Windows Cheaper to Patch Than Open Source? 473
daria42 writes "Is Windows cheaper to patch than open source software? Of course this Microsoft-commissioned report thinks so - but a number of people disagree, including a key Novell Asia-Pac exec, Paul Kangro. Kangro highlights problems with the report including the fact that it refers to problems faced by administrators before 2003: before significant improvements were made to Linux patching tools. 'We didn't have tools like Xen for Linux then,' says Kangro. 'When I patch my Linux box I don't need to bring it up and down any number of times.' Kangro also points out the report doesn't mention costs associated with rebooting systems after a patch is applied."
Well. (Score:4, Insightful)
Re:Well. (Score:2, Insightful)
Re:OT: Your sig (Score:3, Interesting)
Re:Well. (Score:3, Insightful)
If they're talking about the "cost of patching," they're talking about large corporations. Large corporations have people in charge of IT who, we hope, have some idea how to use a computer. ;)
It really doesn't take much to patch most new-ish linux systems.
is probably one of the most complicated, and that's all there is too it.
Re:Well. (Score:2)
That is, unless you modded a bunch of XBoxen into a poor man's distcc compile farm...
Re:Well. (Score:3, Insightful)
Used properly, a package system is a solution, not a problem. When I want to install something I don't even consider dependencies, I simply type "up2date " and it pulls in everything that package needs and installs them in the proper order.
The only real downside is that third party packages are often poorly created. Failure
Re:Well ... Insightful? Hammer geeks unite ! (Score:3, Insightful)
a) Nothing in the report suggests the users 'have no idea how to really use a computer';
b) Nothing in the report remotely suggests anyone is not willing to learn how to use a computer;
c) Everything suggests that people do think. The thinking might be along the lines of: "My computer is a tool. Do I really need to know how to fiddle endlessly setting up the tool?"
Why is it that there is no questioning buying precooked food, taking appliances and vehicles to repair shops for the simples
Re:Well ... Insightful? Hammer geeks unite ! (Score:3, Informative)
Re:Well ... Insightful? Hammer geeks unite ! (Score:3)
I've been involved in the computer industry in various fields for about 20 years now, and I have seen first hand how people interact with computers. Back when mainframes were still mainstream, their operators knew what they were doing. Nowadays all you need is $400 and a credit card to get a home computer, so naturally the skill level of computer users, on average has dropped cons
Re:Well. (Score:3, Interesting)
I have two Red Hat 9 desktops that I would like to upgrade to Fedora 3. Today. Both are running Win4Lin and I want nVidia video acceleration.
I've downloaded "How to Install Win4Lin on FC3" from a Google search. Prints out to about 2-1/2 pp of 10 point on kernel recompile (and more pages on blog follow-up issues).
But nVidia acceleration is also a patch. But, but, but..... It is my understanding that you don't patch a patched kernel because
Not exactly objective.... (Score:5, Insightful)
Can someone tell me why this is news?
Re:Not exactly objective.... (Score:3, Interesting)
do ssh "root@$a" apt-get update
done
How hard is that?
Xen (Score:5, Informative)
Oh, come on. Practically speaking, we don't have Xen for Linux *now*. Sure it's cool and all (which is why it's slipped into this basically unrelated story) but it's not nearly ready for the Linux mainstream and I'd be surprised if more than a handful of people are using it heavily in production.
Re:Xen (Score:5, Interesting)
Re:Xen (Score:2)
That's my point.
Have you actually used Xen?
Tried it. Not in production. I imagine that's the case for many people -- but actually, still a relatively small number of bleeding-edge experimenters. For that reason, obviously the numbers here will be higher than in the world in general.
That said, I like to think that the poster's larger point is that virtualization technolog
Re:Xen (Score:5, Informative)
Re:Xen (Score:4, Informative)
That said, I think the Novell dude probably meant "Zen". They should probably start calling it "ZenWorks" to avoid this confusion, since they also ship Xen in SuSE 9.3.
Re:Xen (Score:2)
yawn whats new (Score:5, Funny)
Re:yawn whats new (Score:5, Funny)
Q: How many Linux engineers does it take the change the lightbuld?
A: RTFM, n00b. J00 suz0r, go back to M$ Winblows, l4m3r.
