05.31.09
Posted in GNU/Linux, Microsoft, Servers, Windows at 11:12 am by Dr. Roy Schestowitz
Summary: If IDC says Windows Server is down 29%, then it is a lot worse in reality and in practice
AS we wrote yesterday, IDC indicates that Microsoft’s server revenue is down 29%, but IDC's numbers are notoriously useless, except perhaps for a relative basis on preinstalled units in particular countries.
It was pleasant to see the following critical comments about IDC’s latest numbers. “How is it measured,” asks one person in ZDNet.
Estimated sales blah blah blah. How do they estimate ? My company buys servers from Dell, after they arrive some get Windows and some get Red Hat Linux. We don’t tell Dell what they are being used for.
All of them come with a Windows image preloaded, which is erased no matter what OS we put on top. Is that counted as a Windows sale ?
If the answer to that question is “yes”, then the estimate (for us) is out by about 75%, since of the ones coming in about 75% are used for linux. What if everyone does that ? What if no one does that ? What is some people do that ?
As Matt Asay has just pointed out:
Microsoft’s Windows Server revenue is down 29 percent. Meanwhile, Novell’s and Red Hat’s Linux businesses are thriving.
These numbers do not tell the whole truth. They were designed to actually flatter Microsoft, so the truth would be a lot worse for Microsoft. Other numbers that are rigged (in Microsoft’s favour) come from Netcraft [1, 2] and from Net Applications [1, 2]. Bias is where money can be made in this business of surveying, otherwise it’s unsustainable charity/voluntarism. █
“Forty percent of servers run Windows, 60 percent run Linux…”
–Steve Ballmer (September 2008)
“We are not on a path to win against Linux”
–Jim Allchin, Microsoft's Platform Group Vice President
Permalink
Send this to a friend
Posted in Deception, Free/Libre Software, GNU/Linux, Microsoft, Windows at 10:39 am by Dr. Roy Schestowitz
Even Eric Blair would be proud
Summary: MSCOSCONF promotes Microsoft and Windows but claims to be about “open source”
IN ITS typical and shameless Orwellian fashion, Microsoft loves labeling its anti-GNU/Linux efforts something like “open” or “open source”. We see it all the time. This strategy makes it a lot harder to point at the offending events, precisely because they go under banners that deliberately deceive and therefore mix one’s language and thus connotations. Here is the latest example which Yoon Kit wrote about yesterday:
MSCOSCONF
[...]
Apache not good enough?
The official website of MSCOSCONF is running on IIS. IIS is a proprietary product. The majority of websites on the web runs a fully fledged Open Source product called Apache as a webserver. When queried on why the mscosconf website is running on IIS, there were rumours that the front facing IIS just a “proxy” however. The other rumour was that it was because one of the sponsors only have Windows machines to host the website. Whatever the case, this is strange because the community have offered to sponsor the hosting of the website with a certified freedom stack.
This fortunately can be resolved easily in the future.
The Microsoft “Competition”
Its great that Microsoft has been playing a significant role in terms of sponsorship for this event. Their efforts in publicity and community relations have been positive, together with their support for the foss.my 08 event.
What is interesting is that they are currently sponsoring a competition which sports a RM10,000 prize in the porting of popular PHP webapps which currently exist on a completely free stack, to a completely closed stack. Yes, the purpose of the competition is to port webapps which run using Linux, Apache, MySQL, PHP (LAMP) to Microsoft Windows, Microsoft IIS and Microsoft SQL Server, PHP (WIMP). This contest was a misnomer and spun as LAMP2WIN, as should be more accurately called LAMP2WIMP.
This to me is a bizarre requirement and totally goes against the philosophy of what an Open Source competition should be. I’m not sure what rationale was during the design of the competition, but this could have been easily designed with a more “Free” objective.
[...]
For example, and ironically, the “Sponsorship Prospectus” (amongst others) which has the purpose of wooing potential sponsors to promote open source, is written and published using Microsoft Office 2007. It may seem like a normal business decision to use whatever tools they are familiar with, but to us freetards, it seems rather distasteful. Also they need a better copywriter in their social media alerts.
Microsoft did the same type of thing in Japan several months ago. They are using competitions and thus monetary incentives to push software away from GNU/Linux and right into Windows. Is it a coincidence that the acronym of this event starts with “MS”? Microsoft is a very big sponsor and it shows. █
“I would love to see all open source innovation happen on top of Windows.”
–Steve Ballmer, Microsoft CEO
Permalink
Send this to a friend
Posted in Microsoft, Security, Windows at 9:38 am by Dr. Roy Schestowitz
Microsoft still the weakest link in networked computing
Summary: Complete systems compromised, all caused by proprietary Microsoft software and APIs
YESTERDAY WE wrote about Windows compromising the national security of the United States. It is now confirmed that a Microsoft component is the culprit. It’s not just Windows though; it’s apparently Microsoft SQL Server, according to CNET.
Investigators believe an SQL injection attack was used to exploit a vulnerability in Microsoft’s SQL Server database in order to gain access to the servers.
How can a database lead to full compromise? It's surely a design problem and we append at the bottom some references of interest, including the fairly recent news about head of Microsoft SQL Server quitting Microsoft.
As Oiaohm put it, “Does MySQL on Linux run as a root user? Not running as root lowers the damage [...] Has happened in the past with old Microsoft SQL worms. [...] We don’t know how old [a] Microsoft SQL Server this was.”
In CNET, we have also found this report about a DirectX hole which enables the entire system to be compromised. This is madness. How can a proprietary API achieve this? Is it truly as insecure-by-design as ActiveX? Many examples of ActiveX nightmares are accumulated here.
Microsoft on Thursday said it is working on a security patch for a vulnerability in its DirectX streaming media technology in Windows that could allow someone to take complete control of a computer using a maliciously crafted QuickTime file.
Marvelous. Why not just stick to open and free APIs like OpenGL? █
_______
[1] Database head to leave daily duties at Microsoft
Paul Flessner, who leads Microsoft’s data storage and platform division, will step down from his daily duties after the new year.
[2] New attack technique threatens databases
A noted database security expert, Litchfield is perhaps best known for uncovering a bug in Microsoft SQL Server database server that was subsequently used by the SQL Slammer worm. Litchfield has long criticised Oracle for the time it takes to fix vulnerabilities in its database software.
[3] SQL Injection Attacks on IIS Web Servers
[4] Microsoft offers assistance to combat mass SQL injection
[5] Huge Web Hack Attack Infects 500,000 Pages
One anti-virus vendor said the sites might have been compromised through a “security issue” in Microsoft’s Web server software that has been reported to Microsoft’s engineers.
[6] Study Says Linux More Secure
More than 70 percent people surveyed said they found Red Hat Linux less vulnerable to security issues than Microsoft’s operating system.
[7] Study: 70 percent say Red Hat more secure than Windows
[8] Microsoft officially 425 years behind the times
It’s not just Excel and Exchange that ignore the Gregorian calendar. The Reg has also confirmed that SQL Server 2008, Windows Small Business Server, and Windows Mobile are ignorant as well.
[9] SQL Server 2005 SP1 won’t work with Vista
It’s no secret that a number of applications, including several of Microsoft?s own, are not going to work properly with Windows Vista when the product ships.
[10] SQL Server 2005 SP2 Critical Update Available
Microsoft is seeking to resolve a technical glitch caused by Service Pack 2. For some installations, cleanup tasks stop prematurely after applying the service pack.
The hotfix, which Microsoft has designated a “critical update,” is available for existing SQL Server 2005 installations with Service Pack 2.
[11] Vista-compatible SQL Server 2005 SP2 likely February 19
Microsoft began warning users of SQL Server 2005 Vista incompatibilities last Fall.
[12] Vista flaw could haunt Microsoft
Microsoft wants a bigger piece of Oracle and IBM’s database business, but an oversight in its new operating system could cost the company plenty.
Permalink
Send this to a friend
Posted in FUD, GNU/Linux, Marketing, Windows at 2:34 am by Dr. Roy Schestowitz
A strong command-line interface is a friend, not an
enemy, and it’s a feature, not a usability bug
Summary: The handling of common disinformation and Microsoft censorship through punishment
THE following new comment was eye catching for its capture of the truth.
I’d just like to say what a refreshing change it is, to see a “tech journalist” so simply describe the quite ordinary purpose of those (in)famous “arcane CLI commands” that are so often used as a bludgeon to scare potential users back into the Windows fold. Anyone who’s ever had to fire up regedit to modify the Windows Registry should be able to see that this is not much different, and easier to understand.
This remark about increasing the perceived complexity is a very good one. People like Preston Gralla do this and Microsoft Jack [1, 2, 3] does this on an occasional basis too. He even did this last week. The matter of fact is that the command-line interface is rarely ever needed unless one insists on it, but it is so essential that even Microsoft is mimicking GNU/Linux now by trying to offer a worthy CLI. References are appended at the bottom.
Is Windows really easy and reliable?
Does anyone remember this report from Mary-Jo Foley?
Bugfest! Win2000 has 63,000 ‘defects’
[...]
Not everyone will be having fun at Microsoft next week. While the software giant and its partners celebrate the arrival of Windows 2000 on Thursday, Feb. 17, hundreds of members of the Windows development team will be busy cleaning up the mess.
Yes, that’s how bad Microsoft releases tend to be and Vista 7 will be no exception on the face of it, just like Vista. Microsoft releases prematurely. Regarding the article above, see how Microsoft treats reporters, alongside the PR department better known as Waggener Edstrom:
“In 2000 a leaked memo from Microsoft obtained by Mary Jo Foley (of Microsoft-Watch) revealed that Windows 2000 was released with 20,000 bugs and that Microsoft knowingly released it any way. After this incident, Microsoft would not speak to Mary Jo Foley for two years regarding projects and information of any kind.”
Not only did she get sort of banned for years (she once told me about Microsoft’s rewards and punishments system), but according to DaemonFC, Microsoft or other people have already airbrushed this incident and factoid out of Wikipedia: “# (cur) (prev) 06:55, 31 December 2006 Limulus (talk | contribs) (→Windows 2000: moved MJF item into main W2K article; it seems like it would be more appropriate there) (undo)”
Waggener Edstrom is known to be editing Wikipedia. It does a lot of other things, too. █
_______
[1] The Linux CLI for Beginners, or, Fear Not the Linux Command Line!
Most recent converts to Linux spend most of their time in the GUI — the graphical desktop (whether Gnome, or KDE, or XFCE, or some other interface) that’s made to look and act somewhat like Windows and Mac.
[2] The command line is nothing to be afraid of.
Many people are apprehensive about the command line when they first try Linux. I was too, even though I started off with the command line on my system 80, I quickly became used to the windows GUI. Like an unused muscle atrophies when not used, so did my command line comfort. Using Linux I regained my command line warrior status and it has migrated over to windows too.
[3] Stupid Firefox Tricks, Part I
Simple Bookmarklets: The Power of the Command Line in your Browser
[4] Webmin: can a graphical front end for system administration replace the command line?
We all love GUIs. For the average user of proprietary systems like Windows they are mostly all they ever need or see. Unix systems are rather different. Long before GUIs became ubiquitous, system administrators (and single machine users too) were weaned on configuration on the command line and spent copious amounts of time mastering their craft.
The increasing use and popularity of GNU/Linux has been educating people about its superior architecture, better security and relatively simple configuration files. It is also true though that the huge availability of graphical front ends has brought in a whole new slew of users who feel right at home with them as they did in Windows. However, the usual criticism is that, good and relatively easy to use as they are, they can never emulate the fine, granular control of the command line. There is a deal of truth in that.
[5] 5 Reasons to Use CLI Over GUI
First, I must say that using CLI is not always faster, not necessarily. There are tasks which can be done faster and easier using some GUI application rather than typing a whole bunch of commands. But, nevertheless, command line is still very powerful and it’s more appropriate to use it for certain tasks. I for one use probably 90% GUI tools and applications and only in 10% of the cases CLI. So, you may ask, what’s the scope of this? Well, in the first place, this article is about the reasons I believe to be noteworthy for using CLI in several situations, and what advantages it has.
[6] 10 Reasons Why the Command Line is More User-Friendly than the Desktop
Keying is faster than mousing.
It’s easier to both give and get help.
Repetitive stress injury comes from the mouse, not the keyboard.
Commands are standard where GUIs are not.
[...]
[7] Why can’t free software GUIs be empowering instead of limiting?
But when graphical user interfaces finally did become available, it was a fantastic improvement. With a well-designed GUI, you don’t have to memorize a whole micro-language of commands and options to get things done. The trade-off, at least with the classic “Windows-Icons-Menus-Pointers” (WIMP) GUI, however is that it isn’t as expressive: it’s much easier to say the common things you need to say, but much harder to say things that the programmer didn’t expect you to need. The surface simplicity comes at a terrific price in underlying complexity, and that creates practical limits on how flexible the system can be.
[...]
Blender, showing the results of my first go at the Gingerbread man tutorial, and a whopping lot of menus and buttons. This is definitely not a “luser” interface, it’s designed for power users only
[8] Geek to Live: The command line comeback
The advent of the Graphical User Interface (GUI) forever revolutionized personal computing. A windowed system with point and click icons made computers usable for anyone who couldn’t deal with a black screen and a prompt waiting for arcane textual commands. But in recent years, this enormous interface change is coming full circle. Amongst power users – and more and more, regular Joe’s – the command line is making a comeback in modern web and desktop applications.
[9] Seek Enlightenment for an easy-to-use Linux GUI
There are numerous reasons to become an Enlightenment user:
* You need a GUI on an older machine that is not powerful enough to run
the more resource-intensive KDE or GNOME
* You want something a little different
* You want to control users so they only have access to certain
applications
* You want a GUI that is stable, fast, and flexible
Those reasons may not be show-stoppers, nor will they see IT departments migrating hundreds or thousands of desktops to Enlightenment, but the small list above is reason enough to have many making the switch from their typical GUI to E.
[10] Two Reasons the Command Line Trumps the Graphical User Interface
Before I get into this I will state for the record I am not a text mode Luddite. I use a graphical user interface (GUI) every day. In fact I am using the fluxbox window manager GUI as I write this article with a WordPress GUI and Firefox GUI. I like my GUI chewy goodness as much as any visually stimulated human. However, for certain tasks a GUI is just not the best choice.
[11] Is Linux Easy to Use?
Today’s Linux distributions such as Ubuntu, Suse and Fedora can be installed very easily. In Ubuntu the user required actions are just 4-5 clicks. The installer is clever enough to partition the hard disc without loss of data and co-living with other operating systems installed prior. I love this feature a lot.
[12] What is so bad about the command line?
Graphical interfaces serve a purpose and so does the command line. It doesn’t matter which operating system you use. So I will not accept any arguments that the command line is bad. The command line is good in my humble opinion and those who shy away from it are missing out on a large piece of the computing experience.
[13] Command Line vs. GUI Reality Check
The downside of this is a lack of flexibility. In order for a capability to be available, there must be code in the GUI application. The command line gives an administrator complete control of maintenance procedures, and under certain circumstances, this is the only option.
From a design perspective, the choice of command line vs. GUI seems pretty straightforward. First, how quickly does the code need to be produced? Second, which interface makes the user most productive? While there is plenty of room for different points of view on the answers to these questions, it is simply not true that one is always better than the other.
[14] Along the Commandline
Naturally, we talk about the BSDs, Linux and Mac OS X whenever we speak about shells and commandline interfaces. But why does the commandline have a reputation that belies its power? Why did the hold over users’ minds exercised by Apple and Microsoft lead to an almost complete rejection of commandline interaction? Why do we, the masters of the commandline, feel slightly sheepish in the presence of the GUI builders?
[15] What Non-Techies Should Know About The Command Line
When faced with a shell prompt, the only thing some people, especially non-technical users, feel prompted to do is close it and stay in the confines of their graphical castle walls. For many people, a command-line shell is an unfamiliar thing. It’s foreign, and requires learning foreign languages to speak to it, as far as they are concerned. Well, it doesn’t have to be that way; the command line can be kind of fun. Whether you need to open a Bash prompt to solve a driver problem, or compile a program, or just to automate a simple task, it’s always good to at least be familiar with your command-line shell.
[16] Fear and loathing at the command line
Whatever the reasons, fear and loathing of the command line is so strong that the claim that GNU/Linux still requires its frequent use is enough to convince many people to stick with their current operating system. The claim is no longer true, but you can’t expect people to understand that when the claim plays on so many of their basic fears about computing.
[17] Linux administration will become GUI
The question is, how long will it be before the Ubuntu Server edition includes a GUI install option? Instead of resisting this change, we should be encouraging it by improving the graphical interfaces that server admins need. This is how Ubuntu can gain faster adoption in the server market.
[18] Linux on the line: musings on the CLI / GUI flip-flop
People are a funny lot. One person’s trash is another person’s treasure. And one person’s primary means of instructing a computer is met with disdain by another. There’s a perennial battle between mousers and keyboard jockeys, and “what’s in” appears to go in cycles.
[19] Pros and Cons for Using CLI
In this article I will debate on several major advantages and disadvantages for using the command-line in Linux. When I think it’s ‘better’ to use CLI, when not, and how can this can impact the work speed.
[20] Who needs the command line? (Well, actually, we all do)
“We’ll always have Paris”, Humphrey Bogart said to Ingrid Bergman in the iconic climax of Casablanca – and we will always have the command line. Here’s looking at you kid!
[21] Ars at FOSSCamp: revolutionizing the command line with Hotwire
Unlike Powershell, Hotwire includes a rich visual user interface with support for features like easy history browsing (command history is stored in a SQLite database), icons in file listings, and progress bar displays for certain file operations. The user interface also provides extensive support for advanced autocompletion mechanisms that can be customized by developers.
[22] Death of the command line
It’s hard for me to imagine using an OS without a strong command line. Even Microsoft has recognized the for that with their Monad Shell (though they are at least temporarily removing that from Vista). Linux of course has its Bash shell, Mac OS X has Terminal (which now defaults to Bash) – everybody knows you need a shell.
[23] The CLIophobia of the Linux Newbie
CLIophobia (n): An irrational fear of operating ones’ computer using the Command Line Interface. Sometimes referred to as Terminal Angst.
[24] You use Command Lines all the time and don’t know it!!!
Man, the heat Linux catches over command lines! The flames! The trolls! The clueless screaming for help! And all the while, command lines are right under your nose the whole time! Yes, even on the most mousy, GUI-driven, WIMPy, point-n-drool interface, whether it be Macs or Microsofties, you’re typing commands into prompts every day!
[25] Microsoft PowerShell isn’t Vista-ready, either
As a few other bloggers noted yesterday, Microsoft’s newly released PowerShell command-line shell and scripting language doesn’t currently work with Windows Vista.
[26] Worm targets Windows PowerShell script
Virus writers have created an experimental form of malware written in Windows PowerShell script, the command line and scripting language used by Windows.
[27] Repairing Windows XP in Eight Commands
* C: CD ..
* C: ATTRIB ?H C:\boot.ini
* C:ATTRIB ?S C:\boot.ini
* C:ATRIB ?R C:\boot.ini
* C: del boot.ini
* C: BOOTCFG /Rebuild
* C: CHKDSK /R /F
* C: FIXBOOT
[28] Random Windows Vista Disconnects
1. Go to your start menu
2. Open the Command Prompt by typing cmd in the search field
3. Press Ctrl-Shift-Enter while the command prompt is open to run the
command prompt as administrator
4. Type netsh winsock reset then press enter
5. Then restart Windows Vista
[29] Vista – Fix Large File Copy and Network Disconnect
One of the “new features” in Vista, of course is the new networking stack. As with anything new, you can expect problems but did you know you can disable some of the “advanced” features (for the time being)
After reading all kinds of posts and a couple of MS FAQ’s, it seems the main culprit is the Receive Window Auto-Tuning Level.
One thing people seem to forget is, you can turn this off and on via the command line.
[30] Missing In Action
Microsoft’s infamous Patch Tuesday was this week and the updates that automatically downloaded and installed on my computer caused it to be unbootable, even in safe mode. So, since Wednesday, I’ve been busy using the wonderful Ultimate Boot CD for Windows to get my data off the hard drive and then reload my machine. Wonderful fun.
