Announcement

**Wombat** · 27 June 2004, 20:52

Originally posted by isochar
Wombat, are you implying that Linux patches are of greater quality and hence corporate validation takes less time than a windows one?

Yes, I am. If you have a problem with Windows, you have to:

* Wait for MS to acknowledge it.
* Wait for them to patch it.
* Trust that their patch works, and doesn't break stuff you need.
* Simply <I>hope</I> that the MS solution doesn't force you to purchase an upgrade.
* Deal with it, because you don't have alternatives.

With Linux (or any other open software), you have choices. First of all, whatever patch comes out is fully visible. You'll know what it does, or does not do. You'll know what limited area of effect it has. You could even type in and compile the patch yourself, if you don't trust anyone else with your machines. Plus, the fixes to exploits and vulnerabilities are still ported even down the 2.0.x kernels, so if you've got something old and ancient and stable, you can give it the fix with absolutely minimal changes to the system as a whole.

Linux doesn't just *seem* more secure, it IS more secure. Hell, at least it doesn't give the worst web browser on the market (which *STILL* doesn't use MIME types) direct kernel access.

**Ribbit** · 28 June 2004, 03:31

Originally posted by Marshmallowman
Well, back to the original topic.

Can't you still get wineX free from CVS, eg the development open source version of transgaming stuff.

Yes you can. However it's missing the copy-protection-compatibility code, and I've heard it implied that it's missing a lot of the advanced DirectX functionality which most people want WineX for anyway. (Not certain about that 2nd point though.)

**isochar** · 28 June 2004, 05:46

Originally posted by Wombat
Linux doesn't just *seem* more secure, it IS more secure. Hell, at least it doesn't give the worst web browser on the market (which *STILL* doesn't use MIME types) direct kernel access.

It's all a matter of time and perspective. If Linux had 95% desktop and 40% server market share, I'd arguably say that you'd see substantially MORE and far WORSE bugs than anything we've seen yet with Windows. Granted the turnaround time to get them patched would be faster. Why? I see a analogy to the situation to that of closed versus open-source games. Closed-source games are popular and thus have rampant cheating, but the cheats are mostly mild in nature. (ie. Blizzard games) On the other hand, the few select, somewhat popular, games on Sourceforge suffer from ungodly cheats we'd never see in a program where the source code had not been distributed.

There's no way I can prove the same will happen to open source of course, but the Linux core is not the only one that can create these vulnerabilities. (All the open source programs that are updated far less) Agree/disagree?

**Kooldino** · 28 June 2004, 07:12

Originally posted by leech
I don't think I ever laughed so hard in my life when this guy that I work with told me this story....

One day he was browsing the internet and up popped this box saying that The Windows Messenger was activated on his system and that he could pay 10 dollars for a program that would disable it and would make all these annoying pop-ups disappear...

Well, considering it's really easy to turn that messenger off. (and to be more specific for those who don't know what I'm talking about, there is a messaging system in Windows XP that will allow an admin on a server to send out a message that the main file server/print server, or whatever else the admin needs to broadcast into an internal corporate network to notify the users of something.) This is like asking someone on the street for 10 dollars so that you'll stop asking them for 10 dollars!

But at least the guy on the street can punch you in the face, laugh, then walk off.

Eh, I'd equate it to be more like a guy walking up to you on the street saying "Give me $10 and me and everyone else will stop asking you for money", but that is pretty funny. So did the guy do it? Did it work?

**Wombat** · 28 June 2004, 09:07

Originally posted by isochar
I see a analogy to the situation to that of closed versus open-source games. Closed-source games are popular and thus have rampant cheating, but the cheats are mostly mild in nature. (ie. Blizzard games) On the other hand, the few select, somewhat popular, games on Sourceforge suffer from ungodly cheats we'd never see in a program where the source code had not been distributed.

I totally disagree with this, it seems far removed from reality. Example, I stopped playing CounterStrike because the cheating was so bad (seeing everyone through walls, auto-aiming, disabling flashbangs - not mild in nature). On the other hand, Quake has been open-sourced, and people have gone ahead and fixed a lot of bugs that it had or could have had.