Re:yawn whats new (Score:2)
Oh, wait... yes you can, can't you?
Re:yawn whats new (Score:5, Funny)
A: We don't use light bulbs any more. We have high brightness iLED displays for only $599.
Re:yawn whats new (Score:5, Funny)
Q: How many *BSD engineers does it take to change a lightbulb?
A: One could probably do it, if only there were any left.
Re:yawn whats new (Score:3, Funny)
Q: How many IBM engineers does it take to change a lightbulb?
A1: That depends on your service contract.
A2: 31. Four to schmooze the customer, sixteen to go over the contract, three to prepare the site for installation, one to operate the crane, one to drive the truck that carries the replacement, four to oversee installation, one to flip the switch and one to actually install the bulb.
apt vs windows update (Score:5, Informative)
Conversely, windows update only updates windows (not my other apps), and takes at least 15 minutes every time i run it.
Re:apt vs windows update (Score:5, Funny)
Conversely, windows update only updates windows (not my other apps), and takes at least 15 minutes every time i run it.
Windows Update worked its magic on my workstation yesterday; I was busy and didn't reboot afterwards. For the rest of the morning (until I caved and rebooted the bloody thing) Windows Update popped-up an annoying dialog box every ten? fifteen? minutes inviting me to restart the PC. Needless to say, everytime the diaplog appeared it was when I was typing, and half a line of code got piped to Window's equivalent of /dev/null.
I think we should *thank* Microsoft for promoting Linux ;-)
Re:apt vs windows update (Score:2)
Or, you could take about a minute of your time and set up the Windows Update service to download the patches, remind once that it has them and hopes you'll install them, and then do it when you know it's convenient to restart services/the OS. It's a couple of mouse clicks.
Re:apt vs windows update (Score:2)
Or, you could take about a minute of your time and set up the Windows Update service to download the patches, remind once that it has them and hopes you'll install them, and then do it when you know it's convenient to restart services/the OS. It's a couple of mouse clicks.
I can confirm that, because it's exactly what I've done. My problem is once Windows has installed the updates - which it's going to need to do at some point, no? - it then wants to reboot immediately, and doesn't want to take my word f
Re:apt vs windows update (Score:2)
Re:apt vs windows update (Score:5, Informative)
OK. Sound easy. Let's do it.
Clicks Start | All Programs | Windows Update
Hmm.... just sends me to a MS web page. Meanwhile, for some reason I can't shut down the IE window until it finishes "checking" my computer for updated "Update Software"
Clicks Start | All Programs | Accessories | System Tools.
Hmm..... Nothing there for Windows Update.
Left click on the Windows Update icon in the system tray (it's GOTTA be there..)
Up pops a "Ready to Install" update screen.
Whoops, I forgot I should RIGHT-CLICK the icon to get a detailed menu of choices. I right-click
Up pops a "Ready to Install" update screen, no menu
Ah, Control Panel...
Click on Start | Control Panel
Double Click on Automatic Updates
There we go. A window with a green shield and a red shield and 4 radio buttons. Wait, they're all ghosted out!! And I'm logged in as an Administrator. I can't believe I go so far only to be blocked from changing the settings....
apt-get and emerge seems so much easier to use...
Re:apt vs windows update (Score:4, Informative)
1) Open Control Panel
2) Open Automatic Updates
3) Choose 'Download updates for me, but let me choose when to install them.' (this was the default, by the way!)
4) Done.
Was that so hard? Definately better, though, to teach grandma how to get her syntax exactly right at the command prompt. That's much better.
Re:apt vs windows update (Score:3, Insightful)
Still doesn't explain why my choices are all ghosted out, while logged in as administrator. If grandma even got this far to change the settings, what would she do next? Also, your default selection wasn't the selected item on my screen.
teach grandma how to get her syntax exactly right at the command prompt. That's much better.
A lot of Grandmothers were skilled at typing. After all, keyboards
Re:apt vs windows update (Score:4, Informative)
Or maybe just show her how to use synaptic (a nice graphical front end for apt). Then her applications will be updated as well - and she will be able to search for and install new applications if she pleases.
Re:apt vs windows update (Score:3, Insightful)
Right, 'emerge sync; emerge -u world' is complex syntax. Or, better yet, don't tell grandma anything, make it a cron job. Even better yet, get grandma a PDA capable of sending email and solitaire. Better still ANSWER THE PHONE WHEN SHE CALLS, she won't be around forever and can't type that fast. Shouldn't you spend more time talking to grandma?
