Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Why Windows is king

  1. #1
    Banned
    Join Date
    May 2003
    Posts
    1,004

    Why Windows is king

    (I suppose this falls under market security and not system security )

    Microsoft doesn't fight within its own market share.

    http://oracledirect.oracle.com/iccdo...ode=cal&tz=PST

    Fractioned Linux and now Linux taking the fight directly to UNIX?

    "Divide and conquer" ring any bells? The Linux/UNIX folk are saving Microsoft the trouble and doing it to themselves!

    catch

  2. #2
    Member
    Join Date
    Nov 2002
    Location
    Sweden
    Posts
    42
    But since Linux is cheaper then UNIX the people changing to Linux will have more money to invest in more secure and usable systems. (Crappy i know, but hey, u've gotta say something)

  3. #3
    Senior Member
    Join Date
    Jul 2001
    Posts
    461
    Um, this is not exactly new.... The big linux companies have been heavily pushing migration from unix to linux from the begining. Just go to redhat.com and look at their whitepapers about migration

    http://www.redhat.com/solutions/info...LinuxMigration

    There are none there about migrating from microsoft...

    Perhaps there should be yes, but this is not a new tactic, or a change in direction, the major players have been pushing this very hard for a while now.

  4. #4
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Ichni: No surprise really..... It's hard to migrate people from an OS that they can make work to another that they can make work than to get them to migrate from a system that they can make work to a system they don't have a cat in hells chance of understanding at all. And in case you don't pick up on it - thats a dig at the many Win* admins rather than the *nix admins.....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  5. #5
    Banned
    Join Date
    May 2003
    Posts
    1,004
    To say that Linux is cheaper than commercial UNIX is to look at it from a single user perspective. Not at an enterprise level where things like trusted facilities manuals are very important to have. At this scale you will note that Windows is very comparably priced to Solaris/HP-UX/AIX/etc commercial UN*X and all of which are cheaper than open products like Linux/xBSD.

    You are correct, this is nothing new, and RedHat is in bed with Oracle, so it is likely these are related. However, this arrived in my mailbox today and it got me thinking...

    What I do find most interesting is Linux's alternating efforts to liken/distance itself to/from UNIX.

    "Linux is exactly like UNIX minus the assurances!"
    "Linux is so different from UNIX that you need a migration seminar!"

    catch

    PS. Tiger... it is true, Win admins tend to be a sorry lot... at least most UN*X/Linux admins actually understand the system they are administrating.

  6. #6
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Catch:

    Win admins tend to be a sorry lot...
    Not wanting to further our previous conversations it is plain that this is the result of providing an OS that any "idiot" can start up thus the OS that people buy because they don't need to think. I wonder how many home users on high speed connections have base installs of Win2k/XP out there with their family photo's or whatever out there for the world to see. I wonder also if _any_ of them could provide the same service on a *nix bix.... probably none.... but, to all intents and purposes they are "admins". I think we need to make a clear distinction between home "admins" and professional admins..... Though I will "give" on the point that there are an awful lot of "professional" admins that are little or no better than home admins insofar as they are "the guy" in their organisation.... they "understand" computers better than everyone else there...... Doesn't mean they have a clue about anything, but they are the guy that can get it working...... Sad, but true.... I see it all too often......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  7. #7
    Banned
    Join Date
    May 2003
    Posts
    1,004
    I was assuming professional admins, beyond that I was assuming real corporations too, not just little mom and pop whatevers.

    I was primarily refering to MCSE types. I don't know how they swing it, but I've known a few that essentially seem to know almost nothing about their system of choice. Thinking that Administrator = Root and god knows what else.

    This I believe is why windows has the reputation it does. Windows admins don't make as much as UN*X admins so I am left to assume that this results in a thining of the talent pool.

    Worst case is places like my mom's work where she (a psychologist) kinda ended up in charge of the computers because she knows how to use email and search engines and ebay. (And they are supposed to be HIPPA compliant... hahahaha)

    True I have known a few NT admins that can make the systems dance something unreal, but they are few and far between. Most simply view NT with its GUI as a toy, (hell, I know I used to, remember I come from an IRIX/TRIX administration background) which is just a shame.

    catch

  8. #8
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Catch: Have your mum call me..... I'm already 97% HIPPA compliant..... and it's not really something I worry about......

    Unfortunately, most of the implementations of Win* boxes are "mom and pop" even when they are implemented by "professional" admins.... Hence the number of "corporate" networks brought down by exploits that are weeks or more old is unacceptable.... The ratio of "mom and pop" admins is therefore raised considerably......

    Better for the internet that we are provided a system that "mom" can't just "slide up there" for "shits and giggles"......

    My 2c on this...
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  9. #9
    Senior Member
    Join Date
    Jul 2001
    Posts
    461
    I dont want to sound like an idiot here, but...

    To say that Linux is cheaper than commercial UNIX is to look at it from a single user perspective. Not at an enterprise level where things like trusted facilities manuals are very important to have. At this scale you will note that Windows is very comparably priced to Solaris/HP-UX/AIX/etc commercial UN*X and all of which are cheaper than open products like Linux/xBSD.
    Is anyone even working on something like this for linux? I know about the varius and sundry "secure" linux distros/patches like SElinux or engarde, but is anyone working on a comprehensive document about how to run linux securely? How much stuff is transferable from other such documents about other nix?

    I consider myself to be fairly knowledgable about linux, enough to have earned my RHCE anyway, but as far as security goes, I approach that in a very piecemeal fashion. Searching out info about security of different aspects as they become relevant(i.e. when I start using them) but nowhere have I seen a comprehensive collection of how to run a secure linux system.

    IchNiSan
    P.S. I do not count "Maximum Linux Security" either.

  10. #10
    Banned
    Join Date
    May 2003
    Posts
    1,004
    • SE-Linux is a research project with migrating the flask security architecture to a monolithic kernel.
    • Enguard is merely a collection of hardening scripts.
    • Trusted Linux is another research project based on HP-VV/VVOS mechanisms.
    • Pitbull LX is very similar to Trusted Linux except that it is a fully functional/complete product and not a research project, which tries to be a more idiot friendly Linux port of Trusted Solaris.
    • LIDS is a random collection of research level Linux kernel modules.

    None of these more secure Linux products/things have extended appropriate documentation (except Pitbull which has a TFM to cover the Pitbull product itself at 110 pages, but only for this product on Solaris, not Linux). Linux and much of the open source world seems to rely on the just-in-time documentation model, as frequently the full functionality of the software in question is unknown until the software is completed. This in conjunction with the vast array of Linux vendors make the development of a TFM basically infeasible. This explains part of Linux's low ISO 15408 evaluation.

    As a simple comparison the Secure Xenix source code was =~10,000 lines of code with les than 50 system calls and no third part software.

    Its TFM was several hundred pages.

    The RedHat source code... heh millions upon million of lines. Over 200 system calls. Heaps of third party tools. I think you'd be looking at a dramatic increase in required documentation... I originally threw around some numbers but I think that is pointless since it could vary wildly depending on how the product is shipped. This TFM would be developed from scratch, unlike other systems such as NT that has had a rolling TFM since Secure Xenix (22-23 years?).

    In time as particular distros become more and more self contained (RedHat seems most likely here with a possible follow up by SuSE) that TFMs may surface for these particular distros. these of course would be stripped down versions with no third party tools.

    Although such guides and books like "Maximum Linux Security" may help you understand Linux security at a level that transcends distros, from an IS policy/insurance purposes, they are insufficient.

    catch

    PS. check out NCSC-TG-016 (the yellow-green book) for more reading:
    http://www.radium.ncsc.mil/tpep/libr...SC-TG-016.html

    EDITED because I was smoking a whole heap of crack and had confused some numbers.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •