there are many ubuntu based linux distributions that are user friendly. i especially like the cd-rom bootable versions like freespire so I don't have to forego my windows permanently.

I finally installed Linux after resisting for the longest time, thinking Windows was perfectly fine, then after checking out several different distributions, I found that Ubuntu and a few of the variations built on it is just great. I've now decided to keep that in my old emachines laptop for permanent experimentation!

A very interesting article. I'm in a similar position having just installed Ubuntu on old Dell Inspiron 5000. I've been very, very impressed with it. I've been a Windows user for longer than I care to remember. I have to say this is the first time an OS has excited and interested me since the Amiga.

I had a few wrinkles in the beginning (I had to install with the alternative CD because the Live CD crawled) and some problems getting a wireless connection going.

However, once these problems were solved I have to say my experience with Ubuntu is increasingly "Why can't Windows be more like this..?" I'm now thinking of putting this onto my main PC, it'll be a dual boot as I do play some games but really I'm impressed and excited by Ubuntu.

I have installed Ubuntu 7.04 on my T60, dual booting with XP. I have found Ubuntu to be the simplest Linux distro to get running on the T60. The ATI video is often a stumbling block with opensuse or Fedora. It is work at the very least. Not to mention getting the wireless to work. The Ubuntu install was the first time I had the wireless just work. Ubuntu does notify the user about the possibility of using non-open source drivers with hardware components.

The read only access to the XP partition has been a real plus. Gimp opened a Photoshop (.psd) file that was on the XP partition with no problems.

Secondly, whoever designed yum and yumex (for fc4) needs a good kick in the n*ts, the _very_ slow update time, the stupid reporting of dependencies (no dependency tree) and the sluggish performance of python makes it a really trial to get volumes of software installed and to figure out which installs cause a dependency errors! Sheesh!

Anyone who installs a Symantec product on a computer is probably an idiot, given that Symantec products are often a gross mess of inefficient, bloated, registry bloating COM classes. Pick proper security software, disable unneeded windows services and stupid bling and it becomes much more usable.

Yes I have a pre-loaded/customised Linux system, but found that it took far longer to get a full loaded system set-up and the lack of excellent programs like Directory Opus is not funny (it doesn't work properly in Wine). Nautilus, Konquerer, PCManFM etc. look shockingly primitive, in comparison!

sunsmountain:

http://www.linuxgames.com/?dataloc=articles/icculus/
Over at LinuxGames there's an interview with Ryan Gordon about the state of Linux gaming and what technologies on the horizon will be important. Ryan has been doing ports of programs to Linux and MacOS X for over a decade now. Going all the way back to the games ported by Loki, Ryan has probably been responsible for more commercial applications being ported to Linux than anyone else.

Linux Gaming:
http://en.wikipedia.org/wiki/Linux_gaming

Right, all we need now is a good multimedia experience for Ubuntu and windows is dead. I like pc games and watching dvd's by letting my pc send them to my tv. Do the current Open GL driver provide that functionality already? Unfortunately most games require Direct X, more so with Xbox360 ports. Is Direct X possible to emulate under Ubuntu? Translating game code into driver code using a game by game approach? What are the options here. Good news to hear, this. Props!

Octopus commented on the 12 Jun 2007:

"Steve, Computer security is not about scoring some some test like you keep going on about."

Nobody stated it was - tests are merely gauges of it, & even this CIS Tool 1.x test I noted?

Is not perfect & I admit that, but it is the best overall test that runs across both Linux & Win32 I can find.

(Find a better one that helps you secure yourself more I guess, & runs on BOTH Linux and post it here).

I offered NMap (this works via this commandline -> nmap.exe -P0 -sT -F -O -A (insert IP address)) & TENABLE NESSUS (this constantly screws up on me, so it is not fair to say this on my end)!

However, imo, they are not as good or comprehensive, and do not TELL you how to secure yourself more.

None really account for say, using hardware NAT "firewalling" (or, even true CISCO type technology stateful packet inspecting units as I use from LinkSys) for instance, as an example of what I meant by "perfection"...

Octopus commented on the 12 Jun 2007:

"There are a number of reasons inherent in Windows design that make it insecure."

AND, there are 14 inherent reasons here:

http://it.slashdot.org/comments.pl?sid=237507&cid=19410153

You can use to secure it largely vs. those (whatever those are you stated, you didn't give specifics)

Octopus commented on the 12 Jun 2007:

"Of course it is possible to *change* the default behavior of Windows and make it less vulnerable, but the fact is, most people lack the knowledge to do this."

Yes, and the url gives them MOST of that (the rest, as in the case of IP Security Policies? You have to have SOME understanding of things "IP" & I noted that below - an excuse to learn imo!)

Octopus commented on the 12 Jun 2007:

"Windows, by default, hides extensions of known file types. I believe this is still the case with Vista."

I never EVER allow for this, personally. I always have it show "ALL extensions" & for the reasons you note.

Octopus commented on the 12 Jun 2007:

"The model Microsoft uses for software installation is a mess. Install a program, and pieces of that program are often spread all over the system"

For reasons: Some DLL's need to be 'publicly accessible', it's that, or putting them into a folder on the environment's %PATH% variable!

(MOST can be "privatized" to an application's folder though, because of the DLL calling rules (first is the app looks inside of its own folder, & next along the system path), & if you need them? I can post them here!)

This takes up space though, doing privitization, but can help vs. "DLL Hell".

Mixed bag, but Windows File Protection & System File Protection in current Windows NT-based OS' protect against DLL hell nowadays, (as well as "side by side assemblies" in memory too!)

Octopus commented on the 12 Jun 2007:

"Windows source code is closed and unavailable to the general public. This means that there could be (and surely are) a myriad of bugs"

Easily countered - having OPEN source makes it easy to FIND bugs or create/exploit areas, far easier than trace debug dissassembly of closed source code asm dumps, by FAR!

Octopus commented on the 12 Jun 2007:

"Windows users must TRUST Microsoft to not put in backdoors, spyware or other code that violates a users' privacy."

I'm a developer, and have been for 15 years now almost professionally - do you think devs don't leave backdoors in non MS products too?

IIRC, IBM had one, that allowed ANYONE root access to their mainframe systems ages ago, via a console/keyboard keystroke combo (hidden though), & iirc, it was like tab + XYZZXY (or something like that)...

For MS to do that, which I doubt they would?

They would have to be crazy though - the liability alone could impoverish them because of all the users on windows out there (90% of the world's computers)... the class action lawsuit would floor EVEN they imo!

Octopus commented on the 12 Jun 2007:

"A quick check of Wikipedia will show the number of known viruses for different operating systems:"

Security by obscurity operates in the favor of MacOS X & Linux - less users, thus, less of a target for malware creators! Why write for less used OS', when the larger target is MS OS', in other words?

Freeman commented on the 12 Jun 2007:

"1) Secunia explicitely says: "Please Note: The statistics provided should not be used to compare the overall security of products against one another."

Well, I have no 'better gauge' than reported & verified vulnerabilities in both. Thus, I utilized it.

AND, I do agree with them (but perhaps NOT for the reasons you suspect because that is open to interpretation, & here is mine of that statement):

Secunia states that, because some vulnerabilities are for instance, library related, & for example, in Windows? You can unregister OLE Servers to stop them from running IF they are vulnerable if needed (sacrificing apps that may depend on their functions until patches occur).

PLUS, Work arounds for many holes DO exist.

E.G.-> An easier one? If an app is vulnerable, see if you can replace it with one that is NOT vulnerable.

The "holes" didn't solely exist on the OS' themselves, but on database engines, webservers, etc. (and of course, other apps folks may run, but I chose "industrial scenario" type ones, as common ground since folks here are network admins/engineers & these are large tracts of any companies' lifeblood, information systems!)

