Alright, lets find out how many people want to take a paintball marker and shoot me with it...
Right now I'm intending to be at TriggerTyme's year end Scenario Game in Columbia South Carolina: The upfront cost is a $5 donation/toy for Toy's For Tots. Renting a marker, getting air, and getting paint will be a little bit more.
if you want more information, you can drop by the site and forum announcement:
http://www.triggertyme.com/
http://www.pbjunkie.com/forums/showthread.php?t=19623
Tuesday, November 28, 2006
Monday, November 27, 2006
Turn, Jump, Spin Around : OpenSUSE Irc on Novell Deal
Alright, I originally wrote this post over on linux.com. Basically, the long story short is that OpenSUSE hosted an IRC chat supposedly to go over the deal with Microsoft that was made by Novell.
Linux.com already has a slightly edited version up here
If you want to see the unedited text of the chat, you can click on this link
Anyways, this is my original thought over the event:
Linux.com already has a slightly edited version up here
If you want to see the unedited text of the chat, you can click on this link
Anyways, this is my original thought over the event:
I'm still trying to plow through the un-edited version after reading the lightly edited version here, and, to be honest, this isn't what I expected.
I, personally, expected the IRC chat to be about how OpenSuse developers were going to handle the deal with Microsoft and Novell. I expected it to be about making plans on how to move forward, what programs were and were not going to be worked on, and possibly technical details about how exactly the interop center would actually be functioning.
I also expected the chat to cover any potential plans for mass-evacuation of OpenSuse developers to other projects if the worst fears were realized. I expected serious considerations to be given to Ubuntu, Debian, Gentoo, or RedHat development.
I expected questions and answers about how this might affect KDE and it's use on Windows, or how Novell might use KDE in the future. I expected questions about how Ximian and Evolution would be impacted by the deal, increased exchange server compatibility a possible topic.
What I did not expect, and what we got, was spin about how the deal was good, and about how nothing would really change in the long run. The overall tone of the IRC chat, and the questions that were not asked or addressed...
well, I'm going to state this: I have no problems with Non-Free software. I have no problems with Paying For software if it offers a reasonable price, after all, if I don't pay the coder or the designer, how are they going to afford to be able to work on the project in the future?
I have no problems with the non-free drivers at use in Ubuntu. Like it or not, Open-Source hasn't provided the performance the binary ATi and Nvidia drivers provide, and wireless with "free" drivers? Not happening on a lot of wireless chipsets.
Anyways, the point is, given what we just got from the OpenSuse chat, I'm far more comfortable staying with Mepis built on Ubuntu. People may complain about Mark Shuttleworths and Warren's use of non-free software, but they don't attempt to hide it or spin it.
Saturday, November 25, 2006
Lets talk about Hotel Wireless
Alright, right now I am up in Pigeon Forge, TN, on a family trip, and I've come across what could be described as a pet peeve of mine. Right now my laptops are only getting 5-15% of the hotels wireless access service, and that is driving me bonkers. I am just on the very edge of the service bubble, enough that a newer wireless adapter is having no problems maintaining a connection at low levels, but an older netgear card is going haywire and won't stop scanning channels.
(no problems includes 600ms ping times and 14k modem connection speeds, http://test.lvcm.com says I'm running at about 512k, Planetside and City Of Heros say I'm not).
Anyways, the reason why it drives me bonkers is that I cannot figure out who in the world would setup a hotel's wireless connection signal like this. It isn't the first time that I've been on the edge of the service bubble, while at E3 earlier this year (yeah, when I had a regular paying job), I had the same exact event occur. Just on the very edge of the wireless bubble, only with 0-5% signal.
I get the feeling that the hotels simply buy the Linksys / Dlink / whoever marketing blitz that the Wireless Routers will reach for however many feet, place a router, walk the distance out, walk it out again, place another router, and so on. It seems like it never occurs to a hotel to bother having a network specialist come in to advice them on wireless network building (I am available for this, and trust me, I will glady travel 500+ miles to help set up wireless network infrastructures). The walls, plumbing, electrical lines, elevators, microwaves, and everything else will wreck havoc with the signal. The only way to really be sure that all rooms have "good" access is to actually walk inside the room with a laptop, PDA, or wireless network location device and very signal strengths of 50%+. The point at which you begin to lose 50% signal strength is where you need to be making your halfway point at. Walk from that point, set another router, go back to the middle, measure the signal strength, and make sure that everybody can connect.
That way everybody who visits the hotel can connect at a decent speed.
Is that really so hard?
note, about most of the way through this we went away to the Black Bear Jamboree Dinner and Show, so most of the vitriol I have against the hotel has kinda dissipated, until I reconnected to "very low" signal strenth. 4%-7% range.
(no problems includes 600ms ping times and 14k modem connection speeds, http://test.lvcm.com says I'm running at about 512k, Planetside and City Of Heros say I'm not).
Anyways, the reason why it drives me bonkers is that I cannot figure out who in the world would setup a hotel's wireless connection signal like this. It isn't the first time that I've been on the edge of the service bubble, while at E3 earlier this year (yeah, when I had a regular paying job), I had the same exact event occur. Just on the very edge of the wireless bubble, only with 0-5% signal.
I get the feeling that the hotels simply buy the Linksys / Dlink / whoever marketing blitz that the Wireless Routers will reach for however many feet, place a router, walk the distance out, walk it out again, place another router, and so on. It seems like it never occurs to a hotel to bother having a network specialist come in to advice them on wireless network building (I am available for this, and trust me, I will glady travel 500+ miles to help set up wireless network infrastructures). The walls, plumbing, electrical lines, elevators, microwaves, and everything else will wreck havoc with the signal. The only way to really be sure that all rooms have "good" access is to actually walk inside the room with a laptop, PDA, or wireless network location device and very signal strengths of 50%+. The point at which you begin to lose 50% signal strength is where you need to be making your halfway point at. Walk from that point, set another router, go back to the middle, measure the signal strength, and make sure that everybody can connect.
That way everybody who visits the hotel can connect at a decent speed.
Is that really so hard?
note, about most of the way through this we went away to the Black Bear Jamboree Dinner and Show, so most of the vitriol I have against the hotel has kinda dissipated, until I reconnected to "very low" signal strenth. 4%-7% range.
Thursday, November 16, 2006
If you bought a PS3... I really feel sorry for you
a lot of different reports are starting to come in from people able to get their hands on the Playstation3, and the reports are not good. Now, I'm just gonna link two of these reports so far for the sake of commentary. Source is Anandtech/Dailytech
Issues with PS2 compatibility
http://www.dailytech.com/article.aspx?newsid=4936
Lack of Upscalar
http://www.dailytech.com/article.aspx?newsid=4971
The first problem with the Playstation3 on launch is that it's PS2 compatibility list is far short of what was expected. As the Playstation2 contained the hardware for the original Playstation, the Playstation3 contains the Emotion Chip and Graphics Synthesizer (read: 1 128bit Mips CPU with 2 Vector Processors) that made up the Playstation2, so it was expected that the Playstation2 compatibility would not be an issue. When the Playstation2 launched a few obscure titles had some issues, but most of them were Japan only releases, and not really big sellers. So, imagine the shock people are getting with games like Xenosaga Episode II, Radiata Stories, Devil May Cry, and Suikoden III not working properly? Okay, so that's not the entire list of known problems, I just happen to... oh yeah. OWN THOSE GAMES. Other popular titles like Gran Turismo 4 and Tekken 5 also have issues.
Now, the excuses are already flying, with pointers to the lack of rumble in the Playstation3 controller, to the Virtual Memory cards instead of physical memory cards... but these... well, are not exactly good excuses. The primary reason these are not good excuses is the Operating System base for the Playstation2 and Playstation3. It is Linux. There should not have been any problems mapping the physical memory cards to virtual memory cards, and it should not have been any problem routing Rumble commands to /dev/null. To have software issues like this when you have complete control of the Operating System and the Hardware is inexcusable.
Granted, the most common problem isn't the game locking up, although that happens on a lot of titles. The most common problem is music getting off track, or no music at all. Which... Sony responded to with this gem:
I am thinking that ranks up there with "5 million people will buy our console, even without any games." I really think the Sound Engineers working on Playstation3 titles need to think about how their work is being taken for granted.
The second major piece of news on the launch of the Playstation3 is the lack up an upscaler. This really isn't a big deal in and of itself. People who have set a 640*480 picture to be their desktop background on a 1024*768 screen, and then selected "stretch" know how bad the picture can be pixelated. But, in the case of the Playstation3, it supports resolutions of 480 interlaced, 480 progressive, 720progressive, and at least 1080 interlaced. However, a lot of High Definition Televisions on the market, including a lot of Sony models, do not support the 720progressive resolution. Many only support 480 interlaced, 480 progressive, and 1080 interlaced.
So, Playstation3 games that do not support the 1080 interlaced picture, but support 720 progressive, drop to 480 progressive picture.
Suddenly, Nintendo's decision to forgo anything above 480 Progressive makes a lot more sense, although it's not like I told everybody that... BACK WHEN THE GAMECUBE LAUNCHED. AND WHEN THE SPECIFICATIONS WERE REVEALED FOR THE 360 AND PS3. Oh wait a second... I did.
Anyways, the point is being made that at 480 progressive downscale, the pictures are, well, blurry. I hate to break physics to the rest of the Video Game Crowd, BUT TELEVISIONS ARE BLURRY! CRT televisions depend on the motion blur in order to fool your eyes into seeing motion. That is how televisions WORK.
Anyways, so it isn't like this was an issue that wasn't seen by engineers, especially by engineers who created the High Definition standards and how High Definition is implemented in a television set.
My problem with Sony on this is that they really should have known better, and should have made sure that development teams checked the 480 progressive output views on their games. I know Epic did with Gears of War. It looks great on a 480 interlaced, and a 720progressive screen.
Issues with PS2 compatibility
http://www.dailytech.com/article.aspx?newsid=4936
Lack of Upscalar
http://www.dailytech.com/article.aspx?newsid=4971
The first problem with the Playstation3 on launch is that it's PS2 compatibility list is far short of what was expected. As the Playstation2 contained the hardware for the original Playstation, the Playstation3 contains the Emotion Chip and Graphics Synthesizer (read: 1 128bit Mips CPU with 2 Vector Processors) that made up the Playstation2, so it was expected that the Playstation2 compatibility would not be an issue. When the Playstation2 launched a few obscure titles had some issues, but most of them were Japan only releases, and not really big sellers. So, imagine the shock people are getting with games like Xenosaga Episode II, Radiata Stories, Devil May Cry, and Suikoden III not working properly? Okay, so that's not the entire list of known problems, I just happen to... oh yeah. OWN THOSE GAMES. Other popular titles like Gran Turismo 4 and Tekken 5 also have issues.
Now, the excuses are already flying, with pointers to the lack of rumble in the Playstation3 controller, to the Virtual Memory cards instead of physical memory cards... but these... well, are not exactly good excuses. The primary reason these are not good excuses is the Operating System base for the Playstation2 and Playstation3. It is Linux. There should not have been any problems mapping the physical memory cards to virtual memory cards, and it should not have been any problem routing Rumble commands to /dev/null. To have software issues like this when you have complete control of the Operating System and the Hardware is inexcusable.
Granted, the most common problem isn't the game locking up, although that happens on a lot of titles. The most common problem is music getting off track, or no music at all. Which... Sony responded to with this gem:
some people can put up with playing games that lack sound
I am thinking that ranks up there with "5 million people will buy our console, even without any games." I really think the Sound Engineers working on Playstation3 titles need to think about how their work is being taken for granted.