I'm praying for the day my data-processing business gains
Re:apt vs windows update (Score:3, Insightful)
Maybe they are ghosted out because your sysadmin at work doesn't want you messing with them? Even if you are a local admin of your machine the options can be unavailable.
With a combination of Active Directory settings and SUS, you get some measure of automated patching, without any interaction (interference?) from end users. Maybe this is your situation if this is your work computer. If so, someone else is taking care of it, do
Re:apt vs windows update (Score:2, Informative)
Re:apt vs windows update (Score:2)
The answer is really pretty simple. You obviously have no idea where you want to go today...
Re:apt vs windows update (Score:3, Interesting)
You know what bugs the fuck out of me? Windows XP changing the behaviour of the "turn off" option to "download updates". The rare times I actually do boot into Windows only serves as a reminder of why I don't like doing it.
Re:apt vs windows update (Score:5, Insightful)
Yeah, because it would be better if it didn't remind you and you left your system unpatched.
No, it would be better if it [Windows Update] reminded me once and then respected my decision.
Re:apt vs windows update (Score:2)
Roger
Re:apt vs windows update (Score:3, Insightful)
So you're complaining that you chose to install the patch that required a reboot? Why didn't you wait until after you completed whatever critical work you had to do? User makes choice. User doesn't like consequence. User blames vendor. Sigh.
To a certain extent. I made the decision the night before, but wasn't prompted to reboot when I arrived back in the morning. It wasn't until I'd started work - on something that, naturally!, couldn't wait - that the popups started. I *do* blame the vendor for creat
Re:apt vs windows update (Score:2)
Windows vs Microsoft products (Score:2)
It's an option when you set up WU, IIRC (Score:2)
Re:apt vs windows update (Score:3, Insightful)
It just installs security updates.
That way, I don't need to worry about database upgrades, configuration file changes, API/protocol changes etc. etc. etc. Everything that ran before, runs afterwards, unchanged.
*that* is cool. If you're running production servers in the real world at least
Re:apt vs windows update (Score:2)
While I agree that it's handy to be able to do just that at home, it is necessary in the enterprise to be able to see a list of patches, the advisories for those patches, the dependencies between patches and be able to deploy (and rollback) them to all, some or specific boxes that are managed by a single patch server.
Re:apt vs windows update (Score:2)
I'm sure you could go to great lengths writing scripts and cron jobs to do all of that stuff, but that would rather prove whatever point this MS study is trying to imply.
Fortunately, the likes of Novell OES & Zenworks would mean the
Re:apt vs windows update (Score:2)
Re:apt vs windows update (Score:2, Insightful)
I'm using Suse 9.2, and while the auto-updates in YaSt seem to work very well and only occasionaly ask for a reboot, they don't update things like Firefox with any patches I can see at all. I wanted to go from the included beta release to the 1.01 awhile back and had the damndest time installing it to somewhere where I could find it and run
Re:apt vs windows update (Score:3, Informative)
But really, plain-Jane users ought NOT to be able to update the software -- PaperPort should NOT be able to update itself unless you are running with administrator privilege.
Of course, I'll guess that you were running as an administrator -- one of those double edged sword things. It makes administration of the box a little easier for the user, but it also makes administration of the bo
Re:apt vs windows update (Score:2, Insightful)
Now if microsoft used windows update to replace products on consumers' machines with microsoft alternatives, THEN i would be screaming MONOPOLY at the top of my lungs. But fortunately not even they are that stupid.
Cheaper, maybe... (Score:2, Insightful)
Cost of Rebooting??? LOL (Score:2, Insightful)
I didn't RTFA but any company that is going to lose more than a few pennies from a reboot is going to have redundant servers in place already. It is not difficult to stagger the application of patches to server machines in a farm, which all but eliminates the cost of a reboot.
Anything from Novell that is spoken against Microsoft is suspect anyway. I'm not a big Microsoft fan, but the ani
Re:Cost of Rebooting??? Don't LOL me! (Score:5, Insightful)
How about desk-bound employees and their patches? Don't we count?
