“seemingly an unlimited number of zero-day exploits”, is how Symantec describes it. The monoculture created by M$ not only allows everyone to be threatened by random encounters with malware, evildoers who target particular businesses or organizations using M$’s OS overcome every defence. The reason Google switched to GNU/Linux was to escape the Wintel treadmill of vulnerabilities.
see 3 years later, hackers who hit Google continue string of potent attacks | Ars Technica.
At the very least the existence of organizations aiming at particular IT systems using the string of vulnerabilities cranked out by M$ should encourage everyone to use a mixture of GNU/Linux and other operating sytems as well as or in place of M$’s. Making yourself a smaller target or camouflage works. Ask any infantryman.
I use Debian GNU/Linux.
Update – The US executive branch is considering an executive order along the lines of the failed bill on cybersecurity. The idea seems to be to wake people and organizations up about the issue. I can see the possibility of renewed interest in desktop GNU/Linux if public knowledge of the cost of monopoly is raised.
17493
12777
206
3
2
23943 
11873 
11725 
4643 
4273 
1641 
198 
14 
2 
0 
0 
0 
When the name Symantec is involved you can as well go to sleep. As the Ars Technica article cited by you explains clearly:
Some security experts were skeptical of Symantec’s conclusions. Finding and exploiting previously unknown vulnerabilities is a regular undertaking during penetration testing that’s often carried out to success in a matter of hours or days.
You have to stop reading only the headlines, Rob.
The US executive branch is considering an executive order along the lines of the failed bill on cybersecurity. The idea seems to be to wake people and organizations up about the issue. I can see the possibility of renewed interest in desktop GNU/Linux if public knowledge of the cost of monopoly is raised.
Rob, your reading comprehension skills have apparently gone bye-bye. Can one man be so gullible? Yes, he can.
No, Rob, the idea behind this bill is not to wake someone up (or to promote GNU/Linux — what a delusional reading!), the idea is cheap, and purely symbolic, political action leading to just another bureaucratic nightmare. Companies will be forced to implement security measures handed down from above, security measures which inevitably will lag far behind, which in turn will do much to actually worsen cyber security.
It’s rather amazing that the average number of vulnerabilities found each month in Microsoft’s security vexed OS remain stable. There’s no sign of reaching the bottom.
The assumption is that all the current vulnerabilities are known and are either fixed or will be soon. Since the number of vulnerabilities in Microsoft’s OS are basically a bottomless pit, keeping current is an impossibility. The truth is that there are many more current, active vulnerabilities than the security people are aware of.
Get real. The known vulnerabilities are just scratching the surface.
One of the thoughts here was “In order to discover these vulnerabilities, a large undertaking would be required by the attackers to thoroughly reverse-engineer the compiled applications,” the researchers wrote. “This effort would be substantially reduced if they had access to source code.”
It seems to me that this is a reasonable premise and it would be far easier to scan through source code looking for vulnerable constructions than to try to piece together the bits and bytes of the binaries in order to find the same thing. That would make it a lot easier to penetrate Linux and FLOSS than Windows or other proprietary products. The only problem would be in the relatively rare use of these open source products.
Clarence Moon wrote, “It seems to me that this is a reasonable premise and it would be far easier to scan through source code looking for vulnerable constructions than to try to piece together the bits and bytes of the binaries in order to find the same thing. That would make it a lot easier to penetrate Linux and FLOSS than Windows or other proprietary products. The only problem would be in the relatively rare use of these open source products.”
That is an opinion not supported by the evidence. How many web sites run GNU/Linux? Most of them. How many are cracked by these sorts of vulnerabilities? Hardly any. Most are attacked by scripting errors and weak passwords, nothing to do with the OS.
That other OS provides multiple means of attack on any given day. That’s the takeaway.
kozmcrae wrote, “It’s rather amazing that the average number of vulnerabilities found each month in Microsoft’s security vexed OS remain stable. There’s no sign of reaching the bottom.”
Yes. The rate of discovery of vulnerabilities = number of existing vulnerabilities X effort of seekers of vulnerabilities. For the world still to be finding new vulnerabilities in XP daily means they started with many thousands. Ditto for Vista, “7″ and I expect it will be true for “8″, “9″…
There is some small hope in the Wintel world, however. M$ seems to have peaked in code bulk. They are actually thinking about small cheap computers this year. It has not been so in the history of M$ as far as I recall, except perhaps in the early days of BASIC when a few KB was enough.
It is a serious flaw in M$’s business-plan that they feel the need to keep coming up with “new” features to sell. It would be a hell of a lot easier to debug a mature software stack rather than a train of stuff travelling at high speed. That has been one of the failings of a software company run by salesmen. Why do they feel the need to add more bloat when they already have a monopoly and all the space on retail shelves?
“It’s rather amazing that the average number of vulnerabilities found each month in Microsoft’s security vexed OS remain stable. There’s no sign of reaching the bottom.”
Way to invent facts based on assumption. Please provide the statistics you’re basing this claim off of.
Because according to most sources out there, when you search for “first year vulnerabilities” they show a decline from XP to Vista to 7. Vista, in fact, had fewer than OSX 10.4 Tiger. I’m certainly not saying Windows doesn’t have vulnerabilities, it has its fair share for sure, but running Windows update doesn’t break wifi or sneak API changes in.
“The rate of discovery of vulnerabilities = number of existing vulnerabilities X effort of seekers of vulnerabilities.”
This is the “Many eyes” fallacy. Just because they have a large user base doesn’t mean that they are qualified to detect and report vulnerabilities! I doubt Grandma Seth is probing open ports with malformed IPv6 packets (which, incidentally, was a recent kernel vulnerability).
“For the world still to be finding new vulnerabilities in XP daily means they started with many thousands. Ditto for Vista, “7″ and I expect it will be true for “8″, “9″”
Hurray, more speculation. Please Pog, show us what this rate actually is. Because according to sources that actually did the math, rather than speculate, the rate has steadily decreased.
TM Repository
–running Windows update doesn’t break wifi or sneak API changes in.–
I have seen Windows update take out network and video card drivers automatically in Windows 7. Not particularly fun being set back to vga resultions with no network. Most people are careful to set windows update to never update drivers. Wonder why if you do welcome to hell in a lot of cases as windows update downloads and installs the wrong driver for your hardware.
Apple machines, certified MS and certified Linux about the only thing when you can auto update hardware drivers automatically. Everything else is russia roulette. At least Linux provided the prior kernel normally after updating kernel so you can boot back to it. Not like windows where it can be impossible to even enter safe mode due to wrong drivers installed. Even magically become de-registered due to too many hardware changes.
There is a reason why we need the backport project at kernel.org. For people not using certified hardware to be able to stay on older kernel with older drivers for longer. So 5 years before you have to break a working kernel combination. Debian I could run on 2.6.32 if I wanted to.