The second major piece of news on the launch of the Playstation3 is the lack up an upscaler. This really isn't a big deal in and of itself. People who have set a 640*480 picture to be their desktop background on a 1024*768 screen, and then selected "stretch" know how bad the picture can be pixelated. But, in the case of the Playstation3, it supports resolutions of 480 interlaced, 480 progressive, 720progressive, and at least 1080 interlaced. However, a lot of High Definition Televisions on the market, including a lot of Sony models, do not support the 720progressive resolution. Many only support 480 interlaced, 480 progressive, and 1080 interlaced.
So, Playstation3 games that do not support the 1080 interlaced picture, but support 720 progressive, drop to 480 progressive picture.
Suddenly, Nintendo's decision to forgo anything above 480 Progressive makes a lot more sense, although it's not like I told everybody that... BACK WHEN THE GAMECUBE LAUNCHED. AND WHEN THE SPECIFICATIONS WERE REVEALED FOR THE 360 AND PS3. Oh wait a second... I did.
Anyways, the point is being made that at 480 progressive downscale, the pictures are, well, blurry. I hate to break physics to the rest of the Video Game Crowd, BUT TELEVISIONS ARE BLURRY! CRT televisions depend on the motion blur in order to fool your eyes into seeing motion. That is how televisions WORK.
Anyways, so it isn't like this was an issue that wasn't seen by engineers, especially by engineers who created the High Definition standards and how High Definition is implemented in a television set.
My problem with Sony on this is that they really should have known better, and should have made sure that development teams checked the 480 progressive output views on their games. I know Epic did with Gears of War. It looks great on a 480 interlaced, and a 720progressive screen.
Wednesday, November 15, 2006
Update : what am I up to
kinda need to give a status update...
right now I'm building the guides on 3 different systems, the processors listed below. I'll post more information about the systems later.
AXp 2500+ / Radeon x1600
K6-2 500mhz / Volari ... something. I honestly forget.
Intel Pentium 4 530 / Geforce 6800
and yes, I know, no 64bit systems in the line-up, and not really a fairly balanced version of systems in use, but it's what I have available.
OS is the most recent release of Mepis on DVD.
And... right now I have the following guides under progress
Opera: on-site Deb Repository Install
Opera: Ubuntu Source Install
Opera: .deb download / install
----
opera deserves better than the guide I wrote before: Couple of different reasons for all 3. The on-site .deb repositories might be different than the Ubuntu source, and the .deb download and install might be useful if you like to compile a CD or DVD with your favorite programs archived
Valve's Linux Servers : Counter Strike / HalfLife
----
forum request
CDcat: http://cdcat.sourceforge.net/
----
irc request. Seems interesting.
Mepis DVD Install
Mepis DVD install / home account recovery
----
might as well show the new process step by step.
Mepis DVD Install / Video Capture
----
need to load up a straight vid capture of the Mepis install. Just give people an idea of how easy it is. The catch for me is that I want to capture the video from Linux, not from Windows. However, I'm... still fuzzy on getting video capture working properly. Gonna give myself a couple of weeks to get video capture working. If I can't, I'll just run it through Windows...
-----------------------------------------------------
What would be nice for future guides:
I'd really like to redo the Unreal Guides using the Unreal Anthology pack, but as mentioned earlier, I'm kinda short on the... cash... side of things. I'm also interested in trying some more video cards in the systems... (so ATi/Amd... nvidia? hello?)
yeah, being selfish on that part asking for testing equipment... but then again, 2 weeks ago I couldn't have imagined asking for support on the guides, and I got a response that sent me slackjawed.
------------------------------
one... more... item. I'm kinda... well... fuzzy on a point. I'm hesitant to list those who donate because of privacy issues... I just don't want to throw people's names out there...
so... kinda need some feedback... would you want your name listed? or would you rather stay anonymous?
alright, back to work. the K6 system takes forever to do anything.
right now I'm building the guides on 3 different systems, the processors listed below. I'll post more information about the systems later.
AXp 2500+ / Radeon x1600
K6-2 500mhz / Volari ... something. I honestly forget.
Intel Pentium 4 530 / Geforce 6800
and yes, I know, no 64bit systems in the line-up, and not really a fairly balanced version of systems in use, but it's what I have available.
OS is the most recent release of Mepis on DVD.
And... right now I have the following guides under progress
Opera: on-site Deb Repository Install
Opera: Ubuntu Source Install
Opera: .deb download / install
----
opera deserves better than the guide I wrote before: Couple of different reasons for all 3. The on-site .deb repositories might be different than the Ubuntu source, and the .deb download and install might be useful if you like to compile a CD or DVD with your favorite programs archived
Valve's Linux Servers : Counter Strike / HalfLife
----
forum request
CDcat: http://cdcat.sourceforge.net/
----
irc request. Seems interesting.
Mepis DVD Install
Mepis DVD install / home account recovery
----
might as well show the new process step by step.
Mepis DVD Install / Video Capture
----
need to load up a straight vid capture of the Mepis install. Just give people an idea of how easy it is. The catch for me is that I want to capture the video from Linux, not from Windows. However, I'm... still fuzzy on getting video capture working properly. Gonna give myself a couple of weeks to get video capture working. If I can't, I'll just run it through Windows...
-----------------------------------------------------
What would be nice for future guides:
I'd really like to redo the Unreal Guides using the Unreal Anthology pack, but as mentioned earlier, I'm kinda short on the... cash... side of things. I'm also interested in trying some more video cards in the systems... (so ATi/Amd... nvidia? hello?)
yeah, being selfish on that part asking for testing equipment... but then again, 2 weeks ago I couldn't have imagined asking for support on the guides, and I got a response that sent me slackjawed.
------------------------------
one... more... item. I'm kinda... well... fuzzy on a point. I'm hesitant to list those who donate because of privacy issues... I just don't want to throw people's names out there...
so... kinda need some feedback... would you want your name listed? or would you rather stay anonymous?
alright, back to work. the K6 system takes forever to do anything.
Friday, November 03, 2006
*blink*... *blink*
Okay. um. Wow. I was not expecting that reaction...
Right now I've had over $100 donated so far, so that means 2 new guides, or 4 remixs.
While I'm still boggling over that, now for some more technical issues.
What I need to figure out how to do next is publish this blog directly either the Mepisguides.com/index.html file, or the Mepisguides.com/fti/index.html file...
I also need to figure out some way to do a counter on the front page, because at this point, I'm now placing myself in the hands of others, and I want them to be able to keep track of what I do with their monies.
Am I nervous? Let me put it this way. I no longer sweat when facing a Windows Registry with stripped permissions. I'm sweating now.
Right now I've had over $100 donated so far, so that means 2 new guides, or 4 remixs.
While I'm still boggling over that, now for some more technical issues.
What I need to figure out how to do next is publish this blog directly either the Mepisguides.com/index.html file, or the Mepisguides.com/fti/index.html file...
I also need to figure out some way to do a counter on the front page, because at this point, I'm now placing myself in the hands of others, and I want them to be able to keep track of what I do with their monies.
Am I nervous? Let me put it this way. I no longer sweat when facing a Windows Registry with stripped permissions. I'm sweating now.
Wednesday, November 01, 2006
Ouch... I guess I'm L.F.J. now.
Alright... ... I'm kinda embarrassed to write this, don't really want to... but here I go.
I used to write the Live journal over at http://saist.livejournal.com/ I had started that livejournal when I went to work for Sitel, an outsourcing company. We worked for Cox Communications for about 3 years, then our assets were sold to Suddenlink. About 3 months after Suddenlink took over, I finally quit Sitel. The paycheck just was not worth the amount of pain we were being put through.
After I left Sitel I joined up with a local gaming center, for a couple of reasons. The owner had been a friend of the family for years and he was looking at a theft problem that had been continuing since the gaming center had opened. My initial job, as such, was to basically babysit the place. Get it open for business and make sure nothing went out the door.
Unfortunately, when the past months I've feel victim to the thefts as well with somebody stealing system memory from my computers, my Nintendo DS has gone missing, several of my Nintendo DS games have also gone missing, and I've gotten shorted cash on the Soda fund. Basically, I've gone broke from the Tournament Center.
And thats where I am now. Yesterday I gave the owner a choice. Either he could get rid of the person who I believed was committing the thefts, or I was walking out the door. The owner chose to keep the thief.
So, as of now, I am jobless, and broke, and I haven't a clue what I'm going to do from this point. Part of me wants to start Mepisguides.com back up, but the guides are fairly time consuming considering the way I do them. Another part of me wants to go back full time into tech support or into fixing computers again.
Now, when I was updating Mepisguides on a regular basis (how long ago was that?), I had several emails from people wishing to donate money. I turned those requests down asking that money be sent to Cblue or Warren for Mepislovers or Mepis itself. Now... as embarrassed as I am to admit it, any of those donations would have been nice...
So... I guess here's an outline for the deal. If people still want to donate to this loser, you could donate via paypal to mepisguides [space] @ [space] gmail.com
Part of me wants to guarantee a new guide for every $50 donated, or a remixed guide for $25. Remix being updating existing guides in Mepis6.
That... should allow me to continue to pay off bills for food and electricity, and if the pace keeps up, might turn into a livable income.
The other outline is that if you do want to actually hire me, I've put my most recent resume up:
http://www.fcs-inc.biz/saist/trg/resume.html
http://www.fcs-inc.biz/saist/trg/resume.odt
http://www.fcs-inc.biz/saist/trg/resume.pdf
And yes, in 3 different formats, HTML, Open Document, and Portable Document formats.
While I would personally prefer continuing to work in the Augusta Georgia Area, I'm realizing in my current situation that if I'm offered a job somewhere else, guess I will move.
If you are interested, please send emails to jason.frothingham [space] @ [space] gmail.com
I'll... update the blog with something else more in the lines of what you probably would want to read later. For now though... I still have some systems on the test bench I need to finish up.
Oh, and if you are interested in a Mepis Linux loaded computer and you want to buy one... I'm willing to work on those too.
(and don't forget to remove the [space]'s from the emails.
I used to write the Live journal over at http://saist.livejournal.com/ I had started that livejournal when I went to work for Sitel, an outsourcing company. We worked for Cox Communications for about 3 years, then our assets were sold to Suddenlink. About 3 months after Suddenlink took over, I finally quit Sitel. The paycheck just was not worth the amount of pain we were being put through.
After I left Sitel I joined up with a local gaming center, for a couple of reasons. The owner had been a friend of the family for years and he was looking at a theft problem that had been continuing since the gaming center had opened. My initial job, as such, was to basically babysit the place. Get it open for business and make sure nothing went out the door.
Unfortunately, when the past months I've feel victim to the thefts as well with somebody stealing system memory from my computers, my Nintendo DS has gone missing, several of my Nintendo DS games have also gone missing, and I've gotten shorted cash on the Soda fund. Basically, I've gone broke from the Tournament Center.
And thats where I am now. Yesterday I gave the owner a choice. Either he could get rid of the person who I believed was committing the thefts, or I was walking out the door. The owner chose to keep the thief.
So, as of now, I am jobless, and broke, and I haven't a clue what I'm going to do from this point. Part of me wants to start Mepisguides.com back up, but the guides are fairly time consuming considering the way I do them. Another part of me wants to go back full time into tech support or into fixing computers again.
Now, when I was updating Mepisguides on a regular basis (how long ago was that?), I had several emails from people wishing to donate money. I turned those requests down asking that money be sent to Cblue or Warren for Mepislovers or Mepis itself. Now... as embarrassed as I am to admit it, any of those donations would have been nice...
So... I guess here's an outline for the deal. If people still want to donate to this loser, you could donate via paypal to mepisguides [space] @ [space] gmail.com
Part of me wants to guarantee a new guide for every $50 donated, or a remixed guide for $25. Remix being updating existing guides in Mepis6.
That... should allow me to continue to pay off bills for food and electricity, and if the pace keeps up, might turn into a livable income.