I use a lot of non-MSFT apps, and if one of them fails to work with the patched Windows system, I'm goung to lose a lot of time. I've already had one "security patch" to something do wierd things to my system, making it impossible for me to see the hard drive password prompt. Multiple that by every laptop in the company and you have a lot of support calls.
Another "security patch" seems to have hosed the network finder so that it can't automatically pick up a new IP address from the LAN. I have to manually change the settings and ..... guess what? REBOOT to force it to pick up the new IP address. Every time I have to log on from home, that's TWO reboots and two manual interventions to what should be automatically happening.
Re:Cost of Rebooting??? LOL (Score:5, Interesting)
I think Kangro was referring to more than lost business but also lost productivity.
In the case of desktops, it's going to be lost productivity. Sure you can schedule them to update and reboot in the middle of the night, but what if the user was working on something? The admins have to spend some time planning and scheduling mass updates or leave it to the user. It's trivial to reboot; it's harder to schedule for many machines so that productivity is minimally affected.
Also your argument only applies to mission critical or production machines. It does not include any development and/or testing machines that may not have a backup. Many organizations do not have the money to have a backup for every non-essential machine.
Our company is installing a new enterprise application. Every time we are rebooting the test servers, our consultants and employees are not working on the app. With new system setups, rebooting a lot is not uncommon.
Reasons for Rebooting (Score:2)
The p
Re:Reasons for Rebooting (Score:2)
XP has fixed this, but it used to drive me nuts that Win98 would make you reboot the computer just to change any of the network settings.
Flawed (Score:4, Insightful)
Any company where the majority of the cost is in the patching process itself, rather than the testing of the patch, the secondary servers in the test lab that they can make sure it doesn't blow services up on, the payment of skilled people to identify the problems and fix them *when* they happen and various other people costs is of course going to be more expensive than "I set up windows updates once, so now it updates me magically whether I like it or not", even without the reboot thing.
There is also some really iffy logic in breaking down one single piece of the ownership cycle and claiming that it is cheaper and ignoring the rest. I tell you, paying for college for my persistently vegetative child is uber-cheap, I can't say enough for persistent vegetation...
Microsoft is working on this (Score:3, Interesting)
IIRC, this is one of the things Microsoft is working on for Longhorn, being able to patch and install drivers "on the fly" without a reboot.
With XP SP2, if you enable the automatic downloading of updates, it will restart the computer automatically after teh updates are installed, unless you continuously click cancel when it comes up every 5 minutes. If your not at the computer, but have web downloads going on and it does this, it can be a real pain.
Re:Microsoft is working on this (Score:2)
The only drawback with whats coming with Longhorn is that it will bring us another step closer to subscription based MS software.
Reboots (Score:4, Insightful)
Re:Reboots (Score:4, Insightful)
Re:Reboots (Score:2, Informative)
Both sets of hardware are about the same, so the cost is a wash.
Re:Reboots (Score:2)
Re:Reboots (Score:2)
Any company that hires unknowledgable sysadmins deserves the trouble they are going to get. Just because it's more obvious to click a couple of buttons than run a couple of commands (I wouldn't say it's easier) doesn't mean your sysadmin shouldn't know any more about the computer.
When you hire competent admi
I hacked that computer. (Score:3, Funny)
I hacked that computer and installed an application. It's pretty brilliant. What it does is every time there's a bank transaction where interest is computed, you know, thousands a day? The computer ends up with these fractions of a cent, which it usually rounds off? What this does is takes those little remainders and puts them into an account.
-- This sounds familiar.
Yeah, they did it in Superman 3.
-- Right.
Underrated movie, actually.
Cheaper patching? (Score:2)
did someone manage to get a copy of the PDF from Microsoft before it went down?
Honestly... (Score:3, Interesting)
I can see two potential differences between Windows and Linux on this front, though, and they both seem to favor Linux. First, you don't have to buy a second license to run the test server. I would assume you can get away with this in Windows by not activating the product, but I could see some test phases taking over 30 days. Second, since you basically know excatly what you are updating in Linux, and what other packages are dependant on what you are updating, your testing phase can be more focused. This isn't to say that it would take less time, but rather that you know what is prima facie in the testing order.
So corporate sysadmin geeks out here... where is the advantage in this area to using either os?
