Bill Gate's Claims

• Previous message: Thor: "Re: bill gates' claim about security vulnerabilities per LOC in Unix versus Windows"
• In reply to: David E. Mollico Jr: "RE: bill gates' claim about security vulnerabilities per LOC in Unix versus Windows"
• Next in thread: tai: "Re: Bill Gate's Claims"
• Reply: tai: "Re: Bill Gate's Claims"
• Reply: Warwick Molloy: "Re: Bill Gate's Claims"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 3 Nov 2003 00:40:28 -0600
To: secprog@securityfocus.com

All,

The US military is one of the largest consumers of Unix OS licenses
on the planet. These are folks who have computer systems that
literally mean life and death to large numbers of people. You think
your stuff is mission-critical.... The reason that they use Unix is
because it's more stable (not my opinion, but that of the Joint
Chiefs who conducted some rather extensive testing before
standardizing on Unix) and more secure (again, not my opinion). Ask
the phone companies why they install Unix and Linux boxes in the
central offices? They are required by law to have 5 nines of up time
and they are quite open about not using Windows because of stability
issues.

Microsoft doesn't have the best products around. They have the best
MARKETED products around. There is one Microsoft product that I
like, which is Visio. It, however, is the exception. Micorosoft stuff
on the whole tends to suck when compared to comparable products from
other vendors. Their OS is buggy and in need of a major re-write
since Windows 95. The whole thing still depends on DOS, which is
archaic and needs to be disposed of as it is the source of many of
their ills (buffer overflows and memory based exploits). The
internals aren't that much different on Windows XP and Windows 95.
The best features from Windows 2000 were stolen straight out of *nix.

Their office product has a very poorly designed user interface. How
often have you been looking for a specific feature you can't find
again? The documents it produces are filled with cruft. Save a word
document as HTML some time and take a look at all the crap it spits
out. Telling anyone in professional web development circles that you
use FrontPage is likely to be greeted with snickers. Publisher is a
joke amongst print professionals. Their SQL server leaves a lot to
be desired. MS-SQL doesn't scale well and tends to have a lot of the
same issues as the OS it runs on. I've seen tuned out 4x4 boxes (4 -
2MB XEON CPU'S and 4 GB of RAM) struggling to keep up with 3 to 4
thousand writes a minute. On the other hand, I've seen Oracle
running on a Netra T1 handing 10,000 writes a minute without really
breaking a sweat. Their browser doesn't render code in a
standards-compliant manner. The Windows Media Player has taken it
upon itself to start enforcing DMCA compliance. Oooo, and let's talk
about DirectX. Now that I can format your hard drive from my web
site via your browser, I'm starting to think that Microsoft products
are looking better. Exchange is a nightmare. You need .75 Exchange
admins per server with about 500 users per server. SunOne is one
server for 3000 users with one admin. Sendmail, even with all of
it's issues, runs about the same. Netware is also similar.

Does Microsoft have it's place? Yes, it belongs on the desktop since
that's what end users know how to use. Doesn it really belong
anywhere else? Maybe for file and print sharing. It depends on how
critical those things are for you. Should it be used for a lot of
the things it gets used for? NO! After years of using Unix and
Linux, I've gotten used to things that "just work". I've gotten used
to server that have a year + between reboots. Windows just doesn't
measure up for core network services. Yeah, Microsoft is pretty
awesome. Their products are specifically the reason that I, along
with lots of other techies, am gainfully employed.

It's late and I'm going to bed.

3 cents,

Jimi

At 3:49 PM -0600 11/2/03, David E. Mollico Jr wrote:
>*laughs*
>You all are funny if you think one of the richest men in the world would
>make a claim nationally that he couldn't back up with studies and facts.
>I'm sure some of you might reply saying he fakes the studies or does
>something to hurt them or make them bias. Fact is, microsoft has some of
>the best products out there.
>They hold some of the most sensitive information in the world. Hense,
>they are attacked more than anything else in the world.
>
>-----Original Message-----
>From: J.A. Terranson [mailto:measl@mfn.org]
>Sent: Friday, October 31, 2003 11:19 PM
>To: mis@seiden.com
>Cc: secprog@securityfocus.com
>Subject: Re: bill gates' claim about security vulnerabilities per LOC in
>Unix versus Windows
>
>
>
>On Fri, 31 Oct 2003 mis@seiden.com wrote:
>
>> in an interview done after his speech at the ms developer's
>> conference, http://www.itbusiness.ca/index.asp?theaction=61&sid=53897
>> bill gates claims (among other things)...
>>
>> ..."The fact is, there are security vulnerabilities in peoples'
>> applications in many places. I mean, people act like some other
>> systems don't have vulnerabilities; actually all the forms of Unix as
>> well as Linux have had more vulnerabilities per line of code. They
>> don't propagate as much because they're not as dense as our system is,
>
>> so the things that prevent the propagation are particularly important
>> for our world."...
>>
>> The "density" claim I think refers to the distribution of Windows
>> systems, densely packed on the agar dishes of corporate lans.
>>
>> But does anyone actually know what studies might have compared
>> vulnerabilities per LOC among different operating systems?
>>
>> the distinction between "bugs" and "exploitable vulnerabilities"
>> may come to bear.
>>
>> or maybe the huge number of lines of code in the denominator is what
>> makes this claim is based on.
>
>More likely this claim is based on thin air.
>
>--
>Yours,
>J.A. Terranson
>sysadmin@mfn.org
>
> "Every living thing dies alone."
> Donnie Darko

• Previous message: Thor: "Re: bill gates' claim about security vulnerabilities per LOC in Unix versus Windows"
• In reply to: David E. Mollico Jr: "RE: bill gates' claim about security vulnerabilities per LOC in Unix versus Windows"
• Next in thread: tai: "Re: Bill Gate's Claims"
• Reply: tai: "Re: Bill Gate's Claims"
• Reply: Warwick Molloy: "Re: Bill Gate's Claims"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]