Yes Windows Update does sneak API changes in. People get caught with items like applications controlling IE and other items of windows as MS introduced some extra security bits. Or the fun I had with XP using WSH from network share one day no more due to security update.
TM Repository there is a problem first year of Windows 8 most likely will not look anywhere near as good.
The automated tools for finding zero day defects in closed source is getting down right effective.
This is the problem since the time of Windows 7 release the process of finding bugs has improved massively.
There has been a massive up swing in the last 6 months on the numbers of 0 day attacks used. Even more scary is these things appear now to be watching cve and other places and as soon as their attack is reported they change to another 0 day. So we are now getting the never ending 0 day attack cycle.
4 0 day attacks in row is common now from one group. The number of attacks in a row is getting larger. So its possible that 1 attacker group hitting Windows 8 could do more exploits in one run than Vista had in its full year. So yes month after release could be like O crud.
The other option is they might leave Windows 8 alone for 12 months to let population grow.
So there is a second possibility why vista was not hit has much compared to XP in the first year. Population was too small to waste zero day attacks on. Zero day attacks take time and money to locate. Attackers have to get return on investment they are in it for the money these days.
Really TM Repository for a person who claims to use OS X you talk about Microsoft a lot.
“It is a serious flaw in M$’s business-plan that they feel the need to keep coming up with “new” features to sell.”
You’re joking, right? You’re actually going to involk YouDontNeedThat(TM)? Yeah, who needs wifi, blu-ray support, IPv6 support,
“It would be a hell of a lot easier to debug a mature software stack rather than a train of stuff travelling at high speed.”
Yeah, it sure would be nice if the kernel API/ABI didn’t change between minor point releases. It would also be nice if Ubuntu didn’t rush out an update every 6 months that breaks grub2 every other version. But Windows isn’t a mature code base at all, seeing as an app from Windows 98 can still run on Windows 7, that API/ABI sure is travelling at high speed alright.
Don’t worry though, in another post you’ll ironically lambaste Microsoft for being slow to react to changing technology.
“That has been one of the failings of a software company run by salesmen. Why do they feel the need to add more bloat when they already have a monopoly and all the space on retail shelves?”
Probably because their customers demand those new features, seeing as they have an obligation to listen to those customers.
I’d really like to know what you consider bloat though, because Windows doesn’t even come with a PDF viewer pre-installed. Is Paint’s 2MB executable wasting too much precious space? Should I install GIMP at 230MB instead?
TM Repository
–This is the “Many eyes” fallacy. Just because they have a large user base doesn’t mean that they are qualified to detect and report vulnerabilities! I doubt Grandma Seth is probing open ports with malformed IPv6 packets (which, incidentally, was a recent kernel vulnerability).–
True and false. The Linux dominate user-base is more likely to. Anyone doing quality assurance on servers with tools will throw malformed IPv6 at servers to make sure there is not strange glitch.
http://www.perihel.at/sec/mz/ Automated weapons of bug finding generate malformed IPv6 and IPv4 packets in a process called fuzz testing.
Linux kernel has a problem. Its complier is a monoculture. This means the automated testing by complier is only done by one complier.
This has been started to address this.
http://llvm.linuxfoundation.org/index.php/Main_Page
Microsoft Windows has the same problem of very limited compliers used.
Most of the reason you don’t see Windows ABI changes with programs if you go to the windows program directories and search *.dll and notice how many of the same dll are in fact installed in there.
A lot of programs still don’t use SXS properly.
“It is a serious flaw in M$’s business-plan that they feel the need to keep coming up with “new” features to sell.”
Without new features, why would anybody want to buy a newer version of windows?
“It would be a hell of a lot easier to debug a mature software stack rather than a train of stuff travelling at high speed.”
That’s why Linux distros rely on a mature software stack and don’t change stuff like the audio subsystem, right?
“That has been one of the failings of a software company run by salesmen.”
MS run by salesmen? Way wrong. Let me quote Joel Spolsky on this issue:
This was at the same time that Bill Gates was hauling programmers into meetings begging them to create a single rich text edit control that could be reused in all their products. Put Jim Manzi (the suit who let the MBAs take over Lotus) in that meeting and he would be staring blankly. “What’s a rich text edit control?” It never would have occurred to him to take technological leadership because he didn’t grok the technology; in fact, the very use of the word grok in that sentence would probably throw him off.
http://www.joelonsoftware.com/articles/Stupidity.html
“Why do they feel the need to add more bloat when they already have a monopoly and all the space on retail shelves?”
How can MS have a monopoly when so many people around the world are all using Linux, as you constantly claim? Having your cake and eating it, again?
They do have a dominant position – espacially in business IT – and they would like to keep that bacause that’s where the money is. Big surprise.
TM Repository Again bogus claims. Bluray is out of Linux distribution hands.
–It would also be nice if Ubuntu didn’t rush out an update every 6 months that breaks grub2 every other version.–
Every time you install windows it crushes what ever boot loader is there. Ubuntu provides a LTS version for a reason. Really did you have to fully reinstall ubuntu to use the newer applications no you did not.
Ubuntu is about the only distribution who manages to screw up its boot loaders.
–Yeah, it sure would be nice if the kernel API/ABI didn’t change between minor point releases.–
Again this is a zero game issue.
TM Repository
–But Windows isn’t a mature code base at all, seeing as an app from Windows 98 can still run on Windows 7, that API/ABI sure is travelling at high speed alright.–
Reality that does not work how you think it does.
Do you know what shim’s are. http://technet.microsoft.com/en-us/library/dd837644%28v=ws.10%29.aspx
Reality the ABI of windows is not stable as you think it is. Windows has hack on top on top of hack so old applications work.
Linux you can chroot old application. Instead windows uses these mutations.
Windows only runs old applications due to compatibility layers. Nothing todo with ABI stability. Most people don’t know a PE file contains a version of windows tag that it was built for.
Yet as soon as I suggest doing a chroot to run old programs no we cannot do that. Reality windows is automatically chrooting.
TM Repository in fact even more shocking is shim bring back security flaws as well due to the fact application depend on them to work.
So there is not very much difference using a chroot under Linux or using windows to run an old application.
Robert there is a problem here.
–It would be a hell of a lot easier to debug a mature software stack rather than a train of stuff travelling at high speed.–
This is a double sided sword. Like TM Repository wanting a stable in kernel ABI.
There is a price for slowing down. Slower you change the longer attacker has to search you program for flaws.
ch reality items like the audio subsystem and the video subsystem has been lacking developers. Why neither of those is important to running a Server.
This is one of the benefits of Android this has brought developers working in those branches.
Linux market share directly effects where developers work on it.
“True and false. The Linux dominate user-base is more likely to. Anyone doing quality assurance on servers with tools will throw malformed IPv6 at servers to make sure there is not strange glitch.”