The other outline is that if you do want to actually hire me, I've put my most recent resume up:
http://www.fcs-inc.biz/saist/trg/resume.html
http://www.fcs-inc.biz/saist/trg/resume.odt
http://www.fcs-inc.biz/saist/trg/resume.pdf
And yes, in 3 different formats, HTML, Open Document, and Portable Document formats.
While I would personally prefer continuing to work in the Augusta Georgia Area, I'm realizing in my current situation that if I'm offered a job somewhere else, guess I will move.
If you are interested, please send emails to jason.frothingham [space] @ [space] gmail.com
I'll... update the blog with something else more in the lines of what you probably would want to read later. For now though... I still have some systems on the test bench I need to finish up.
Oh, and if you are interested in a Mepis Linux loaded computer and you want to buy one... I'm willing to work on those too.
(and don't forget to remove the [space]'s from the emails.
Monday, October 16, 2006
Operating System Security:
By now, if you pay attention to any tech site, you've probably seen or heard about the issues that McAfee, Symantec, and other computer security firms have with Microsoft's Vista OS. A general sampling of the plot summery can be found, say like at OS weekly.
Now, as I see it, the issue is fairly simple. Based on reports, like one here on Anandtech's Dailytech site, Microsoft is working directly with Kapersky and cutting other security Vendors out of the Vista development processor. Established firms like McAfee and Symantec are having none of it, and want full access to the Vista development process. You really can't blame them, after all they do depend on Microsoft Windows to exist. You can easily find several articles covering the tit for tat back and forth between the security firms and Microsoft, but that isn't what I want to focus on.
I want to look at why this is a problem to begin with. Microsoft already tread on a lot of IT toes with Windows Xp by proclaiming it as the most secure Windows version ever. Technically, this is true, if hadn't been for the use of the WinNT 5 kernel with over 6,000 known unfixed issues with Windows 2000, that Microsoft is never going to fix. That isn't the issue either that I want to look at.
Let us be honest here, we as consumers take for granted that our Windows Operating Systems are going to be attacked. We take for granted that there are going to be virus's, there are going to be spyware programs, there are going to be ad-ware programs, and there are going to be complete and total jackholes with nothing better to do than write malicious code. We, collectively, as consumers have accepted this. We have, collectively, gotten used to running Virus scans, disk cleanup, disk defrag, and -chkdsk /f /r (enter) (y) (enter) exit: reboot, on a weekly or daily basis. Collectively as consumers, we rolled our eyes when the most recent Vista builds get their security control schemes cracked, and collectively we went "Why did it take them that long anyways?" Collectively, as consumers, we've come to expect, and have them delivered consistantly, Microsoft's complete ball drops when it comes to user security.
Microsoft, of course, is fond of comparing their operating system security to Linux, their only real competitor. Now, I could link several stories focusing on Linux vs. Windows security, but lets accept this little factor: Both Operating Systems can be just as Secure as the Other.
Yes, I went there. The fact is, if you take the time to lock down user permissions, lock out ports, get a good hardware firewall, and lock general user access, both Linux and Windows can deliver similar security enviroments. The question that needs to be asked in the security debates is if you are comparing apples to apples, or oranges to oranges, or apples to oranges.
The fact is, Linux and Microsoft offer two different types of products. Microsoft offers a complete operating system under one brandname. Microsoft controls everything from the TCP/IP stack, the Desktop Enviroment, the Window Manager, the file system, the I/O access, the kernel access, and everything else needed to be able to run the Operating System. On top of the Operating System Microsoft offers text editors, web browsers, media players, and control devices that allow the Operating System to be used.
Linux, however, is just the kernel. While the kernel is the core of the operating system, it needs more programs in order to actually do anything. You can use the command prompt, yes, but if you want to do anything with the Kernel, you are going to need a file system manager, I/O access, TCP/IP for the network, a window manager and maybe a desktop enviroment. While it is taken for granted that a Linux distribution has these items, they are items that are added to the Linux Kernel.
This is where the comparisons of Windows to Linux generally fall apart. Linus T., Alan Cox, Marcelo Tosatti, and Andrew Morton do not make or sell a Linux distro directly, although they are among the most prominent kernel programmers. Other companies like Red Hat, Novell, or Mepis take the Linux Kernel and combine the kernel with the tools and applications to make a useable distribution. Typically these tools and applications derive from the Gnus Not Unix (GNU) Operating System, although the range of Free and Open Source Software today can mean that a lot of Non-GNU software is used in a Linux Distribution.
Generally the advantage to being able to select all the different parts of your operating system is that there is a finer control over what goes in your operating System. Consider this about Linux: If you do not need an Instant Messanger client or a media player, you don't have to have one loaded. If you do not need an internet browser, you are not forced to load one. If all you need is the kernel, I/O access, file system manager, TCP/IP, and a Web Server, you can get that, and just that alone with Linux.
The disadvantage to Linux is that you are given control over goes in your Linux distro. Consider the average user for a second who does not have a clue what program they use. Most of us know somebody who when asked what browser they were using, they responded with Windows. Most of us probably also clarified, that's their operating system, what browser are they using. The average consumer doesn't know what programs they use because they do not care about what programs they use. Yes, we can make charts all day long and take screen shots of the tools we use to clean up their computers and tell them why certain programs are bad, but to the average user a computer is a tool. If it doesn't work, replace it with one that does. Now, imagine taking this user and putting them in front of a Linux Distribution for the first time.
To pick on Mepis for a minute (hey, I use it), the system comes with these programs: Kate, Kedit, Kwrite, and Open Office Writer. These are all programs used to write with, some offering more advanced functionality than others. If I add NVU/Kompozer, I now have 5 programs that all let me write stuff.
How many do... I actually need?
On lower end systems, say like a AMD K5, Kate is a much better choice than Open Office. It's much lighter and much faster. But, if I'm using say, and AMD Athlon64... Kate is... pointless. Open Office offers much more document functionality. But how do users know what program is right for them? How is the common consumer going to know that if they are using a Pentium processor, they are better off not using Open Office, but if they are using an Athlon, they have the performance to run Open Office?
The point is that since the average consumer does not know what programs are good for use or not on their Linux distro, they are dependant on what the Vendor sets as the default. Microsoft sets it's own programs as the default for everything, and the user has some assurance that these programs will work somewhat in the way they are intended to work. The same cannot be said in the Linux Distribution world where the defaults can change wildly from distribution to distribution. I am not saying that's a bad thing. That is one of the good things about Linux, there is a distro for everybody to use.
What is important to keep in mind here is the amount of control that is relenquished to the vendor. Again, this is not a bad thing. If you want to hand-peice your own Linux distribution from the ground up with .deb repositories, or if you want to compile from scratch, that's your prerogative. I'm not going to stop you, nor would I dissuade you. For the average user, or for the person who isn't keen on taking the time to do so, having someone else piece together the distribution is the way to go.
And that is where we start picking away at the key security differences between Microsoft and Linux, and why business's like McAfee and Norton can exist in the Microsoft world, but don't really have a place in the Linux or Unix markets.
Some Vendors, in order to make their Operating System easier to work, will make design choices that remove a lot of the visible security features, such as Linspire. It doesn't mean that the security isn't there, it just means you'll have to work to turn it on. On the other extreme you have OpenBSD (not a Linux, but still *nix), which hand reviews everything that makes up the code, and sets the tightest possible security standards. Your security is only going to be as tight as the vendor sets unless you, the person using your operating system, takes the time to go in and change the settings.
The fact is with McAfee and Symantec is that they built their security Empires on Microsoft's behavior. Microsoft built their operating system without reguards to security. Like Linspire does with their Linux Distribution, Microsoft was more concerned with making their product USEFUL, than they were about making it secure. I am not saying this is, or was a bad thing or a bad goal, especially in the days before I1 (Internet1) was established. Again, behind honest, when Windows 95 came out... would you really want to use a Macintosh or an MS-DOS box? Would you really want to use the ... um CDE? was it? On unix? As a home user, Microsoft was the only realistic choice availabe.
Not a bad start... and, again, one I can't fault Microsoft for. Like the Xbox did for taking console gaming mass market in the US, Microsoft Windows brought in entire new generations of computer users who would never have dreamed of learning a Unix System.
The security problem really came afterwards with the advent of Windows "New Technology," or WindowsNT, and the prevalance of networked computers. During the time in which green screened Bulletin Board Systems (BBS) gave way to the World Wide Web, Microsoft was also working on their new version of Windows, while appearently completely failing to account for the trends towards networking.
One of the main reasons why Symantec and McAfee were able to exist was derived from Microsofts abysmal track record with code security. While Microsoft's Windows and Internet Explorer products are held as the most viled examples what proprietary products can degenerate to, the real factor was the attitude behind the code choices.
Microsoft generally coded with the idea of what users could do IF the system was compromised. McAfee, Symantec, and other security vendors established their business on the CLEAN UP of compromised Windows Systems. Consider the virus Michelangelo for a second. Symantec got massive amounts of publicity for a non-issue Virus, and made a name based on a free detection (what about removal?) utility. It was not until later in the life of the Security industry that there was a focus on PREVENTION of threats before the system was compromised. The entire industry started out cleaning up known and public threats. What did Microsoft do? Relatively nothing. Microsoft did not change procedure or coding methods in any way to accommodate or account for the virus threats. There was no policy shift towards code responsibility at all. Microsoft's cavalier attitude is one of the main reasons why most security professionals are not expecting Vista to be the security bunker Microsoft is promoting and promising. Vista's already been cracked, multiple times. The kernel protection (PatchGuard) has already been breached. Has anything changed from the past versions of Microsoft Windows? Doesn't look like it.
Unix Vendors, then Linux vendors, generally held a different view of security. Their view is of what users can do WHEN the system is compromised. Their motives also where drastically different. Microsoft aggressively sought after the home market, forming an entire new market segment for computers. Unix vendors were after big money targets, selling to institutions like Banks, Stock Exchanges, Point of Sales, and Power Stations. To Unix vendors, it wasn't a question if someone wanted to break into the system, it was a question of when someone would attempt to break into the system. Because of the different markets being sold to, Unix vendors took security far more seriously than Microsoft ever has.
Consider the /root and /user model. While the user has some access to use the system, the /user cannot access anything above their own directory. That means that the /user cannot make any changes to the Operating System itself in a *nix system. Sure, there might be a virus that can enter the system and compromise the running session, but what if that session is the /user mode? Guess what? The /root mode is unaffected. Cleaning up a virus infestation is as simple as dropping back to /root and deleting the Users folder right out of the system. Recreate, or recover from a backup, and roll on. Security can even be taking to another level where the /root and /user accounts can be on two seperate partitions on the drive, or possibly on two different drives. That's just simple basic security that has been in place for decades in *nix. Microsoft's only getting to this model with Vista. What took so long?
Historically speaking, Microsoft focus's on the if, banking on the possiblity that the system will not be compromised, and with Vista takes the stance that they can protect the system From Being compromised. Unix and Linux programmers build on the idea that the system is going to be compromised. It may not be now. It may not be for a long time. The system is built to minimize the impact of what will happen when Malicious code is developed.
That single attitude difference is one of the reasons why McAfee and Symantec, as well as other security vendors, probably will not ever have a market in the *nix world. It is not that intrusions will not be coming. It is not that hackers will not try. It is that *nix systems are built with multiple layers of protection, and code isolation, that make deep penetrations near impossible to pull off without a complete collaspe of the /root account. Despite hackers having full access to how the kernel is built, how the I/O access works, how the file system works, how everything in the OS works, when it comes to Linux, you have not seen anybody making viral applications like "Iloveyou."
The example I like to make is this: You work as a RePossessor for a bank. Your job is to go and either retrieve cars, or disable cars, that payments are not being made on. You have two cars to go after.