Freeman commented on the 12 Jun 2007:

"IMHO that I believe that the Linux way is more open and secure"

You are definitely entitled to your beliefs, but I tend to believe in numbers & quantified scores. Granted, you can shift & analyze these numbers here any way you like:

1.) SQLServer 2005 runs from birth to current, with 0 security advisories (and, keeps NASDAQ running 24/7 x 365 days a year (the fabled "5 9's" of 99.999% reliability too) on Windows Server 2003 fully patched.

http://secunia.com/product/6782/?task=statistics

2.) IIS shows less bugs/vulnerabilities than Apache does (and less critical ones) & in fact, 10 TIMES LESS!

http://secunia.com/product/1438

vs.

http://secunia.com/product/73

3.) Windows Server (9%) itself has less bugs and LESS CRITICAL ONES, than Linux 2.6 kernel builds (13%) do!

http://secunia.com/product/1174/?task=advisories_2007

vs.

http://secunia.com/product/2719/

HOWEVER - this IS why I offer up the CIS Tool 1.x as a comparitive gauge between Linux &/or Windows of modern varieties. It's actually FUN to do (in a nerdy kind of way) & a good learning experience if anything, as the tool aids you in making a more secure system thru advisement it offers.

(My score IS the highest I can achieve, POST-HARDENING, and still be able to go online & do various tasks I need to perform).

That all said & aside?

Since I offer this score on my hardened rig on Windows Server 2003 SP #2 fully patched as of the date of my testscore??

I am wondering WHY no one is taking this challenge to run it on their *NIX boxes.

It is the ONLY multiplatform test I knwo of that runs across both Linux &/or Windows & hence/again - why I chose it for comparison's sake here.

I can lead a horse to water, I cannot make them drink.

Freeman commented on the 12 Jun 2007:

"Your 14 points seem valid, but it's a pain having to do all of them every time I install Windows"

They are valid, & the CIS Tool 1.x (runs on Windows, Linux, BSD, Solaris, etc.)! I do welcome anyone to try it, as it is imo, an invaluable tool that helps YOU, help yourself, to a better/more secured platform.

CIS Tool 1.x (far from perfect, but still excellent, is the ONLY multiplatform gauge (afaik, & this comprehensive) I could find for network security via a single test, & that is the 'control method' here, the test itself to keep it as fair as possible) is downloadable here:

http://www.cisecurity.org/bench.html

Score of 84.735 validates it for me (again, I can send the photo of this result to anybody who is interested as valid proof I suppose).

NMap (this exists for BOTH Win32 & *NIX's) & possibly tests using Nessus are another:

(TENABLE NESSUS, & NMap commandline of -> nmap.exe -P0 -sT -F -O -A (insert your IP Address here))

but have to be done (this much I conceded) if you want to be secured. I tried to make a simple as I could type of "guide/roadmap" for others as I could, here:

http://it.slashdot.org/comments.pl?sid=237507&cid=19410153

Personally, to save time (because I DO agree with your "objections", but can somewhat overcome them to a degree), I tend to automate some of it, with prebuilt .reg files I keep here (and they are listed in downloadable guides at that URL, in another set of url's)!

HOWEVER, the .reg files can be obtained from myself if needed by others, at the email address I post there also.

(Each comes with internal documentation because of comments possible in .reg files that the system ignores, with backing url's from Microsoft, that indicate their validity, and the comments also contain what it is the 'hack' does, and the acceptable parameters - this took me FOREVER to do, 1-2 years ago, but is worth it in the end to save myself & possibly others, time in understanding what it is they do, & how they work + why)

This is, however, the BEST I can do.

Freeman commented on the 12 Jun 2007:

"Showing 84000 points for windows just doesn't mean anything for those who don't know CIL, and they are not going to the trouble of finding out what it is without further motivation like this complete comparison"

I can't given anybody the motivation really, they must have it themselves.

The only 1 I can think of, is to have a more secure system online & some more "peace-of-mind" I suppose.

Freeman commented on the 12 Jun 2007:

"(and that also do not mind being locked to Microsoft decisions regarding program/format supports)."

Imo, Microsoft WOULD put in 'every format for documents under the sun' but iirc, didn't ADOBE just fight them on that & beat them in regards to Office being able to create .pdf's, and forcing MS to remove or cripple it?

Freeman commented on the 12 Jun 2007:

"as someone else said, if you really want security, you should go to OpenBSD."

Well, I stated why I cannot - it IS a "Win32 world" out there largely, & in my field (MIS development). I have to go with that, because of a greater opportunity for employ really.

Hi, APK, thanks for the links and explanations for your point of view between Linux x Windows.

I believe the main point dividing Linux and Windows is the ideology of how software should be made:
1)Windows enthusiasts are happy with good features and having the evolution path of their software being delegated to the software house (aka Microsoft).
1)Linux enthusiasts like more power over the software: they require having the source code to modify whenever they see fit, and therefore the users themselves are responsible for the evolution of their software.

In terms of security there are two points:
1) Since windows programs are 'closed', it's not possible for outsiders to have a look at the code and find out vulnerabilities: this protects the programs somehow but, with less eyes, many vulnerabilities lurk without being detected.
2) Linux open up its code wide open, so everybody can peek inside it and find vulnerabilities. Therefore, all vulnerabilities and be found and exploited, and with that very few vulnerabilities remain without being detected.

Some people just like to have a good program without bothering with its internals, the same as using a good car without bothering with their internal component details.
I personally prefer the Linux way, because I like to know exactly what program/features/internals I'm using, as I like to know exactly what components are inside my car.

Your 14 points seem valid, but it's a pain having to do all of them every time I install Windows. I believe no one in slashdot answered your challenge because noone was used to the CIS tool to try out in Linux. If you think that current Window security point is better for this security assessment test (and IMHO that it is possible), you should show a comparison of CIS points between: a) default Windows XP/Vista, default Ubuntu 7.04, default MacOSX, default OpenBSD. Then you should show the CIS points between: b) security-hardened Windows, ubuntu, macos, openbsd. This would really be interesting. But just showing 84000 points for windows just doesn't mean anything for those who don't know CIL, and they are not going to the trouble of finding out what it is without further motivation like this complete comparison. I'm sure this post would receive a +5 Informative in Slashdot.

After saying that, I had a look at your secunia links comparing Windows x Linux. While the overall numbers you show are there, there are some comments I would like to do:
1) Secunia explicitely says: "Please Note: The statistics provided should not be used to compare the overall security of products against one another." So you shouldn't use them to justify security of either Windows or Linux.
2) Since you used them anyway, it's interesting to note the following: Linux vulnerabilities were rated 80% less critical, and 20% moderately critical, all were patched and 60% were DoS attacks, i.e. they didn't allow undue access to data. Windows vulnerabilities were rated 14% extremely critical, 29% highly critical, 21% moderately critical, and 35% less critical, 21% are still unpatched or partial fix, and 56% allowed system access, i.e. administrative access, the worst security nightmare with loss of data, rootkits, virus infection etc.

When I see these results, IMHO that I believe that the Linux way is more open and secure, but as someone else said, if you really want security, you should go to OpenBSD.

Regarding features (not security), IMHO that Windows and Linux are even in terms of desktop usage features for the consumer, maybe Linux a split hair second behind, but passing by fast ahead. The main thing I like in Linux is the possibility of using and reusing file formats forever. In Windows for instance, you never know when they are going to drop support for formats, programs etc: for instance, Microsoft does not support the .LIT ebook format anymore. Whoever bought lit files is fsckd in a deadend, and has to rely on old outdated programs which will not work in the windows version after vista, which will only run 64-bit applications without 32-bit compatibility (vista already does not support those 16-bit applications which many businesses/people still use on their old computers of the 1990s). If the .LIT format had been designed in Linux, you would still have the source code to support/recompile new extensions/updates to the LIT format in any processor/platform -- any company could pick this task up, or any user with enough will to learn a programming language or use 'make' to compile it for his current platform.

I should summarize: Windows is at most good for _companies/corporations_ which don't want to bother with source code, only with features (and that also do not mind being locked to Microsoft decisions regarding program/format supports).

Linux is good for _consumers_ and also companies, since it provides a way to always access your personal/old/legacy data, and support accessing them in any future platform/processor. See my link for more information on how Linux/GPL can free you and your data from Microsoft arbitrary decisions.

Steve,

Computer security is not about scoring some some test like you keep going on about. I was a Windows user until 5 years ago, then switched to Linux almost immediately after trying it, and have never looked back.