Then why was one of the most recent vulnerabilities in the kernel, a malformed IPv6 exploit, not discovered sooner?
A large part of it is based on security through obscurity. Known vulnerabilities can exist in the wild for a long time without anyone bothering to try and exploit them. Why? Because it wouldn’t be worth the effort for such a small target. They go undetected or unexploited due to lack of interest.
OSX has consistently had more first year vulnerabilities than Windows for the last 8 years, but most people still believe they’re more secure. Why? Because they’re too small a target to attack…or at least they used to be. However, in the past 2 years OSX exploits have been on the rise since OSX has gained back nearly 10% PC market.
Likewise, a lot more Chrome and Firefox exploits are being discovered these days than IE exploits. This is clearly due to a lack of interest in IE on the part of the attackers since I highly doubt IE is magically bug free.
“TM Repository in fact even more shocking is shim bring back security flaws as well due to the fact application depend on them to work.”
That is shocking! Surely you have some sort of evidence to back that up, right? A link perhaps detailing the flaws reintroduced for compatibility reasons.
“So there is not very much difference using a chroot under Linux or using windows to run an old application.”
There’s a big difference! Chroot requires the older environment for an application to be duplicated. That would be like having to install Windows 98 alongside Windows 7 in order to allow Windows 7 to run a 98 application.
Instead, a Windows application targets the API/ABI and it runs without any environment duplication. This not only allows older applications to run on newer Windows, but many newer applications on older Windows.
For example, Firefox running Windows 95.
Typo: “Firefox running IN Windows 95″
TM Repository
–Then why was one of the most recent vulnerabilities in the kernel, a malformed IPv6 exploit, not discovered sooner?–
Fuzz testing has a random generate part to it. More users doing it the more likely they will hit the combination that displays the fault. Still it can take time for someone to hit the combination.
This is why your more users one is part bogus. More users particular times increases the odds something will be dug out sooner.
–Windows 7 to run a 98 application.–
Not all.
–There’s a big difference! Chroot requires the older environment for an application to be duplicated.–
Windows 7 pro comes with http://www.sevenforums.com/tutorials/8247-windows-xp-mode-install-setup.html
Wonder why.
–That would be like having to install Windows 98 alongside Windows 7 in order to allow Windows 7 to run a 98 application.–
This is reality at times.
Building a chroot to run an application does not equal having to bring all that old system back. Only enough so the application works. Any modern library abi compatible can be used in the new chroot
Fun of bind mounting. You are aware a chroot using bind mounting I can like bind /usr to /master
Have ld.so the linux loader in the chroot check against /master/lib last in the chroot. Force install program and its libraries it needs into the chroot and away you go.
Basically you can bend reality. You don’t need to bring massive amounts back. Of course that is simpler you don’t need the chroot is the program was built Linux Standard Base or you use a tool to change its loader so it now uses the Linux Standard Base loader instead of distribution.
TM Repository firefox is a poor example. Firefox is mostly self contained. The tar.bz2 from mozilla for it runs on any distribution.
–That is shocking! Surely you have some sort of evidence to back that up, right? A link perhaps detailing the flaws reintroduced for compatibility reasons.–
Have to find the book mark was covered by alex of reactos reversing how the shim system was design and was shocked to find overflow and other things being brought back so visual basic programs worked.
–Instead, a Windows application targets the API/ABI and it runs without any environment duplication.–
Not true. MSVCRT C++ runtime file. Duplicated many times over. With different defects between versions. Wine has had to emulate some.
Programs also install duplicates. Start looking and find its a mess. So you have windows update that update C:\windows but every .dll in program files is not updated. So you get some very old and flawed dlls hanging around in program files under windows.
As soon as I suggest coping exactly what windows does under Linux you are throwing a hissy fit TM Repository. About possible security problems. Hell its not just Linux here.
What is the go here TM.
(…)
DCOM allowed MS to to make programming extensions to services and applications easier to work with on the LAN based systems. By allowing COM objects to be accessed remotely, MS allowed program to program communication based on their highly successful COM model. Most of the base COM APIs are part o the core of MS’ application programming model. ActiveX grew from Distributed COM.
;
The benefits for MS and the MS developer is that it is rather easy to provide application to application communication and low level API processes through the COM API (the HAL layers also exposes COM based objects for device drivers, printers, etc). The downside is the same access to the COM communication layers are also available to the hacker and those who wish to write malicious code. Since nearly every MS application uses COM and COM+, and the base kernel APIs are also exposed as COM wrappers, this single or Desktop based model is easily exploited and thus this is why “script kiddies” are successful in hacking MS systems with simple JavaScripts. Once you know the Runtime Type Libraries for a COM object, if it belongs to the MS registry, you can use it. Some of them have protected right access, but most do not. That is the hole that is the MS OS today; COM. (Yes there are others, but this is the primary culprit).
;
So why doesn’t MS just do away with COM and the COM model and create an OS that does not need COM? Why don’t they remove the COM based layers from the HAL and GUI layers (as well as hooks to the System Kernel Layer) and thus secure their OS?
(…)
http://blog.eracc.com/2009/10/23/gnulinux-security-linux-house-vs-microsoft-house/#comment-3536
That other OS provides multiple means of attack on any given day. That’s the takeaway.
For a self-claimed IT admin, you seem to miss the boat a lot, Mr. Pogson. The vulnerabilities under discussion are not server issues, I think, they are ways that client systems are compromised and used to organize into the “botnets” that everyone fears. A locked down Windows server installation is more difficult to compromise than a Linux one.
Ubuntu security notices or rather Ubuntu vulnerabilities notices
Linux is so secure
Linux is so secure
Linux is so secure
Linux is so secure
Linux is so secure
You recommend Debian Linux? OK! No problems here!
Debian Security Information
“That has been one of the failings of a software company run by salesmen. Why do they feel the need to add more bloat when they already have a monopoly and all the space on retail shelves?”
Because Windows is not a monopoly, Microsoft has dominant position, but they are not the only player in this market. They add new fetures because they want to keep their dominant position as long as possible.
And what do you call “bloat”? .Net? Better security? Or you simply want Windows to stay on the level of Windows ME? If it were so Linux could compete against Windows! And maybe get 3% market share on desktop!
If they did not do it Linux could become a real competitor. New Ubuntu is no better in any way than Window XP.
iLia wrote, sarcastically, “You recommend Debian Linux? OK! No problems here!”
Of course, Debian GNU/Linux has a few problems, but nothing like the tens of thousands of bugs and millions of malwares plaguing users of that other OS.
So you wanna say that some thousands bugs in Debian Linux are not a problem?
Do you know what 1500, 2000, 2500, 3000 numbers on the left mean?
TM Repository wrote:
“Way to invent facts based on assumption. Please provide the statistics you’re basing this claim off of.”
You can’t be serious.
