Windows Cheaper to Patch Than Open Source? 473
daria42 writes "Is Windows cheaper to patch than open source software? Of course this Microsoft-commissioned report thinks so - but a number of people disagree, including a key Novell Asia-Pac exec, Paul Kangro. Kangro highlights problems with the report including the fact that it refers to problems faced by administrators before 2003: before significant improvements were made to Linux patching tools. 'We didn't have tools like Xen for Linux then,' says Kangro. 'When I patch my Linux box I don't need to bring it up and down any number of times.' Kangro also points out the report doesn't mention costs associated with rebooting systems after a patch is applied."
Well. (Score:4, Insightful)
Not exactly objective.... (Score:5, Insightful)
Can someone tell me why this is news?
Re:Well. (Score:2, Insightful)
Cheaper, maybe... (Score:2, Insightful)
Cost of Rebooting??? LOL (Score:2, Insightful)
I didn't RTFA but any company that is going to lose more than a few pennies from a reboot is going to have redundant servers in place already. It is not difficult to stagger the application of patches to server machines in a farm, which all but eliminates the cost of a reboot.
Anything from Novell that is spoken against Microsoft is suspect anyway. I'm not a big Microsoft fan, but the animosity between the two companies is well documented.
Flawed (Score:4, Insightful)
Any company where the majority of the cost is in the patching process itself, rather than the testing of the patch, the secondary servers in the test lab that they can make sure it doesn't blow services up on, the payment of skilled people to identify the problems and fix them *when* they happen and various other people costs is of course going to be more expensive than "I set up windows updates once, so now it updates me magically whether I like it or not", even without the reboot thing.
There is also some really iffy logic in breaking down one single piece of the ownership cycle and claiming that it is cheaper and ignoring the rest. I tell you, paying for college for my persistently vegetative child is uber-cheap, I can't say enough for persistent vegetation...
Re:Well. (Score:3, Insightful)
If they're talking about the "cost of patching," they're talking about large corporations. Large corporations have people in charge of IT who, we hope, have some idea how to use a computer.
It really doesn't take much to patch most new-ish linux systems. is probably one of the most complicated, and that's all there is too it.
Reboots (Score:4, Insightful)
Re:Reboots (Score:4, Insightful)
Re:apt vs windows update (Score:2, Insightful)
Now if microsoft used windows update to replace products on consumers' machines with microsoft alternatives, THEN i would be screaming MONOPOLY at the top of my lungs. But fortunately not even they are that stupid.
Re:Cost of Rebooting??? Don't LOL me! (Score:5, Insightful)
How about desk-bound employees and their patches? Don't we count?
I use a lot of non-MSFT apps, and if one of them fails to work with the patched Windows system, I'm goung to lose a lot of time. I've already had one "security patch" to something do wierd things to my system, making it impossible for me to see the hard drive password prompt. Multiple that by every laptop in the company and you have a lot of support calls.
Another "security patch" seems to have hosed the network finder so that it can't automatically pick up a new IP address from the LAN. I have to manually change the settings and ..... guess what? REBOOT to force it to pick up the new IP address. Every time I have to log on from home, that's TWO reboots and two manual interventions to what should be automatically happening.
emerge -uDN world (Score:2, Insightful)
A point we often miss (Score:5, Insightful)
While this is a whole lot better than Windows, they are getting closer.
And... Well... The fact it was paid by Microsoft says nothing about the report. I sure would like to see the other reports paid by Microsoft that say FOSS is cheaper, more reliable, more ethical and that are tucked away somewhere in a folder marked "secret"
Microsoft is getting desperate (Score:3, Insightful)
Re:apt vs windows update (Score:3, Insightful)
It just installs security updates.
That way, I don't need to worry about database upgrades, configuration file changes, API/protocol changes etc. etc. etc. Everything that ran before, runs afterwards, unchanged.
*that* is cool. If you're running production servers in the real world at least
Re:apt vs windows update (Score:5, Insightful)
Yeah, because it would be better if it didn't remind you and you left your system unpatched.
No, it would be better if it [Windows Update] reminded me once and then respected my decision.
