Wintel is Fragmented

Have your heard the endless prattle about FLOSS being fragmented and how bad that is?

“The wide variety of delivery mechanisms, installation tools, and overall approaches to updates across the full breadth of applications makes it impossible to push all updates through [the Windows Update] mechanism,” said Rahman said. “As frustrating as this might be, it is also an important part of the ecosystem that we cannot just revisit for the installed base of software.””

Chuckle. What I can do with Debian GNU/Linux, update any number of PCs from top to bottom, all the software on them, from a web server or local server, is beyond the mighty M$.

for f in list_of_machines;do ssh $f “apt-get update;apt-get upgrade&exit” ;done

Seems easy for me. Why can’t Wintel do it?… They don’t/won’t share. It all comes down to that. No sharing means a big headache for hundrdeds of millions of users of PCs. Endless re-re-reboots. Endless updates. Endless malware and bots running on machines not up to date.

see NetWorkWorld – Microsoft: We won’t update others’ Windows apps

I recommend Debian GNU/Linux, the software that works for you.

UPDATE A part of the changes to make “8” will be a consolidation of re-re-reboots into one reboot per month where possible. The trolls here who claim re-re-reboots are no problem for competent users are again proven wrong. Even M$ admits re-re-reboots are a problem that needs fixing. Of course re-re-reboots don’t bother those of us who use GNU/Linux because we get to choose when and if we reboot. I have enjoyed that capability for a decade and love it.

About Robert Pogson

I am a retired teacher in Canada. I taught in the subject areas where I have worked for almost forty years: maths, physics, chemistry and computers. I love hunting, fishing, picking berries and mushrooms, too.
This entry was posted in technology. Bookmark the permalink.

19 Responses to Wintel is Fragmented

  1. oldman says:

    “oldman why do you even have to ask the question??”

    I asked the question because I wanted to see what you would say. The resulting torrent of noise was predictable.

    You not being honest Mr. Ohio Ham. The real reason that you use linux is that you believe in the community way of computing and have a violent dislike of closed source commercial software.

    All else is IMHO baloney.

  2. oiaohm says:

    oldman why do you even have to ask the question??

    1 My debian does not run on a debian provided kernel. Only section of my kernel that is not fully audited in my video card drivers. Extra resistance to buffer overflows are implemented from complier.

    2 my system does run with selinux fully on and extras. Almost to full conformance to the rainbow books the USA government did produce what are still some of the best books on secuirty design.

    Linux is quite secure really oldman. Updates do deploy.

    Really I am looking forward to the Journal update that will come with systemd. Yes at long last they are putting in something that is a upgrade to syslog.

    BSD and Solarias secuirty history might be great but its hardware support is very sad. I did start off on openbsd before moving to Linux. I would most likely still been on openbsd if there had not been issues with hardware support.

    Of course I have looked at Minux 3 as well but hardware support stops me going that way.

    Most of my limitations are defined by hardware. So for the hardware what is the most secure thing I can run. Linux does win quite often. Of course not something secuirty crap like Ubuntu. Try running Ubuntu with a stock kernel.org kernel and guess what it don’t run properly so it contains patches that have not been proper third party audited. Debian and Scientific Linux I can use stock kernel.org or any hardened relation.

    This is my big problem with Windows oldman I cannot see the auditing process of anything. I am meant to trust in blind faith that MS is doing the auditing process correctly. Yes this is why AIX and other items are not that highly trusted by me. I don’t like giving blind faith to workmanship. Secuirty you must be able to audit.

    Robert Pogson network working perfectly also requires the servers to respond perfectly on time. WSUS is just way to touchy. Stupid as it sounds I have had WSUS perform better on 100 speed networking to clients with a 1g to server.

    CAT 5e 100Mbit/s is fine 1 Gbit/s you do get background interference cable to cable at any bundle location. CAT6 is what should be used for 1G if you are after absolute perfect. Of course this is part of the problem business pushing 1G through Cat 5e fine with Linux that can tolerate a little bit unstable. Windows not fine.

    7 server is also a issue. How many were running ADS as backup to each others delays of 0-30s I have seen due to the way windows replicates ADS. In theory users should have faster access to ADS with it replicated to there location problem is this does not turn out to be the case.

    Basically MS design does encourage either split networks or one huge powerful mother server so it performs.

    The issue is another bug in design. Where Samba LDAP is very strict. Downstreams are read only in samba. This is not the case with ADS so you send a request to a ADS server and it goes ok have you been to any other servers with a ADS request that might not be synced. Multi server ADS can cause these lag issues.