Why would you even question that Microsoft has a steady flow of security vulnerabilities every month? It’s there, plain as day every patch Tuesday. Here are some statistics via (http://technet.microsoft.com/en-us/security/bulletin):
Microsoft Security Bulletins
Feb. 2012: 9, 4 critical
Mar. 2012: 6, 1 critical
Apr. 2012: 6, 4 critical
May 2012: 7, 3 critical
Jun. 2012: 7, 3 critical
Jul. 2012: 9, 3 critical
Aug. 2012: 9, 5 critical
For the period Feb. 2012 – Aug. 2012
Windows: 26
IE: 5
Office: 9
.Net: 5
Other: 11
Note, some vulnerabilities affected more than one application.
All these security holes were there all along as are all the ones yet to be discovered. All the thousands that are there waiting to be discovered (or not) by the good guys. The bad guys aren’t going to tell which ones they know about. You can bet that there are many security holes that are now being exploited that are just waiting to be discovered. They’ll be on next month’s security bulletin, maybe.
Malware is a growing problem for all platforms but no one will ever catch up to Microsoft with viruses, worms and Trojans counted in over a million. Microsoft never put security first so when they fall below the majority in installations, they will still lead in malware infections.
TM Repository the Firefox running in Windows 95 I can do the same thing taking the tar.bz2 binary version from mozilla.org and running on a 2.0.1 Linux kernel(ie a prior 1995 kernel).
I do mean the same thing the Firefox installer under windows installs c++ runtime and other modern libraries that wrap firefox to the old ABI. Yes it does different ABI calls when its on 95 to what it does on more modern NT os from the runtime libraries.
Shocking thing here is gnu libc has all the legacy support back to 2.0 kernel so does gtk so does xlib.
So basically wrap firefox up with the right modern libraries and it works on the first kernel of Linux introduce the idea of a stable kernel ABI to User-space with the first X11 server to run on that. 1.x Linux kernels don’t have a stable kernel ABI to Userspace at all.
The reality is how big do you want to make the installer.
Gimp is so huge on windows because none of its runtimes are included in Windows.
TM Repository how sending backwards under Windows really works is sending modern ABI with your application back to the older platform with those libraries containing corrective wrappers. Linux Standard Base is design todo exactly the same thing.
Lack of Linux Standard Base binaries is a problem I don’t fully know how to solve. You are comparing distribution binaries to windows binaries and seeing a difference. You need to compare how Linux Standard Base binaries work compare to Windows Binaries.
You will wake up that what you want. Really want is more Linux Standard Base binaries that are isolated from distribution disruptions.
TM Repository you have an option here to vote with your feet.
Linux programs have backwards compatibility to day dot if you build for it. You have the option of not building for it. You choose the option of not building the path of backwards and forwards compatibility on Linux don’t complain to people like me. It was your choice.
Windows you can make programs that will only run on one particular version of Windows. This is not the default build mode under Windows. Linux the default build mode I do believe is backwards. Since the default build mode of most distributions is the most limiting way as default.
The default can be changed. Just think TM Repository if you stopped complaining about wanting a binary ABI and focused on that you wanted default building in all distributions to be Linux Standard Base you might get somewhere. This is so just like windows to build for a limited platform support you have to pass a flag. Not the current Linux where you have to pass options to switch to multi platform support.
Once you have Linux Standard Base binaries you can install runtime to cover up what every defect distributions has in the same way Windows uses run-times to allow applications to run on older versions.
Basically the framework you need exists and is built TM Repository. The issue is it not default.
http://www.zdnet.com/microsoft-puts-windows-8-users-at-risk-with-missing-flash-update-7000003834/
Yes there is a risk that on release Windows 8 will have a hole in it by flash that we know about.
Windows 8 is entering a very different security game than what Vista and 7 had in their first year.
“You choose the option of not building the path of backwards and forwards compatibility on Linux don’t complain to people like me. It was your choice.”
Yes Hamster, you are correct. However it is also yet one more reason not to develop for the linux desktop at all.
Remember guaranteed revenue streams already exist out side your beloved Linux ecosystem. There is simply no reason to put up with the hassle.
But if you wish to rake someone who is actually bothering to develop for linux over the coals for not choosing potentially to cripple his software by developing to a straightjacket like LSB, go right ahead!.
the rest of the world will simply shrug and go on with the solutions that work for them.
“You choose the option of not building the path of backwards and forwards compatibility on Linux don’t complain to people like me. It was your choice.”
Yes Hamster, you are correct. However it is also yet one more reason not to develop for the linux desktop at all.
Remember guaranteed revenue streams already exist out side your beloved Linux ecosystem. There is simply no reason to put up with the hassle.
But if you wish to rake someone who is actually bothering to develop for linux over the coals for not choosing potentially to cripple his software by developing to a straightjacket like LSB, go right ahead!.
the rest of the world will simply shrug and go on with the solutions that work for them.
P.S. the post by 11 is actually the oldman. it was a typo.
(RP: fixed that.)
oldman
–Yes Hamster, you are correct. However it is also yet one more reason not to develop for the linux desktop at all.
Remember guaranteed revenue streams already exist out side your beloved Linux ecosystem. There is simply no reason to put up with the hassle.–
Of course you want to flip the fact round. Developing correctly you produce 1 binary that covers all distributions of that arch. So one x86 32bit one x86 64bit and you have everything covered that x86. Same can be done for the different arm types.
Oldman there is a known revenue stream on Linux. It is shown to be here time and time again.
oldman
–But if you wish to rake someone who is actually bothering to develop for linux over the coals for not choosing potentially to cripple his software by developing to a straightjacket like LSB, go right ahead!.–
Reality under windows you develop in straightjacket like LSB and not notice because you develop for particular runtime versions.
The reality here is there is no difference developing for Windows and Linux on the method you have to use.
The simple reality is he is not going to develop for Linux if he does not know how to correctly. Because he is going to believe he has to produce a binary for each distribution. That is 100 percent not a possible option. He will also believe he has to keep up with every change those distributions make that is also impossible.
So no matter how much you like it oldman the only valid path that in money terms going to pay off for making Linux binaries is using Linux Standard Base or dynamic loader bending. All successful closed source binaries on Linux use them.
Linux Standard Base does not cripple your software oldman. Provide the frameworks so the software you make pays off.
“Once you know the Runtime Type Libraries for a COM object, if it belongs to the MS registry, you can use it.”
So what? Old rule: If a bad guy’s code is running on your machine, it’s not your machine anymore – the way this code interacts with your OS is immaterial.
ch
– So what? Old rule: If a bad guy’s code is running on your machine, it’s not your machine anymore – the way this code interacts with your OS is immaterial.–
True for Windows and insecure configured systems.
Once bad guy’s code breaches containment is the correct answer. Like a bad guy runs some code and the sandbox that it is kills it before it can send any information back to the bad guy or alter anything for the bad guy the bad guy is left pulling hair without access to system.