Re:A point we often miss (Score:3, Insightful)
Except that rebooting a computer takes around 2 minutes (maybe more if it's a heavy server. Restarting the DBMS (which is already cached in RAM, remember) should take less than a second. If you get phone calls then, just pretend you went to the loo for a minute and wait for it to calm down :-)
Re:A point we often miss (Score:4, Insightful)
Re:apt vs windows update (Score:2, Insightful)
I'm using Suse 9.2, and while the auto-updates in YaSt seem to work very well and only occasionaly ask for a reboot, they don't update things like Firefox with any patches I can see at all. I wanted to go from the included beta release to the 1.01 awhile back and had the damndest time installing it to somewhere where I could find it and run it. (I admit, it gets easier as I get used to it). However, I think just clicking on the EXE in Windows and having the newer firefox install run is a hell of a lot easier; it's less steps even for people who are experts.
For the things that Windows Update does patch (Windows, Exchange, SQL, Office, etc. shortly as they are almost ready to release from Beta the Microsoft Update) it does pretty well - but lots of reboots.
As I mentioned on my Suse - YaSt does well, and rarely has me reboot (I think twice so far).
But, the thing is - patching stuff like GIMP, Firefox, etc. doesn't seem to be as automatic and easy under Linux as it does under Windows. Hell, I was running PaperPort on my Wife's Windows machine the other night and it automatically updated itself to 10SP1. Until more of the FOSS ones can do that, I think patching of applications outside of the OS is easier on Windows than on Linux.
Uh huh (Score:5, Insightful)
e.g.
echo 'ALL:root: 15 18 * * *
Where the crontabs are centrally managed, patchme checks for resources, goes to sleep for a while, runs OS, platform and rev specific patch download and install subroutines which run yum update, apt-get update, patchadd, rpm -Uvh etc. Report progress to a central monitoring system like Big Brother or Zabbix as the patching process runs through the various stages.
Even talking about the cost of the patching process itself is missing the point. Anyone who has a lot of machines will already have a largely automated enterprise wide cross platform patching system in place. Applying a specific patch will be a case of dropping a pre-tested file into a directory on a file server. If you don't have such a system WTF are you doing wasting your time on Slashdot?
troll bait (Score:2, Insightful)
Re:apt vs windows update (Score:2, Insightful)
Sorry, I know that it can be a pain sometimes, and I'm not trying to poke you and tell you how/when to reboot. Maybe a better solution would be for Windows to pop the window up every 10min, but don't give it focus.
Story? Please? (Score:4, Insightful)
Re:apt vs windows update (Score:3, Insightful)
So you're complaining that you chose to install the patch that required a reboot? Why didn't you wait until after you completed whatever critical work you had to do? User makes choice. User doesn't like consequence. User blames vendor. Sigh.
To a certain extent. I made the decision the night before, but wasn't prompted to reboot when I arrived back in the morning. It wasn't until I'd started work - on something that, naturally!, couldn't wait - that the popups started. I *do* blame the vendor for creating a system that doesn't respect my choice: "no, I don't wish to reboot now". That should be it, end of story (leaving aside the "why does the bloody thing *need* to reboot when every other box I' involved with seems to manage an update without this degree of hand-holding).
Re:XP with SP2 finally solves the patching issue (Score:2, Insightful)
Re:apt vs windows update (Score:3, Insightful)
Still doesn't explain why my choices are all ghosted out, while logged in as administrator. If grandma even got this far to change the settings, what would she do next? Also, your default selection wasn't the selected item on my screen.
teach grandma how to get her syntax exactly right at the command prompt. That's much better.
A lot of Grandmothers were skilled at typing. After all, keyboards were around long before they were on computers. Spell checks weren't available to save them from mistyping what they read. The Post-It apt-get instructions on the monitor would be followed verbatim.
Report might be right. Don't ignore the problem... (Score:5, Insightful)
Sure this is an inconvenience, but (still) overrated. It's just not a major issue to reboot a machine. Word. Move on.
What continues to be a major road block to widespread adoption of Linux by the masses is not just patching, but just installing applications at all. It just can not be said with a straight face that installing patches or an application on Linux is as easy as with Windows for average computer users. There are just way too many pitfalls that can trap a user in hours and days of searching for strange dependencies and other things. And a smooth GUI installer....