One of these cars you have never worked with before. The hood is welded shut, the doors are locked, the gas tank is locked, but the underbelly is exposed. You have some tools that may allow you to pick the lock and get into the interior. Someone may have even given you a copy of a key, you just don't know if it's the right key. You might have some skeleton keys on hand as well.
The other car you need to go get has an open hood, the windows are rolled down, the gas cap isn't tight, and there is a jack on the back seat of the car. You are fairly confident that the skeleton keys you have probably can fit the ignition. The catch is that ignition will accept several types of keys, but only one key will get the car moving.
This analogy is a bit over the top, I'll be the first to admit that. The first car is indeed windows. You don't have any access to the kernel, or the engine. You can get to the storage system (gas tank), but then again, you might not. You may not have a correct user account (keys), but there are tools available that can brute force (skeleton keys, bashing in the windows) your way into an account, or you can use other tools to try to interupt the storage system's converstation with the kernel (keyloggers / network sniffers).
The second car is Linux. Everything is fully documented. There are no secrets about the engine, you can get to that. There are no secrets about the gas tank, the storage system, you can get to that. You can interupt the transmission, or the I/O system, there are no secrets there. You can look at the user accounts, there aren't any secrets there about how they work. You know everything about this car and how it works, everything is opened up to you.
The single catch is that single key that's needed to drive the system. Now, I don't know how many people do Cryptography, but the subject matter is similar. Now, I just did a search on google for these terms : cryptography still secure even if the process is known. I turned a link from CSA on the subject, and there were several other entries listed. The purpose of Cryptography is to hide or disguise content by encrypting the contents. Most of us as kids probably had fun playing spy and writing letters in invisible ink, or by using Cereal Box Decoder rings so that the big grown ups would have no idea about our afternoon plans. Some of us had fun breaking these encryption codes. Bring that forward to today, where security is an issue. A good encyrption system is one where even if the process is fully known and documented, you cannot break the code without the original key. Consider ROT13 for example, or Rotate 13. If you know that somebody used ROT13 on some text, you would just use ROT13 again to read it.
Lbh qvq gung evtug? Tbbq sbe lbh!
The point is that unless you have the root code, you still can't really do anything with the Linux car in the example. Sure, you might be able to turn on the radio with your user account, and you might be able to get the engine to fire, but without the single correct key, the Linux car is going nowhere. That is the difference right there. *nix systems are built with the key in mind first, then the rest of the system is built around it. After the key is in place, then you can work on locking down access to the engine, to the transmission, to the gas tank, to the windows, and everything else. The system, however, is not dependant on the extra parts to be there. The security will still function if all that is left is the single /root key.
Now, if you want to draw a parrallel from the analogy along the lines that malicous code writers for Windows are idiots, that's your choice. It just seems to me that it would be a lot easy to break a system that is fully documented and that is completely open than go after one that you have to look for backdoors in finished code on. Be also a lot more damaging considering how many major resources use *nix systems. Taking down 5million Windows computers is one thing. Dropping a power plant offline? Killing a train switching yard? That's real damage.
The fact is until Microsoft realizes that the problem needs to be addressed by figuring out the protection steps needed to halt an intrusion WHEN the intrusion occurs, not IF an intrusion occurs, or pretending that all intrusions can be prevented FROM happening, then McAfee and Symantec will always have job security.
And *nix systems will always be more secure.
Now, as I see it, the issue is fairly simple. Based on reports, like one here on Anandtech's Dailytech site, Microsoft is working directly with Kapersky and cutting other security Vendors out of the Vista development processor. Established firms like McAfee and Symantec are having none of it, and want full access to the Vista development process. You really can't blame them, after all they do depend on Microsoft Windows to exist. You can easily find several articles covering the tit for tat back and forth between the security firms and Microsoft, but that isn't what I want to focus on.
I want to look at why this is a problem to begin with. Microsoft already tread on a lot of IT toes with Windows Xp by proclaiming it as the most secure Windows version ever. Technically, this is true, if hadn't been for the use of the WinNT 5 kernel with over 6,000 known unfixed issues with Windows 2000, that Microsoft is never going to fix. That isn't the issue either that I want to look at.
Let us be honest here, we as consumers take for granted that our Windows Operating Systems are going to be attacked. We take for granted that there are going to be virus's, there are going to be spyware programs, there are going to be ad-ware programs, and there are going to be complete and total jackholes with nothing better to do than write malicious code. We, collectively, as consumers have accepted this. We have, collectively, gotten used to running Virus scans, disk cleanup, disk defrag, and -chkdsk /f /r (enter) (y) (enter) exit: reboot, on a weekly or daily basis. Collectively as consumers, we rolled our eyes when the most recent Vista builds get their security control schemes cracked, and collectively we went "Why did it take them that long anyways?" Collectively, as consumers, we've come to expect, and have them delivered consistantly, Microsoft's complete ball drops when it comes to user security.
Microsoft, of course, is fond of comparing their operating system security to Linux, their only real competitor. Now, I could link several stories focusing on Linux vs. Windows security, but lets accept this little factor: Both Operating Systems can be just as Secure as the Other.
Yes, I went there. The fact is, if you take the time to lock down user permissions, lock out ports, get a good hardware firewall, and lock general user access, both Linux and Windows can deliver similar security enviroments. The question that needs to be asked in the security debates is if you are comparing apples to apples, or oranges to oranges, or apples to oranges.
The fact is, Linux and Microsoft offer two different types of products. Microsoft offers a complete operating system under one brandname. Microsoft controls everything from the TCP/IP stack, the Desktop Enviroment, the Window Manager, the file system, the I/O access, the kernel access, and everything else needed to be able to run the Operating System. On top of the Operating System Microsoft offers text editors, web browsers, media players, and control devices that allow the Operating System to be used.
Linux, however, is just the kernel. While the kernel is the core of the operating system, it needs more programs in order to actually do anything. You can use the command prompt, yes, but if you want to do anything with the Kernel, you are going to need a file system manager, I/O access, TCP/IP for the network, a window manager and maybe a desktop enviroment. While it is taken for granted that a Linux distribution has these items, they are items that are added to the Linux Kernel.
This is where the comparisons of Windows to Linux generally fall apart. Linus T., Alan Cox, Marcelo Tosatti, and Andrew Morton do not make or sell a Linux distro directly, although they are among the most prominent kernel programmers. Other companies like Red Hat, Novell, or Mepis take the Linux Kernel and combine the kernel with the tools and applications to make a useable distribution. Typically these tools and applications derive from the Gnus Not Unix (GNU) Operating System, although the range of Free and Open Source Software today can mean that a lot of Non-GNU software is used in a Linux Distribution.
Generally the advantage to being able to select all the different parts of your operating system is that there is a finer control over what goes in your operating System. Consider this about Linux: If you do not need an Instant Messanger client or a media player, you don't have to have one loaded. If you do not need an internet browser, you are not forced to load one. If all you need is the kernel, I/O access, file system manager, TCP/IP, and a Web Server, you can get that, and just that alone with Linux.
The disadvantage to Linux is that you are given control over goes in your Linux distro. Consider the average user for a second who does not have a clue what program they use. Most of us know somebody who when asked what browser they were using, they responded with Windows. Most of us probably also clarified, that's their operating system, what browser are they using. The average consumer doesn't know what programs they use because they do not care about what programs they use. Yes, we can make charts all day long and take screen shots of the tools we use to clean up their computers and tell them why certain programs are bad, but to the average user a computer is a tool. If it doesn't work, replace it with one that does. Now, imagine taking this user and putting them in front of a Linux Distribution for the first time.
To pick on Mepis for a minute (hey, I use it), the system comes with these programs: Kate, Kedit, Kwrite, and Open Office Writer. These are all programs used to write with, some offering more advanced functionality than others. If I add NVU/Kompozer, I now have 5 programs that all let me write stuff.
How many do... I actually need?
On lower end systems, say like a AMD K5, Kate is a much better choice than Open Office. It's much lighter and much faster. But, if I'm using say, and AMD Athlon64... Kate is... pointless. Open Office offers much more document functionality. But how do users know what program is right for them? How is the common consumer going to know that if they are using a Pentium processor, they are better off not using Open Office, but if they are using an Athlon, they have the performance to run Open Office?
The point is that since the average consumer does not know what programs are good for use or not on their Linux distro, they are dependant on what the Vendor sets as the default. Microsoft sets it's own programs as the default for everything, and the user has some assurance that these programs will work somewhat in the way they are intended to work. The same cannot be said in the Linux Distribution world where the defaults can change wildly from distribution to distribution. I am not saying that's a bad thing. That is one of the good things about Linux, there is a distro for everybody to use.
What is important to keep in mind here is the amount of control that is relenquished to the vendor. Again, this is not a bad thing. If you want to hand-peice your own Linux distribution from the ground up with .deb repositories, or if you want to compile from scratch, that's your prerogative. I'm not going to stop you, nor would I dissuade you. For the average user, or for the person who isn't keen on taking the time to do so, having someone else piece together the distribution is the way to go.
And that is where we start picking away at the key security differences between Microsoft and Linux, and why business's like McAfee and Norton can exist in the Microsoft world, but don't really have a place in the Linux or Unix markets.
Some Vendors, in order to make their Operating System easier to work, will make design choices that remove a lot of the visible security features, such as Linspire. It doesn't mean that the security isn't there, it just means you'll have to work to turn it on. On the other extreme you have OpenBSD (not a Linux, but still *nix), which hand reviews everything that makes up the code, and sets the tightest possible security standards. Your security is only going to be as tight as the vendor sets unless you, the person using your operating system, takes the time to go in and change the settings.
The fact is with McAfee and Symantec is that they built their security Empires on Microsoft's behavior. Microsoft built their operating system without reguards to security. Like Linspire does with their Linux Distribution, Microsoft was more concerned with making their product USEFUL, than they were about making it secure. I am not saying this is, or was a bad thing or a bad goal, especially in the days before I1 (Internet1) was established. Again, behind honest, when Windows 95 came out... would you really want to use a Macintosh or an MS-DOS box? Would you really want to use the ... um CDE? was it? On unix? As a home user, Microsoft was the only realistic choice availabe.
Not a bad start... and, again, one I can't fault Microsoft for. Like the Xbox did for taking console gaming mass market in the US, Microsoft Windows brought in entire new generations of computer users who would never have dreamed of learning a Unix System.
The security problem really came afterwards with the advent of Windows "New Technology," or WindowsNT, and the prevalance of networked computers. During the time in which green screened Bulletin Board Systems (BBS) gave way to the World Wide Web, Microsoft was also working on their new version of Windows, while appearently completely failing to account for the trends towards networking.
One of the main reasons why Symantec and McAfee were able to exist was derived from Microsofts abysmal track record with code security. While Microsoft's Windows and Internet Explorer products are held as the most viled examples what proprietary products can degenerate to, the real factor was the attitude behind the code choices.
Microsoft generally coded with the idea of what users could do IF the system was compromised. McAfee, Symantec, and other security vendors established their business on the CLEAN UP of compromised Windows Systems. Consider the virus Michelangelo for a second. Symantec got massive amounts of publicity for a non-issue Virus, and made a name based on a free detection (what about removal?) utility. It was not until later in the life of the Security industry that there was a focus on PREVENTION of threats before the system was compromised. The entire industry started out cleaning up known and public threats. What did Microsoft do? Relatively nothing. Microsoft did not change procedure or coding methods in any way to accommodate or account for the virus threats. There was no policy shift towards code responsibility at all. Microsoft's cavalier attitude is one of the main reasons why most security professionals are not expecting Vista to be the security bunker Microsoft is promoting and promising. Vista's already been cracked, multiple times. The kernel protection (PatchGuard) has already been breached. Has anything changed from the past versions of Microsoft Windows? Doesn't look like it.