The bad guy code running on your machine is not enough to make it the bad guys basically. The bad guys code running without any containment(beaten containment or the fact it was not their in the first place) the machine is now the bad guys.
OK, so let me correct: When the code is running in your account’s environment (not uncommon when a user runs a program) or in the latest version of Java:
http://www.h-online.com/security/news/item/Latest-Java-sandbox-is-still-vulnerable-1697550.html
ch –When the code is running in your account’s environment–
Could be a service as well. If your services are not sandboxed wait its windows what I am thinking.
ch java under linux can have an OS sandbox around it as well. Selinux rules can make items take on a sandbox automatically. So getting out of Java sandbox yet not beating the Selinux sandbox around that attacker still can have failed to get anywhere.
Yes two sandboxes is better than one for making attackers life hard. Failing to the attacker the attacker and mistakenly believe the system is patched. Not that the attack just ran into another level of sandboxing.
Windows or a Linux system not harden where the Java sandbox is all between attacker and the java sandbox being flawed is a issue.
Even under Linux running as your user does not mean application allowed to access anything. Selinux rules are role-based, user-based and per application. Complex yes but it also makes attacking a selinux running system hard.
This is why I talk about Windows lacking security frameworks its the reality it is.
“This is why I talk about Windows lacking security frameworks its the reality it is.”
Lets talk about the elephant in the room Hamster:
Assuming that one grants this is true. DO you really think that your off trumpeted factoid is going to translate into a “win” for desktop linux?
“Reality under windows you develop in straightjacket like LSB and not notice because you develop for particular runtime versions.”
While I am not a developer, I am familiar with both API’s. There is a big difference between the windows ASPI sets and the poverty struck resources available under LSB.
BTW hamster what windows applications do you develop, or is this yet another of your imaginary skills?
oldman, praising M$’s bloat and lock-in, wrote, “There is a big difference between the windows ASPI sets and the poverty struck resources available under LSB.”
I believe “less is more” when it comes to software bloat such as M$ puts out compared to the functionality of GNU/Linux. Really, the purpose of an OS is to manage resources. Why have extra APIs that tie all your software to that other OS?
“I believe “less is more” when it comes to software bloat such as M$ puts out compared to the functionality of GNU/Linux. Really, the purpose of an OS is to manage resources. Why have extra APIs that tie all your software to that other OS?”
We know that you are perfectly willing to use what others consider crap software with less function and feature Pog.
And we dont care.
The bottom line is the software running on windows that uses those so called “Bloated” API’s does what I want to do while linux does not.
and that is all that counts.
oldman wrote, “The bottom line is the software running on windows that uses those so called “Bloated” API’s does what I want to do while linux does not.”
You are entitled to your opinion but hundreds of millions of others now run other operating systems and are quite satisfied. I am one of those. So are “the little woman”, just about everyone under 30 in my extended family, and hundreds of students I met over the years. Walmart seems to offer such people opportunities on retail shelves too. It’s only a matter of time before desktops/notebooks have the same opportunities.
Hundreds of millions of classical linux desktops – bushwah!
” I am one of those.”
You dont count.
“So are “the little woman”
So What. You are her sysadmin. I guarantee you that were she to have to tackle linux all by herself she would be back on a new windows system in a heartbeat.
“just about everyone under 30 in my extended family”
Geeks all guided by the fanatic named Robert Pogson.
“and hundreds of students I met over the years.”
Perhaps, but it would be interesting to see how many of them are back using windows.
“Walmart seems to offer such people opportunities on retail shelves too. It’s only a matter of time before desktops/notebooks have the same opportunities.”
HAHAHAHAHAHAHAHAHAHAHAHAHA. Dream on Pog.
Opportunities to do what pog, run crappy to mediocre software.
@ldman wrote:
“I guarantee you that were she to have to tackle linux all by herself she would be back on a new windows system in a heartbeat.”
Yes, a *new* Windows system. And when she uses it, it will start to slow down and at some point it will get infected and that will be the end of it until someone fixes it.
What do you think keeps the Geek Squad in business? A Linux buddy of mine has a side business fixing other peoples’ Windows messes. He has to turn people away he has so much business. He charges $75/hr. Do you think Joe Sixpack is going to edit his Registry? Let him try it with Word, Ha. Good one!
Keeping Windows up to par is a nightmare (not for you oh wise one). That is if you intend to do anything of value with it.
kozmcrae wrote, “Keeping Windows up to par is a nightmare (not for you oh wise one). That is if you intend to do anything of value with it.”
I read a great commentary on that once. At a conference of general interest to all IT people, the writer made the observation that there were two kinds of people there, those whose pagers were constantly going off and those whose weren’t. He correlated the phenomenon with IT guys from M$-only shops compared to GNU/Linux or UNIX shops. I used to work late nights and lose sleep when I tried to keep XP/2003 running. The larger the school, the more likely they were running that combination and the less satisfied they were with availability. It got so patch-Tuesday was in my dreams because nightmarish things could happen between the time M$ let loose the hounds and 4pm or so when I could update the servers and 3am when the clients tried to update usually with mixed results. With Debian GNU/Linux, I can just type a command and send it to running systems and GNU/Linux does the right things at my convenience, not M$’s.
oldman wrote, of the little woman, “I guarantee you that were she to have to tackle linux all by herself she would be back on a new windows system in a heartbeat.”
In all the years she used XP, it never ran more than a few weeks without giving her some trouble. I can guarantee that if I were not here and she had to pay for IT support, she would have migrated to GNU/Linux long before she did. The only thing that held her back was a thick-client application for work. That’s gone now; it’s a web-application and 99% works with GNU/Linux. They had to do that because real estate people wanted to carry lighter systems and that other OS didn’t run there. She was also high-maintenance when XP did run… but that’s another story. I don’t think she or anyone I know have run Vista or “7″. They either stick with XP or have moved on to MacOS or GNU/Linux. There are a lot of old PCs still working. A lot of her younger relatives hardly use a PC at all and use smart phones and tablets not running that other OS. There are reasons M$’s web-stats share is falling and PC-sales are stagnant.
She may well not have had an FTP server running on GNU/Linux but she did not have that with that other OS either. We had a real GNU/Linux server on the LAN. No need for that now that she’s running GNU/Linux. Her PC serves well enough for other devices on the LAN. Still we have to get her using a proper database for her stuff. It’s getting silly with her naming files “MyDocuments/MyPictures/2012_such_and_such/etc/etc”. She needs an index but resists learning anything new. That will come. We have to get her to actually name files first. She still writes lists on paper of the camera’s filenames. If it weren’t for the file-manager she would be totally lost.
oldman
–While I am not a developer, I am familiar with both API’s. There is a big difference between the windows ASPI sets and the poverty struck resources available under LSB.–
The reality is the LSB provides you with core you can depend on. Windows you end up shipping with Direct X runtimes, Windows updates …. All so your program works out box.
