Digital Edition

After Ubuntu, Windows Looks Increasingly Bad, Increasingly Archaic, Increasingly Unfriendly
The Changing Trajectory of Software

My recent switch to a single-boot Ubuntu setup on my Thinkpad T60 simply floors me on a regular basis. Most recently it's had to do with the experience of maintaining the software. Fresh from a very long Windows 2000 experience and a four-month Windows XP experience along with a long-time Linux sys admin role puts me in a great position to assess Ubuntu. Three prior attempts over the years at using Linux as my daily desktop OS had me primed for failure. Well, Ubuntu takes Linux where I've long hoped it would go - easy to use, reliable, dependable, great applications too but more on that later. It has some elegance to it - bet you never heard that about a Linux desktop before.

There are many night-and-day differences between Windows and Ubuntu and, for a guy that does 80% standard office tasks and the rest of the time I'm doing Linux admin tasks, it was nearly all in favor of Ubuntu after the first few weeks of the transition. Overall, my productivity and the scope of things I can do with Ubuntu far exceed what I could do with Windows and just as importantly Ubuntu (like any Linux would) lets me easily create my own productivity shortcuts of a variety of sorts.

One of the things that's become clear as I've gotten used to the appliance-like experience of Ubuntu is that the future of software in an open source-dominated world is going to be significantly different than the world dominated by Microsoft. So what distant point on the horizon has Ubuntu shone a light on for me? Simple. Software will increasingly compete on ease of use in the total software experience more than on features. The future will be more about being simple than about any other dimension.

Here are some recent use cases:

_ I needed to rebuild my T60 with a fresh OS. Which was easier? MS Windows with a factory install disk, separate disks for Office and for Virus protection and then a lot of hunt-and-peck downloading for various apps like Thunderbird, Firefox, SSH, and Calendar or....Ubuntu with one CD and an OS that includes an integrated, extensible, and slick software package manager where all the software is approved and tailored to the installation?

_ I needed to rebuild a T43. I tried to use the rebuild partition included on the HD but it was corrupt. So I tried to make factory-install disks but the corrupt partition prevented it. Next option? Call Lenovo and get disks sent for $51. That process took five days and eight CD-ROMs from start to finish. With Ubuntu, this process takes three hours max, not four days and there's no software keys or other things to track down. The labor involved is less than a fifth with Ubuntu and the delivered product is a lot more productive - for my use models anyway.

_ I needed to resubscribe to Symantec on a Windows machine. Again this is a 30-60 minute timeout from production AND a $49 charge AND a hassle with product keys and sending data about my machine and purchases around to companies that I'd choose not have it if I had a choice. But I didn't since Windows XP needs Symantec's products badly even though these scanning and cleaning products degrade machine performance badly - even with a gig of RAM.

_ And I now hear that Windows Vista renames the partition it's installed on what used to be the C: partition. I need to check out this story but the very idea of automatic partition renaming is insane to even contemplate.

So my machine sings with Ubuntu. Having no virus scanning alone unleashes a responsiveness that makes the power of the T60's Intel dual-core shine. And what am I noticing most about all of this?

Well, first off Ubuntu is good as a productivity platform. Without that, the rest wouldn't matter a bit. But since Ubuntu is not only good on features but reliability then at least some of us would crawl over broken glass to get it installed.

But, in fact, there's no broken glass in the picture. It's the opposite. Ubuntu's installation is so easy, and maintaining it once it's installed is so simple that Ubuntu nearly falls into your machine like a ying to the hardware's yang. Once there, Ubuntu happily makes a home in your head with hardly a blip. I think Ubuntu actually dropped my blood pressure. Not something you typically find when switching ALL your software for something that's about as alien to Windows as it possibly can be.

Once that major hurdle is cleared, then the other big issues come into focus. Ease of install, easy updates, easy software maintenance, easy data backups. After experiencing Ubuntu, the world of Windows looks increasingly bad, increasingly archaic, increasingly like a neighborhood that makes life hard. Why should I put up with what Windows makes me go through if I don't have to?

I've used rsync for backups for years. I back up my mail, my Thunderbird data, and "my document" directory (i.e., /home/xxxx/). One of these backup commands looks like this and sits in a single shell script and runs from cron once a day (I've already sent the ssh key to the backup target server so no need to manually login to the backup server for this command to run):

rsync -avgz /home/xxxx/.mozilla-thunderbird/ root@mycomcastipnumber:/hdb/ibmt60-ubuntu-mozilla-tbird/ >>

That little command executes in a few seconds to a few minutes no matter where I am on the Internet and even if I've added some decently sized files to my computer. I've got my home router set up to pass the ssh port 22 through to a Linux server sitting in my attic. Quick and painless backups run without a hitch. It's a thing of beauty. I use the same solution for my servers so having a single platform from server to desktop has benefits and this is but one of them. I used to sweat about my Windows backups in the old days - if I did them every two weeks, I was happy. Ubuntu dropped my blood pressure on backups alone by 10% and now I have to decide how often is too often to do a backup. Also, I'm up on the MIRRA product but, trust me, you don't want to forget a password there.