Unix Vendors, then Linux vendors, generally held a different view of security. Their view is of what users can do WHEN the system is compromised. Their motives also where drastically different. Microsoft aggressively sought after the home market, forming an entire new market segment for computers. Unix vendors were after big money targets, selling to institutions like Banks, Stock Exchanges, Point of Sales, and Power Stations. To Unix vendors, it wasn't a question if someone wanted to break into the system, it was a question of when someone would attempt to break into the system. Because of the different markets being sold to, Unix vendors took security far more seriously than Microsoft ever has.
Consider the /root and /user model. While the user has some access to use the system, the /user cannot access anything above their own directory. That means that the /user cannot make any changes to the Operating System itself in a *nix system. Sure, there might be a virus that can enter the system and compromise the running session, but what if that session is the /user mode? Guess what? The /root mode is unaffected. Cleaning up a virus infestation is as simple as dropping back to /root and deleting the Users folder right out of the system. Recreate, or recover from a backup, and roll on. Security can even be taking to another level where the /root and /user accounts can be on two seperate partitions on the drive, or possibly on two different drives. That's just simple basic security that has been in place for decades in *nix. Microsoft's only getting to this model with Vista. What took so long?
Historically speaking, Microsoft focus's on the if, banking on the possiblity that the system will not be compromised, and with Vista takes the stance that they can protect the system From Being compromised. Unix and Linux programmers build on the idea that the system is going to be compromised. It may not be now. It may not be for a long time. The system is built to minimize the impact of what will happen when Malicious code is developed.
That single attitude difference is one of the reasons why McAfee and Symantec, as well as other security vendors, probably will not ever have a market in the *nix world. It is not that intrusions will not be coming. It is not that hackers will not try. It is that *nix systems are built with multiple layers of protection, and code isolation, that make deep penetrations near impossible to pull off without a complete collaspe of the /root account. Despite hackers having full access to how the kernel is built, how the I/O access works, how the file system works, how everything in the OS works, when it comes to Linux, you have not seen anybody making viral applications like "Iloveyou."
The example I like to make is this: You work as a RePossessor for a bank. Your job is to go and either retrieve cars, or disable cars, that payments are not being made on. You have two cars to go after.
One of these cars you have never worked with before. The hood is welded shut, the doors are locked, the gas tank is locked, but the underbelly is exposed. You have some tools that may allow you to pick the lock and get into the interior. Someone may have even given you a copy of a key, you just don't know if it's the right key. You might have some skeleton keys on hand as well.
The other car you need to go get has an open hood, the windows are rolled down, the gas cap isn't tight, and there is a jack on the back seat of the car. You are fairly confident that the skeleton keys you have probably can fit the ignition. The catch is that ignition will accept several types of keys, but only one key will get the car moving.
This analogy is a bit over the top, I'll be the first to admit that. The first car is indeed windows. You don't have any access to the kernel, or the engine. You can get to the storage system (gas tank), but then again, you might not. You may not have a correct user account (keys), but there are tools available that can brute force (skeleton keys, bashing in the windows) your way into an account, or you can use other tools to try to interupt the storage system's converstation with the kernel (keyloggers / network sniffers).
The second car is Linux. Everything is fully documented. There are no secrets about the engine, you can get to that. There are no secrets about the gas tank, the storage system, you can get to that. You can interupt the transmission, or the I/O system, there are no secrets there. You can look at the user accounts, there aren't any secrets there about how they work. You know everything about this car and how it works, everything is opened up to you.
The single catch is that single key that's needed to drive the system. Now, I don't know how many people do Cryptography, but the subject matter is similar. Now, I just did a search on google for these terms : cryptography still secure even if the process is known. I turned a link from CSA on the subject, and there were several other entries listed. The purpose of Cryptography is to hide or disguise content by encrypting the contents. Most of us as kids probably had fun playing spy and writing letters in invisible ink, or by using Cereal Box Decoder rings so that the big grown ups would have no idea about our afternoon plans. Some of us had fun breaking these encryption codes. Bring that forward to today, where security is an issue. A good encyrption system is one where even if the process is fully known and documented, you cannot break the code without the original key. Consider ROT13 for example, or Rotate 13. If you know that somebody used ROT13 on some text, you would just use ROT13 again to read it.
Lbh qvq gung evtug? Tbbq sbe lbh!
The point is that unless you have the root code, you still can't really do anything with the Linux car in the example. Sure, you might be able to turn on the radio with your user account, and you might be able to get the engine to fire, but without the single correct key, the Linux car is going nowhere. That is the difference right there. *nix systems are built with the key in mind first, then the rest of the system is built around it. After the key is in place, then you can work on locking down access to the engine, to the transmission, to the gas tank, to the windows, and everything else. The system, however, is not dependant on the extra parts to be there. The security will still function if all that is left is the single /root key.
Now, if you want to draw a parrallel from the analogy along the lines that malicous code writers for Windows are idiots, that's your choice. It just seems to me that it would be a lot easy to break a system that is fully documented and that is completely open than go after one that you have to look for backdoors in finished code on. Be also a lot more damaging considering how many major resources use *nix systems. Taking down 5million Windows computers is one thing. Dropping a power plant offline? Killing a train switching yard? That's real damage.
The fact is until Microsoft realizes that the problem needs to be addressed by figuring out the protection steps needed to halt an intrusion WHEN the intrusion occurs, not IF an intrusion occurs, or pretending that all intrusions can be prevented FROM happening, then McAfee and Symantec will always have job security.
And *nix systems will always be more secure.
Okay, so that wasn't exactly quick was it
Yeah, the quick comment turned out to not be so quick. Well, it's about to get longer. Rather than editing the old post, I'm going to leave it up. An extended edition will be published... soonish.
Thursday, October 12, 2006
A quick comment on the McAfee / Symantec / Microsoft kerfuffle.
By now, if you pay attention to any tech site, you've probably seen or heard about the issues that McAfee, Symantec, and other computer security firms have with Microsoft's Vista OS. A general sampling of the plot summery can be found, say like at OS weekly.
Now, as I see it, the issue is fairly simple. Based on reports, like one here on Anandtech's Dailytech site, Microsoft is working directly with Kapersky and cutting other security Vendors out of the Vista development processor. Established firms like McAfee and Symantec are having none of it, and want full access to the Vista development process. You really can't blame them, after all they do depend on Microsoft Windows to exist. You can easily find several articles covering the tit for tat back and forth between the security firms and Microsoft, but that isn't what I want to focus on.
I want to look at why this is a problem to begin with. Microsoft already tread on a lot of IT toes with Windows Xp by proclaiming it as the most secure Windows version ever. Technically, this is true, if hadn't been for the use of the WinNT 5 kernel with over 6,000 known unfixed issues with Windows 2000, that Microsoft is never going to fix. That isn't the issue either that I want to look at.
Let us be honest here, we as consumers take for granted that our Windows Operating Systems are going to be attacked. We take for granted that there are going to be virus's, there are going to be spyware programs, there are going to be ad-ware programs, and there are going to be complete and total jackholes with nothing better to do than write malicious code. We, collectively, as consumers have accepted this. We have, collectively, gotten used to running Virus scans, disk cleanup, disk defrag, and -chkdsk /f /r (y) (enter) exit: reboot, on a weekly or daily basis. Collectively as consumers, we rolled our eyes when the most recent Vista builds had their security control schemes cracked, and collectively we went "Why did it take them that long anyways?" Collectively, as consumers, we've come to expect, and have it delivered consistantly, Microsoft's complete ball drop when it comes to user security.
Microsoft, of course, is fond of comparing their operating system security to Linux, their only real competitor. Now, I could link several stories focusing on Linux vs. Windows security, but lets accept this little factor: Both Operating Systems can be just as Secure as the Other.
Yes, I went there. The fact is, if you take the time to lock down user permissions, lock out ports, get a good hardware firewall, and lock user access, both Linux and Windows can deliver similar security enviroments. The question that needs to be asked in the security debates is if you are comparing apples to apples, or oranges to oranges.
The fact is, Microsoft offers a much more complete operating system. They control everything from the TCP/IP stack, to the Desktop manager, to the file system, to the I/O access, as well as the kernel access.
Linux, however, is just the kernel. While the kernel is the core of the operating system, it needs more programs in order to actually do anything. You can use the command prompt, yes, but if you want to do anything with the Kernel, you are going to need a file system, I/O access, TCP/IP for the network, a window manager and maybe a desktop enviroment.
This is where the comparisons of Windows to Linux generally fall apart. Linus T. himself doesn't make or sell a Linux distro. Other companies such as Red Hat, Novell, or Mepis take the Linux Kernel, tools and applications from the GNU software, and other applications, puts them together, and that is your finished distrobution.
The advantage is that you have more fine control over what goes in your linux distro. If you don't need an IM client or a media player, you don't load one. If you don't need a browser, you don't have to load one. If all you need is the kernel, I/O access, file system, TCP/IP, and a Web Server, you can get that, and just that alone with Linux.
The disadvantage is that you have more fine control over what goes in your Linux distro. If you don't have a clue over what you need or do not need, and again, for the majority of consumers, they probably don't, you can easily bog down your system. To pick on Mepis for a minute (hey, I use it), the system comes with these programs: Kate, Kedit, Kwrite, and Open Office Writer. These are all programs used to write with, some offering more advanced functionality than others. If I add NVU/Kompozer, I now have 5 programs that all let me write stuff. How many do... I actually need? On lower end systems, say like a AMD K5, Kate is a much better choice than Open Office. It's much lighter and much faster. But, if I'm using say, and AMD Athlon64... Kate is... pointless.
The point is that if you don't know what you are doing with your Linux distro, you are dependant on what the Vendor sets as the default. Some Vendors, in order to make their Operating System easier to work, will make design choices that remove a lot of the visible security features, such as Linspire. It doesn't mean that the security isn't there, it just means you'll have to work to turn it on.
On the other extreme you have OpenBSD (not a Linux, but still *nix), which hand reviews everything that makes up the code, and sets the tightest possible security standards.
Like Microsoft Windows then, your chosen Distro from Linux may not be all that secure. And now we are getting to the point I've been aiming for.
The fact is with McAfee and Symantec is that they built their security Empires on Microsoft's behavior. Microsoft built their operating system without reguards to security. Like Linspire does now, Microsoft was more concerned with making their product USEFUL, than they were about making it secure. All in all, this wasn't a bad goal, back in the days before I1 (Internet1) was established. Again, behind honest, when Windows 95 came out... would you really want to use a Macintosh or a Dos box? Would you really want to use the ... um CDE? was it? On unix? As a home user, Microsoft really did provide the only choice.
Not a bad start... and I for one can't fault Microsoft for doing that. Like the Xbox did for taking console gaming mass market, Windows brought entire new computer users in who would never dream of learning a Unix System.
The problem really came afterwards with the advent of Windows "New Technology" or WindowsNT, or rather the attitude. And that is the point of this:
One of the main reasons why Symantec and McAfee were able to exist was derived from Microsofts abysmal track record with code security. While Microsoft's Windows and Internet Explorer products are held as the most viled examples what proprietary products can degenerate to, the real factor was the attitude behind the code choices.
Microsoft generally coded with the idea of what users could do IF the system was compromised. McAfee, Symantec, and other security vendors established their business on the CLEAN UP of compromised Windows Systems. It was not until later in the life of the Security industry that there was a focus on PREVENTION of threats before the system was compromised. Microsoft's, cavalier attitude, is one of the main reasons why most security professionals are not expecting Vista to be the security bunker Microsoft is promoting. Vista's already been cracked, multiple times. Nothing has really changed.
Unix, then Linux vendors, however, generally have a different view of security. Their view is of what users can do WHEN the system is compromised.
Read that again. Microsoft focus's on the if, banking on the possiblity that the system will not be compromised. Unix and Linux programmers build on the idea that the system is going to be compromised. It may not be now. It may not be for a long time. The system is built to minimize the impact of what will happen when Malicious code is developed.