[31] Reflections on the command line
That’s one of the best things about the Unix command line – no backtalk, no second guessing, no false comraderie. To me the assumption of user competence is profoundly user friendly -and infinitely to be preferred to the smarmy checks and failsafes Windows puts on.
[32] Microsoft PowerShell to make it into Longhorn Server, after all
Microsoft’s command-line scripting shell, originally code-named “Monad,” and known now as Windows PowerShell, is going to be part of Longhorn Server, after all.
[33] IRC Clients for Linux Part 2: List of 5 CLI Clients
As a conclusion, I strongly recommend Irssi, followed by WeeChat and Epic4. The first two are powerful enough, flexible, documented and have scripting support, while the latter is a little harder to use (at least in the beginning) and it has its own scripting language. Despite this, Epic4 has the advantage of giving you total control over how you want its interface to look like, and it also provides many scripts on the official website for customising it. BitchX is too old now and it’s no longer updated, while TinyIRC offers only the minimum features needed to connect and interract with an IRC server.
[34] Review: MOC, text-based audio player
Today I’ll continue with an overview with screenshots of MOC, and hopefully in a few days I’ll also review mp3blaster.
[35] 5 best-practices of a successful Linux user
Do not run away from CLI: You’ve not got hold of quite a few ways to fix things on your Linux machine. You may be happy using the GUI window to install new apps. This may be synaptic, yum, yast or whatever. But having a good hand at the terminal is never a waste. If you can accomplish some basic tasks on the terminal, I am sure you’ll be far more confident and proud than you were without this ability. Hacking into or tweaking you machine is definitely fun but do not intend to just copy-paste commands from the Internet cloud. Try using the man page to know what each of the commands do, so that next time you know what you’re doing before you hit the return key on the terminal.
[36] Look Ma, No Terminal!
A common misconception with Linux is that you have to know how to use the terminal in order for you to use linux. The fact is you won’t have to use the linux terminal more than you would use CMD in Windows or the terminal in Mac OSX. Today we will look into some of the applications that a “normal” computer user would use without having to know the terminal. Here the term “normal” is vague; since every computer users needs are different from one another, but we will try to cover some basic applications that a normal computer user might use.
[37] Got Scripts?
Where’s the FUD? For years, Windows zealots have denounced Linux for being arcane, hard-to-use, and backward. Heavy reliance on the CLI for administration was cited as a failure to progress (through obstinacy, ignorance or both). Now, it appears that Microsoft is admitting that a powerful shell is indeed useful, forcing its fanboys to dine on crow tartare.
[38] SWM, Shell User, Seeks Soul Mate for GUI-Free LTR
“There is a sad truth to the world today,” wrote the anonymous poster of the ad. “I am part of a dying breed of people known as ‘shell users.’ We are an old-fashioned bunch, preferring the warm glow of a green screen full of text over the cold blockiness of a graphical interface…. The whole ‘Microsoft Windows’ fad will fade away sooner or later, but in the interim, our kind is facing extinction.
[39] Pimp up your Terminal with Guake and Yakuake
If you’re wondering whether Guake and Yakuake are Polynesian happy mushrooms, you’re a bit off mark. These are Linux command line terminals, modified to behave like the console in the popular First Person Shooter (FPS) Quake. Hence, the funny names.
[40] More lightweight diversions
A couple more, that deviate slightly. Terminal-based entertainment, short of watching movies piped through aalib, could always take the obvious route and remain text-based, as it was a long time ago. To that end it’s still possible to play some telnet games, including Space Tyrant, which is still maintained too.
[41] 13 Terminal Emulators for Linux
Konsole: This is a powerful and full-featured terminal included by default in KDE. It features desktop transparency, background images, profiles, tabs, notifications and plenty schemes to choose from.
[42] 10 Command-Line Applications I Use in Debian and Ubuntu
In this article I’ll briefly review ten of my favourite CLI (command-line interface), not necessarily the most popular or most powerful of them. So if you don’t find your personal favourite, (e.g. Midnight Commander or mp3blaster), it’s because the article includes the tools I use more often.
[43] Rush Hour: Newest GNU Restricted User Shell
The latest stable release of the GNU Restricted User Shell (Rush), version 1.5, includes new configuration offerings and a notification feature.
Permalink
Send this to a friend
Content is available under CC-BY-SA