Through a similar setup, I can also print to my home printer from any Internet connection. This is not a Windows- or Linux-specific feature but it's nice to have and I use it more than I expected. This is just good fun but it may also drop my blood pressure a point or two.

So far, none of this is news to those in the know about Ubuntu. It's not news but it is a big deal. A very big deal. Ubuntu is getting rave reviews: it's a productive platform, it's a reliable platform, it's a durable platform, it's an upgradeable platform, it's an easy-to-install platform, and adoption is through the roof.

What's changing in all this?

In my view, once you realize the platform is viable from a daily productivity standpoint (exceedingly so), the #1 thing that Ubuntu is then changing is ease of access to software. If I had decided to rebuild my PC with Windows XP - we won't even talk about Vista - this is what I was looking at:

1) Buy OEM Install disks from Lenovo because my rebuild partition was corrupt - $51.

2) Buy a Symantec subscription because I was done with the 90-day free trial - $49.

3) Buy an extra 512MB of RAM because XP couldn't run Firefox, Thunderbird, MS Word, MS Excel, and SSH all at once with 512MB of installed RAM - $104.

4) Install all of the above with product keys along the way - four hours? Maybe six? Maybe more because the tools for getting 2GB-3GB of mail data back into Thunderbird in Windows aren't nearly as good as the same tools in Linux.

That's $204 just to get me back to where I thought I was two months back - i.e., a machine with XP and Office on it. Symantec alone is going to want to pick my pocket again at some point.

Ubuntu releases me from these costs and from these long-term headaches:

1) Viruses - I no longer worry and I no longer need to check my PC - that's a relief. You can pick nits here about security but the bottom line is Ubuntu is orders of magnitude better.

2) Vulnerabilities - Windows is like Swiss cheese with so many vulnerabilities that it's sick - you can't connect XP to a public Internet connection (i.e., behind a router is OK but direct to the net isn't). Ubuntu? It's Linux - no worries.

3) Thanks to #1 and #2, I'm free from products like Symantec and Norton and the dollar expense, the complexity of administering them (those pop-ups are annoying and a productivity hit), and wondering when they expire next.

4) Software updates for the entire collection of software on the machine are simple in Ubuntu.

5) Backups are automatic.

That's batting for the cycle. Am I missing anything? Anything at all? Yes. Printing is easier in Ubuntu for older printers like the HP Laserjet 4 on a D-Link print server in the office and the HP 6L on an SMC print server in the home office. Multifunction printers are more of a challenge. A little care in printer purchases going forward takes this issue off the plate and I'm fine with the printer solution in place that has largely been stumbled upon.

The one bit of software that was Windows-related was a QuickBooks Timer. I haven't needed it because I began editing the output of that program in Excel six months ago because the QuickBooks Timer was too much of a clod interface to be productive. When I switched from Microsoft Office to OpenOffice on Windows XP, I continued not using the QuickBooks Timer. Doing the same manual editing of these QuickBooks Timer output files in OpenOffice Calc on Linux is a breeze. If there were a QuickBooks Timer for Linux, I wouldn't use it so I haven't checked for it.

In sum, what's changing about software? The installation, maintenance, and use of software in Windows have become a burden. A huge burden. And I don't think the average Windows user realizes how much out of their way they are going to keep their Windows PCs working. Windows challenges users and makes for a very expensive user experience in time and dollars if users follow the book and use the latest virus protection, keep that protection updated, and avoid the pitfalls that are squarely on the path that normal users use. In the best case, you end up with a machine that has a lot of crapware installed on it and is slow and clunky to use. In the more typical case, you end up with a machine that spirals to a grinding halt over six to 12 months - like the T43 I'm working on right now. A machine that has trouble opening an Excel file in three minutes because it has so much software competing for disk access and CPU cycles.

My experience with Linux on the server with its multi-hundred day uptimes broken by hardware upgrades, not software reboots, and with no performance degradation even at high disk utilizations tells me Ubuntu isn't taking me down with it. My blood pressure is truly low now.

I'm literally running out the door to get the word rolling on this changing dynamic. It's that big. And a word to IBM and Lenovo: if you're listening, Ubuntu as an OEM install on your Thinkpad T and X series would be a huge win for you and for the the OSS adoption curve. This is a classic case of experience changing perception and it's got me to thinking about a seamless platform from server to desktop to phone - think about it.

About Paul Nowak
Paul Nowak first used Linux in 1995 while migrating from Sun to Linux at the University of Michigan. He used Linux in subsequent IT projects including web, telecom, telemetry and embedded projects and is currently CIO of a small professional association based in Washington D.C.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 6

there are many ubuntu based linux distributions that are user friendly. i especially like the cd-rom bootable versions like freespire so I don't have to forego my windows permanently.

I finally installed Linux after resisting for the longest time, thinking Windows was perfectly fine, then after checking out several different distributions, I found that Ubuntu and a few of the variations built on it is just great. I've now decided to keep that in my old emachines laptop for permanent experimentation!

