USA India
Home Articles UserTV Press Releases Dictionary Books Education Careers B-Channels Resources Forums Blogs Classifieds
Sunday 6 Jul, 2008 eNewsletter Register Login
Archives
Articles By Date
Articles By Category
 
 
 Archives >> Details
Windows Vista: Point/Counterpoint
Does our columnist have an axe to grind with Microsoft?
Posted by : ComputerUser readers
Reader Andrew Idell took issue with a number of points (bolded) in James Mathewson's column "Vista's limited horizons?" [June 2006]. Here are some of his comments (AI), followed by Mathewson's responses (JM):

1. "Those of us old enough to remember that Windows 95 actually shipped in 1996--to the horror of a breathless PC press."

AI: Windows 95 was released on Aug. 24, 1995. At the time I worked as a manager at Babbage's Software and had to deal with the onslaught of customers.

JM: It was released to resellers in August. The boxed copy was not released until January 1996.

2. "As in the old days of DOS, you can always go to the command line with Linux and a desktop UI program running on top of it. When Microsoft went to XP, it eliminated DOS and the ability to selectively fix problems by simply deleting files."

AI: DOS has never been in an NT-based OS, all the way back to when it was first compiled in 1989 and sold in 1992. There has been the NT-command shell, which has several of the same commands, but the code is completely different. It is analogous to the various shells in UNIX, although not as powerful.

In fact, even Windows 95 and 98 were not layered on top of DOS. The last OS to do this was Windows 3.11 for Workgroups. Win95 and 98 had 32-bit kernels with the command shell running as an OS subsystem on top of the kernel. In this case, the command-line shell was a recompiled DOS called DOS 7.0. Windows ME removed this functionality. To say that Win9x-WinME were "based on DOS" is a very common misconception.

Windows 2000 and XP (and Vista) are NT-based operating systems, and have never had any form of DOS in them, other than the ability to run 16-bit applications within WOW/Windows on Windows.

JM: It has been proven that Microsoft's consumer operating systems ran on top of DOS until Window XP, which is an NT-based OS. Whether you say that DOS was an administrative console as an add-on or the kernel of the OS is not really the point. The point is, you had a command line before Windows XP with which to diagnose and fix problems. And, yes, NT does not have DOS, but it does have a command line. Windows XP has no command line. That's all I wrote.

3. "...the ability to selectively fix problems by simply deleting files..."

AI: No OS has this capability in the context of cleaning malware. If you are referring to cleaning startup programs, then yes, it is an issue to dig through the registry by hand. However, no one needs to do this anymore with the numerous spyware programs on the market.

JM: With a command line, you can run scripts or batch programs that search the directory for certain file types. When you find those file types, you can delete them. So a smart administrator can fix systems using the command line. Without a command line, the only fix is often to wipe and reload. That's now standard operating procedure for administrators.

4. "So far, we haven't seen too many results from this effort. According to reports by beta testers, there is reason to believe that Vista is much better than XP on security."

AI: Several third parties, including Secunia.com, have tracked the number, rate, and severity of vulnerabilities in Windows since Trustworthy Computing. In every category, the numbers have dropped dramatically. In the cases where vulnerabilities have existed, XP Service Pack 2 and 2003's SP1 often have a lower severity rating.

Also, who are these "beta users" making these statements? If they call beta testing installing the OS on a PC, then I would not call their opinions very informed.But, to be fair, only time will tell for Vista.

JM: I find it difficult to believe that the current operating systems benefit from trustworthy computing when I need to load three or four patches per week several years after the OS was released. Yes, only time will tell with Vista. But Microsoft has not exactly increased our confidence with its current OS offerings.

5. "I'm especially interested in the bidirectional firewall that pings you when a program attempts to access the Internet."

AI: This is probably one of the greatest myths in the security field--that an outbound firewall is a relevant security feature. If malware is already on your box, it will go around or disable your firewall. This is true for any OS, especially in the case of rootkits.

JM: My results with Zone Labs are far better than the technote suggests. But firewalls are not a catch-all. We know this. The point is, if a bidirectional firewall is the most anticipated security feature in Vista, we don't have a lot more confidence that Vista will be better than XP, do we?

6. "That is why the press sounded alarms on the latest Vista delay; even though it is only a few months, moving from November to January means no Vista PCs for Christmas."

AI: For consumers this is true, but not for businesses. In fact, tens of thousands of businesses are already beta-testing Vista and will move to Vista as their limited production OS by Beta 3 as part of Microsoft's early-adopter program.

JM: I believe that tens of thousands of businesses are testing Vista. I don't believe that tens of thousands of businesses will roll Vista out throughout their enterprises within a year of launch, unless you count home-based sole proprietorships. The surveys I've read suggest that fewer than 30 percent of businesses worldwide even have Vista on their tech plans beyond beta testing. Of those that do, a small percentage have immediate plans for Vista.

7. "And it would enable OS X to manage system security by backing up, wiping, and reloading Vista without rebooting, making Vista much more manageable."

AI: Vista has numerous deployment technologies that are all image-based, so these tools from Apple are somewhat redundant, although well packaged. OS X also has nothing to do with Vista's security (or lack of it) because OS X is not loaded in this dual-boot scenario.

JM: The current plan is to have dual-boot mode. But, as Robert X. Cringely speculates, in the future, it is not out of the question that OS X could run Vista, which would improve security by allowing administrators to wipe and reload Windows on the fly as often as they like.

8. "The preferred way of dealing with a system clogged by a few months' worth of adware, spyware, and quarantined viruses is to back up, wipe, and reload. This is time-consuming, either for the user or the technician, or both...Linux may not be as pretty, but it's not as vulnerable... "

AI: No matter what platform is infected by malware or compromised by a hacker, any competent security professional will tell you that you must wipe the system.

As far as Linux not being as vulnerable to automated malware such as worms and virus attacks, this is true. But to say that Linux is more secure for that reason alone shows the bias of the author.

At one point last year, the Linux KERNEL had more vulnerabilities by any measure (number, severity, etc.) than the entire Windows 2003 stack. Today the number is slightly greater for the whole stack vs the Linux kernel, but no matter how you slice the numbers the fact is that Linux security, in terms of vulnerabilities, has gotten worse, not better in the last five years.

JM:Every study I've read that is not sponsored by Microsoft suggests that Linux is much more secure than Windows. A large part of this is the architecture. Unlike Windows, it is not one huge monolithic stack. So vulnerabilities can be isolated and fixed much more easily. That is the point of the column, really. Do businesses want another monolithic OS from a vendor with history of insecure products or do they want something more modular and open? I think businesses are leaning towards more modular and open systems in part because it helps them manage security more easily.

9. "All this patch-as-patch-can maintenance has pushed some organizations to adopt Linux for the desktop."

AI: There have been hundreds of patches for your average Linux desktop--far more than for Windows XP, especially with SP2. On Windows, these patches can be automatically installed via the Web, or by numerous tools from Microsoft--some free like WSUS, others more robust and payware like SMS.

JM: I installed more than 100 patches per year to Windows XP. I have lots of colleagues who run Linux on the desktop and they do not need to patch their systems much at all. So the evidence is anecdotal, but I would be shocked if Linux for the desktop required more patches than Windows XP.

AI: I would rather have read a pro-Linux article from James, who works for IBM, than a highly flawed, inaccurate generally anti-Microsoft piece.

He could have saved a lot of ink by just stating, "I think Windows sucks, and Vista even more so. I work for a competitor that has mostly chosen to embrace Linux, so why use Windows at all?"

JM: Yes, I work for IBM. We have more than 300,000 Windows clients in our company world-wide. We spend a considerable sum of money keeping all these systems working and relatively free of malware and other exploits. This experience, as a customer of Microsoft, led to many of these points. Also, IBM is one of Microsoft's biggest partners. Most of IBM's customers have Windows either in server environments or in desktop environments (or both). I would not do anything to jeopardize this delicate relationship by using the hyperbole you suggest, but I do have strong opinions. Our readers are smart enough to recognize my statements as opinions, and to make up their minds from there.

To start a discussion or ask a question, e-mail dan@computeruser.com. letters may be edited for style, length, or content. writers' e-mail addresses will be published unless requested otherwise.

 
 
Archives by Date
 
 
 
 
 
Copyright © 2008 ComputerUser Inc.
About us | Terms of use | Privacy Policy | Legal | Trademark/Copyright | Awards | Advertise | Writer guidelines | Sitemap | Contact | FAQ's | Feedback  | Link to us