That single attitude difference is one of the reasons why McAfee and Symantec, as well as other security vendors, probably won't ever have a market in the *nix world. It's not that intrusions won't be coming. It's not that hackers won't try. It's that *nix systems are built with multiple layers of protection, and code isolation, that make deep penetrations impossible to pull off. Despite hackers having full access to how the kernel is built, how the I/O access works, how the file system works, how everything in the OS works, when it comes to Linux, you don't see anybody making viral applications like "Iloveyou"
The example I like to make is this: You work as a RePossessor for a bank. Your job is to go and either retrieve cars, or disable cars, that payments are not being made on. You have two cars to go after.
One of these cars you have never worked with before. The hood is welded shut, the doors are locked, the gas tank is locked, but the underbelly is exposed.
The other car you need to go get has an open hood, the windows are rolled down, the gas cap isn't tight, and there is a jack on the back seat of the car.
Get the picture? Yeah, the first car is your Windows OS, and the Second car is Linux. If you are competent at your job, you are going to take the second car first. And yes, if you want to draw the parrallels that programmers for Windows are complete clueless morons, feel free to do so. When your door gets busted in by Ballmer with his chair, I was never here.
Silly analogies aside, the fact is until Microsoft realizes that the problem needs to be addressed by figuring out the protection steps needed to halt an intrusion WHEN the intrusion occurs, not IF an intrusion occurs, then McAfee and Symantec will always have job security.
Now, as I see it, the issue is fairly simple. Based on reports, like one here on Anandtech's Dailytech site, Microsoft is working directly with Kapersky and cutting other security Vendors out of the Vista development processor. Established firms like McAfee and Symantec are having none of it, and want full access to the Vista development process. You really can't blame them, after all they do depend on Microsoft Windows to exist. You can easily find several articles covering the tit for tat back and forth between the security firms and Microsoft, but that isn't what I want to focus on.
I want to look at why this is a problem to begin with. Microsoft already tread on a lot of IT toes with Windows Xp by proclaiming it as the most secure Windows version ever. Technically, this is true, if hadn't been for the use of the WinNT 5 kernel with over 6,000 known unfixed issues with Windows 2000, that Microsoft is never going to fix. That isn't the issue either that I want to look at.
Let us be honest here, we as consumers take for granted that our Windows Operating Systems are going to be attacked. We take for granted that there are going to be virus's, there are going to be spyware programs, there are going to be ad-ware programs, and there are going to be complete and total jackholes with nothing better to do than write malicious code. We, collectively, as consumers have accepted this. We have, collectively, gotten used to running Virus scans, disk cleanup, disk defrag, and -chkdsk /f /r (y) (enter) exit: reboot, on a weekly or daily basis. Collectively as consumers, we rolled our eyes when the most recent Vista builds had their security control schemes cracked, and collectively we went "Why did it take them that long anyways?" Collectively, as consumers, we've come to expect, and have it delivered consistantly, Microsoft's complete ball drop when it comes to user security.
Microsoft, of course, is fond of comparing their operating system security to Linux, their only real competitor. Now, I could link several stories focusing on Linux vs. Windows security, but lets accept this little factor: Both Operating Systems can be just as Secure as the Other.
Yes, I went there. The fact is, if you take the time to lock down user permissions, lock out ports, get a good hardware firewall, and lock user access, both Linux and Windows can deliver similar security enviroments. The question that needs to be asked in the security debates is if you are comparing apples to apples, or oranges to oranges.
The fact is, Microsoft offers a much more complete operating system. They control everything from the TCP/IP stack, to the Desktop manager, to the file system, to the I/O access, as well as the kernel access.
Linux, however, is just the kernel. While the kernel is the core of the operating system, it needs more programs in order to actually do anything. You can use the command prompt, yes, but if you want to do anything with the Kernel, you are going to need a file system, I/O access, TCP/IP for the network, a window manager and maybe a desktop enviroment.
This is where the comparisons of Windows to Linux generally fall apart. Linus T. himself doesn't make or sell a Linux distro. Other companies such as Red Hat, Novell, or Mepis take the Linux Kernel, tools and applications from the GNU software, and other applications, puts them together, and that is your finished distrobution.
The advantage is that you have more fine control over what goes in your linux distro. If you don't need an IM client or a media player, you don't load one. If you don't need a browser, you don't have to load one. If all you need is the kernel, I/O access, file system, TCP/IP, and a Web Server, you can get that, and just that alone with Linux.
The disadvantage is that you have more fine control over what goes in your Linux distro. If you don't have a clue over what you need or do not need, and again, for the majority of consumers, they probably don't, you can easily bog down your system. To pick on Mepis for a minute (hey, I use it), the system comes with these programs: Kate, Kedit, Kwrite, and Open Office Writer. These are all programs used to write with, some offering more advanced functionality than others. If I add NVU/Kompozer, I now have 5 programs that all let me write stuff. How many do... I actually need? On lower end systems, say like a AMD K5, Kate is a much better choice than Open Office. It's much lighter and much faster. But, if I'm using say, and AMD Athlon64... Kate is... pointless.
The point is that if you don't know what you are doing with your Linux distro, you are dependant on what the Vendor sets as the default. Some Vendors, in order to make their Operating System easier to work, will make design choices that remove a lot of the visible security features, such as Linspire. It doesn't mean that the security isn't there, it just means you'll have to work to turn it on.
On the other extreme you have OpenBSD (not a Linux, but still *nix), which hand reviews everything that makes up the code, and sets the tightest possible security standards.
Like Microsoft Windows then, your chosen Distro from Linux may not be all that secure. And now we are getting to the point I've been aiming for.
The fact is with McAfee and Symantec is that they built their security Empires on Microsoft's behavior. Microsoft built their operating system without reguards to security. Like Linspire does now, Microsoft was more concerned with making their product USEFUL, than they were about making it secure. All in all, this wasn't a bad goal, back in the days before I1 (Internet1) was established. Again, behind honest, when Windows 95 came out... would you really want to use a Macintosh or a Dos box? Would you really want to use the ... um CDE? was it? On unix? As a home user, Microsoft really did provide the only choice.
Not a bad start... and I for one can't fault Microsoft for doing that. Like the Xbox did for taking console gaming mass market, Windows brought entire new computer users in who would never dream of learning a Unix System.
The problem really came afterwards with the advent of Windows "New Technology" or WindowsNT, or rather the attitude. And that is the point of this:
One of the main reasons why Symantec and McAfee were able to exist was derived from Microsofts abysmal track record with code security. While Microsoft's Windows and Internet Explorer products are held as the most viled examples what proprietary products can degenerate to, the real factor was the attitude behind the code choices.
Microsoft generally coded with the idea of what users could do IF the system was compromised. McAfee, Symantec, and other security vendors established their business on the CLEAN UP of compromised Windows Systems. It was not until later in the life of the Security industry that there was a focus on PREVENTION of threats before the system was compromised. Microsoft's, cavalier attitude, is one of the main reasons why most security professionals are not expecting Vista to be the security bunker Microsoft is promoting. Vista's already been cracked, multiple times. Nothing has really changed.
Unix, then Linux vendors, however, generally have a different view of security. Their view is of what users can do WHEN the system is compromised.
Read that again. Microsoft focus's on the if, banking on the possiblity that the system will not be compromised. Unix and Linux programmers build on the idea that the system is going to be compromised. It may not be now. It may not be for a long time. The system is built to minimize the impact of what will happen when Malicious code is developed.
That single attitude difference is one of the reasons why McAfee and Symantec, as well as other security vendors, probably won't ever have a market in the *nix world. It's not that intrusions won't be coming. It's not that hackers won't try. It's that *nix systems are built with multiple layers of protection, and code isolation, that make deep penetrations impossible to pull off. Despite hackers having full access to how the kernel is built, how the I/O access works, how the file system works, how everything in the OS works, when it comes to Linux, you don't see anybody making viral applications like "Iloveyou"
The example I like to make is this: You work as a RePossessor for a bank. Your job is to go and either retrieve cars, or disable cars, that payments are not being made on. You have two cars to go after.
One of these cars you have never worked with before. The hood is welded shut, the doors are locked, the gas tank is locked, but the underbelly is exposed.
The other car you need to go get has an open hood, the windows are rolled down, the gas cap isn't tight, and there is a jack on the back seat of the car.
Get the picture? Yeah, the first car is your Windows OS, and the Second car is Linux. If you are competent at your job, you are going to take the second car first. And yes, if you want to draw the parrallels that programmers for Windows are complete clueless morons, feel free to do so. When your door gets busted in by Ballmer with his chair, I was never here.
Silly analogies aside, the fact is until Microsoft realizes that the problem needs to be addressed by figuring out the protection steps needed to halt an intrusion WHEN the intrusion occurs, not IF an intrusion occurs, then McAfee and Symantec will always have job security.
Monday, September 18, 2006
Sony's Dragon
I'm not finished with the OEM and Microsoft story yet, but I want to comment on Sony's most recent move with the Playstation3. So, why here? Because as I stated in the Gamenikki Blog, I'm not a real big fan of turning that forum into a Sony Bashing party. We'll get back to Microsoft's mafia behavior later, so stay comfy.
Now, how many people have ever seen the old Disney Movie Pete's Dragon? Remember the villains of the movie, the guys wanting dragon parts? What did the villains want Dragon parts for? To give some real power to their elixers. The villains were old con artists, promoting various elixers that could cure any disease. If you were blind, they could restore site. If you were old, their forumla could make you young again.
Get the image? The guy up on a soapbox, street stand behind him, bragging about this miracle new product?
That's the image I got when I came across this link from Joystiq
I got the image in my head of Sony standing at a street corner bragging about the Playstation3. It will play your movies, it will play your games, it will cure your diseases.
Now, the technical side of why Folding@Home doesn't work is already covered by Gamespot.
And, by the way, that's not up for argument. Folding@Home does not work. Same as SETI. No, SETI doesn't work either. Keep in mind that any radio signals you "might" recieve or distinguish are at a minimum of 4 years old for the closet stars, presuming the electromagnetic waves are moving at the speed of light constantly. For the stars that we haven't documented fully yet, the electromagnetic waves are over 10-15 years old. Going out even further, in the sections of the universe that SETI tries to decode signals from, electromagnetic waves are going up 50, 100, or 150 years old. Keep that in mind, SETI started in 1999. It's been 6years. Any radio traffic recieved now would have been generated 6 years ago. As it goes forward, you pretty much are looking at a time warp into the past. The short story is, given our present ability to travel in space, it would take decades, if not centuries, to even reach locations determined to possibly harbor electromagnetic wave generation.
So no, SETI doesn't work either.
But that's getting off the point, which is supposed to be Sony, not debunking false science.
On Gamenikki.com we ran a feature where I gave Sony a path to actually getting out of the mire created by the aftermath of E3. One of the points I hit on is that Sony can't treat the Playstation3 as just a Blu-Ray player. Sony can't treat the Playstation3 as just a VideoGame console. At the price point the Playstation3 plays in, Sony needs to go full bore in competing against Dell, HP, and Gateway.
The initial reaction, beyond the con man idea, is that somebody in Sony is at least getting some semblance of the picture. Sony, with this announcment, appears to be realizing that the Playstation3 has to do more. I'm just not convinced that the whole "cure disease" approach is a good one for Sony to take, and it's not really going to convert customers who actually pay attention to general computing trends.
Nor will Sony's Folding client be of any interest to the average consumer who doesn't understand, or might be fooled, by what Folding does or does not do. Basically, that would be like me walking into a Touranment Center, hearing people arguing over MLG rules, stopping them, and then telling them what the WCG rules are. In other words, it's coming in and going so far above their heads that sharks swimming around wouldn't be out of place.
Now, this isn't to say that it isn't good that Sony is looking at more options for the Playstation3. Consider the Playstation2 which has a nice second life in grid computing and clusters.