A very interesting article. I'm in a similar position having just installed Ubuntu on old Dell Inspiron 5000. I've been very, very impressed with it. I've been a Windows user for longer than I care to remember. I have to say this is the first time an OS has excited and interested me since the Amiga.

I had a few wrinkles in the beginning (I had to install with the alternative CD because the Live CD crawled) and some problems getting a wireless connection going.

However, once these problems were solved I have to say my experience with Ubuntu is increasingly "Why can't Windows be more like this..?" I'm now thinking of putting this onto my main PC, it'll be a dual boot as I do play some games but really I'm impressed and excited by Ubuntu.

I have installed Ubuntu 7.04 on my T60, dual booting with XP. I have found Ubuntu to be the simplest Linux distro to get running on the T60. The ATI video is often a stumbling block with opensuse or Fedora. It is work at the very least. Not to mention getting the wireless to work. The Ubuntu install was the first time I had the wireless just work. Ubuntu does notify the user about the possibility of using non-open source drivers with hardware components.

The read only access to the XP partition has been a real plus. Gimp opened a Photoshop (.psd) file that was on the XP partition with no problems.

Secondly, whoever designed yum and yumex (for fc4) needs a good kick in the n*ts, the _very_ slow update time, the stupid reporting of dependencies (no dependency tree) and the sluggish performance of python makes it a really trial to get volumes of software installed and to figure out which installs cause a dependency errors! Sheesh!

Anyone who installs a Symantec product on a computer is probably an idiot, given that Symantec products are often a gross mess of inefficient, bloated, registry bloating COM classes. Pick proper security software, disable unneeded windows services and stupid bling and it becomes much more usable.

Yes I have a pre-loaded/customised Linux system, but found that it took far longer to get a full loaded system set-up and the lack of excellent programs like Directory Opus is not funny (it doesn't work properly in Wine). Nautilus, Konquerer, PCManFM etc. look shockingly primitive, in comparison!

Over at LinuxGames there's an interview with Ryan Gordon about the state of Linux gaming and what technologies on the horizon will be important. Ryan has been doing ports of programs to Linux and MacOS X for over a decade now. Going all the way back to the games ported by Loki, Ryan has probably been responsible for more commercial applications being ported to Linux than anyone else.

Linux Gaming:

Right, all we need now is a good multimedia experience for Ubuntu and windows is dead. I like pc games and watching dvd's by letting my pc send them to my tv. Do the current Open GL driver provide that functionality already? Unfortunately most games require Direct X, more so with Xbox360 ports. Is Direct X possible to emulate under Ubuntu? Translating game code into driver code using a game by game approach? What are the options here. Good news to hear, this. Props!

Octopus commented on the 12 Jun 2007:

"Steve, Computer security is not about scoring some some test like you keep going on about."

Nobody stated it was - tests are merely gauges of it, & even this CIS Tool 1.x test I noted?

Is not perfect & I admit that, but it is the best overall test that runs across both Linux & Win32 I can find.

(Find a better one that helps you secure yourself more I guess, & runs on BOTH Linux and post it here).

I offered NMap (this works via this commandline -> nmap.exe -P0 -sT -F -O -A (insert IP address)) & TENABLE NESSUS (this constantly screws up on me, so it is not fair to say this on my end)!

However, imo, they are not as good or comprehensive, and do not TELL you how to secure yourself more.

None really account for say, using hardware NAT "firewalling" (or, even true CISCO type technology stateful packet inspecting units as I use from LinkSys) for instance, as an example of what I meant by "perfection"...

Octopus commented on the 12 Jun 2007:

"There are a number of reasons inherent in Windows design that make it insecure."

AND, there are 14 inherent reasons here:

You can use to secure it largely vs. those (whatever those are you stated, you didn't give specifics)

Octopus commented on the 12 Jun 2007:

"Of course it is possible to *change* the default behavior of Windows and make it less vulnerable, but the fact is, most people lack the knowledge to do this."

Yes, and the url gives them MOST of that (the rest, as in the case of IP Security Policies? You have to have SOME understanding of things "IP" & I noted that below - an excuse to learn imo!)

Octopus commented on the 12 Jun 2007:

"Windows, by default, hides extensions of known file types. I believe this is still the case with Vista."

I never EVER allow for this, personally. I always have it show "ALL extensions" & for the reasons you note.

Octopus commented on the 12 Jun 2007:

"The model Microsoft uses for software installation is a mess. Install a program, and pieces of that program are often spread all over the system"

For reasons: Some DLL's need to be 'publicly accessible', it's that, or putting them into a folder on the environment's %PATH% variable!

(MOST can be "privatized" to an application's folder though, because of the DLL calling rules (first is the app looks inside of its own folder, & next along the system path), & if you need them? I can post them here!)

This takes up space though, doing privitization, but can help vs. "DLL Hell".

Mixed bag, but Windows File Protection & System File Protection in current Windows NT-based OS' protect against DLL hell nowadays, (as well as "side by side assemblies" in memory too!)

