[Gllug] Take a look at my photos on Facebook
JLMS
jjllmmss at googlemail.com
Sat Nov 7 00:32:04 UTC 2009
On Fri, Nov 6, 2009 at 7:28 PM, Alex Smith <alex at alexsmith.org> wrote:
> This simply shows that the uptime of a system largely depends on the
> skill of the administrator. I'm not in the Windows camp - but all too
> often, carpenter blames his tools.
That is utter nonsense.
Sorry, but it is.
I remember the first versions of Windows NT, where you needed to
reboot a server to install any minor piece of software. In the
meantime Solaris, Irix and other contemporary machines kept quietly
doing their job for months at a time. There was nothing you could do
as a System Administrator to avoid the downtime in the Windows
machine.
And as I mentioned earlier, I saw flaws in Windows screw big networks
in big places, with good Sys Admins (the best I have known working
with Windows) because the idiosyncrasies of Windows (we are talking 2
or 3 years ago) lent themselves to allow the most outrageous series of
security breaches, this in machines fully patched, hardened with
antivirus up to date and a capable team on call 24x7.
The "throw the kitchen sink" mentality of "problem solving" prevalent
in Windows, compared against the ethic of simplification in other
systems makes matters worse when administering Windows.
It all starts with the GUI. The GUI is optional in UNIX/Linux, that is
one less vector of attack, one layer less to worry about. We even have
text only web browsers if needed. How do you achieve that level of
simplification and flexibility with Windows?
The ultimate proof of this I saw was in an appliance that is used to
store passwords securely. Somehow this company has managed to licence
a Microsoft Windows kernel at the heart of the thing, the irony is
that the appliance ncludes an on board firewall, and guess what OS was
running there? Yep, good ole Linux.
Enough said just there frankly (and no, I have no idea what they did
such a thing, but at least the knew which technology was secure and
which one wasn't).
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list