  3. I have seen a hundred cases of malware infection in that other OS if I’ve seen one but I have never seen malware in GNU/Linux in a similar number of systems. Usability of GNU/Linux is just fine. If you don’t like something about how it performs you can tune the kernel, the file-system and the applications.

  4. oldman says:

    “If a OS cannot update properly it becomes a secuirty liability. Remember I am old school Oldman. Secuirty trumps Usability.”

    So why do you use Linux?

  5. In my experience a mixture of that other OS and GNU/Linux is not optimal. Even where that other OS played a minor role it was a major burden.

    When I was using WSUS, the network was solid. The cabling had been professionally installed with CAT 5. The only glitch was that the server area had been moved from an overheated wooden box downstairs to a storage space upstairs and during the move the link between downstairs and upstairs had been left 100 mbits/s. I fixed that and made it gigabit/s just by moving a 24+2 port switch downstairs and used CAT 5 as a gigabit/s link. The distance was only 50 feet or so and the change worked perfectly with a noticeable improvement in speed from the servers to downstairs. The network was not part of WSUS problem. Servers were. In tests of Samba on thick clients I witnessed random delays of AD responding to requests with delays of 0-30s from an idling server. The servers were dual core 3.2gHz 2003. The place had 7 servers even though 2 or 3 GNU/Linux servers would easily have done the job. The number of clients was ~100, 48 in labs and the rest in classrooms and offices. The software had been professionally installed but there were major issues with roaming profiles, AD and WSUS. Some clients took 2 minutes to boot to a usable desktop even though GNU/Linux could do it in 30s on identical machines. I put a wiki in a GNU/Linux virtual machine in one of the newer servers and it rocked. Hardware was not the problem. That other OS was.

  6. oiaohm says:

    “As opposed to the linux desktop which as far as many are concerned is buggy in MANY of its aspects, aspects that you have noted yourself.”

    Oldman I don’t try to white wash the bugs away. I except the fact at this stage a mixture of Linux and Windows is the most effective.

    Remember I like to know the bugs I will run into and where they are. This point of view of me does not change when I am running Linux or Windows.

    If a OS cannot update properly it becomes a secuirty liability. Remember I am old school Oldman. Secuirty trumps Usability.

    Jan weather you like it or not WSUS is sensitive to network bugs and issues.

    So places with networks working perfectly might think WSUS is brilliant. Robert Pogson case is not the same working in education where hardware may not be perfect. OS tolerance to network issues to get updates is a requirement to reduce staff over heads and maintain secuirty.

  7. Well, you should go home if you refuse to believe anything you don’t witness yourself. Probably the whole Internet is of no value to you. I saw WSUS and clients failing to update.

  8. JairJy says:

    “I am not alone in that experience. “wsus updates failing” finds 1700000 hits on Google.”

    Interesting, “wsus updates working” finds 6,880,000 hits on Google. “excelent wsus updates” shows me 3,320,000 results and 2,450,000 hits for “I love wsus updates”.

    But you know what? I don’t believe search results as demonstration of a point. Search results shows nothing because can’t be used as a fact.

  9. Moxy is banned. I cannot find any reason to keep allowing him to comment here. No substance whatsoever can I find in the above comment.

  10. Moxy says:

    you demonstrate once again that you have no idea what you are talking about.

    It’s the lack of good diet (he only eats instant mashed potatoes) and he’s sniffing glue with the locals.

    It’s funny though, he’s now become predictable with rebuttals like “A few years ago…” blah blah blah.

    Pogson will never get it no matter how clear truth and fact are in front of his glue covered nose.

  11. Phenom wrote, “Obviously your network was an administration fiasco, when it was possibly to manually trigger updates on top of a WSUS server. You know, when you would use a WSUS server, all other means of updates on workstations should be completely disabled.”

    Twit. You can either run the the client application on the PC or command WSUS. They both work, sometimes.

    “wuauclt /detectnow” on the client will trigger an update.

  12. GNU/Linux is known to have many fewer bugs than that other OS.

    “Consensus estimates of accumulated code volume peg Microsoft operating systems at 4-6x competitor systems and hence at 15-35x competitor systems in the complexity-based costs in quality. Microsoft’s accumulated code volume and rate of code volume growth are indisputably industry outliers that concentrate complexity in the periphery of the computing infrastructure. Because it is the complexity that drives the creation of security flaws, the default assumption must be that Microsoft’s products would have 15-35x as many flaws as the other operating systems.”

    See Cyberinsecurity: The Cost of Monopoly.