Nothing about the LSB design prevents other ABI’s being added on. This is what gets me I have not got why there has not been like the early dos days. Of commercials selling run-times for other commercials to use. The frameworks are there todo it.
oldman I am very suspect a lot that should have happened has not happened due to myth.
The other reality is without something being used it does not grow effectively. Linux Standard Base has party developed slowly due to lack of users.
oldman
–BTW hamster what windows applications do you develop, or is this yet another of your imaginary skills?–
Business to Business data migration tools. Yes kinda specialist. This means I have to develop on Windows, Linux and Mac OS X at times. This can be like records of roads, rail, builds and large machine care. Each of these companies use different ERP’s and record tracking systems. So you have to create programs to export and import records because the data from each of this software does not match up.
Just to be really annoying just because there ERP is running on X distribution this week next deployment might be on a completely different Linux Distribution. This is why I stick to Linux Standard Base. The only thing you can trust is the ERP interfaces.
For planning and operations knowing when machines will be viable is key same if roads will exist or being in a good enough state to take load.
Just to top this off these tools have to be usable by GUI also some end up as automated transfers between businesses at midnight. This gets very complex very quick because business privacy has to be protected as well. So the exports have to be stripped of particular data before they are sent across.
oldman again this is due to the type work I do there is nothing to find on-line. Its work someone has todo.
oldman I do bundle up the qt toolkit runtime a lot. That is the thing about LSB it is designed that you can bundle more run-times in. Since it does make my life simpler on 3 platforms doing the application in qt at times.
You might say why not Java or .Net . Not everywhere the program might need to run will Java or .Net exist or be allowed.
“You might say why not Java or .Net . Not everywhere the program might need to run will Java or .Net exist or be allowed.”
Whatever.
“Business to Business data migration tools. Yes kinda specialist.”
ANd yet you also manage to fix fences while you are jamming wifi with you mind.
aMAZing!
ANd you winder why some just laugh at you when you post!
oldman really no I don’t. Wonder why some people have limited points of view of what is possible.
Business to Business data migration tools are directly related to the fence repairs. Exactly what I am doing some people hate my skill set is a very particular job oldman. If you can work out exactly why a person need fence repairs and business to business data migration you will wake up why also I have done business with many different businesses and know why businesses fail.
If you can work out exactly why a person need fence repairs and business to business data migration you will wake up why also I have done business with many different businesses and know why businesses fail.
HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA…
you finally admit that you are nothing more than a handyman! Congratulations for admitting the truth for once.
Of course there is still the little matter of your documented apparent contention that you can jamb Wifi with your mind….
At any rate you now stand fully revealed as a fraud and a bullshit artist sir.
Enjoy your irrelevance.
oldman in fact no I did not say I was a Handyman. That is what you are saying.
I am a liquidator. I come in and either sell off the assets of the business or repair it. The broad skill set is a requirement. Massive travel is also a requirement. Dealing with many different businesses and seeing a cross section of the complete industry also happens.
Yes putting up fences to secure assets is part of the job.
A handy man does not work across the broad range of businesses I do. I am the person who cleans up after people stuff up. Someone has todo it.
oldman you are a true bull shit artist who lacks broad experience.
Are you that dumb you you don’t know the skill sets of a liquidator. Oldman???
oldman by the way a liquidator job title is never fixed because when we are repairing a business we have to take on roles that we can do that the business is lacking in current staff and do them.
Also we are part forensics. So anyone who as being stealing can be made pay.
Yes people hate you and it normal. Doing what I am doing you do have to be very skilled.
All the clues have been here what I was.
Most likely you have never talked with a liquidator.
Handyman never knows why business fails because he never sees the books.
Oldman the reality here is you don’t have the skill set to do my job. Also you have the complete wrong mind set. You could not even work out what it was. Yes this also explains why your years of experience mean absolutely nothing to me. How many people do you think I have meet who claim you years of experience who are the very ones who sent the business under.
This is why I am tough on particular mistakes. Also in my trade there is not a software budget when we get there. The business is in trouble if you cannot do it cheap you have to write the business off.
FOSS reduces the number of business I have to terminate. 100 dollars a person is down right expensive when you have a budget of 0 at the moment. Due to the level of debt they have when I get there. Option to take out a lone to buy software is not there. Closed source software would be sell of plant and equipment or fire staff to get it that is not a wise move if you are trying to save the business.
Maybe 6 months to 2 years down the track when there financial’s are sorted out could you even look at the closed source options. Not at the start.
Oldman you learn to make do when you do what I do. Really it would be fun to drop you in my job. Zero budget for software and hardware, business internal plans normally poorly done, having to fire staff who you know are good staff just you don’t have the money to keep them and save the business.
Doing my job every dollar counts.
Oldman answer serous-ally would you fire staff just so you could use MS Office? Or would you make do with LibreOffice so you could keep a few extra staff members. This is why I take offence when people say Microsoft Stuff is cheap.
This is also why I know every dirty trick of MS licensing and products. Since this can make the difference between a saved business and a dead one.
Before you say pirate software Microsoft Auditors love landing on businesses in receivership because they believe software pirates will be there.
Most of the recent ones to go under have not upgraded to MS Office 2010. So I have not had to know its licensing fully.
Needless to say, I don’t believe a word you say, Hamster. Nor I suspect do any of the others who have gone up against you and caught you out in your bullshit. You have repeatedly run afoul of
entia non sunt multiplicanda praeter necessitate
and now you are truly stuffed by another principle.
Daemoni, Etiam Vera Dicenti, Non Est Credendum
As I said, Enjoy your irrelevance.
oiaohm wrote, “Oldman answer serous-ally would you fire staff just so you could use MS Office? Or would you make do with LibreOffice so you could keep a few extra staff members. This is why I take offence when people say Microsoft Stuff is cheap.”
Touché! Lots of individuals and businesses go bankrupt. Sometimes it takes years for that to happen and if all the money wasted in the good times could be assembled in the bad times, failures could be saved. Once the money is spent on a depreciating asset, it’s pretty well gone. I laugh when oldman and the others say everyone in every organization should have M$’s super-duper-pro OS and PS and AutoCad etc. It’s not true, not wise and just plain foolish.
I was just reading about an organization that was in dire straits. They got IBM to sort themselves out: They switched to GNU/Linux on their old PCs used as thin clients of a few modern GNU/Linux terminal servers and LibreOffice and saved nearly $1 million per annum. For the size of the organization, a municipal government, it was huge. They even saved electricity and space in the server room and got vastly improved performance. Munich should have called IBM on Day One instead of trying to reinvent the wheel. They could have plated the City Hall in gold with the money saved over the years.
oldman you did not answer my question.