Octopus commented on the 12 Jun 2007:

"Windows source code is closed and unavailable to the general public. This means that there could be (and surely are) a myriad of bugs"

Easily countered - having OPEN source makes it easy to FIND bugs or create/exploit areas, far easier than trace debug dissassembly of closed source code asm dumps, by FAR!

Octopus commented on the 12 Jun 2007:

"Windows users must TRUST Microsoft to not put in backdoors, spyware or other code that violates a users' privacy."

I'm a developer, and have been for 15 years now almost professionally - do you think devs don't leave backdoors in non MS products too?

IIRC, IBM had one, that allowed ANYONE root access to their mainframe systems ages ago, via a console/keyboard keystroke combo (hidden though), & iirc, it was like tab + XYZZXY (or something like that)...

For MS to do that, which I doubt they would?

They would have to be crazy though - the liability alone could impoverish them because of all the users on windows out there (90% of the world's computers)... the class action lawsuit would floor EVEN they imo!

Octopus commented on the 12 Jun 2007:

"A quick check of Wikipedia will show the number of known viruses for different operating systems:"

Security by obscurity operates in the favor of MacOS X & Linux - less users, thus, less of a target for malware creators! Why write for less used OS', when the larger target is MS OS', in other words?

Freeman commented on the 12 Jun 2007:

"1) Secunia explicitely says: "Please Note: The statistics provided should not be used to compare the overall security of products against one another."

Well, I have no 'better gauge' than reported & verified vulnerabilities in both. Thus, I utilized it.

AND, I do agree with them (but perhaps NOT for the reasons you suspect because that is open to interpretation, & here is mine of that statement):

Secunia states that, because some vulnerabilities are for instance, library related, & for example, in Windows? You can unregister OLE Servers to stop them from running IF they are vulnerable if needed (sacrificing apps that may depend on their functions until patches occur).

PLUS, Work arounds for many holes DO exist.

E.G.-> An easier one? If an app is vulnerable, see if you can replace it with one that is NOT vulnerable.

The "holes" didn't solely exist on the OS' themselves, but on database engines, webservers, etc. (and of course, other apps folks may run, but I chose "industrial scenario" type ones, as common ground since folks here are network admins/engineers & these are large tracts of any companies' lifeblood, information systems!)

Freeman commented on the 12 Jun 2007:

"IMHO that I believe that the Linux way is more open and secure"

You are definitely entitled to your beliefs, but I tend to believe in numbers & quantified scores. Granted, you can shift & analyze these numbers here any way you like:

1.) SQLServer 2005 runs from birth to current, with 0 security advisories (and, keeps NASDAQ running 24/7 x 365 days a year (the fabled "5 9's" of 99.999% reliability too) on Windows Server 2003 fully patched.

2.) IIS shows less bugs/vulnerabilities than Apache does (and less critical ones) & in fact, 10 TIMES LESS!


3.) Windows Server (9%) itself has less bugs and LESS CRITICAL ONES, than Linux 2.6 kernel builds (13%) do!


HOWEVER - this IS why I offer up the CIS Tool 1.x as a comparitive gauge between Linux &/or Windows of modern varieties. It's actually FUN to do (in a nerdy kind of way) & a good learning experience if anything, as the tool aids you in making a more secure system thru advisement it offers.

(My score IS the highest I can achieve, POST-HARDENING, and still be able to go online & do various tasks I need to perform).

That all said & aside?

Since I offer this score on my hardened rig on Windows Server 2003 SP #2 fully patched as of the date of my testscore??

I am wondering WHY no one is taking this challenge to run it on their *NIX boxes.

It is the ONLY multiplatform test I knwo of that runs across both Linux &/or Windows & hence/again - why I chose it for comparison's sake here.

I can lead a horse to water, I cannot make them drink.

Freeman commented on the 12 Jun 2007:

"Your 14 points seem valid, but it's a pain having to do all of them every time I install Windows"

They are valid, & the CIS Tool 1.x (runs on Windows, Linux, BSD, Solaris, etc.)! I do welcome anyone to try it, as it is imo, an invaluable tool that helps YOU, help yourself, to a better/more secured platform.

CIS Tool 1.x (far from perfect, but still excellent, is the ONLY multiplatform gauge (afaik, & this comprehensive) I could find for network security via a single test, & that is the 'control method' here, the test itself to keep it as fair as possible) is downloadable here:

Score of 84.735 validates it for me (again, I can send the photo of this result to anybody who is interested as valid proof I suppose).

NMap (this exists for BOTH Win32 & *NIX's) & possibly tests using Nessus are another:

(TENABLE NESSUS, & NMap commandline of -> nmap.exe -P0 -sT -F -O -A (insert your IP Address here))

but have to be done (this much I conceded) if you want to be secured. I tried to make a simple as I could type of "guide/roadmap" for others as I could, here:

Personally, to save time (because I DO agree with your "objections", but can somewhat overcome them to a degree), I tend to automate some of it, with prebuilt .reg files I keep here (and they are listed in downloadable guides at that URL, in another set of url's)!

HOWEVER, the .reg files can be obtained from myself if needed by others, at the email address I post there also.

(Each comes with internal documentation because of comments possible in .reg files that the system ignores, with backing url's from Microsoft, that indicate their validity, and the comments also contain what it is the 'hack' does, and the acceptable parameters - this took me FOREVER to do, 1-2 years ago, but is worth it in the end to save myself & possibly others, time in understanding what it is they do, & how they work + why)

This is, however, the BEST I can do.

Freeman commented on the 12 Jun 2007:

"Showing 84000 points for windows just doesn't mean anything for those who don't know CIL, and they are not going to the trouble of finding out what it is without further motivation like this complete comparison"

I can't given anybody the motivation really, they must have it themselves.

The only 1 I can think of, is to have a more secure system online & some more "peace-of-mind" I suppose.

Freeman commented on the 12 Jun 2007:

"(and that also do not mind being locked to Microsoft decisions regarding program/format supports)."

Imo, Microsoft WOULD put in 'every format for documents under the sun' but iirc, didn't ADOBE just fight them on that & beat them in regards to Office being able to create .pdf's, and forcing MS to remove or cripple it?

Freeman commented on the 12 Jun 2007:

"as someone else said, if you really want security, you should go to OpenBSD."

Well, I stated why I cannot - it IS a "Win32 world" out there largely, & in my field (MIS development). I have to go with that, because of a greater opportunity for employ really.

Hi, APK, thanks for the links and explanations for your point of view between Linux x Windows.

I believe the main point dividing Linux and Windows is the ideology of how software should be made:
1)Windows enthusiasts are happy with good features and having the evolution path of their software being delegated to the software house (aka Microsoft).
1)Linux enthusiasts like more power over the software: they require having the source code to modify whenever they see fit, and therefore the users themselves are responsible for the evolution of their software.

In terms of security there are two points:
1) Since windows programs are 'closed', it's not possible for outsiders to have a look at the code and find out vulnerabilities: this protects the programs somehow but, with less eyes, many vulnerabilities lurk without being detected.
2) Linux open up its code wide open, so everybody can peek inside it and find vulnerabilities. Therefore, all vulnerabilities and be found and exploited, and with that very few vulnerabilities remain without being detected.

Some people just like to have a good program without bothering with its internals, the same as using a good car without bothering with their internal component details.
I personally prefer the Linux way, because I like to know exactly what program/features/internals I'm using, as I like to know exactly what components are inside my car.

Your 14 points seem valid, but it's a pain having to do all of them every time I install Windows. I believe no one in slashdot answered your challenge because noone was used to the CIS tool to try out in Linux. If you think that current Window security point is better for this security assessment test (and IMHO that it is possible), you should show a comparison of CIS points between: a) default Windows XP/Vista, default Ubuntu 7.04, default MacOSX, default OpenBSD. Then you should show the CIS points between: b) security-hardened Windows, ubuntu, macos, openbsd. This would really be interesting. But just showing 84000 points for windows just doesn't mean anything for those who don't know CIL, and they are not going to the trouble of finding out what it is without further motivation like this complete comparison. I'm sure this post would receive a +5 Informative in Slashdot.

After saying that, I had a look at your secunia links comparing Windows x Linux. While the overall numbers you show are there, there are some comments I would like to do:
1) Secunia explicitely says: "Please Note: The statistics provided should not be used to compare the overall security of products against one another." So you shouldn't use them to justify security of either Windows or Linux.
2) Since you used them anyway, it's interesting to note the following: Linux vulnerabilities were rated 80% less critical, and 20% moderately critical, all were patched and 60% were DoS attacks, i.e. they didn't allow undue access to data. Windows vulnerabilities were rated 14% extremely critical, 29% highly critical, 21% moderately critical, and 35% less critical, 21% are still unpatched or partial fix, and 56% allowed system access, i.e. administrative access, the worst security nightmare with loss of data, rootkits, virus infection etc.

When I see these results, IMHO that I believe that the Linux way is more open and secure, but as someone else said, if you really want security, you should go to OpenBSD.

Regarding features (not security), IMHO that Windows and Linux are even in terms of desktop usage features for the consumer, maybe Linux a split hair second behind, but passing by fast ahead. The main thing I like in Linux is the possibility of using and reusing file formats forever. In Windows for instance, you never know when they are going to drop support for formats, programs etc: for instance, Microsoft does not support the .LIT ebook format anymore. Whoever bought lit files is fsckd in a deadend, and has to rely on old outdated programs which will not work in the windows version after vista, which will only run 64-bit applications without 32-bit compatibility (vista already does not support those 16-bit applications which many businesses/people still use on their old computers of the 1990s). If the .LIT format had been designed in Linux, you would still have the source code to support/recompile new extensions/updates to the LIT format in any processor/platform -- any company could pick this task up, or any user with enough will to learn a programming language or use 'make' to compile it for his current platform.

