[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: What part of "Total" in TCO do you not understand? -- it's not Microsoft's, just their users ...
Quoting mike808@users.sourceforge.net:
> Wow. That's a lot of money. So who, exactly, is "eating" these costs?
> I sure don't want it to be me. Do you?
You pegged it right there. But it even goes deeper.
Microsoft _still_ refuses to turn on various defaults, because it considers
letting the _customer_ deal with support costs related to worms is cheaper to
them than handling support calls related to changing those defaults.
In fact, this was basically the "reading between the lines" one _could_ gather
from the Blaster conference call.
> Hmm. Isn't Sobig an MSTD (MicroSoft Transmitted Defect)?
> As in only Microsoft systems are affected?
> Ah. So *that* is who is eating that $11 BILLLION *PLUS* in extra
> costs.
While RPC issues _do_ affect UNIX/Linux systems as well, there are two major
differences.
1. UNIX/Linux patches _work_, and typically do not require a reboot
2. UNIX/Linux patches do _not_ uninstall other patches or affect other services
3. UNIX/Linux defaults are much better
#1 is a major reason why UNIX/Linux patches are adopted quickly, because they
work and do not require a reboot.
#2 is the _major_reason_ why SQL Slammer hit big. I was at a Fortune 10
company when SQL Slammer "slammed" through our network for 3 days. Even though
the patch had been available for 6 months, Microsoft _knowingly_ (if you read
all the docs on the patch) released 2 other patches that _uninstalled_ it
before SQL Slammer hit. It wasn't until 7 days before SQL Slammer hit that
Service Pack 3 came out and re-patched it correctly (along with the other
patches that uninstalled it). Unfortunately for my Fortune 10 company, SP3 had
not been "tested" for production, so the systems were only 2 weeks current,
instead of 1 week.
#2 is the reason I _hate_ dealing with Microsoft products. Microsoft is more
than willing to expense its own administrators to protect its @$$. At my
Fortune 10 company, some people's jobs were "on-the-line" for not "keeping
systems patched" _until_ I showed that the patch was uninstalled _because_ the
sysadmins _were_ keeping "up-to-date"! Most of the IT media, with exception of
IDG publications, is too chicken to expose Microsoft's unprofessional attitude
towards their own consumers with regards to actually taking _responsibility_
for such "overlooks."
#3 is as I detailed above. Microsoft considers the "support load" of turning
more secure defaults on to be undesireable, and it is far easier to "pass the
buck" of security to its consumers.
> How much of that $11 BILLION in costs did *Linux users* have to bear?
> That's right. $0. Zero. Zilch. Nada. Nuttin. No-zink (in Sgt. Schultz
> accent).
Again, RPC issues _have_ hit Linux in worm form before. But when they have,
under 10,000 servers were infected, even though Linux _outnumbers_ Windows
servers on the Internet.
> Maybe our slogan should be:
> Linux. Now with *FREE* virus protection.
No, I'd change it to:
"UNIX/Linux, we've got our flaws too, but at least our
patches actually work instead of making you!"
> So now we're up to $12.25 BILLION. And there's three months left to
> go. And then there's all of NEXT YEAR. And the year after that, ....
Yep, TCO of UNIX/Linux is just lower. I say this as an original NT 3.1 beta
tester and MCSE 2000 too with 10 years of NT/UNIX sysadmin experience.
> I don't remember seeing those line items on the "Total Cost of
> Ownership" reports and studies from Microsoft. Do you? Maybe they
> don't understand the meaning of the word "total"?
Correct. Not only is _security_ is noticably absent, but they _redefine_ 5-
Nines to mean "unscheduled downtime" instead of "[all] downtime." Otherwise
Windows would _never_ achieve 5-Nines due to patches and reboots.
> What else don't they understand if they can't
> even do basic math? (Well, besides Operating System security <g>)
That's because Microsoft relies on general CIO, as well as overall public,
ignorance.
When over 93% of a "Who wants to be a Millionaire" picks "Wired" over "Slate"
as a magazine published by Microsoft, people simply belive that Microsoft
invented everything they use and rely on ... including the Internet -- even
though Gates himself said it was a "fad" in his 1995 book!
> Guess who the ISP gets to pay for that? Yep. Their customers. You and
> me.
I just moved to Bloomington, IL, so I'm on dial-up right now. It's
_impossible_ for me to surf because my firewall is getting over 1 Blaster hit
per second on the local Earthlink POP.
> "We regret to inform you that due to increased operating costs,
> we are forced to increase our rates ..."
> Ever get one of those letters from a vendor? I know I have.
Yep. Computing has _increased_ operating costs for companies.
Which is why companies that have their business on the Internet do _not_ run
Windows. Apache powers almost the entire Internet 500.
> Too bad I can't send one of my own to my boss. :=)
> Really? So *my* business cable-modem on their shared network can be
> impacted by their other customers who have Microsoft systems?
Yep.
> Wow. Think about that.
The funny thing is that gurus at Microsoft _predicted_ Melissa _before_ it hit
in 1998, and Microsoft did nothing.
> In FOUR years: OVER $53 BILLION DOLLARS.
> Sheesh, That's more than Bush just asked Congress for the war in Iraq.
Yep.
[ SIDE NOTE: The US suffered $400B in _direct_ damages due to 9/11 ]
> *THAT* is "The Microsoft Tax" those TCO reports don't want to talk
> about. And all the DOJ has to show for it is a "settlement" (after
> getting a *GUILTY* verdict, no less)
The problem with anti-trust lawsuits is that they are brought on by _large_
competitors who have their _own_ interests. That was the case with the US DOJ,
it wasn't about small companies and consumers, it was about large companies
that are sometimes _no_better_ than Microsoft *COUGH*Oracle*COUGH*.
Some of the far smaller, private lawsuits against Microsoft are much better.
Microsoft regularly goes into a company, signs a NDA and _ignores_ it because
they _know_ they are big enough to fend them off with lawyers after they've
made billions by _stealing_ their IP and other inventions. Very sad!
In fact, the OS with the _most_ SCO code _is_ Windows -- more than _any_ System
V UNIX brand!!! Microsoft DOS has had SCO code in it since 1982. I mean,
where do you think directories came from? SCO XENIX! Microsoft had access.
So it was a _no_brainer_ for Microsoft to re-license after IBM called SCO's
bluff and didn't buy them out.
> for Microsoft to give *more* of its defective software free to
> schools (while deducting full retail value from its taxes and
> settlement "damages"), and a pimply 17-year-old that changed
> "SOBIG"
No joke. Microsoft spends $50K to "give away $1B" in write-off -- they _make_
money! In return, Microsoft wanted the US to "dismiss" over 100 _private_
lawsuits by small companies and individuals who had had their IP stolen!
> to "P3NI5" after we were a week into the SoBig MSTD epidemic.
> Maybe he learned how to use the "rename" command on that free WindowsXP
> his school installed.
Just like Microsoft has Akamai "rename" Apache so it reports itself as IIS. So
much of Microsoft's Internet presence is BSD, Linux and Solaris-based, largely
outsourced to companies like Akamai -- and has been for almost 3 years now!
> Linux. Now with *FREE* virus protection.
> Linux. No subscription required. Ever.
> Linux. Unlimited upgrades.
UNIX/Linux. We have holes and worms too. But we have patches that work, don't
require a reboot and _never_ adversely affect things. Integration might be
what you like for the desktop with Windows, but its the _death_ of security on
the server.
--
Bryan J. Smith, E.I. mailto:b.j.smith@ieee.org http://thebs.org
-
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.