–Oldman answer serous-ally would you fire staff just so you could use MS Office?–
You avoid it. Its not just want I say. About time you come to reality Oldman.
There are huge numbers of companies that get themselves in dire straights.
Simple problem here Oldman you are pushing points of view that only work while the company you are in is doing well. When things go wrong you better be able to switch to be able to use FOSS where it will work.
That reporting you generate by puppeting MS Office. If you are tight that is MS Office being used somewhere its not required. You are not receiving outside documents. Calc xls or pdf file will do.
So in a case of tight MS Office goes to only staff receiving documents from customers that must be read. So will not be on a server.
Reality is if I had recover where you are You would hate me.
Oldman really no one should listen to you either. Because what you are saying is highly bias.
Mr O:
“Oldman answer serous-ally would you fire staff just so you could use MS Office?”
Salary of employee/month: $thousands
Cost of still using the license of MSO2003 you already bought: $0
(Cost of upgrading to every version of MSO Pro coming out: ~$8/month)
What was your question again?
Mr Pogson:
“Munich should have called IBM on Day One”
Or they could have gone with the offer from MS which was still cheaper. It was a political decision, not a financial one.
“You avoid it. Its not just want I say. About time you come to reality Oldman.”
A lecture on reality by someone who claims that they can jam wifi with their mind…
HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA
I am closer to reality than you will EVER be!
“I laugh when oldman and the others say everyone in every organization should have M$’s super-duper-pro OS and PS and AutoCad etc. It’s not true, not wise and just plain foolish.”
When did I say everyone should have AutoCad Pog?
The fact of the matter is you havent a clue about the requirements of a large institution, and neither does the hamster.
oldman wrote, “The fact of the matter is you havent a clue about the requirements of a large institution”.
I have worked in schools with 4K people in one building. You bet I know what IT folks need as opposed to what Wintel wants them to have. I once took a course from a big university and was told I must run certain M$-only apps. I figured out what those apps did, found GNU/Linux software would do the job and carried on. It was fine with the instructor, despite her being part of a huge Wintel-only IT bureaucracy. In all my years of teaching I never saw any task that really required that other OS. If you doubt that look at school divisions who went from M$-only to GNU/Linux only. They laughed all the way to the bank saving money.
Currently all of our Secondary Schools use Linux and FreeBSD for virus, and web content filtering.
In 2006 Barriere Secondary was the first high school in our district to have all it’s student, teacher, and admin workstations converted to Linux. September 2009 we finished converting our last 3 high schools to Linux Desktops.”GNU/Linux works in education for organizations large or small and education is very big business.
ch wrote, “the offer from MS which was still cheaper. It was a political decision, not a financial one.”
Sure, occasionally a drug-dealer will give a discount. That does not mean it’s a good plan in the long run. Munich would have bought one or two more rounds of licences they didn’t need if they had taken M$’s offer. The net result: Munich has saved $millions: “If the city had maintained the Windows infrastructure as it was in 2005, the associated costs would have amounted to €11.8 million (£9.8 million). However, since then the number of computers increased significantly, and Munich would have spent an additional €1.65 million (£1.4 million) on new software alone, Ude said.
Even taking into account the €2.08 million (£1.73 million) for optimisation and test management that ended up on the balance of the LiMux project, the LiMux system is cheaper than using a Windows installation, Ude noted. Upgrading the Windows systems to a level comparable to the LiMux infrastructure, including hardware needed to run the software, would have cost the city at least €15.52 million (£13 million), he said.”
Now that the migration phase is ending, the savings will be even larger in the future.
ch really go read you volume license agreements. By the time you get it for the liquidation process those can be rendered Null and Void.
–Cost of still using the license of MSO2003 you already bought: $0
(Cost of upgrading to every version of MSO Pro coming out: ~$8/month)–
This mostly does not apply once you have dug self into hole and needing to be dug out. Only applies if you have not dug self into hole. What licenses are not voided is all you have to work with in receivership and liquidation.
http://ladylicensing.wordpress.com/2008/06/22/microsoft-open-license-transfer-what-you-need-to-know/
Yes transfers due to different events that could have happened could be impossible. Yes nothing uncommon doing liquidation to find yourself insanely short of software because the licenses cannot be transferred. Legal tie up in courts before the company goes to liquidation can see the company cease trading 90+ days before the Liquidation process starts this renders the licenses non transferable.
–Salary of employee/month: $thousands–
Ch how much do you have to find to replace a business software from nothing. What is were you basically are in lots of cases. Thousands need right now or use FOSS. This is why I don’t care that libreoffice is a few feature short. It gets the job the business needs done now without breaking bank.
I said 6 to 12 months if you can live past that you can have enough income back in to bring the closed source back in. To be correct 6 to 12 months you should have enough income if the company should have be revived in the first place.
This is why I said oldman and ch are not qualified for what I do. You will presume you still have software without understanding that most of the software installed is now legally stolen because the entity it was sold to is no more and transfers were not done in time and after the time window its impossible todo the transfers.
–Customer must complete and send to Microsoft a transfer notice in a form which can be obtained from http://microsoft.com/licensing/contracts within 30 days of the date of transfer.–
In fact you can find yourself in the same event after a take over or company name change as well.
Yes there are nasty events that see your Volume license stuff go by by. Retail and OEM stuff sticks to the machines. Anything else can be gone with no means to recover. You know like those server licenses you got by volume.
My key job is to be able to look at operational requirements and acquire FOSS software were able to replace the software the company has lost. To give the company a sporting chance of getting back on feet and pay back the creditors. Without people like me the company is a write off and the assets will be sold off at a lose. A going concern is worth more. Cost of straight up replacing the lost software without being able to operate for longer assigns the company to death. The process that leads to liquidation can already seen the company not trade for a while.
Common presume of these trolls that writing english is important. Liquidation is a team project. You have Legal, Accounting and Infrastructural members. Now if I was Legal or Accounting writing in Liquidation is highly important. That I am Infrastructural writing is not that high on the importance. Being able to produce invoices of what has been done is enough. If staff in the business cannot write the Infrastructural documentation with guidance to save it the business is not worth saving. Since it will fail again when we leave. That is a shocking thing. For what I do not being able to write perfectly is an advantage. Since the admin staff you will leave have to be able to.
This is the thing I took a job that suites my weaknesses.
ch answer the question. If you had to choose between a Staff member or using Microsoft products what would you choose?
Remember I have to make that choice because the license that the company had is now no longer exists.
Now same case happened in non dead companies. They merged a company in someone missed doing the license transfer document inside the 30 days or it gets lost in the mail. So now those company volume licenses are no more.
The reality is businesses where core runs on FOSS tech are far more likely to live through the liquidation process. Why they still have some operational software that can be straight up used. So less disruption to operations.