Re:Get the facts? (Score:5, Insightful)
Re:Well. (Score:2, Insightful)
Redundant doesn't just mean untimely - it also means unnecessary, useless, of no added value. So the first post, if it simply repeated things from the story would be redundant. Find a dictionary, and read it sometime.
Re:Well ... Insightful? Hammer geeks unite ! (Score:3, Insightful)
a) Nothing in the report suggests the users 'have no idea how to really use a computer';
b) Nothing in the report remotely suggests anyone is not willing to learn how to use a computer;
c) Everything suggests that people do think. The thinking might be along the lines of: "My computer is a tool. Do I really need to know how to fiddle endlessly setting up the tool?"
Why is it that there is no questioning buying precooked food, taking appliances and vehicles to repair shops for the simplest of servicing, or the persistent use of a favoured carpentry tool because it's 'done the job fine for x years'. And yet when someone treats a computer simply as the tool it should be, they are branded 'fearful of change' and 'unthinking'?
What would you think if there were hammer geeks who spent endless amounts of time refining, modding, and configuring their hammers? Geeks who felt that only unthinking losers wouldn't change their hammers every six months. Geeks that felt it a pathetic display of ignorance that someone would not take the time to know their hammer intimately. Geeks that could endlessly debate shaft lengths, handle materials, and head geometry. In all likelihood, there would be a very large body of people who would think, 'It's a fscking hammer. I don't want to be a craftsman or hammer designer. If the thing don't hammer simply, it's of no use to me.'
Re:Well. (Score:2, Insightful)
A Truce? (Score:4, Insightful)
Re:Well. (Score:3, Insightful)
Used properly, a package system is a solution, not a problem. When I want to install something I don't even consider dependencies, I simply type "up2date " and it pulls in everything that package needs and installs them in the proper order.
The only real downside is that third party packages are often poorly created. Failure to follow platform conventions (e.g. paths) is the most common "sin". Ultimately I think user oriented distributions need to settle on a more reasonable release schedule. The ridiculously short cycle of Fedora (4-6 months) is way too volitile and really hinders any meaningful packaging effort, and the glacial cycle of Debian (almost 3 years since the last major update) precludes support for modern desktop packages. As the major desktop technologies (Gnome, KDE, Mozilla, etc) mature, this should help to rationalize distribution release cycles as well.
The most common end user mistake, in my experience, is circumventing the package manager - forcing packages, ignoring dependencies, installing from tarball, etc - and then wondering why it doesn't work. To some degree it's understandable. There is plenty of cool software out there that's simply unavailable without building from scratch, and a lot of the people who try Linux are curious and want to explore the cutting edge. But it should never be forgotten than on the cutting edge things break. A lot. Sometimes dramatically. If you want stability and predictability, you simply have to wait until the bugs are ironed out and things are neatened up for "mass market" distribution.
Re:Report might be right. Don't ignore the problem (Score:1, Insightful)
oh and by the way... it is a major issue to have to keep rebooting a machine
Installing Is Hard On Windows (Score:4, Insightful)
A "sin" Microsoft cultavated along time ago is confusing "installing" and "configuration" together. If you tie both of these process together it makes support murky. Did the installation fail to place files or did it mess up setting some value somewhere? Installers should be concerned with tracking/placing software components. Programs should be concerned with configuration. Because of MS including this level of complexity it also had the side effect of making it hard for a user to inspect packages before installing. There is no way for a desktop user to find out what a MSI package provides, what it requires, etc before installation. Another side effect is that people writting installers are often forced to package all depedancies with their application instead of making seemless stacking installs.
Making a Windows installer actually enforce component dependancies suffers from the same "DLL Hell" type problem that has plagued Windows forever. Most installations are written loosely: you can uninstall CompA which ProgramB depends upon and the system happily complies.
With all of that said, Windows installers are bad. Linux and other Unix-like systems are okay but they are more interested in software integraty than ease of use. You can't beat Mac: Drag a folder into the apps folder and its installed, take it out of the folder to uninstall it. At this point I can't imagine why anyone would any system to be more like Windows.