Now, about Security... I can't speak for Vista, since I have not tried it, nor am I interested in trying it. However I have had a lot of experience with Windows XP. There are a number of reasons inherent in Windows design that make it insecure. Of course it is possible to *change* the default behavior of Windows and make it less vulnerable, but the fact is, most people lack the knowledge to do this.

For example, in a default install of Windows XP, the initial user is an Administrator of the machine, and does NOT have a password. Any malware on this machine will have this user's Administrator rights, and can alter the system at will. This is not the case with Linux, as well as all the other Unix variants including Mac OS X.

In addition, due to the sloppy early model of Windows, a huge percentage of modern Windows software REQUIRES the user to run as an administrator. Again, this is not the case with Linux.

Windows, by default, hides extensions of known file types. I believe this is still the case with Vista. This is extremely stupid, and makes it very easy to trick users. Virus writes often name an infected executable something like "somefile.txt.exe." This is, of course, a .exe file, which most people know is dangerous, however Windows will deceive the user, and display this file as "somefile.txt," which of course most users will think is an innocent text file.

The model Microsoft uses for software installation is a mess. Install a program, and pieces of that program are often spread all over the system. User data is not always kept in one local place (such as My Documents).

Windows source code is closed and unavailable to the general public. This means that there could be (and surely are) a myriad of bugs, just waiting to be stumbled upon, but no way for a security person to find them and patch them. Windows users must TRUST Microsoft and only Microsoft to make sure their code is clean and trustworthy. Windows users must TRUST Microsoft to not put in backdoors, spyware or other code that violates a users' privacy. Microsoft has been a convicted of anti-trust and monopolistic practices. They have lost case after case of stealing code (Stacker, Doublespace, etc.), sabotage (DRDOS) and other forms of theft and extortion. Windows users must TRUST a convicted, lying, stealing corporation with all of their data, passwords, credit card numbers, bank accounts, business secrets, and personal life, because only they have full access to their source code. Linux is an Open Source products, so ALL of its code is open for public view, insuring users that there are no trojan or backdoors, or other malware hidden, or huge flaws in its design.

One thing I find amusing is the first message I receive when logging into a freshly-installed Windows machine: "Caution: your machine may be at risk! You are not running anti-virus software!" For once, Microsoft is being honest with the user with this message. The difference here is that, in the Linux/Unix/Mac world, security holes are patched when they are found. In the Microsoft world, many are left in the OS, and the user must buy third-party software to keep malware from getting to those security holes.

Because of the above-mentioned flaws in Windows of making default users with administrator rights and no password, when a virus does make it to a Windows machine, it owns that machine, and can install rootkits and other nasty system stuff. If a virus were to make it to a Linux system, it would only be able to affect that users' files, not the system itself, so could not install rootkits.

A quick check of Wikipedia will show the number of known viruses for different operating systems:

Windows viruses: 140,000
MS-DOS: 4,000
GNU/Linux viruses: 30
Mac OS X: 0

So you go ahead and feel that your Windows is secure because you ran a program that gave you a happy "security" score, and ignore the facts.

-Octopus

APK,

You are a diligent person and your comments are appreciated.
You obviously do your homework and I commend you for sharing your results with me(and everyone else).

Since I consider myself a fair individual, I installed Feisty Fawn Saturday afternoon to evaluate the user experience alone. Security debate aside, it's pretty cool. Does it "floor me"?...eh... It's pretty good. Is it more secure?... I don't think so. Will I continue to give it a try?... Yep. I don't understand why it's so difficult for people to concede that Windows is a good product for many reasons. I can admit that Feisty Fawn is a quality product. It seems like it really is a matter of ego and nothing more. Security issues aside (safe practices is my answer to that, I don't spend any extra time hardening my security at home and as I have stated have run into no problems with XP), I'll still need Windows products for several apps I frequently use. I have run into performance issues with Feisty Fawn, albeit they are really hardware/driver problems, but it stems from yet another Linux distro that is in development. I just hope one day there will be software from both Linux and Windows that is as ready for market as say... OSX, but until there is some serious standardization for hardware, it will always be a matter of preference.

Keep fighting the good fight for those of us with sense enough to appreciate all the good tools available for us to do the jobs we do. *NIX, Windows, Mac, they are all tools and people need to keep that in mind.

Something bothered me a great deal today, & I'd like to share it with you all, & it came from Slashdot!

A School District's Education in Free Software:

http://linux.slashdot.org/article.pl?sid=07/06/10/1730201

From the article's initial post here:

"Linux.com and Slashdot are both owned by SourceForge."

Is this the truth? This is all I wish to know about they, & here is why:

I ask this, because most people came here from that website most likely, so it is something to point out imo.

(Because if it is, that tells me worlds about the slashdot website if it is, and it's "anti-Microsoft/anti-Windows" bent & near constant anti-MS propoganda streams!)

IMO - If you post things that disprove anything from SLASHDOT Pro-NIX "rumordom", well, it largely/usually it gets you "modded down" & such, even if backed by respected sites!

(Pretty lame... but examples are below, read on!)

Yes, it truly explains a great deal if it is true that /. is in cahoots with Linux.com & also sourceforge!

Slashdot's a HUGE opponent of anything Microsoft (look @ their photo of Bill Gates as a borg, & their haha microsoft tagging system).

Anyhow - E.G.-> Earlier on @ this site, I stated that slashdot was unwilling to the link I put up on how to secure Windows here:

http://it.slashdot.org/comments.pl?sid=237507&cid=19410153

As an article there.

Gee, I wonder WHY!?! Not...

That article was put up by myself as it made a CHALLENGE to the Linux crowd, as it does here, and imo, by this point?? One they cannot meet!

(Along w/ my secunia data below showing Windows & its wares being more secure than Linux, though the 'propoganda mantra' is "LINUX IS THE MOST SECURE" by Penguins vs. Windows, constantly!)

I posted it at slashdot, just to see if Linux or other NIX users could beat the score I posted of:

84.735 on CIS Tool 1.x

(& I will send ANYONE the photo of my result no problem)

Email me @ [email protected] if you feel you need veification.

I have nothing to hide here, and possibly everything to gain, and... so do you linux people!

(To continue - I gave the slashdot crew the same challenge I am putting up here to LINUX penguins, & especially Linux users)!

All so, that IF they can beat my CIS Tool 1.x score?

I could attempt to emulate methods they used on to Win32 OS of NT-based ancestry & improve it moreso using analogs of THEIR methods!

CIS Tool 1.x (far from perfect, but the ONLY multiplatform gauge I could find for network security via a single test, & that is the 'control method' here, the test itself to keep it as fair as possible) is downloadable here:

http://www.cisecurity.org/bench.html

NOW, some folks here called my 14 points on how to secure a Windows system "theory"?

My CIS Tool 1.x score, makes it FACT... quantified fact, via my score.

My methods are outlined above & below, in an easy to understand & use roadmap. 1 hour work, tops @ most for experienced users, a bit more for inexperienced folks but not much more and a GOOD learning experience imo! ONE EVERYONE ONLINE OUGHT TO BE AWARE OF (how to secure yourselves especially on Win32, but also to share Linux/UNIX methods also).

Facts I posted, not theories only, that work & apparently, judging by the lack of response here vs. my score & Linux users being able to beat it?

A reality, & again, one I literally quantify using the same test each OS would use!

It shows that Windows & its wares are more secure than Linux & its wares. SECUNIA data below only bears that out moreso.

Never mind the fact Windows NT-based OS' have a C-2 rating & I am not even SURE if the SELinux hooks to the Linux kernel have that (they do not afaik & have not reached B levels OR "verified design" levels either (none have in OS' of any kind afaik here on this latter one), but it only matters for systems NOT NETWORKED (standalone rigs are more secure than ANY online system mind you, but we are talking networked systems, far more versatile & useful, today + always imo)).

Nevermind the fact that in 2005-2006, Windows showed better here as well in regards to vulnerabilities tests @ SANS found the same thing, all Nix's vs. Windows & both their wares in 2005/2006 as having less bugs/vulnerabilities/holes on Windows vs. NIXES... to the dismay & hooting & hollering by the NIX crew online.