Here are the topics we cover computer certification computer careers computer training computer games consulting data recovery data security digital entertainment emerging technology gadget reviews handheld computers hardware reviews home automation home networks home office how-to advice internet linux local companies local news local profiles macintosh mp3 players network security online music online security open-source small-business technology soho software reviews technology books technology dictionary vpn web site reviews wi-fi windows wireless technology tech articles tech news press releases tech dictionary education resources career solutions create your personal blog upload your videos become a writer usergroups special interest group SIG 3com cipts adobe adobe certified expert apc ncpi apple achds acpt acsa actc avaya bea 8.1 certified administrator 8.1 certified architect 8.1 certified developer 9 certified administrator bicsi rcdd checkpoint ccmse ccsa ccsa ngx ccse ccse ng plus with ai ccse ngx cisco access routing and lan switching ccda ccdp ccie ccip ccna ccnp ccnp old ccsp ccvp crmam ip communications optical proctored exams for validating knowledge sales specialist storage networking vpn and security wireless lan citrix cca 3.0 cca 4.0 cca 4.5 cca xp ccea 3.0 ccea 4.0 ccea xp ccia ciw ciw associate ciw certified instructor master ciw admin master ciw designer master ciw enterprise developer security analyst comptia a+ network+ security+ server+ computer associates ca cusa cuse cwna cwna cwsp dell eccouncil cea cep certified ethical hacker chfi e-commerce architect emc emc specialist implemenation technology foundations enterasys ese eta exam express exin exin itil extreme networks ena ens filemaker f7cd f8cd fortinet fortigate foundry cne fujitsu fujitsu guidance software ence hdi css hda hdm hdsa hitachi hitachi certified professional hp ais apc app aps ase certified systems developer csa cse master ase huawei hcne hyperion hcp ibm advanced deployment professional advanced technical expert application developer business process analyst certified administrator certified advanced system administrator certified advanced technical expert certified associate developer certified enterprise developer certified solution designer certified specialist certified systems expert database administrator db2 deployment professional enterprise developer eserver certified specialist ibm on demand business solution advisor solution designer solutions developer solutions expert storage administrator system administator iisfa cifi intel isaca cisa isc cissp sscp iseb itil ism cpm juniper jncia jncis legato lcaa lcea lotus clp lpi lpic level 1 lpic level 2 lpic level 3 macromedia mcafee mcdata csnd microsoft crm mbs mcad .net mcdba mcdst mcitp mcp mcpd mcsa longhorn mcsa 2003 mcsa 2008 mcsd .net mcse mcse 2000 security mcse 2000 to mcse 2003 upgrade mcse 2003 mcse 2003 messaging mcse 2003 security mcse 2008 mcts microsoft business solutions microsoft partner competency mile2 cnsa network appliance nac-na nac-nie naca nace nacp network general sniffer certified professional nokia nokia security administrator nortel ncde ncds ncse ncss ncts novell5 cna 5 cne 6 cna 6 cne 6.5 cne cne upgrade omg ocup oracle 10g dba 10g oca 11i 8i dba 9i dba 9i internet application developer oca ocp8 to ocp8i dba upgrade exam pmi project management professional polycom pcve redhat rhce rhct sair sas institute sas scp saas scp snia snia certified architect snia certified professional snia certified systems engineer snia storage networking certification program administrator professional associate symantec scse scsp scta scts teradata tca v2r5 tcad v2r5 tcda v2r5 tcis v2r5 tcm v2r5 tcp v2r5 tia ccnt ctp tibco tcp trusecure ticsa veritas infraguard chamber of commerce vcp vmware certified professional webex linkedin facebook myspace Professional page layout, image editing, vector illustration, and print production Website design, development, prototyping, and blogging Creation of rich interactive content Industry-standard visual effects and motion graphics Video capture, editing, and production; DVD titling; and digital audio, Adobe Photoshop CS3 extended, Adobe illustrator CS3,Adobe indesign CS3,Adobe Acrobat 8 Professional, Adobe Flash CS3 Professional, Adobe Dreamweaver CS3,Adobe Contribute CS3,Adobe Fireworks CS3,Adobe After Effects CS3 Professional, Adobe Premiere Pro CS3,Adobe Soundbooth CS3,Adobe Encore CS3,Adobe OnLocation,Adobe Bridge CS3,Adobe Version Cue CS3,Adobe Device Central CS3,Adobe Stock Photos, Intel Pentium 4 (1.4GHz processor for DV; 3.4GHz processor for HDV), Intel Centrino, Intel Xeon, (dual 2.8GHz processors for HD), or Intel Core, Duo (or compatible) processor; SSE2-enabled processor required for AMD systems Microsoft Windows XP with Service Pack 2 or Microsoft Windows Vista Home Premium, Business, Ultimate, or Enterprise (certified for 32-bit editions) 1GB of RAM for DV; 2GB of RAM for HDV and HD; more RAM recommended when running multiple components 10GB of available hard-disk space (additional free space required during installation) Dedicated 7,200 RPM hard drive for DV and HDV editing; striped disk array storage (RAID 0) for HD; SCSI disk subsystem preferred Microsoft DirectX compatible sound card (multichannel ASIO-compatible sound card recommended),1,280x1,024 monitor resolution with 32-bit color adapter Blu-ray burner required for Blu-ray Disc creation OHCI compatible IEEE 1394 port for DV and HDV capture, export to tape, and transmit to DV device QuickTime 7.1.2 software required to use QuickTime features Broadband Internet connection required for Adobe Stock Photos* and other services