Re:Well ... Insightful? Hammer geeks unite ! (Score:2, Insightful)
Your analogy is a bit skewed. A hammer doesn't exactly have the same power in society as a computer. A hammer can't communicate with another hammer. A hammer doesn't hold bank records or social security numbers or credit card accounts. A hammer doesn't spread hammer viruses that allow other hammer users to steal that information. A geek hammer user doesn't use his hammer skills to exploit the weaknesses of your hammer to break into it.
Your car is a decent analogy to a computer, but as you pointed out most people simply dump it into someone else's lap when something "don't work" - that's why so many people drive broken down heaps, or constantly have their vehicles in the shop, or destroy their engines from years of unmaintained use. A person that never bothered to understand that their car needs brake maintenance will only figure it out when their brakes finally go and they careen into another car. But also those who change their own oil, perform tune-ups themselves, and know How Their Car Works tend to drive well-running vehicles that are not road hazards. It's called responsible ownership. Could you argue that awareness of the care and maintenance of a car is an undesirable thing?
You legally are required to have a license to drive a car. If it's simply a tool, why would that be? Why should you have to intimately know the operation of driving a tool? Well, it's a powerful tool. It's also a dangerous tool. You can cause massive amounts of damage with a car because of its power. An idiot driver that doesn't signal before merging on the highway can cause multi-car wrecks. People cause fatalities by running stop lights and stop signs. Similarly, a person with a computer that doesn't care to understand the need for its security quickly becomes a zombie node in massive DoS attacks on other systems. These cost network providers untold sums of money in downtime and customer dissatisfaction. In some cases it allows their personal information to be stolen, just as if they were to keep their bank records in their cars without locking the doors - or their windows were smashed out and the records taken. Do you see the relationship here? The power that computers and global internetworking have given us must be taken with some measure of responsibility for the technology to be safe. Ignorance is not something to take pride or comfort in - there is no reason that computer users should not be more aware of their computers and how to properly maintain them.
Oh, and the hammer geeks that you mentioned are the reason why we have progressed from hand rocks, animal bones, and tree stumps to clawhammers, ball peen hammers, plastic and rubber mallets, and sledgehammers.
Re:apt vs windows update (Score:3, Insightful)
Maybe they are ghosted out because your sysadmin at work doesn't want you messing with them? Even if you are a local admin of your machine the options can be unavailable.
With a combination of Active Directory settings and SUS, you get some measure of automated patching, without any interaction (interference?) from end users. Maybe this is your situation if this is your work computer. If so, someone else is taking care of it, don't worry too much.
Re:apt vs windows update (Score:3, Insightful)
Right, 'emerge sync; emerge -u world' is complex syntax. Or, better yet, don't tell grandma anything, make it a cron job. Even better yet, get grandma a PDA capable of sending email and solitaire. Better still ANSWER THE PHONE WHEN SHE CALLS, she won't be around forever and can't type that fast. Shouldn't you spend more time talking to grandma?
I'm praying for the day my data-processing business gains some momentum and I can quit my network admin job. I will truely enjoy telling those who ask for my help "sorry, I don't do windows. Have you contacted the manufacturer?"
That brings me to another beef I have with windows. There are far to many people who consider themselves 'network administrators' just because they know what PC stands for. I can't tell you how disgusted I get when I get a phone call from one of my customers who says "I'm the network administrator and I've got a system with a 169.254.x.x address....what's wrong with your network?" They seem so confused when I tell them their network cable is unplugged and that my responsibility ends where the T1 cable connects to their router.
The problem is idiots at the console. Pure and simple, evil idiots sent from the planet omicron percei 8 to disrupt my harmoneous network and make my phone ring. It is, of course, my fault because my servers run Linux. Nevermind that my servers have been running through their previous 5 system-restores and 300 days before that.
The last time I vented about windows idiots got my message modded to 'troll.' For those of you who successfully run windows and never call tech support because you can handle it yourself, I applaud you. You are far more tolerant than I. For the rest, to hell with you if you can't take ridicule. In real life, I'm better than you. My karma can take anything you think you can dish out.