Funny, but isn't the SECUNIA data from today I am posting now still showing the same, vs LINUX in particular, here below?

DO CHECK IT (url's below), I invite this, by all means to verify my words to you all.

To myself though, the bottom line here seems to be that Slashdot appears to be just another "in league with b.s. artists' & propoganda smear sites" once I see who may own them.

They post disgusting crap mainly by their 'trolling users' on their site, vs. Microsoft's accomplishments & security trackrecord (which if you see the url's below, is better than Linux & its peripheral wares ported or not to Linux)

Apparently, Slashdot's not one that engages in professional unbiased online journalism, but rather "Pro NIX" fanfare, even if it is unjustified.

As far as security of Windows Server 2003/VISTA & Microsoft peripheral wares?

Again - See the excerpts I put up below (quoting them here once more) & disprove them if possible:

1.) SQLServer 2005 runs from birth to current, with 0 security advisories (and, keeps NASDAQ running 24/7 x 365 days a year (the fabled "5 9's" of 99.999% reliability too) on Windows Server 2003 fully patched.

http://secunia.com/product/6782/?task=statistics

2.) IIS shows less bugs/vulnerabilities than Apache does (and less critical ones) & in fact, 10 TIMES LESS!

http://secunia.com/product/1438

vs.

http://secunia.com/product/73

3.) Windows Server (9%) itself has less bugs and LESS CRITICAL ONES, than Linux 2.6 kernel builds (13%) do!

http://secunia.com/product/1174/?task=advisories_2007

vs.

http://secunia.com/product/2719/

Those facts/stats are ALL verifiable @ SECUNIA.COM, in the links below each point (a respected and unbiased website in the regard of online security) as well as the CIS Tool 1.x from The Center for Internet Security.

Slashdot's beginning to show its "true colors" & motivations, imo, if that quote is true... & even IF not, vs. CURRENT (as of 06/11/2007) secunia data!

I just do NOT like unjustified b.s. spread around, because not many folks will examine things to the level I have here, and put them out for you to judge for yourselves with, once you have read them.

I had a guy named Juoni Vuorio try that with his registry cleaner JV RegCleaner vs. mine here:

http://www.techpowerup.com/downloads/389/foowhatevermakesgooglehappy.html

& he was using .reg injections of a prebuilt data set that favored his over ALL others to show his as "SUPERIOR", but when users tried my program, vs. his, with their registry data UNALTERED by such rigging test data sets? Mine WIPED THE FLOOR WITH HIS, everytime, on many users systems @ majorgeeks.com, ntcompatible.com, techpowerup.com & more.

The world's full of b.s. spinmasters & falsehood staters, who KNOW folks won't verify things as completely as possible is why... hence, my post here to you all, on the same GENERAL NOTE!

Linux folks, all I can say is this (because this type of crap from slashdot is bull & disprovable, see for yourselves in the url's below):

Take some time, & either build your stuff up as coders bettering it, OR @ least offer tricks/tips/techniques & advice in workarounds as I did in my url to slashdot above on how to secure Windows OS, rather than spreading gossip like women do...

Men? Get things done! Women spread falsehoods & 1/2 truths.

Your coders do a great job imo, for guys working for ZERO profit (mostly)... & the LINUX OS family is truly because of it, a 'socio-technological marvel' as I have stated below here many times now, but stating falsehoods & not meeting challenges like the one I pose here? DOES NOT LOOK GOOD FOR YOU ALL!

However, the forums zealots & sites like slashdot, once exposed for things like dizzy stated, or others here I put up evidences vs. their points for example?

Well... less than credible, and once shown as operating on b.s. & 'in cahoots' with sites that definitely are NOT "pro Microsoft" like Linux.com & Sourceforge?

They probably actually believe that slashdot propoganda as true, most likely shown them by SLASHDOT, that "ultimate authority" on things computing (not, though I respect some of their posters a great deal especially in the developers section (J.C. of IDSoftware mostly))?

I post data to the contrary here, from reliable sources like SECUNIA & others like the CIS Tool 1.x test I challenge Linux folks here to!

You read, you check those links, YOU JUDGE! Be an informed reader, not a sheep who has been programmed by "The great slashdot"...

APK

P.S.=> BY now, some of you have to have downlaoded & tried the CIS Tool 1.x for Linux? Why isn't anyone here beating my score??

I guess Windows Server 2003 is more secure and so are its "crap apps" as dizzy here stated they were, along with 'SUPERIOR LINUX BY DESIGN' eh?

I am a SHOW ME person, & I showed you mine (all of the above)... show me YOURS, & beat my CIS Tool 1.x score linux penguins!

Also, disprove that CURRENT (06/11/2007) data above from SECUNIA!

And, of course, if you disagree with any of my points? I am open to discussion on them of course (I am NOT perfect, but I think I made good points here, open to debate of course, by ALL means!)

Thanks! apk

JDG,

I am with you on many grounds per what you stated, but one I must disagree on, & it has verifiable data for you to check on!

JDG commented on the 10 Jun 2007: "Opera (can you say s-l-o-w)"

Here though, I have to disagree with you JDG, mainly because of this analysis (most recent browser speed comparison I have found to date, & VERY comprehensive, across many platforms & on MANY grounds):

BROWSER SPEED COMPARISON:

http://www.howtocreate.co.uk/browserSpeed.html

Do take a read of it, because Opera was found to be the OVERALL FASTEST BROWSER THERE IS ON THIS PLANET, currently (& especially on the most utilized OS platform there is, in Windows)!

Enjoy the read...

Now, I am also in agreement w/ Steve's posting on large tracts of it!

Mainly, regarding scriptability in Windows (searching the JSIINC.com site can lead you to TONS of prebuilt scripts that work or can be altered to YOUR NEEDS easily too, mind you, those can be used to help you if you are not "expert" @ it @ that level)

BUT, in regards to servers NEEDING to have a GUI, I said it earlier in this thread:

"Headless modes" do exist on Windows 2000/Server 2003/Longhorn (VISTA SERVER ON THE LATTER ONE), no GUI required on that machine that goes 'headless', because Terminal Services/Citrix, VNC & other methods exist to run it if needed!

Also, & Steve stating that things Active Directory offer, do make it simple(r) to administrate, on many tasks, is quite true (especially for security, & doing Group Policies).

APK

I know this is silly, but I would NEVER use Ubuntu Linux for the simple reason of it's name. It's like fingernails on a chalkboard for me. I do use Linux (Redhat) on occasion, but I don't really find it to be as useful on the home/office/desktop as an "everyday" OS. I'm a power user of "Office" applications, and I'm sorry if you don't want to hear this, but for the past 15 years or more, and for the forseeable future, Microsoft has the best products out there. THAT'S why they are the largest software company in the world, their stuff is good. If it wasn't, the marketplace wouldn't have made it what it is. For instance how many of you still use your Commodore 64 everyday?, what about that old Packard Bell? Only 14% of you use Mac's and/or OS X. Stop with the arrogance, your shit just isn't as good as Microsoft's, if it were, IT would be in the lead. I've tried some of the open source stuff out there, like OpenOffice (junk, won't do a tenth what MS Office is capable of), Thunderbird (good, but I still prefer Outlook), StarOffice (worse than OpenOffice), Opera (can you say s-l-o-w), and several others, with similar comparisons, the stuff just isn't as good as what Microsoft puts out. The one exception I've found so far is FireFox, hands down the best browser on the "market". And yes, I realize it's basically just a "trimmed up" version of IE. But for browsing the Internet, I don't need "Power User" features. All of you Open Source "junkies" out there, need to take heed and learn to write code (if you don't know how already) and start writing applications that actually work as well as the Microsoft Products, BUT are still Open Source and don't cause as many resource problems as the more commercial software available from Microsoft and others. THEN, and only then, will you get my attention and that of the "mainstream" user.