I should summarize: Windows is at most good for _companies/corporations_ which don't want to bother with source code, only with features (and that also do not mind being locked to Microsoft decisions regarding program/format supports).

Linux is good for _consumers_ and also companies, since it provides a way to always access your personal/old/legacy data, and support accessing them in any future platform/processor. See my link for more information on how Linux/GPL can free you and your data from Microsoft arbitrary decisions.


Computer security is not about scoring some some test like you keep going on about. I was a Windows user until 5 years ago, then switched to Linux almost immediately after trying it, and have never looked back.

Now, about Security... I can't speak for Vista, since I have not tried it, nor am I interested in trying it. However I have had a lot of experience with Windows XP. There are a number of reasons inherent in Windows design that make it insecure. Of course it is possible to *change* the default behavior of Windows and make it less vulnerable, but the fact is, most people lack the knowledge to do this.

For example, in a default install of Windows XP, the initial user is an Administrator of the machine, and does NOT have a password. Any malware on this machine will have this user's Administrator rights, and can alter the system at will. This is not the case with Linux, as well as all the other Unix variants including Mac OS X.

In addition, due to the sloppy early model of Windows, a huge percentage of modern Windows software REQUIRES the user to run as an administrator. Again, this is not the case with Linux.

Windows, by default, hides extensions of known file types. I believe this is still the case with Vista. This is extremely stupid, and makes it very easy to trick users. Virus writes often name an infected executable something like "somefile.txt.exe." This is, of course, a .exe file, which most people know is dangerous, however Windows will deceive the user, and display this file as "somefile.txt," which of course most users will think is an innocent text file.

The model Microsoft uses for software installation is a mess. Install a program, and pieces of that program are often spread all over the system. User data is not always kept in one local place (such as My Documents).

Windows source code is closed and unavailable to the general public. This means that there could be (and surely are) a myriad of bugs, just waiting to be stumbled upon, but no way for a security person to find them and patch them. Windows users must TRUST Microsoft and only Microsoft to make sure their code is clean and trustworthy. Windows users must TRUST Microsoft to not put in backdoors, spyware or other code that violates a users' privacy. Microsoft has been a convicted of anti-trust and monopolistic practices. They have lost case after case of stealing code (Stacker, Doublespace, etc.), sabotage (DRDOS) and other forms of theft and extortion. Windows users must TRUST a convicted, lying, stealing corporation with all of their data, passwords, credit card numbers, bank accounts, business secrets, and personal life, because only they have full access to their source code. Linux is an Open Source products, so ALL of its code is open for public view, insuring users that there are no trojan or backdoors, or other malware hidden, or huge flaws in its design.

One thing I find amusing is the first message I receive when logging into a freshly-installed Windows machine: "Caution: your machine may be at risk! You are not running anti-virus software!" For once, Microsoft is being honest with the user with this message. The difference here is that, in the Linux/Unix/Mac world, security holes are patched when they are found. In the Microsoft world, many are left in the OS, and the user must buy third-party software to keep malware from getting to those security holes.

Because of the above-mentioned flaws in Windows of making default users with administrator rights and no password, when a virus does make it to a Windows machine, it owns that machine, and can install rootkits and other nasty system stuff. If a virus were to make it to a Linux system, it would only be able to affect that users' files, not the system itself, so could not install rootkits.

A quick check of Wikipedia will show the number of known viruses for different operating systems:

Windows viruses: 140,000
MS-DOS: 4,000
GNU/Linux viruses: 30
Mac OS X: 0

So you go ahead and feel that your Windows is secure because you ran a program that gave you a happy "security" score, and ignore the facts.



You are a diligent person and your comments are appreciated.
You obviously do your homework and I commend you for sharing your results with me(and everyone else).

Since I consider myself a fair individual, I installed Feisty Fawn Saturday afternoon to evaluate the user experience alone. Security debate aside, it's pretty cool. Does it "floor me"? It's pretty good. Is it more secure?... I don't think so. Will I continue to give it a try?... Yep. I don't understand why it's so difficult for people to concede that Windows is a good product for many reasons. I can admit that Feisty Fawn is a quality product. It seems like it really is a matter of ego and nothing more. Security issues aside (safe practices is my answer to that, I don't spend any extra time hardening my security at home and as I have stated have run into no problems with XP), I'll still need Windows products for several apps I frequently use. I have run into performance issues with Feisty Fawn, albeit they are really hardware/driver problems, but it stems from yet another Linux distro that is in development. I just hope one day there will be software from both Linux and Windows that is as ready for market as say... OSX, but until there is some serious standardization for hardware, it will always be a matter of preference.

Keep fighting the good fight for those of us with sense enough to appreciate all the good tools available for us to do the jobs we do. *NIX, Windows, Mac, they are all tools and people need to keep that in mind.

Something bothered me a great deal today, & I'd like to share it with you all, & it came from Slashdot!

A School District's Education in Free Software:

From the article's initial post here:

" and Slashdot are both owned by SourceForge."