Can't agree (Score:4, Informative)
.yeah, right... (Score:2, Informative)
SUS, SMS, WUS,
Other horrible things Linux does...... (Score:5, Funny)
Linux will recalibrate your refrigerator's coolness setting so all your ice cream melts and milk curdles. It will demagnetize the strips on all your credit cards, reprogram your ATM access code, screw up the tracking on your VCR and use subspace field harmonics to scratch any CDs you try to play. It will give your ex-boy/girlfriend your new phone number. It will mix antifreeze into your fish tank. It will drink all your beer and leave its dirty socks on the coffee table when there's company coming over. It will hide your car keys when you are late for work and interfere with your car radio so that you hear only static while stuck in traffic. Linux will make you fall in love with a hardened pedophile. It will give you nightmares about circus midgets. It will replace your shampoo with Nair and your Nair with Rogaine, all while your current boy/girlfriend is dating behind your back and billing their hotel rendezvous to your Visa card. It will seduce your grandmother. It does not matter if she is dead, such is the power of Linux, it reaches out beyond the grave to sully those things we hold most dear. Linux will give you Dutch Elm disease. It will leave the toilet seat up and leave the hairdryer plugged in dangerously close to a full bathtub. It will remove the forbidden tags from your mattresses and pillows, and refill your skim milk with whole. It is insidious and subtle. It is dangerous and terrifying to behold. It is also a rather interesting shade of mauve. These are just a few signs. Be afraid. Be very, very afraid. Windows is so much safer.
The weak spot in the credibility is always..."Microsoft commissioned report".
(Apologies to Laika)
Include Reboot Costs (Score:4, Interesting)
This is a really underated cost that not many people include or even consider. The environment I work in has a few thousand servers and 130K desktops; all running a mix of 2K, 2003, XP - and other Windows flavors. (Like that's my choice).
The reboots after patching are a major pain, everything needs to be checked and always, and I mean ALWAYS, some servers will fail to come back up.
It's costly stuff...
emerge -uDN world (Score:2, Insightful)
A point we often miss (Score:5, Insightful)
While this is a whole lot better than Windows, they are getting closer.
And... Well... The fact it was paid by Microsoft says nothing about the report. I sure would like to see the other reports paid by Microsoft that say FOSS is cheaper, more reliable, more ethical and that are tucked away somewhere in a folder marked "secret"
Re:A point we often miss (Score:3, Insightful)
Except that rebooting a computer takes around 2 minutes (maybe more if it's a heavy server. Restarting the DBMS (which is already cached in RAM, remember) should take less than a second. If you get phone calls then, just pretend you went to the loo for a minute and wait for it to calm down :-)
Re:A point we often miss (Score:4, Insightful)
An interesting observation about this (Score:2)
So, all in all, another report with lofty hopes but a poor delivery. It sickens me that people get paid to pro
Well, I'd never have expected it myself.. (Score:2)
Mein Gott im Himmel! This really is astounding! Call the BBC - it'll be front page news in no time!
Local repositories (Score:2)
With things like Debian, etc you can have local mirrors of security repositories to speed up the application of patches on lots of machines.
Is the same thing available for Windows Update? If not, I wonder what additional bandwidth costs as well as download times would be incurred from having down download the same patches every time from a Microsoft server via Windows Update.
Get the facts? (Score:5, Interesting)
@ Both Linux and Windows can be easily configured to auto-update patches.
@ Windows patches are smaller (binary diffs as opposed to full updated packages).
@ However, there are more critical updates to Windows.
@ Windows has SUS [microsoft.com], whereas Linux doesn't seem (excuse me if I'm wrong) to have any kind of distributed patch management for large businesses.
If bandwidth costs (it does), it could well be that Windows easily has less data to transfer for large organisations.
If we're talking about uptime then yes, Linux will be more "cheaper" (better uptime, minimal loss of business) in this respect.
Re:Get the facts? (Score:2, Informative)
Actually, you can distibute patches with Linux as well. You can use yum and point it to a local repository with the selected updates/patches or all, then have the yum service running which automatically updates the system for you. (guys, am I incorrect here?)
Re:Get the facts? (Score:2, Informative)
Pretty much any distro with package management can be used this way.