This s a response to one of the threads I read where someone complained about Windows server having a GUI:

If you've ever managed a network with several hundred DC's, storage devices, and thousands of workstations, you'd understand why a server needs a gui. It simplifies many tasks when working on very large scale implementations. Not to mention the beauty of group policy. You can get really fine grain control of your network devices and the GUI doesn't bloat to the point of performance bottlenecking. If you prefer command line for scripting of administrative tasks, you should go back to school for some network management lessons. There is plenty of scripting that can be done in windows server '03. Also there is very widespread support for the windows community. For task automation in a server 2003 environment, look up "script logic" It's a fantastic program that's reasonably priced and imo worth its weight in gold for any serious administrator. It takes hours off of time spent researching for pushing unattended installs and other miscellaneous admin tasks. I'll continue to use freeBSD for all of my web serving needs (until something better comes along), but for a large scale corporate environment, Server 2003 reigns supreme. In these cases, *NIX is good for only a few things(database servers, storage devices, DHCP servers,etc.) For managing workstations and authentication/rights management, SVR2k3 works very well. The only thing I can think of that would work well in the *NIX world would be terminal services, which would take a ground up restructuring of any implementations I've worked with to date.

Ubuntu LAMP Server commented on the 8 Jun 2007: "APK, Please no offenses to your Windows theories to make it more secure"

They're not theories bro' - the 14 points I listed here:

http://it.slashdot.org/comments.pl?sid=237507&cid=19410153

Actually work!

... & I quantified this via using the CIS Tool 1.x (which also runs on Linux/BSD/Solaris & more iirc) downloadable here:

http://www.cisecurity.org/bench.html

& scored an 84.735 on it - I wish some of you guys would try it (it does run on your *NIX setups too) & tell me how far YOU can go (it helps you along fellas, & makes it simpler to secure your rig than you'd think!)

Ubuntu LAMP Server commented on the 8 Jun 2007: "but Ubuntu don't need any tweaking to make it secure enough: it's secure enough by default after installation."

I am curious - does UBUNTU base itself on the 2.6 kernel & does it offer, by default, the SELinux kernel hooks for security (MAC type stuff)?

Unless it does, it's not as secure as you think, NOT REALLY!

(SELinux imo, so far @ least, is the BEST THING THAT'S HAPPENED TO LINUX LATELY, as far as security)

Ubuntu LAMP Server commented on the 8 Jun 2007: "Windows after installation is a swiss cheese full of holes which require lots of 3rd-party antivirus,malware,registry tweaks etc just to put it on the internet without being pwned by a script-kiddie."

I'll definitely agree in the cases of 2000/XP, but they can be secured via the 14 point first url I listed.

Windows Server 2003 is better (on IE6.7 hardened default alone, but I use Opera instead (better/best browser there is imo)).

VISTA is, believe-it-or-not, from a pure security standpoint, better than any of them (it's built on the foundations of Windows Server 2003 code first of all, & things like ASRL, UAC, & more DO REALLY, make it so).

Untuned/untweaked, on the CIS Tool 1.x tests we had done @ techpowerup.com, VISTA did do better than ANY MS OS, "out-of-the-box" oem stock... still, I have to admit - you have a point here though - Windows does need to be hardened more from ANY release they make (in patches/updates alone, & also via the methods I note in the first url above).

I won't argue this much, hence, why I even did the first URL list of tricks/tips/techniques for securing a Windows rig (only takes about 1 hour to do, good learning experience, & certainly worth it -> Enough to get me an 84.735 score on CIS Tool 1.x!)

Ubuntu LAMP Server commented on the 8 Jun 2007: "Tell you grandma that, and she'll go for Ubuntu."

Lol, my grandmother doesn't use PC's... but, I get your point.

Ubuntu LAMP Server commented on the 8 Jun 2007: "Windows owners complain about linux's console"

I never do - I "grew up"/started out on console mode OS' like UNIX &/or VMS in the 1980's in academia, & into the 90's on PC's using DOS 3.3... I don't mind it @ all!

Ubuntu LAMP Server commented on the 8 Jun 2007: "but they are full of registry tweaks that are way more difficult than using a console."

See, here? I 'beg to differ' & perhaps we have to 'agree to disagree' - given a roadmap like I give users in the 1st URL I post above? It is simpler than you'd think! Especially with prebuilt .reg files (the hardest part is using IP Security Policies, because you have to understand "things IP" in order to get anyplace with it really!)

Ubuntu LAMP Server commented on the 8 Jun 2007: "And if you really care about security so much, drop windows altogether, burn it down, stick it to M$ and install OpenBSD: [visit link] OpenBSD is security of the highest level, even more than Linux, way MUCH more than Windows: for example, OpenSSH was one in many security projects derived from OpenBSD: [visit link]"

Well, you know, I would but the monies are made on Windows NT-based OS' more today in what I do (MIS type coder, others call this databasing, using ASP.NET/VB.NET lately, & VB6/Access & Delphi in the past mostly).

I have to go where the monies are man... in order to survive!

Nice discussion guys, I am outta here for now, it's FRIDAY!!! Hallelujah...

APK

Hi, Roscoe,
there are many simple ways to listen to Internet radio on Ubuntu. It boils down to using the player of your choice. Please see this link for a possible solution:
http://ubuntu.wordpress.com/2006/04/05/listen-to-and-record-internet-mus...
And you can also use google to look for terms like 'ubuntu internet radio'.

You can also install automatix for free to manage multimedia packages easier: http://www.getautomatix.com/
more tips here: http://ubuntuguide.org/wiki/Ubuntu:Feisty#Multimedia_Players_.26_Browser...

--> All:
See also Ubuntuguide.org for any doubts about Ubuntu:
http://ubuntuguide.org/wiki/Ubuntu:Feisty

->Donato Roque:

Installing LAMP on Ubuntu is way easier than in Windows. You just need to read the documentation in Ubuntu Server, or if you prefer a 1-click solution, read this:
http://www.howtoforge.com/lamp_installation_ubuntu6.06
Google is always your friend when you have a doubt about Ubuntu. Use it!

->APK:
Please no offenses to your Windows theories to make it more secure, but Ubuntu don't need any tweaking to make it secure enough: it's secure enough by default after installation. Windows after installation is a swiss cheese full of holes which require lots of 3rd-party antivirus,malware,registry tweaks etc just to put it on the internet without being pwned by a script-kiddie. Tell you grandma that, and she'll go for Ubuntu. Windows owners complain about linux's console, but they are full of registry tweaks that are way more difficult than using a console. And if you really care about security so much, drop windows altogether, burn it down, stick it to M$ and install OpenBSD: http://www.openbsd.org/ OpenBSD is security of the highest level, even more than Linux, way MUCH more than Windows: for example, OpenSSH was one in many security projects derived from OpenBSD: http://en.wikipedia.org/wiki/OpenSSH

ADK,

Check out Beryl. It's another GUI tasty treat for linux. Another great reason to use Linux. I'd also suggest getting used to gnome as well. KDE is sweet, but Gnome has some nice features also.

Check to see if your distro is included here:

http://www.beryl-project.org/distros.php

It's pretty cool, especially the productivity aspects of it. Since Ubuntu is one of the distros that includes Beryl, I was blown away that "Mr. productivity" didn't mention it. On my fedora box I frequently have several browser windows open, as well as 5-10 programs running. Beryl provides a very useful way to manage your screen real estate. This would have been a good point to mention for the article. There's loads more, but I don't know or feel like digging to find it right now. It may require the use of gnome. Check it out and let me know what you think.

PS make sure to read the documentation or watch the demo so you don't miss some of the finer points of using it.

dizzy:

Continuing on this note, per the messaging diagram for webservers you used from ZDNet?

IIS vulnerability history = 3:

http://secunia.com/product/1438

Apache vulnerability history = 33:

http://secunia.com/product/73

?

That's 10 times as many for Apache, than for IIS6.x... & the article was exactly ABOUT that - message passing complexity in Windows Server version's IIS (not a core component of the OS really, an addon is more like it, & in Windows Server 2003, you have to ADD it (since the OS installs by default, to a setup much like XP Pro, & you personally have to ADD ON SERVER COMPONENTS, so you know)...

APK

P.S.=> As far as Windows Server 2003 SP #2 or RC2 vulnerabilities? See here, as of the current date of my posting:

http://secunia.com/product/1174/?task=advisories_2007

127 total, 11 of them are unpatched (9%)!

