensitive monitor won't be able to fit the text on screen if the document is over 217,000 pages". The specification is duly revised, and goes through the same process until there are finally no percieved problems.
Then it goes to a security expert who checks there are no arcane workarounds to abuse this little dialog box to open security holes. This might seem pretty stupid, I mean, it's just a dialog right? Wrong, because even though it is just one dialog, sometimes there are issues and so Microsoft has to play it safe, otherwise people like you .......... about how insecure Windows is.
Then it goes to a programmer, who writes the code in a couple of hours. The code is then reviewed by the language experts, a senior developer or two and the security guy. By the time the whole process is complete, something as simple as Words Tools->Word Count can take 2-3 days to implement and can involve a good dozen people after all the hoop jumping, and that doesn't even count writing the documentation (yes, Microsoft actually have decent documentation) and translating it to a zillion different languages.
Seems like a lot of beurocratic nonsense and time wasting doesn't it? Well, the reason these processes are in place is because unlike the majority of open source software (I'm not talking KDE or anything like that, but something like aMSN), Microsoft actually cares about blind Mandarin speaking poms in Madrid using Windows 95. Because if they don't, they'll get sued. Because of all the added complexity that comes when you have users of your software that aren't running Windows XP, with US english and nothing out of the blue, there is a much bigger chance of security issues.
Now what really sucks for Microsoft is that it takes 12 people and 2 days just to do a simple dialog. Imagine how much work writing Microsoft Word from scratch would take? Of course, if Microsoft wanted to (and they have the money to), they could rewrite it all from scratch. They could make it perfect in every possible way. When would you expect a shipping date? June 2017.
This isn't any good. Businesses are demanding newer releases - they have bluetooth cell phones that they need to synchronise with Outlook dammit. Huge companies like General Motors are counting on Microsoft releasing upgrades every 18 months, because they also have a big beaurocratic process of upgrading all their PC's. Oh, and let's not forget, the people at Microsoft still need to eat.
So they pick a realistic shipping date. They say "we'll rewrite and have it done by December 2006". They can't use the method that 70% of Open Source projects use ("It'll be ready when it's ready"). To meet this ship date, they need to cut out features. They can't afford to spend 12 years making it perfect in every possible way - they have a deadline and they need to make some cuts. Features, cost, or time - pick any two. Yes, they have to cut a few corners to stay on budget and on time. If they don't, people whinge "oo Longhorn's release date is slipping, M$ sux0rz!".
Microsoft aren't protected by a "we take no responsibility for anything at all" clause like 90% of open source projects. They have a responsibility to their customers. Any when a Microsoft project ships late, they generally have a good reason - not that anyone cares.
So when you say "I don't like M$ because they concentrate too much on the commercial side", you have to realize that every other successful software company in the world does the very same. Heck, even Red Hat do it. Why? Because there is no lollypop land where you're paid to write code just because it's "beutiful". Your source code won't be hung in a Paris art gallery. If anyone even uses it, they'll use it because they have a business case for it, because it helps them do their jobs on time. Because the majority of people don't live in an academic fantasy world.
I learnt this at the company I work for. Every day I suggest a new feature or that something should be re-written. The response is always "can you show that it will help us finish by 25th December? Or that the changes would be so significant that it's worth implementing? If not, write it down, and maybe we'll do it in version 2". If we could, we'd spend forever making it perfect. But our budget is limited, our deadline in Christmas day, and if we take another six months doing things that don't make our product significantly better, our customers will get angry and I'll be looking for a new job.
If anything, just remember that business drives technology, not the other way around. Netscape spent years rewriting their flagship product to make it the best. Microsoft just patched their buggy Internet Explorer. While I'm positive the Netscape browser was better, Netscape lost because their biggest mistake was forgetting the commercial side (and a list of other reasons, but that stands out as the most significant). Any software company that forgets this is doomed to failure.
Look at the top ten software companies in the world 15 years ago, and look at them today - Microsoft is the only one still on the list. It's not because "oo they have better marketting". It's because they never forgot their purpose - to provide businesses with solutions, not with perfect software.