    That was written in 2003 when XP was newish. XP used to fit on a CD nicely. Now it takes a DVD. GNU/Linux has fluffed a bit as well. In those days you could boot Linux from a floppy. Still the ratio of increase for that other OS is astronomical in comparison. While Debian GNU/Linux can manage ~1000 known bugs for its entire repository in all architectures, that other OS is believed to have shipped with 50K known bugs in just the OS for Lose ‘9x on a single architecture. When Vista came along, even though great improvements in code management had been applied the estimate was still around that level.

  13. oldman says:

    “Basically windows is buggy in some of the most critical areas.”

    As opposed to the linux desktop which as far as many are concerned is buggy in MANY of its aspects, aspects that you have noted yourself.

  14. oiaohm says:

    Phenom maybe to a windows techs the miss behaviours of WSUS seams normal. But to Linux people and solaris and most other OS’s there is something wrong that most don’t put finger on.

    Its clearly displayed in WSUS web interface. There are only three states. Not installed, Failed to install and Installed.

    What are the apt states. Not installed, Failed to download, Failed Checksum or arch check, Failed to install and installed.

    Apt will try at the next update cycle to attempt again anything that failed download or failed checksum. Where the windows update system does not reattempt without manual intervention.

    Setting clients to take updates at particular times can work around network noise and other issues that are causing failures. In fact is one of the recommend methods by MS to attempt to deal with WSUS annoyance. Not everywhere has the most correctly installed network cables. Yes APT is more tolerant in partly hostile network just like most Linux BSD and solarias package managers are.

    Next is a windows update annoyance only installing so far into the update cycle before demarding to reboot the machine before installing the rest of the updates. Again this is another reason for a machine to drift behind in updates people who have not been turning off there computers or rebooting.

    Basically windows is buggy in some of the most critical areas.

  15. Kozmcrae says:

    Wow Phenom, your powers of observation and investigation are nothing short of miraculous! You solved a problem over a distance of time, culture, and countless tweaks to an already complex system with just a few known parameters. What the hell are you doing posting an endless stream of comments on blog when you could be harvesting a ton of money on your incredible talent?

    I guess that would make you stupid in at least one of your endeavors.

  16. Phenom says:

    Pogson, just by saying “I had to manually trigger the updates on those machines usually on my lunch hour. I know what I am talking about.” you demonstrate once again that you have no idea what you are talking about.

    Obviously your network was an administration fiasco, when it was possibly to manually trigger updates on top of a WSUS server. You know, when you would use a WSUS server, all other means of updates on workstations should be completely disabled. When a new update comes along, it is up to the admin to decide when to push it to the masses, and whether to push it at all. Otherwise, you simply discard the whole idea behind WSUS. Some poor moron had made a mess in the network, and you give that as an example to demonstrate your expertise.

  17. oiaohm says:

    Forgoting of course that APT is more flexable than what WSUS is when things have gone wrong.

    APT does still have a Sneaker net option(for those that don’t know refers to human carrying disks between computers).

    So you can run network fully with no network access ever and keep them upto date under APT.

  18. A few years ago I was in a school that had a server dedicated to WSUS. On every occasion when patches were released by M$ a small but annoying random percentage (~6% of 100 machines) of machines would not take the update the first night. Rather than risk another day of vulnerability, I had to manually trigger the updates on those machines usually on my lunch hour. I know what I am talking about.

    I am not alone in that experience. “wsus updates failing” finds 1700000 hits on Google.

    In my case, it was not any misconfiguration but just a random failure to update. We had three different categories of systems and the problem affected every category. The problem existed the whole school year. At first I had the system set to manual updates pushed at 0300. Later, I changed it to automatic updates at 0300. It made no difference. My predecessor told me he had the same experience for years. It was one of the most frustrating years of my life. GNU/Linux had no such problem but the boss would not allow me to convert the whole system to GNU/Linux. I did convert the junior high school lab which could only keep 14 machines running with great difficulty with XP. With GNU/Linux I had 24 machines running flawlessly when I left. I used the old 8-10 year old machines as GNU/Linux thin clients running from a GNU/Linux terminal server. The performance was superior to the thick clients in the high school lab with newer machines.

  19. Phenom says:

    Pogson, I am admired how you insist to demonstrate your ignorance on topics like WSUS (http://technet.microsoft.com/en-us/windowsserver/bb332157). Updating a bunch of machines is just a few clicks for administrators. Please do a basic search before going into yet another overjoyous hail of ignorant MS hate.

Leave a Reply