Only 4 are rated critical, & here? Of those 4, only 1 affects MY setup here personally (for how it is setup, afaik), in the NDISTAPI.SYS one!

(Mind you - That driver can be turned on/off via services.msc if/when needed, easily enough).

NOW, as far as Linux vulnerabilities? See here, as of the current date of my posting:

122 total, 16 of them are unpatched (13%)!

EXCEPT HERE? 16 are rated critical!

See for yourself, I have not had my coffee yet this a.m., but I don't think I made a mistake in this analysis!

SO, that all said & done, on an enterprise class scenario so far?

1.) SQLServer 2005 runs from birth to current, with 0 security advisories (and, keeps NASDAQ running 24/7 x 365 days a year (the fabled "5 9's" of 99.999% reliability too) on Windows Server 2003 fully patched.

2.) IIS shows less bugs/vulnerabilities than Apache does (and less critical ones) & in fact, 10 TIMES LESS!

3.) Windows Server (9%) itself has less bugs and LESS CRITICAL ONES, than Linux (13%) does!

The proof's in the pudding... as far as security, but in terms of widespread use?

Windows blows Linux away, & this is just fact that is commonly known/accepted (which means as far as employment possibilities? You ARE better off pursuing Win32 OS, because there are just more machines out there to fix, develop on, & administrate, + use for productivity tasks @ work on the job)

That is because Windows runs on 90% of the world's system & such!

Windows also has more wares available for many purposes!

Windows has a higher security rating via the DOD "Orange Book" too, @ C2 levels (there are higher ones, the best being "VERIFIED DESIGN" & I don't think ANY have this one to date but not sure (even more than the kernel hook addon to Linux, in SELinux, afaik, unless you can show me otherwise as I requested))

Lastly, Windows enjoys more hardware vendor driver support than Linux does.

Don't get me wrong, because again:

I respect the fact that Linux is built for FREE for mostly NO MONIES (thus, it is a "socio-cultural technological marvel" imo) off of the work in time given freely of many people... & I like KDE a lot as as desktop, & it's one I can develop for using Delphi code I already have written in Windows with little to look out for (Win32 API calls use, some Tcp/IP diff.'s, & avoiding Windows specifics like the registry)...

However, Linux is NOT QUITE Windows, yet, & on many grounds!

(Linux clustering is ahead of Windows in their Compute Clustering Edition, but the point is, MS does have this capability in a Windows version build too & Linux runs on more hardware platforms (Windows NT 3.5x ran on MIPS/Alpha/PowerPC/x86, but MS removed everything but the most used platform after that, & stuck to x86 - this is also a point in favor of Linux)! apk

You have spammed me 30 messages now, and have failed to stop when requested. Enjoy your stay on an RBL.

Is your mail server running on Windows? Because the way it's spewing spam at everybody on this list, I would guess you've been exploited. Now fix it, as you have been notified of this problem at least 48 hours ago!

You have been spamming me for 2 days now, and your unsubscribe link is BORKED! Fix it!!!

You have been spamming me for 2 days now, and your unsubscribe link is BORKED! Fix it!

You have been spamming me for 2 days now, and your unsubscribe link is BORKED! Fix it!

SQLServer 2005 SECUNIA security advisors ALL TIME (2003-2007 current) = 0

http://secunia.com/product/6782/?task=statistics

(Did the legwork for you - not too shabby for what you literally called "so much other poorly designed crap")

Again - that 'crap' keeps NASDAQ running in a HIGH tpm environs 24x7, 365 days a year (well, the fabled "5 9's" 99.999% enterprise-class level, on Windows Server 2003!)

APK

Quote dizzy: "I won't even touch on some of the flaws inherent in how the windows GUI works"

Why not? I am more than willing to discuss it here, bring your qualms on...

Quote dizzy: "why the hell does a server in a rack need a GUI?"

VISTA's Server model upcoming has a "headless mode", look it up on GOOGLE!

Look up "headless mode" for Windows 2000 & Server 2003... it's doable on them as well (TS can manage it, Remote Administration tools for them can do it, VNC can even do it (more ways than this mind you as well, do exist)!

:)

APK

dizzy, a question:

QUESTION #1: What Linux's have C2 security ratings (ala the "Orange Book"), currently even?

You see, I truly am curious on that account...

Mainly, because I am not sure if it does or not as of this date & I know it used to NOT have one but this may have changed!

(Mind you - this C2 rating holds on NT-based OS' only on standalone setups, afaik, which when you come RIGHT DOWN TO IT? Are more secure than networked systems anyhow - but most systems are networked today, but still, I would like to know if Linux has this yet or still not)...

QUESTION #2: Secondly, like I said below??? What can your Linux rig score on CIS Tool 1.x, or rather, how far can you get it to go (the tool assists you here by the way, so go for it)???

Quote dizzy:

"A good admin should be able to secure either system reasonably well."

Go for it, & report back with that score (it's actually fun, & a useful thing to do on your Linux rig to try here & compare our scores anyhow)!

LASTLY - On how well Windows Server 2003's designed @ least, like crap you say? Hmmmm...

Well, it's reliable enough to run SQLServer 2005 24x7 @ 99.999 uptime ratings in a high transaction environs called NASDAQ.

Not bad for, what was it you called its wares & such?

Quote dizzy:

"The major problem Windows has as security is that it is designed to have an ever increasing complex feature set to be backwards compatible to so much other poorly designed crap"

I don't get what you mean by that, when NASDAQ is an example otherwise!

In fact - Check Secunia &/or other security oriented sites, & tell us the answer to this question:

QUESTION #3:

HOW MANY SECURITY VULNERABILITIES DOES SQLServer 2005 fully security patched as of this date show? I don't know myself!

After all, NASDAQ's a fine example of stable & extremely TPM high transaction environs running non-stop then I guess, with buggy vulnerable crap running on Windows Server 2003 SP #2 or RC #2 then.

APK

Everything you say in your article makes Ubuntu sound very attractive. Unfortunately I haven't had any luck getting Ubuntu server with LAMP working on my HP laptop. It seems the core is there but there isn't any GUI.

'startx' can't be found and all of the suggestions that I've found on the Ubuntu forums have not resolved the problems. I'm trying to run both the client and server on a single CPU machine and I can't determine from the documentation if this is possible or advisable. Maybe I also need to install Ubuntu desktop on this machine but, again, I can't seem to find any guidelines on that either.

Like yourself, I don't have much use for MS Windows, Norton anti-virus, etc. but, at least, I can get them to work on this machine. It's very frustating since the Ubuntu installation tells me everything is OK.

I'm new to Linux and would have loved to test drive Ubuntu but I don't have the time, energy, or patience to continue attempting to get a successful implementation.

Am I missing something?

Thanks,
Roscoe

I said is considered more secure, that doesn't mean it is in all instances. However, the *nix realm's security is by and large worlds ahead of Windows due to better design. The major problem Windows has as security is that it is designed to have an ever increasing complex feature set to be backwards compatible to so much other poorly designed crap. A good admin should be able to secure either system reasonably well. I'm not going to sit here and say you can't secure a Windows system, thats stupid zealotry at its finest, I am going to say that it takes alot more crack spackle to make it happen. Trusted Solaris or SecureOS are reasonably good examples that come to mind.

http://blogs.zdnet.com/threatchaos/?p=311
Here is what I mean by design issues. It is the same idea behind disabling services you don't use. You just shouldn't have so much crap going on that doesn't really need to be there. I won't even touch on some of the flaws inherent in how the windows GUI works, other than to say why the hell does a server in a rack need a GUI? Even if you argue its 100% secure, at best its a huge waste of resources. I am happy they finally decided to remove those stupid 3D screensavers from their server product, but it took them quite a while to do that when it should have been a nobrainer from the getgo.

Forgive me if I don't respond anymore. I am tired of the stupid autoplay win2k3 "We are more secure -- Highly important newspaper" video.

Donato Roque commented on the 7 Jun 2007: "My XP experience is one of increasing challenge and burden in terms of security"

Then, let it be a challenge to you to try what's in this URL link below, & a burden, no longer!