Then there are the General Purpose Computer on Graphics Processors (GPGPU) which the Playstation3 may be uniquely suited for in the future.
For now though, Folding just isn't good enough. Sony needs to stop grasping at straws and reach for the ladder I've already given them.
Now, how many people have ever seen the old Disney Movie Pete's Dragon? Remember the villains of the movie, the guys wanting dragon parts? What did the villains want Dragon parts for? To give some real power to their elixers. The villains were old con artists, promoting various elixers that could cure any disease. If you were blind, they could restore site. If you were old, their forumla could make you young again.
Get the image? The guy up on a soapbox, street stand behind him, bragging about this miracle new product?
That's the image I got when I came across this link from Joystiq
I got the image in my head of Sony standing at a street corner bragging about the Playstation3. It will play your movies, it will play your games, it will cure your diseases.
Now, the technical side of why Folding@Home doesn't work is already covered by Gamespot.
And, by the way, that's not up for argument. Folding@Home does not work. Same as SETI. No, SETI doesn't work either. Keep in mind that any radio signals you "might" recieve or distinguish are at a minimum of 4 years old for the closet stars, presuming the electromagnetic waves are moving at the speed of light constantly. For the stars that we haven't documented fully yet, the electromagnetic waves are over 10-15 years old. Going out even further, in the sections of the universe that SETI tries to decode signals from, electromagnetic waves are going up 50, 100, or 150 years old. Keep that in mind, SETI started in 1999. It's been 6years. Any radio traffic recieved now would have been generated 6 years ago. As it goes forward, you pretty much are looking at a time warp into the past. The short story is, given our present ability to travel in space, it would take decades, if not centuries, to even reach locations determined to possibly harbor electromagnetic wave generation.
So no, SETI doesn't work either.
But that's getting off the point, which is supposed to be Sony, not debunking false science.
On Gamenikki.com we ran a feature where I gave Sony a path to actually getting out of the mire created by the aftermath of E3. One of the points I hit on is that Sony can't treat the Playstation3 as just a Blu-Ray player. Sony can't treat the Playstation3 as just a VideoGame console. At the price point the Playstation3 plays in, Sony needs to go full bore in competing against Dell, HP, and Gateway.
The initial reaction, beyond the con man idea, is that somebody in Sony is at least getting some semblance of the picture. Sony, with this announcment, appears to be realizing that the Playstation3 has to do more. I'm just not convinced that the whole "cure disease" approach is a good one for Sony to take, and it's not really going to convert customers who actually pay attention to general computing trends.
Nor will Sony's Folding client be of any interest to the average consumer who doesn't understand, or might be fooled, by what Folding does or does not do. Basically, that would be like me walking into a Touranment Center, hearing people arguing over MLG rules, stopping them, and then telling them what the WCG rules are. In other words, it's coming in and going so far above their heads that sharks swimming around wouldn't be out of place.
Now, this isn't to say that it isn't good that Sony is looking at more options for the Playstation3. Consider the Playstation2 which has a nice second life in grid computing and clusters.
Then there are the General Purpose Computer on Graphics Processors (GPGPU) which the Playstation3 may be uniquely suited for in the future.
For now though, Folding just isn't good enough. Sony needs to stop grasping at straws and reach for the ladder I've already given them.
Saturday, September 16, 2006
The problems with reliance on Microsoft
Here we go now. One of my pet peeves over the past couple of years has been the reliance on Microsoft and Vista. If you are reading this, you've probably done see the headlines about how the computer industry is in turmoil because Vista will ship in 2007. You've probably seen the by-lines about how the industry is dependant on the Vista software eco system. You've probably seen the editorials about how Microsoft's late shipments has hurt computer sales.
What you may not realize is that these reports are utter bunk. Here's why. If you are not involved in the stock market, find someone who is. What I want you to ask them is if you had a set amount of money, should you invest it only one company, or several companies. Any good stock broker will immediatly advise you to... what? Diversify. Put your monetary holdings in multiple companies. Put some money in "guaranteed" stocks like Power Companies, and put some money in high-growth companies, like web-start ups.
It's common sense really. Yes, it's risky to bet on only one company, and if they do break through, then you do stand to regain quiet a lot. Example, those who bet on Microsoft back in the 1970's and 1980's. Those who bet on Google moving into 2000 and onwards.
But, if the companies fall, say like Pets.com or Enron, where is your money? What did you get back?
This is the lesson that vendors who worked with Pure Unix learned a long time ago. Now, for those who haven't worked with pure Unix before, you may not be aware of what Vendor Lock-In really is. Vendor Lock-In is when you can not upgrade, cross-grade, downgrade, or do anything with the hardware and software you use without paying a specific vendor of that product to do the work for you, or provide the software for you.
What happened with Pure Unix systems is that many vendors would change specific code relating to the kernel or other items, then link their program into those changes. The result was that you couldn't change the Operating System, the Unix kernel itself, and still be able to run the program. By the same token you couldn't change the program unless your new program was built for the customized kernel already in use in the old system.
So, if you wanted to upgrade your software to the latest version, you would have to not only buy the new software you use, you'd have to buy a new Operating System for it.
Now, I'm not picking on IBM with this, they will just set here for the example. IBM's Pure Unix is sold as AIX, or Advanced IBM Unix.
Lets say you bought a mainframe from IBM, and this mainframe had AIX version... 2. And it had, IBM Finance Manger Suite version... 3. The total mainframe cost is going to hit you for $10,000 at the start.
You use this software for about a year and you find that IBM Finance Manager Suite version 3 just doesn't do it all for you. During this time IBM has released their new version of the mainframe and software package you are using, for $10,000. You really, really, really need to upgrade to IBM Finance Manager Suite version 4. IBM is willing to sell you the new version for only $1,000. Great, that's 10% of the cost of a completely new mainframe.
You get IBM Finance Manager Suite Version 4 in and try to install it. Only, it won't install. It's not compatible with AIX Version 2. You need AIX Version 3, which is a $5,000 upgrade fee. Alright, so you consult with your board members and decide you are going to shell out for the Operating System. You pay $5,000 more for AIX Version 3. You get it, install it, and it now runs.
Only... it runs slowely. Very slowely. Your mainframe isn't fast enough to run it. Great, now you need a new Mainframe. You talk with IBM sales, and they agree to cut you a deal. You've been a good customer, so they'll swap your old mainframe out for the newest and fastest version, for $8,000. Again, you go back to the board, and they say... yeah. Lets do it. So you drop out $8000 and now you have the new mainframe, and it works. Now everything is right.
Now read that again and add how much you spent. $1,000 + $5,000 + $8,000 = $14,000
You not only paid for another server, you gave a healthy $4,000 bonus to IBM.
Now, today, collectively, you think, we wouldn't put up with that. If a sales person tried that, we'd go elsewhere. What if you couldn't? What if SGI's IRIX, or HP's HPUX couldn't run IBM Finance Manager Suite... at all? What if you went and got HP's Mainframe, but it couldn't do half the stuff IBM's mainframe did? Where would you be then?
Welcome to the concept of vendor lock in. Most Unix Guru's are well familiar with these examples, having either lived through them, or performed them.
This is one of the reasons why Linux took off. It was completely documented. You didn't, and don't, have undocumented code or secret run times that only the manufacturer knows about.
Think about it for a second, then skip over to http://www.distrowatch.com Take a look at all the Linux Distro's listed there. Are you aware that just about any program compiled for Linux can run on all of those distrobutions? Without the need for modification?
When you get back here, think about this: Less than 10 years ago it was common that if you had AIX, you couldn't use programs built for IRIX or HPUX, and vice versa. Sure, programs that strictly adheared to the POSIX standards might run, but more than likely, they would need to have some sort of porting done to account for the differences.
Alright, so how does this apply to the launch of Vista?
It goes back to Vendor Lockin, and it goes back to diversity. Another real life example on the way to the main point was looked at by El'Reg. You can find the link here: http://www.theregister.co.uk/2006/09/14/amd_market_cap/
Vendors who invested in AMD hardware in addition to Intel hardware saw their share price rising. Those who only invested in Intel hardware saw their share price drop.
It wasn't exactly a no brainer idea to invest in both AMD and Intel. It made sense. Either company could fail, or could suceed. HP is a shining example of this. Sun, not so much since they have their own architecture in SPARC.
But the point is, the smarter, and more profitable hardware manufactuers realized years ago that they could not rely on one vendor alone to fulfill all their needs and all their production lines.
Dell, the poster child for successful vendor dependance finally went dual vendor earlier this year, to the cheers of almost all with the technology crowds. Why? Because consumers now had a choice from Dell. They now had parity for the desktop market. Even Dell admitted it was a mistake to rely on one vendor so much. You can find that admittance here : http://searchdatacenter.techtarget.com/originalContent/0,289142,sid80_gci1215577,00.html
Alright, so, what does this have to do with Vista?
Isn't it obvious?
Why are software vendors relying on one company to deliver everything?
Why are hardware vendors relying on one company to deliver everything?
Why are consumers relying on one company to deliver... everything?
Here's the problem with the reliance on Vista. All the empiracle evidence out there, in software, stocks, hardware, whatever, tells us it's a bad idea to bet everything on one product or one company.
Thing about AeroGlass for a second. Sure, a 3D display is nice... if it weren't for the fact that Novell is already there... with XGL : http://www.novell.com/linux/xglrelease/
Sure, DX10 is a nice advance in 3D features... except OpenGL was there... with Version 2.0
Care to guess when that was?
Version 2.0 - October 22, 2004
http://www.opengl.org/documentation/specs/version2.0/glspec20.pdf
OpenGL is already to 2.1, released June 30th, 2006
http://www.opengl.org/documentation/specs/version2.1/glspec21.pdf
DirectX 10 isn't even out for consumers yet.
My problem is that OEM's, like Dell, like Gateway, like HP, like Emachines, and others, have been hooked on Microsoft. They've gotten tunnel vision on what Microsoft can provide.
The problem is, Microsoft cannot provide everything. They can't do it all, even if they don't want to admit that. Just look at the software ecosystem. How many people buy an additional Anti-Virus? How many people use a different browser? How many people use a different media player? How many people don't use Microsoft products?
When I look at the computing industry, I really wonder where the OEM's that put computers in retail chains have been these past year. They know what customers want in a desktop.
Hey, I worked Phone Support for Cox Communications for 3 years. I got indulged with calls by people who told me how it "should be" for them, and how the product they used would be good for them? Where did I refer those customers to? www.opera.com and www.mozilla.org
I know for a personal fact that these callers are telling the support personal they call how things should be. And while a lot of the suggestions are junk (For example, having your passwords listed in a pop-up window), there are some suggestions that could be put to use (e.g. Tab functions, now standard in all browsers)
Thing is, OEM's have been tunnel visioning past entities like Mepis and Linspire that are seeking to change the very way consumers approach and use their computer. They've ignored ones like Symphony that are trying to change the very concept of a desktop.
Why? OEM's are the ones who most valuable to these projects. It's in the interest of Dell, HP, Gateway, and whoever else to invest in Linux systems just as much as they invest in Windows systems.
Think about it. What if Dell had invested in Linux for the consumer desktop? Okay, big deal that Microsoft's Aeroglass won't be here till next year. Dell could already be shipping XGL enabled desktops, TODAY.
Not next year.
What if ATi and Nvidia had invested in Linux drivers in the same way they had invested in Windows Drivers. OpenGL 2.1 support could already be implemented. We could already be playing Quake4, Half-Life 2 Episode 2, and F.E.A.R. Extraction Point under OpenGL 2.1 and get all the benifits, without having to wait till next year... when DX10 arrives.
That's my problem with OEM's and Vista. Computer manufactures are missing out on future promises that here today.