**Kurt** · 28 June 2004, 09:47

@Isochar: add a lot more malware (viruses, spyware, trojans, etc)

@Wombat: all apologies, you're right that the Fedora "Desktop" doesn't allow much access from the web (that is if you choose the high security seting in the firewall). Nevertheless, it's only RH and it's only since RH 8.0 that the "Desktop" profile exists. I'll be sure to check other distros too. I haven't installed Core2 yet, my DVD+/-RW is out of commission, but I'll do it ASAP just to nail you on the installed services (useless to be sure)

@Sasq: I've toying with various distros from RH 6.5-7.2 to e-smith/SME 4.1-5.1 via Corel Linux 1.0. Never liked them much. I guess they progressed a lot, epecially in recognizing the various hardware. I'm only using Knoppix nowadays, when I really need to (usually to recover files), and only on non-connected PCs - so I don't bother with networking/internet/security...

BTW, how did the hack thing happen? You found anything yet?

**Byock** · 28 June 2004, 10:53

I must say, *nix has come along way. Just installed Openbsd 3.5 on a Poweredge 750. It installed and configured everything perfectly, including the Dual Intel, and Dual Broadcom Ghz net adapters. Windows 2003 Server does not even set up the Broadcom out of the box.

**Wombat** · 28 June 2004, 11:33

Originally posted by Kurt
Nevertheless, it's only RH and it's only since RH 8.0 that the "Desktop" profile exists.

Yes, RH9. Released Sept. 2002. Way to keep your information current.

**agallag** · 28 June 2004, 13:20

Originally posted by Wombat
... it takes about a month to deploy a Windows fix...

I don't want to get too involved in this converstion, but I thought I'd correct this misconception. Deploying patches in a windows environment is much much easier than it used to be. The only part that takes time is the testing, which should be similar for both windows and linux, if you're being diligent.

Once you've tested and approved a patch, you just have to tick a single checkbox in your Software Update Services server, and the patch will be deployed on every windows machine in your environment that night (if that's how you want to deploy, you can do staged deployments as well). Really not a big deal at all, even in a company with over 40,000 windows machines.

**isochar** · 28 June 2004, 16:54

agallag, take a look at the top of this, the 3rd page. The majority of deployment time for (I assume) any patch is the validation time. Wombat argues that the validation is where the time differential occurs between Linux and MS.

**bsdgeek** · 28 June 2004, 17:18

Originally posted by Byock
I must say, *nix has come along way. Just installed Openbsd 3.5 on a Poweredge 750. It installed and configured everything perfectly, including the Dual Intel, and Dual Broadcom Ghz net adapters. Windows 2003 Server does not even set up the Broadcom out of the box.

Indeed, it will be excellent for server usage driver wise, since that's where it's targeted after all.

Sadly, for the *BSDs desktop-wise, there are still missing things like videocard drivers.

But...

"Only one remote hole in the default install, in more than 8 years!"

**leech** · 28 June 2004, 21:07

Originally posted by Kooldino
Eh, I'd equate it to be more like a guy walking up to you on the street saying "Give me $10 and me and everyone else will stop asking you for money", but that is pretty funny. So did the guy do it? Did it work?

Yeah, that's a bit more accurate... seems very similar to the mob getting protection money, doesn't it?

He ALMOST did, but I told him how to shut off that service. I think he just ended up getting a firewall that blocks it anyhow.

Leech

**leech** · 28 June 2004, 21:09

Originally posted by bsdgeek
Indeed, it will be excellent for server usage driver wise, since that's where it's targeted after all.

Sadly, for the *BSDs desktop-wise, there are still missing things like videocard drivers.

But...

"Only one remote hole in the default install, in more than 8 years!"

Out of curiousity, does the nVidia driver for FreeBSD also work with OpenBSD? I haven't played much with any of the *BSD's so I'm just wondering if they are all of the same kernel, just different distros like linux, or if they use all different kernels...

Leech

**bsdgeek** · 29 June 2004, 07:56

Originally posted by leech
Out of curiousity, does the nVidia driver for FreeBSD also work with OpenBSD? I haven't played much with any of the *BSD's so I'm just wondering if they are all of the same kernel, just different distros like linux, or if they use all different kernels...

Leech

There's a lot of code sharing, but they're all different. I don't think it will work on OpenBSD, which AFAIK doesn't even use kernel modules.

**Nicram** · 29 June 2004, 16:16

Hah. OpenBSD is simples i think than other for writing something. & I think X11 got drivers for nvidia, ati, matrox cards.

Announcement

DirectX 9 for Linux

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment