On Jan 23, 1:44 pm, ***@cs.uofs.edu (Bill Gunshannon) wrote:
> In article <email@example.com>,
> ***@yahoo.co.uk writes:
> > On Jan 23, 1:14 am, ***@cs.uofs.edu (Bill Gunshannon) wrote:
> >> In article <firstname.lastname@example.org>,
> >> Johnny Billquist <***@softjar.se> writes:
> >> > Bill Gunshannon wrote:
> >> >> In article <***@spock.koehler.athome.net>,
> >> >> ***@spock.koehler.athome.net writes:
> >> >>> In article <***@giganews.com>, "Richard B. Gilbert" <***@comcast.net> writes:
> >> >>>> So learn Unix. It's not VMS, and never will be, but Unix people will be
> >> >>>> in demand long after VMS is laid to rest!
> >> >>> UNIX people will be in demand after VMS people only because VMS will
> >> >>> just keep quietly running along with no attention.
> >> >> God, when will this myth finally end. I have a Unix box here that has seen
> >> >> no attention since it was installed in July of 2004 other than continuing to
> >> >> add new user accounts every semester.
> >> > Really? That should be a very insecure system in that case.
> >> > I don't know of a single version of Unix (not even OpenBSD) which
> >> > haven't had atleast some CERT alerts serious enough to require upgrades
> >> > and serious checkups.
> >> > Not that I'm claiming any superiority of VMS, but the unbiased Unix
> >> > praise sometimes can go a bit too far.
> >> I have never claimed Unix is invulnerable. That is the ballywick of
> >> the VMS fanatics. But, I do get tired of hearing how VMS is the
> >> only secure OS in the world when I have dozens of machines running
> >> Unix and (horror of horrors) Windows and while we get attacked
> >> constantly they don't succeed. It is possible to run a secure
> >> operation with OSes other than VMS and it is long past time for
> >> people here to accept that.
> >> Of course, they won't so everyone else will just laugh up their
> >> sleeves and let them continue in their delusion.
> >> bill
> >> --
> >> Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves
> >> ***@cs.scranton.edu | and a sheep voting on what's for dinner.
> >> University of Scranton |
> >> Scranton, Pennsylvania | #include <std.disclaimer.h>
> > What is possible in an ideal world is not always the same as what is
> > commonly seen in the real world. It is common for Windows systems to
> > be exploited, surely you couldn't disagree with that. Partly that is
> > because Windows boxes are defective by design (especially a Windows
> > system fresh from a Windows CD, as you have already acknowledged).
> > Partly that is because of the level of competence and experience and
> > motivation of the typical Windows-centric IT department (or home
> > user). Your experience seems to be very different from that of many
> > people in the Windows world, be they home users, corporates, or
> > whatever.
> Well, I hardly consider myself a Windows expert. I don't even like
> Windows. :-) Which begs the question: "If I can do it, why are the
> supposed professionals having such a hard time?" My answer is really
> quite simple. There are millions and millions of Windows boxes out
> there. A hacked Windows box sells newspapers and magazines. A Windows
> success story does not. We are being innundated now with stories of
> "4.9 million" Windows boxes infected with a worm that MS published a
> fix for months ago. So, who's fault is it that these machines are now
> getting infected? Windows? MS? Or is it maybe closer to home. (Hint:
> none of the machines under my control have been hit nor are they even
> vulnerable. Go figure!)
> > If the users/managers in general can't be educated to use the tool
> > safely, and years of experience definitely shows us that is the case,
> > maybe it's time to choose a safer more appropriate tool?
> Well, every year we hear stories of people cutting off fingers with
> various power tools, and yet, we still use them. Don't get me wrong,
> I have been the strongest advocate around here for the abandonment
> of MS infavor of OpenSource tools. My primary justification is the
> cost. I have two employers. One is the University who can definitely
> use the extra money they would have if they weren't paying for Bill
> Gates to jetset around annoying people. The other is DOD. I don't
> think I need to tell anyone what the governement is very likely paying
> for the use of MS products or what it would do to the budget if that
> line item were removed. But, at least for now, Windows is reality
> and the answer is if you have to work with it you really need to learn
> how to secure it rather than throwing your hands in the air and saying
> "Oh well".
> > Of course in
> > the Windows case, a whole ecosystem exists whose finances and careers
> > are dependent on continued inappropriate use of the "defective by
> > design" tool, which makes widespread change quite tricky, because the
> > technical discussion disappears in a sea of self-preservation: "the
> > tool may be initially unsafe, but just add blade guards X and Y and Z,
> > just upgrade it every three years, just (re)train the users, just pay
> > us the maintenance, and it will get the job done just fine..."
> All it really would take is for one or two major players to make the move
> and make it very public, including the savings in both upfront costs and
> maintenance. And, they would have to get the publicity, which may actually
> be the hardest part.
> Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves
> ***@cs.scranton.edu | and a sheep voting on what's for dinner.
> University of Scranton |
> Scranton, Pennsylvania | #include <std.disclaimer.h>
How did we get this discussion going in two threads at once, one of
which (this Bootcamp one) would seem to have little to do with
Windows. That aside...
Do you pay much attention at to what happens in the general IT world
outside your own "professionally managed" environment? The environment
you describe (a poor choice of tool made to do a half decent job
because it has very special people and rigidly enforced processes
around it) is completely unrepresentative of the Windows world I've
"All it would take ... one or two major players to make a move"
We're talking Microsoft here. To start with, pretty much every desktop
PC from a significant vendor includes the Windows tax, both in the
cost of the licence and the cost of engineering and (nominally)
supporting drivers for Windows.
If a major customer starts looking at thin client rather than Windows
PC, the desktop hardware vendor plays with PC prices to avoid losing
the ongoing desktop refresh contract. The Windows licence is a major
cost in a modern PC, and MS also want the recurring licence income
(the Windows Embedded in some thin clients is less $ than ordinary
desktop Windows), so there's backroom deals to be made there too.
If a major customer starts looking at alternatives to Windows, the
first thing that happens when the incumbent suppliers find out is that
the MS ecosystems start using their bank balances to prevent the
investigation let alone the move; licences at massive discounts,
consultancy at minimal or zero cost, promised annual rebates to
Purchasing depending on annual spend, marketing support from MS to the
suppliers at risk, all kinds of miracles happen which aren't available
to the plain ordinary loyal Microsoft customer. This isn't fantasy,
this is widely observed and occasionally reported ongoing anti-
competitive monopolist behaviour.
Elsewhere, do you remember what happened in Massachusetts when the
state government tried to say its agencies must start to use open
standards not MS-proprietary ones?  And that was just for Office,
not Windows? Do you remember why Sweden initially voted the way they
did in the OOXML standards vote? [Because Microsoft paid them to,
because the Office monopoly was at risk]. The list could go on and on
but I have other things to do.
With "business ethics" like that, what chance does a big MS customer
have of breaking the habit?
If you look at the small business market, where the corporate IT
managers and outsourcers and consultancies and even standards are less
relevant and these business practices don't help Microsoft to anything
like the same extent, but what works is a network of competent small
business IT experts supporting value-conscious small business IT
users, I see an increasing number of businesses adopting Linux rather
than Windows, both on servers (for a long time) and to an increasing
extent also on desktops. But they don't make headline news, and my
experience may not match other people's world.