Re:Get the facts? (Score:3, Interesting)
Upgrade any hardware device driver and you have to reboot in Windows
Upgrade your hardware device, do rmmod module and modprobe module (can even be automated). The only way you have to reboot is if you have updated your kernel.
A fully updated mailserver (for about 1000 accounts - 1 processor server load 0.00,0.00,0.00) running Linux here has not been rebooted the last 250 days. The Exchange cluster (also for 1000 users - Exchange can't handle the
Re:Get the facts? (Score:5, Insightful)
Re:Get the facts? (Score:3, Informative)
Windows has one distributed patch management system. With Linux/BSD/etc. there are multiple approaches depending on what works best for your organization. Every Linux distro I've used is quite flexible in this regard. In my opinion, the ultimate is diskless workstations running off a fast file server (SCSI RAID, 1000Bt network). (30-40 workstations per server, repli
MS nonsense reports (Score:2)
But knowing that a Linux distro allows you to update any program you have, and hey, even third parties can add their repository for the package manager, I don't understand how Windows patching can be cheaper, really.
Do they imply that getting patches by hand and applying them is cheaper than what a package manager with automatic notification does ?
Did they compare patching Windows with patching an entire Li
Don't see how... (Score:3, Interesting)
Microsoft is getting desperate (Score:3, Insightful)
Xen or Zen (Score:3, Informative)
http://www.novell.com/products/zenworks/ [novell.com]
Meaningless... (Score:2)
Another aspect they seem to gloss over in the summaries i
Uh huh (Score:5, Insightful)
e.g.
echo 'ALL:root: 15 18 * * *
Where the crontabs are centrally managed, patchme checks for resources, goes to sleep for a while, runs OS, platform and rev specific patch download and install subroutines which run yum update, apt-get update, patchadd, rpm -Uvh etc. Report progress to a central monitoring system like Big Brother or Zabbix as the patching process runs through the various stages.
Even talking about the cost of the patching process itself is missing the point. Anyone who has a lot of machines will already have a largely automated enterprise wide cross platform patching system in place. Applying a specific patch will be a case of dropping a pre-tested file into a directory on a file server. If you don't have such a system WTF are you doing wasting your time on Slashdot?
Not quite, it's not just the OS. (Score:2, Interesting)
troll bait (Score:2, Insightful)
DIY Patch System (Score:2, Interesting)
Story? Please? (Score:4, Insightful)
Report might be right. Don't ignore the problem... (Score:5, Insightful)
Sure this is an inconvenience, but (still) overrated. It's just not a major issue to reboot a machine. Word. Move on.
What continues to be a major road block to widespread adoption of Linux by the masses is not just patching, but just installing applications at all. It just can not be said with a straight face that installing patches or an application on Linux is as easy as with Windows for average computer users. There are just way too many pitfalls that can trap a user in hours and days of searching for strange dependencies and other things. And a smooth GUI installer....
Installing Is Hard On Windows (Score:4, Insightful)
A "sin" Microsoft cultavated along time ago is confusing "installing" and "configuration" together. If you tie both of these process together it makes support murky. Did the installation fail to place files or did it mess up setting some value somewhere? Installers should be concerned with tracking/placing software components. Programs should be concerned with configuration. Because of MS including this level of complexity it also had the side effect of making it hard for a user to inspect packages before installing. There is no way for a desktop user to find out what a MSI package provides, what it requires, etc before installation. Another side effect is that people writting installers are often forced to package all depedancies with their application instead of making seemless stacking installs.
Making a Windows installer actually enforce component dependancies suffers from the same "DLL Hell" type problem that has plagued Windows forever. Most installations are written loosely: you can uninstall CompA which ProgramB depends upon and the system happily complies.
With all of that said, Windows installers are bad. Linux and other Unix-like systems are okay but they are more interested in software integraty than ease of use. You can't beat Mac: Drag a folder into the apps folder and its installed, take it out of the folder to uninstall it. At this point I can't imagine why anyone would any system to be more like Windows.
A Truce? (Score:4, Insightful)
Comment removed (Score:5, Interesting)
Re:Microsoft and Crack (Score:2)
2. You can plan to install any patches on the second Tuesday of every month even if they are released throughout the month.
3. See 1. You don't get the option to closely track the beeding edge with Microsoft software.
4. So? As you said, it applies to both types of system, so it doesn't provide an advantage to Microsoft.