Try (or, @ least look at) this set of 14 basic steps (all work on Windows Server 2003, & 13/14 work on 2000/XP/VISTA (iirc)):

http://it.slashdot.org/comments.pl?sid=237507&cid=19410153

It's not that much harder to do, than it is doing .reg file &/or regedit.exe hacks for speeding up & securing a Windows NT-based OS (which IS also possible, & many in this thread noted it for the author's sake)

The thread I posted above is for your reference & possible future benefit (and, just may contain things in it you were not aware of is all, that work for massively securing Windows NT-based OS of today)

The tricks/tips/techniques within it secure these OS from Microsoft to a level I would like to see folks from the Linux world (especially SELinux) or other OS' (since the gauge I used was CIS Tool 1.x (from the CENTER FOR INTERNET SECURITY)) try to exceed, and specifically exceed my score noted on CIS Tool 1.x of 84.735 in fact.

(And, above all: Great if they do! I say that simply because I can grow stronger by it, learning now, & possibly even emulate/duplicate their techniques to the Win32/NT-based OS side of the fence, as well as secure up Linux rigs I run @ times (not now currently though)).

Enjoy the read, & know this: To do those steps? For an experienced person, it takes about 1 hour TOPS to implement, & a few more testing most likely (services part, but I provide a list to save them time there).

For an inexperienced person, longer of course, but a GOOD solid learning experience.

See - The MAIN point of that post's to learn, for everyone/anyone on computers & learn that securing Windows NT-based OS' of today (2000/XP/Server 2003/VISTA) is a 'snap/cake/walk-in-the-park', if you have guidelines & use the RIGHT tools for it that make it so, & also?

So folks not as "into Linux" also pick up tricks from their world, for security as well (see the P.S. in my post there).

APK

APK

I have been using Ubuntu Linux for 2 months now starting with Edgy and upgraded it to Feisty immediately. Before Edgy, I was a Windows XP user for 2years. My XP experience is one of increasing challenge and burden in terms of security. Running an antivirus software everyday and two or even three antimalware programs almost everyday too is a huge time off my productivity.
Ubuntu linux is my first linux distro. Everything you just wrote in your article just rings of truth by me. Don't get me wrong but at the start I was skeptical it would be this easy. Is there any chance multi media especially internet radio would play nice/nicer with linux?

Steve,

I understand you being a bit "bent" as I was @ slashdot (per my post below, regarding security of Windows vs. Dizzy's statement, for suppressing valid information on my part that seemed to upset their "Pro UNIX/Linux sensibilities)!

However, I think that there are a few folks here like yourself, you seem to be VERY grounded in the network engineering/administration realm (probably more, but that's what I gathered) & know what they're about to one degree or another in this post about computerdom.

Others seem more end-user oriented, but, by the same token, they made solid points on things (tools to use, how to go about doing alternate methods of the same task/thing/idea - albeit via possibly/potentially more sensible methods (like better wares or tricks/tips/techniques to make ANY Win32 OS run quicker/more nimbly in less RAM or lesser CPU types)).

I posted some of that myself, in addition to replying to dizzy on securing Windows & making it as good as, or better than, SELinux quite possibly on the CIS Tool 1.x benchmarks & where to download it, & TRY IT to beat the score I got (he may beat it, but odds are, not with LINUX out of the box & possibly not even with him using SELinux)!

(CIS Tool 1.x - Which again, runs on BOTH of them, & MORE OS' THAN THAT even)

Just to use it as a gauge of my statements below vs. his on those grounds - a fair challenge, one we all can learn by.

I think dizzy (in some of what he said only, regarding security) may just be the victim of what others stated here as well:

Folks tend to read things online & take the words as "GOSPEL/WORD OF GOD" but never investigate it themselves!

(Laziness? Apathy?? Maybe - or, just lack of time, (perhaps a combination of ALL of the above)).

The "halting" stuff may be apps the author is using, a beat machine, OR too little RAM or CPU for this test!

(The last part, too little of the RAM or CPU? Heh, that can be countered for with ease, in posts I did here earlier, about trimming services you don't need to run (YOU DO NOT NEED TO RUN ALL OF THE DEFAULT SERVICES WINDOWS HAS BY DEFAULT - far from it, as I am SURE somebody like you Steve, knows!)).

The same things or good analogs can be done on LINUX as well (daemons = services for example).

Anyhow - Tweaks for performance abound, & like I said earlier? MSCONFIG.EXE & SERVICES.MSC make this much EASY TO DO in Windows XP/Server 2003/VISTA!

I.E./E.G.-> Searching "Optimizing Windows" on GOOGLE will get you FAR more in the way of speeding up Windows via .reg file hacks galore, tips/tricks/techniques using the tools I mention that are EASY TO DO!

As simple as the link I posted for securing a Windows System (easier in fact) to a 84.735 CIS Tool 1.x score on Windows, @ slashdot & is a LINK URL to visit below in my preceeding posts.

All-in-all though - I don't think anyone will call yourself or myself a name here, but you must hit more than your share of tech forums, because it happens... just as YOU mention & I mention below, whenever it comes to Linux vs. Windows.

It's zealotry many times, or just plain being misinformed (I have been victim to this myself @ times, admittedly)!

Still - Others here DID make points like "instead of bitching about it - help recode the system OR offer tips/tricks/techniques to get around objections - they DO exist"!

AND, they do or did!

E.G. -> I offered a few for security & speed, as did others via diff./better wares for Win32 OS out there (and, there are, better than the mainstream most known/best "PR'd" stuff)!

E.G.-> NOD32 vs. Symantec (though I hate to say it, fan for years of Symantec Corporate 10.x series, NOD32's been getting the better of it on tests out there this year @ least).

Perhaps the author IS biased & did not test long enough, perhaps he is just trying to pull the wool over others' eyes & get away with it, perhaps he is not that versed on Win32 systems?

I don't know.

What I do know is & I said it here already:

Folks, we have GREAT STUFF today, by far, vs. the stuff I started out on PC's with 15++ years back, onwards in time in DOS/Win3.x/Win9x/NT 3.5x/NT4x/2000/XP & that's Windows Server 2003 & yes, VISTA (though it may need some "ironing" to get rid of some wrinkles - this is why I am holding off on buying it until SP #1, personally).

Still, I do NOT like how folks from the LINUX camp will say things like "LINUX IS MORE SECURE" & others believe it. OR, when they are challenged to a test or evidence posted, they run or toss names, or just blow it off (this last one I can understand though - when you can't win? Walk away).

Still - Windows CAN be made just as secure as SELinux, perhaps moreso, using tricks/tips/techniques that take 1 hour to setup & implement tops, shown here:

http://it.slashdot.org/comments.pl?sid=237507&cid=19410153

I am not busting on anyone, I only ask others to try this & if they can on Linux of ANY kind? Beat my score, I welcome it, because I will ask & learn HOW THEY DID IT, & GET STRONGER!

The simple fact of the matter is: None of us are 110% "up-to-the-second masters of all things MYSTICAL" in computing & totally informed users (and, we are ALL users, even if we are coders &/or network admins/engineers)... but, some ARE better informed than others!

AND? There is ALWAYS SOMEONE BETTER THAN YOU, if only in some niche category.

Above all Steve - Don't let it get you down though man, it did me earlier as regarding slashdot in my posts prior to this one...

See, imo @ least, today?

The world's full of spinmasters & "3/4 dentists chew trident types" (even if those dentists were sent crates of free samples or were paid to say so - statistics ALL MATTER ON THE SAMPLESET taken, after all) trying to pull the wool over most folks' eyes for MONEY... not the absolutely undiluted impartial & fair truth!

I don't see the problem. You have a windows xp license? just get a install cd from a friend and use this to install the laptop.

Good luck opening word documents and maintaining the layout. Running word/firefox/ssh/excel on xp and 512mb is not a problem!!! maybe you should not install google toolbar and online casino?
There are free anti-virus programs. Symantec is the WORST antivirus ever. Sucks up all your system resources. Everybody knows this. I use nod32.

I mis a lot of windows programs on linux (mostly adobe software). On linux i spend ages finding a similar program to do the same job my favorite windows program does.

it is possible to do a good reinstall with all apps and settings in about 3hours. If you keep your systeem clean, there's no problem running this installation for several years.