Redhat and SUSE will cut liquidators some slack. Microsoft does not.
ch 8 dollars a month is fine if you don’t have to pay like 5 years on every machine straight now because your volume licenses are gone. As you find doing liquidation.
Oh joy, a lot of numbers to play with!
OK, so updating all PCs to current Windows and Office would have cost €15.5m. The LiMux project aims to only convert 80% of these, which would equal €12.4m. Cost so far, with 2,000 PCs remaining to be converted: €11.7m. Oh, the millions they saved!
“ch 8 dollars a month is fine if you don’t have to pay like 5 years on every machine straight now because your volume licenses are gone. As you find doing liquidation.”
Wow, you might have found a corner case were the piddling license costs could eventually play a role! But if your company is in liquidation, it means you can’t pay your employees anyway – and just between you and me: That software on your PCs won’t magically stop working just because the company changed hands.
ch, assuming numbers from June still apply in September, wrote, “with 2,000 PCs remaining to be converted”.
Ever heard of a “learning curve”? You can bet that Munich is not slowing down in its rate of installations and that they have all their ducks in a row by now.
“ch, assuming numbers from June still apply in September”
The article you linked to was “Published 12:17, 02 April 12″ and quoted Ude as saying: “The current impact on the budget for the LiMux project amounts to a total of €11.7m” (emphasis mine). So until April, the total cost has been said €11.7m, and “As of March 23, 10,000 systems were running LiMux [...] By the end of 2012, 12,000 computers will have been switched”, with probably some more costs accruing. And something I find suspiciously missing in the official statements: When the project started in 2003, it was because those PCs were still running WinNT. Are the last 2,000 PCs to be converted still running NT? If not: What happened?
It seems to me that they were actually doing two conversions: The official LiMux project – and a quiet update of all PCs to probably WinXP, which was not part of the project, was not even done as a proper project, and with the costs hidden away somewhere. It takes a politician – or a true believer – to talk all that into a success.
ch wrote, “It takes a politician – or a true believer – to talk all that into a success.”
Getting away from the M$ tax, malware, re-re-reboots, etc. is a victory however you do it. In the process, Munich modernized the control system as well, something they would have done with that other OS at great expense, CALs and all. Typically large organization have a phased update cycle but if they were using NT4 in 2003/4, their phase must have been at least 4 years, perhaps longer. I imagine NT4 would have continued running a while even without updates if they managed the network stifly. Even a political decision to go with that other OS in 2004 might have taken a year or more to do without the modern tools.
You and I are not there so we don’t know all the details but the result is what counts and they are saving money compared to sticking with Wintel forever. It costs almost nothing (no per-seat charge) to update a GNU/Linux system and they can keep the clients indefinitely by making them thin. The one big mistake they made was deciding on thick clients. That’s totally unnecessary for most users not doing multimedia stuff. If they do that the cost of their next hardware cycle could be halved again.
“Getting away from the M$ tax, malware, re-re-reboots, etc. is a victory however you do it.”
Moving the goalposts, are we? The claim was that Munich saved sooo much money, and it seems quite dubious.
“I imagine NT4 would have continued running a while”
Technically running it would be, but after end-of-support it would be criminally negligent to continue to use it. And installing it on new hardware – if a PC broken after 10 years of use needs replacement – might be difficult.
ch wrote, “it seems quite dubious”.
Clearly Ude is not a lying bastard or the good citizens of Munich would not re-elect him. GNU/Linux is a lower cost solution even if the cost of converting templates, documents and applications was high because that was a one-time deal and they can upgrade indefinitely for a small cost thanks to the automation they have and the $0 licences. Do the maths. The mayor has. He has accountants and auditors.
While I think Munich did the migration in the most expensive manner possible it was their choice and their prime motivation was not to save money. That is a side-effect of escaping monopoly pricing.
“the good citizens of Munich”
It just so happens I am one of those. Unfortunately, I don’t have any direct sources within the city administration. (However, one
acquaintance of mine works in Munich Public Works – Münchner Stadtwerke – which, organised as a private company but fully owned by the city, takes care of infrastructure from sewers to public transport. No, they are not even considering switching to LiMux.)
I’m not saying that Ude is “a lying bastard”, but he is clearly spinning here: According to those “official” numbers from your link, they are barely saving anything after almost ten years, and there is absolutely no mention of what happened to those NT installations: Do you believe for a minute that the 2,000 PCs that were left to be migrated this year are still running NT? It seems that a migration from NT to XP was done “under the radar”, without proper project management or anything and the costs swept under the carpet.
“their prime motivation was not to save money”
Thanks, that’s about what I said.
ch wrote, “absolutely no mention of what happened to those NT installations”.
Whatever happened to those machines or their replacements, they are not running M$’s office suite. They may well be still running legacy applications that could not be migrated which is the reason those workstations were not migrated to GNU/Linux. In 2008, I worked in a place that still had a bank of Lose 2K running, not much older than NT4 (29 July 1996).“Since 2009, all PC-workstations have been provided with OpenOffice.org, Firefox and Thunderbird”
The 7th page of this presentation shows 10% of business applications in Munich had to be left running on that other OS.
UDE is reported to have ignored the licensing costs of that other OS in his calculations, “Ude said that he didn’t take into account costs such as the licence fees for essential software upgrades that a Microsoft infrastructure incurs every three to four years, but which don’t exist with LiMux. Licence fees for the current versions of Windows and Microsoft Office alone would cost about €2.8 million for the city’s PCs, he added.”, so what happened to the NT machines is irrelevant. They had a savings with the machines that did migrate, a huge savings. see H-online.
It never ceases to amaze me that folks think that software that costs $0 such as GNU/Linux and stuff already paid is somehow more expensive than staying on the Wintel treadmill. Do the maths. The Wintel treadmill will run until the wheels fall off filling M$’s coffers. That money comes from somewhere. The cost to support FLOSS in my experience and that of others is much less.
“essential software upgrades that a Microsoft infrastructure incurs every three to four years”
See the spin in action: You don’t need to upgrade Windows and Office “every three to four years”. If the city had done an orderly upgrade to XP and MSO 2003 in ~2004, then they could start now to upgrade to Win7 and MSO 2010. The first upgrade apparently was done anyway (just hidden), and the second wouldn’t have cost €15m.
“to a level that is equal to the current status of the LiMux project”
Sure, LO and Thunderbird are on the same level as MSO.
“It never ceases to amaze me that folks think that software that costs $0 such as GNU/Linux and stuff already paid is somehow more expensive than staying on the Wintel treadmill.”
Of course it baffles you – because you don’t have any business sense, you only see that magic $0-license-fee-sticker and nothing else. Hint: Two to three hours lost per employee for retraining and coming to grips with the new environment completely erases that price differense.
I just was reminded of Joel Spolsky again: http://www.joelonsoftware.com/articles/StrategyLetterV.html
You really should read it someday.