Is this the truth? This is all I wish to know about they, & here is why:

I ask this, because most people came here from that website most likely, so it is something to point out imo.

(Because if it is, that tells me worlds about the slashdot website if it is, and it's "anti-Microsoft/anti-Windows" bent & near constant anti-MS propoganda streams!)

IMO - If you post things that disprove anything from SLASHDOT Pro-NIX "rumordom", well, it largely/usually it gets you "modded down" & such, even if backed by respected sites!

(Pretty lame... but examples are below, read on!)

Yes, it truly explains a great deal if it is true that /. is in cahoots with & also sourceforge!

Slashdot's a HUGE opponent of anything Microsoft (look @ their photo of Bill Gates as a borg, & their haha microsoft tagging system).

Anyhow - E.G.-> Earlier on @ this site, I stated that slashdot was unwilling to the link I put up on how to secure Windows here:

As an article there.

Gee, I wonder WHY!?! Not...

That article was put up by myself as it made a CHALLENGE to the Linux crowd, as it does here, and imo, by this point?? One they cannot meet!

(Along w/ my secunia data below showing Windows & its wares being more secure than Linux, though the 'propoganda mantra' is "LINUX IS THE MOST SECURE" by Penguins vs. Windows, constantly!)

I posted it at slashdot, just to see if Linux or other NIX users could beat the score I posted of:

84.735 on CIS Tool 1.x

(& I will send ANYONE the photo of my result no problem)

Email me @ if you feel you need veification.

I have nothing to hide here, and possibly everything to gain, and... so do you linux people!

(To continue - I gave the slashdot crew the same challenge I am putting up here to LINUX penguins, & especially Linux users)!

All so, that IF they can beat my CIS Tool 1.x score?

I could attempt to emulate methods they used on to Win32 OS of NT-based ancestry & improve it moreso using analogs of THEIR methods!

CIS Tool 1.x (far from perfect, but the ONLY multiplatform gauge I could find for network security via a single test, & that is the 'control method' here, the test itself to keep it as fair as possible) is downloadable here:

NOW, some folks here called my 14 points on how to secure a Windows system "theory"?

My CIS Tool 1.x score, makes it FACT... quantified fact, via my score.

My methods are outlined above & below, in an easy to understand & use roadmap. 1 hour work, tops @ most for experienced users, a bit more for inexperienced folks but not much more and a GOOD learning experience imo! ONE EVERYONE ONLINE OUGHT TO BE AWARE OF (how to secure yourselves especially on Win32, but also to share Linux/UNIX methods also).

Facts I posted, not theories only, that work & apparently, judging by the lack of response here vs. my score & Linux users being able to beat it?

A reality, & again, one I literally quantify using the same test each OS would use!

It shows that Windows & its wares are more secure than Linux & its wares. SECUNIA data below only bears that out moreso.

Never mind the fact Windows NT-based OS' have a C-2 rating & I am not even SURE if the SELinux hooks to the Linux kernel have that (they do not afaik & have not reached B levels OR "verified design" levels either (none have in OS' of any kind afaik here on this latter one), but it only matters for systems NOT NETWORKED (standalone rigs are more secure than ANY online system mind you, but we are talking networked systems, far more versatile & useful, today + always imo)).

Nevermind the fact that in 2005-2006, Windows showed better here as well in regards to vulnerabilities tests @ SANS found the same thing, all Nix's vs. Windows & both their wares in 2005/2006 as having less bugs/vulnerabilities/holes on Windows vs. NIXES... to the dismay & hooting & hollering by the NIX crew online.

Funny, but isn't the SECUNIA data from today I am posting now still showing the same, vs LINUX in particular, here below?

DO CHECK IT (url's below), I invite this, by all means to verify my words to you all.

To myself though, the bottom line here seems to be that Slashdot appears to be just another "in league with b.s. artists' & propoganda smear sites" once I see who may own them.

They post disgusting crap mainly by their 'trolling users' on their site, vs. Microsoft's accomplishments & security trackrecord (which if you see the url's below, is better than Linux & its peripheral wares ported or not to Linux)

Apparently, Slashdot's not one that engages in professional unbiased online journalism, but rather "Pro NIX" fanfare, even if it is unjustified.

As far as security of Windows Server 2003/VISTA & Microsoft peripheral wares?

Again - See the excerpts I put up below (quoting them here once more) & disprove them if possible:

1.) SQLServer 2005 runs from birth to current, with 0 security advisories (and, keeps NASDAQ running 24/7 x 365 days a year (the fabled "5 9's" of 99.999% reliability too) on Windows Server 2003 fully patched.

2.) IIS shows less bugs/vulnerabilities than Apache does (and less critical ones) & in fact, 10 TIMES LESS!


3.) Windows Server (9%) itself has less bugs and LESS CRITICAL ONES, than Linux 2.6 kernel builds (13%) do!


Those facts/stats are ALL verifiable @ SECUNIA.COM, in the links below each point (a respected and unbiased website in the regard of online security) as well as the CIS Tool 1.x from The Center for Internet Security.