Wanna save time(=money) and keep all your favorite programs and keep compatibility with other people? use windows!

Like your viewpoint. Ruined by the crap page it sits on. Why the blankety blank do you allow not one but TWO intrusive flash movies on the same page? And both advertising MSlop to boot.

APK,

I think we may be the only ones who really are grounded. I host about 200 web sites using an n-tier Unix (Freebsd) server farm, and I feel that I'm a little more than qualified to pass judgment on the technology. When I say this article is garbage, I mean it. I never post comments, until I read this from a /. RSS feed. I'm angry that I wasted my time looking at it, reading it, and subsequently posting to it. It(the article)is garbage, and will never have true credibility in the eyes of someone who regularly works with the stuff, or a person interested in converting. His examples of how Windows slows to a halt form running x,x,x and,x aren't true for someone who uses their machine for it's intended purpose. I follow safe browsing practices with a modest anti-virus software package and behind a very cheap hardware firewall (Linksys router w/ integral firewall <$100) and guess what? Never a virus, or a hitch with my XP box. I do all of my serving and dev work on BSD and/or Fedora6. I'm as close to an unbiased user as you'll find.

So enough ranting. This article is garbage and belongs in the trash. I invite you guys to call me names or whatever you do when you have nothing left to say. If you have something constructive to contribute, light me up.

Steve, see my last posting below, before this one... UNIX/LINUX people are funny this way - you show undeniable contrary evidences to their statements? They either RUN & HIDE, or suppress information (then they begin calling others names etc.)... pitiful, honestly!

See the material about /. (slashdot, a very PRO UNIX/LINUX/MACOS X site mind you) suppressing my attempts to show the information in my last post below on their FIREHOSE section, which I put here instead (turning that b.s. around & exposing THEY here for it instead).

Pretty lame imo...

APK

You guys are ridiculous! If you agree whole heartedly with the person who wrote this and keep calling it a "(very nice)" or "great" article, I think I'm going to be sick. I was cordial yesterday, but this article is garbage. It makes us look like a bunch of crybabies. Microsoft wahhh! They took my money wahhhh! If you have a problem with free enterprise and getting paid for your investment, not to mention being successful, then keep on crying. No-one can just take your money... You volunteered it and felt like you got burned. Your fault, no-one else's. Did Bill Gates sneak into your bedroom while you were sleeping and steal the money off of your dresser? Probably not. People with ambition and drive to move forward (like the devil himself, Bill Gates) will always come out ahead of you. Stop whining and make the stuff that linux lacks. Make the drivers for the hardware, make the interoperability stuff for the gamers, make the security bulletproof beyond a shadow of a doubt. These would be constructive things you can do with your time rather than complaining about windows or gushing over this poorly written article.

Isn't the -g in your ssh already part of the set of options that -a represents?

Funny how in a linux site, the only (really annoying) ads are for windows...
So much for your street-cred...

So now you finally experience what we Solaris users have had for years... and I do mean desktop users! :-)

I love aticles like this. Some computer professional goes off on how great some flavor of linux is over Windows. If you google search, you can find about 100 testimonies just like this for every distro of Linux and then it gets reported on all the major tech sites as "OMG Linux > Windows!!!111"

It reminds me of bnet kiddies stopping around proving their epeens to the world on forum boards. Now, not to sound too negative, i like linux. I really do. If i could find the same functionality and easy of use for what i do on a linux box, i'd be all for it.

But lets face it, Linux is great for the office environment and downright sucks for any home use. Yes, as you can tell by now, i'mma gamer and also do alot of heavy encoding and decoding of various video files and formats.

Linux hates PC gaming. I'm serious. How much crap do i need to install and learn to install something as old as "Starcraft", much less something newer like Oblivion? The support for high end gaming just isn't there. And to top this off, finding and installing vid card drivers for any distro is even more of a pain in the ass then dealing with Window's security flaws.

In ending, my hats off to you for finding yet another ho-hum application for any given linux distro and be sure that when the OS becomes applicable for home use, send me an email. -Veji

"me, biased?"

Ah, Anders, forgot to put this link with a list of programs for scientists/engineers that you can find in Ubuntu:
https://help.ubuntu.com/community/UbuntuScience

BTW,
1)Openoffice writer etc can produce PDF output files.
2) Lyx is another good program to produce PDF/ps files if you like Latex.
3) For plotting tools, image processing, bibliographic tools and other interesting things look at the list.

dizzy:

I'd like to challenge this statement from a statement of yours I am quoting, with some evidences of my own:

"Linux is considerably better in security, and a large part of it is by design"

vs. this data:

http://it.slashdot.org/comments.pl?sid=237507&cid=19410153

See the 84.735 score on Windows Server 2003 SP #2, fully hardened for security as best I know how!

That is the score that I can obtain using The CIS Tool 1.x by 'The Center for Internet Security' downloadable here (which also runs on Solaris, BSD, Linux, and MacOS X - so you can try it as well & see what you get by way of comparison):

http://www.cisecurity.org/bench.html

And see if Linux, OR EVEN SELinux, can beat that score.

Granted - Out of the box, as-is from its OEM, XP is very insecure (left this way for mass deployments & applications compatibility by MS is my guess) & Linux can even be improved upon (hence, the existence of SELinux)

Of all the Windows out there of NT-based ancestry, 2000 & XP score the worst of the lot out-of-the-box...

Windows Server 2003 out of the box does better, but VISTA nearly can get what I do after hardening my system as I noted in the URL above (VISTA gets, out of the box iirc, into the 50-60 ranges).

Additionally, should it be needed:

Screenshot of my scoring 84.735 on CIS Tool 1.x are available via emailing me at:

[email protected]

As I don't like talking w/ out visible proof, & thus, I'd provide it to you.

You see - Thru this thread, I have noted things I like about Linux, like KDE & the fact I can develop on it using Borland's Kylix (Delphi for Linux)!

I also made statements about it, vs. Windows and things Linux is ahead in imo (clustering & multiplatform support) & the fact I wish we had Operating Systems this good 10-15 years ago, & that I admire what Linux IS (a "socio-cultural phenomenon" imo & proof human beings can do great things still, for free, of their own time given freely mostly)!

HOWEVER, I do NOT like some of the falsehoods & 1/2 truths I see being spread as F.U.D. by the Linux community @ times about Windows.

This being one of them in your statement, unless somebody runs the CIS Tool 1.x from the download above, & outscores my score on Windows!

Your saying that dizzy - Perhaps that is not your fault, you too may have been misinformed & operate on it.

I intend to change that, & I hope you are not a zealot that will argue with me or call me names (etc. et al as zealots do) but, instead are one that will "put his money where his mouth is".

Thanks!

Funniest part?

I have posted this to /.'s (slashdot, a VERY "Pro-Linux/UNIX site") in their FIREHOSE section as a story 3x today (& they keep denying it: Gee, I wonder WHY THAT IS?)

Maybe because statements like dizzy's above are NOT HOW IT IS PERHAPS?

Don't get me wrong - I actually like & USE, Linux (KDE is nice), but I do not go for 1/2 truths or mistruths and spreading F.U.D.!

Anders, the compatible alternatives in the Linux world:

1.excel,world,powerpoint -> OpenOffice Calc,Writer,Impress (they come for free with Ubuntu)
you can exchange/convert .doc,.xls,.ppt at will.

2.corel draw/photo-paint -> Openoffice Draw,Gimp,Inkscape (they also come for free with Ubuntu - at most you have to add a check on the side of the program in add/remove programs)

3.Matlab -> Maxima

4.LabView -> LabView for Linux

5.Adobe Acrobat -> default Evince pdf/ps viewer in Ubuntu, but there are several good alternativas, like xpdf, gv

I'm sure you will find out many more interesting applications, just after installing Ubuntu look at its add/remove programs

what about wireless?

You don't need to publish this (very nice) article on linux.sys-con.com... It needs to be published in sites like ilovewindows.com or windowsforever.com (obviously these are just an example, i don't even know if they exist - but I'm sure you get the point, don't ya?)