They are locking their customers in, not giving them a choice on what they can buy. The Dell's, HP's, Gateway's, and otherwise, today, are just as guilty of Vendor-Lock-In as the Pure Unix providers of yesteryear.
And I don't think that's right.
What you may not realize is that these reports are utter bunk. Here's why. If you are not involved in the stock market, find someone who is. What I want you to ask them is if you had a set amount of money, should you invest it only one company, or several companies. Any good stock broker will immediatly advise you to... what? Diversify. Put your monetary holdings in multiple companies. Put some money in "guaranteed" stocks like Power Companies, and put some money in high-growth companies, like web-start ups.
It's common sense really. Yes, it's risky to bet on only one company, and if they do break through, then you do stand to regain quiet a lot. Example, those who bet on Microsoft back in the 1970's and 1980's. Those who bet on Google moving into 2000 and onwards.
But, if the companies fall, say like Pets.com or Enron, where is your money? What did you get back?
This is the lesson that vendors who worked with Pure Unix learned a long time ago. Now, for those who haven't worked with pure Unix before, you may not be aware of what Vendor Lock-In really is. Vendor Lock-In is when you can not upgrade, cross-grade, downgrade, or do anything with the hardware and software you use without paying a specific vendor of that product to do the work for you, or provide the software for you.
What happened with Pure Unix systems is that many vendors would change specific code relating to the kernel or other items, then link their program into those changes. The result was that you couldn't change the Operating System, the Unix kernel itself, and still be able to run the program. By the same token you couldn't change the program unless your new program was built for the customized kernel already in use in the old system.
So, if you wanted to upgrade your software to the latest version, you would have to not only buy the new software you use, you'd have to buy a new Operating System for it.
Now, I'm not picking on IBM with this, they will just set here for the example. IBM's Pure Unix is sold as AIX, or Advanced IBM Unix.
Lets say you bought a mainframe from IBM, and this mainframe had AIX version... 2. And it had, IBM Finance Manger Suite version... 3. The total mainframe cost is going to hit you for $10,000 at the start.
You use this software for about a year and you find that IBM Finance Manager Suite version 3 just doesn't do it all for you. During this time IBM has released their new version of the mainframe and software package you are using, for $10,000. You really, really, really need to upgrade to IBM Finance Manager Suite version 4. IBM is willing to sell you the new version for only $1,000. Great, that's 10% of the cost of a completely new mainframe.
You get IBM Finance Manager Suite Version 4 in and try to install it. Only, it won't install. It's not compatible with AIX Version 2. You need AIX Version 3, which is a $5,000 upgrade fee. Alright, so you consult with your board members and decide you are going to shell out for the Operating System. You pay $5,000 more for AIX Version 3. You get it, install it, and it now runs.
Only... it runs slowely. Very slowely. Your mainframe isn't fast enough to run it. Great, now you need a new Mainframe. You talk with IBM sales, and they agree to cut you a deal. You've been a good customer, so they'll swap your old mainframe out for the newest and fastest version, for $8,000. Again, you go back to the board, and they say... yeah. Lets do it. So you drop out $8000 and now you have the new mainframe, and it works. Now everything is right.
Now read that again and add how much you spent. $1,000 + $5,000 + $8,000 = $14,000
You not only paid for another server, you gave a healthy $4,000 bonus to IBM.
Now, today, collectively, you think, we wouldn't put up with that. If a sales person tried that, we'd go elsewhere. What if you couldn't? What if SGI's IRIX, or HP's HPUX couldn't run IBM Finance Manager Suite... at all? What if you went and got HP's Mainframe, but it couldn't do half the stuff IBM's mainframe did? Where would you be then?
Welcome to the concept of vendor lock in. Most Unix Guru's are well familiar with these examples, having either lived through them, or performed them.
This is one of the reasons why Linux took off. It was completely documented. You didn't, and don't, have undocumented code or secret run times that only the manufacturer knows about.
Think about it for a second, then skip over to http://www.distrowatch.com Take a look at all the Linux Distro's listed there. Are you aware that just about any program compiled for Linux can run on all of those distrobutions? Without the need for modification?
When you get back here, think about this: Less than 10 years ago it was common that if you had AIX, you couldn't use programs built for IRIX or HPUX, and vice versa. Sure, programs that strictly adheared to the POSIX standards might run, but more than likely, they would need to have some sort of porting done to account for the differences.
Alright, so how does this apply to the launch of Vista?
It goes back to Vendor Lockin, and it goes back to diversity. Another real life example on the way to the main point was looked at by El'Reg. You can find the link here: http://www.theregister.co.uk/2006/09/14/amd_market_cap/
Vendors who invested in AMD hardware in addition to Intel hardware saw their share price rising. Those who only invested in Intel hardware saw their share price drop.
It wasn't exactly a no brainer idea to invest in both AMD and Intel. It made sense. Either company could fail, or could suceed. HP is a shining example of this. Sun, not so much since they have their own architecture in SPARC.
But the point is, the smarter, and more profitable hardware manufactuers realized years ago that they could not rely on one vendor alone to fulfill all their needs and all their production lines.
Dell, the poster child for successful vendor dependance finally went dual vendor earlier this year, to the cheers of almost all with the technology crowds. Why? Because consumers now had a choice from Dell. They now had parity for the desktop market. Even Dell admitted it was a mistake to rely on one vendor so much. You can find that admittance here : http://searchdatacenter.techtarget.com/originalContent/0,289142,sid80_gci1215577,00.html
Alright, so, what does this have to do with Vista?
Isn't it obvious?
Why are software vendors relying on one company to deliver everything?
Why are hardware vendors relying on one company to deliver everything?
Why are consumers relying on one company to deliver... everything?
Here's the problem with the reliance on Vista. All the empiracle evidence out there, in software, stocks, hardware, whatever, tells us it's a bad idea to bet everything on one product or one company.
Thing about AeroGlass for a second. Sure, a 3D display is nice... if it weren't for the fact that Novell is already there... with XGL : http://www.novell.com/linux/xglrelease/
Sure, DX10 is a nice advance in 3D features... except OpenGL was there... with Version 2.0
Care to guess when that was?
Version 2.0 - October 22, 2004
http://www.opengl.org/documentation/specs/version2.0/glspec20.pdf
OpenGL is already to 2.1, released June 30th, 2006
http://www.opengl.org/documentation/specs/version2.1/glspec21.pdf
DirectX 10 isn't even out for consumers yet.
My problem is that OEM's, like Dell, like Gateway, like HP, like Emachines, and others, have been hooked on Microsoft. They've gotten tunnel vision on what Microsoft can provide.
The problem is, Microsoft cannot provide everything. They can't do it all, even if they don't want to admit that. Just look at the software ecosystem. How many people buy an additional Anti-Virus? How many people use a different browser? How many people use a different media player? How many people don't use Microsoft products?
When I look at the computing industry, I really wonder where the OEM's that put computers in retail chains have been these past year. They know what customers want in a desktop.
Hey, I worked Phone Support for Cox Communications for 3 years. I got indulged with calls by people who told me how it "should be" for them, and how the product they used would be good for them? Where did I refer those customers to? www.opera.com and www.mozilla.org
I know for a personal fact that these callers are telling the support personal they call how things should be. And while a lot of the suggestions are junk (For example, having your passwords listed in a pop-up window), there are some suggestions that could be put to use (e.g. Tab functions, now standard in all browsers)
Thing is, OEM's have been tunnel visioning past entities like Mepis and Linspire that are seeking to change the very way consumers approach and use their computer. They've ignored ones like Symphony that are trying to change the very concept of a desktop.
Why? OEM's are the ones who most valuable to these projects. It's in the interest of Dell, HP, Gateway, and whoever else to invest in Linux systems just as much as they invest in Windows systems.
Think about it. What if Dell had invested in Linux for the consumer desktop? Okay, big deal that Microsoft's Aeroglass won't be here till next year. Dell could already be shipping XGL enabled desktops, TODAY.
Not next year.
What if ATi and Nvidia had invested in Linux drivers in the same way they had invested in Windows Drivers. OpenGL 2.1 support could already be implemented. We could already be playing Quake4, Half-Life 2 Episode 2, and F.E.A.R. Extraction Point under OpenGL 2.1 and get all the benifits, without having to wait till next year... when DX10 arrives.
That's my problem with OEM's and Vista. Computer manufactures are missing out on future promises that here today.
They are locking their customers in, not giving them a choice on what they can buy. The Dell's, HP's, Gateway's, and otherwise, today, are just as guilty of Vendor-Lock-In as the Pure Unix providers of yesteryear.
And I don't think that's right.
Friday, September 15, 2006
Open for business
Can't believe I'm doing this.
Okay, why Zerias? Why not Saist?
Well, seems that a blogspot entry already exists for a Saist, but it's not me.
Zerias is a name I created for City of Heroe's / City of Villians, and well, it was available. Simple as that. But, it's still me, the one, the only, the Saist. Insanity Unchained, Chaos Purified, the one who you'll find in the middle of a hurricane.
So, what's this about a Very Grumpy Bunny?
If the name VT-Grumpy-Bunny means anything to you, then it should be appearent. If you don't know about VT-Grumpy-Bunny, this explanation is for you. Several years ago when John Romero was designing Daikatana there was a story floated that someone would use the name Grumpy-Bunny while playing deathmatch. Afterall, what, just what, could possibly be more humiliating than getting slaughtered by a Grumpy Bunny?
One night, while playing UT'99 (as it's now known for some odd reason), I decided to just change my name to VT-Grumpy-Bunny, VT standing for my clan at the time. Decided to stick with the name. So, to this day, I'm still a grumpy bunny.
So, what's this blog about, why make it? What happened to your LJ? Don't you have a blog on Gamenikki?
Simply put, Gamenikki.com doesn't allow for several posts I would like to make. Comments that, well, just shouldn't be made by someone trying to be unbiased. This gives me a place to haul off at. So call it a rougher edge.
As far as the LJ goes, for those who read it, I created the LJ with intents of mimicking Jet Wolf's Operators Standing By. Considering that I no longer work that particular job, maybe it's time to move elsewhere. Course, doesn't mean that I'm going to delete it.
So, how often will this update?
Couldn't tell you. Really depends on how ticked I am at any given time.
Okay, why Zerias? Why not Saist?
Well, seems that a blogspot entry already exists for a Saist, but it's not me.
Zerias is a name I created for City of Heroe's / City of Villians, and well, it was available. Simple as that. But, it's still me, the one, the only, the Saist. Insanity Unchained, Chaos Purified, the one who you'll find in the middle of a hurricane.
So, what's this about a Very Grumpy Bunny?
If the name VT-Grumpy-Bunny means anything to you, then it should be appearent. If you don't know about VT-Grumpy-Bunny, this explanation is for you. Several years ago when John Romero was designing Daikatana there was a story floated that someone would use the name Grumpy-Bunny while playing deathmatch. Afterall, what, just what, could possibly be more humiliating than getting slaughtered by a Grumpy Bunny?
One night, while playing UT'99 (as it's now known for some odd reason), I decided to just change my name to VT-Grumpy-Bunny, VT standing for my clan at the time. Decided to stick with the name. So, to this day, I'm still a grumpy bunny.
So, what's this blog about, why make it? What happened to your LJ? Don't you have a blog on Gamenikki?
Simply put, Gamenikki.com doesn't allow for several posts I would like to make. Comments that, well, just shouldn't be made by someone trying to be unbiased. This gives me a place to haul off at. So call it a rougher edge.
As far as the LJ goes, for those who read it, I created the LJ with intents of mimicking Jet Wolf's Operators Standing By. Considering that I no longer work that particular job, maybe it's time to move elsewhere. Course, doesn't mean that I'm going to delete it.
So, how often will this update?
Couldn't tell you. Really depends on how ticked I am at any given time.
Subscribe to:
Posts (Atom)