Slashdot's beginning to show its "true colors" & motivations, imo, if that quote is true... & even IF not, vs. CURRENT (as of 06/11/2007) secunia data!

I just do NOT like unjustified b.s. spread around, because not many folks will examine things to the level I have here, and put them out for you to judge for yourselves with, once you have read them.

I had a guy named Juoni Vuorio try that with his registry cleaner JV RegCleaner vs. mine here:

& he was using .reg injections of a prebuilt data set that favored his over ALL others to show his as "SUPERIOR", but when users tried my program, vs. his, with their registry data UNALTERED by such rigging test data sets? Mine WIPED THE FLOOR WITH HIS, everytime, on many users systems @,, & more.

The world's full of b.s. spinmasters & falsehood staters, who KNOW folks won't verify things as completely as possible is why... hence, my post here to you all, on the same GENERAL NOTE!

Linux folks, all I can say is this (because this type of crap from slashdot is bull & disprovable, see for yourselves in the url's below):

Take some time, & either build your stuff up as coders bettering it, OR @ least offer tricks/tips/techniques & advice in workarounds as I did in my url to slashdot above on how to secure Windows OS, rather than spreading gossip like women do...

Men? Get things done! Women spread falsehoods & 1/2 truths.

Your coders do a great job imo, for guys working for ZERO profit (mostly)... & the LINUX OS family is truly because of it, a 'socio-technological marvel' as I have stated below here many times now, but stating falsehoods & not meeting challenges like the one I pose here? DOES NOT LOOK GOOD FOR YOU ALL!

However, the forums zealots & sites like slashdot, once exposed for things like dizzy stated, or others here I put up evidences vs. their points for example?

Well... less than credible, and once shown as operating on b.s. & 'in cahoots' with sites that definitely are NOT "pro Microsoft" like & Sourceforge?

They probably actually believe that slashdot propoganda as true, most likely shown them by SLASHDOT, that "ultimate authority" on things computing (not, though I respect some of their posters a great deal especially in the developers section (J.C. of IDSoftware mostly))?

I post data to the contrary here, from reliable sources like SECUNIA & others like the CIS Tool 1.x test I challenge Linux folks here to!

You read, you check those links, YOU JUDGE! Be an informed reader, not a sheep who has been programmed by "The great slashdot"...


P.S.=> BY now, some of you have to have downlaoded & tried the CIS Tool 1.x for Linux? Why isn't anyone here beating my score??

I guess Windows Server 2003 is more secure and so are its "crap apps" as dizzy here stated they were, along with 'SUPERIOR LINUX BY DESIGN' eh?

I am a SHOW ME person, & I showed you mine (all of the above)... show me YOURS, & beat my CIS Tool 1.x score linux penguins!

Also, disprove that CURRENT (06/11/2007) data above from SECUNIA!

And, of course, if you disagree with any of my points? I am open to discussion on them of course (I am NOT perfect, but I think I made good points here, open to debate of course, by ALL means!)

Thanks! apk


I am with you on many grounds per what you stated, but one I must disagree on, & it has verifiable data for you to check on!

JDG commented on the 10 Jun 2007: "Opera (can you say s-l-o-w)"

Here though, I have to disagree with you JDG, mainly because of this analysis (most recent browser speed comparison I have found to date, & VERY comprehensive, across many platforms & on MANY grounds):


Do take a read of it, because Opera was found to be the OVERALL FASTEST BROWSER THERE IS ON THIS PLANET, currently (& especially on the most utilized OS platform there is, in Windows)!

Enjoy the read...

Now, I am also in agreement w/ Steve's posting on large tracts of it!

Mainly, regarding scriptability in Windows (searching the site can lead you to TONS of prebuilt scripts that work or can be altered to YOUR NEEDS easily too, mind you, those can be used to help you if you are not "expert" @ it @ that level)

BUT, in regards to servers NEEDING to have a GUI, I said it earlier in this thread:

"Headless modes" do exist on Windows 2000/Server 2003/Longhorn (VISTA SERVER ON THE LATTER ONE), no GUI required on that machine that goes 'headless', because Terminal Services/Citrix, VNC & other methods exist to run it if needed!

Also, & Steve stating that things Active Directory offer, do make it simple(r) to administrate, on many tasks, is quite true (especially for security, & doing Group Policies).


Feedback Pages:

Subscribe to the World's Most Powerful Newsletters


Most modern computer languages embed a lot of metadata in their application. We show how this goldmi...
Moving to Azure is the path to digital transformation, but not every journey is effective. Organizat...
Public clouds dominate IT conversations but the next phase of cloud evolutions are "multi" hybrid cl...
On-premise or off, you have powerful tools available to maximize the value of your infrastructure an...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with exp...
Every organization is facing their own Digital Transformation as they attempt to stay ahead of the c...
Data center, on-premise, public-cloud, private-cloud, multi-cloud, hybrid-cloud, IoT, AI, edge, SaaS...
DevOps has long focused on reinventing the SDLC (e.g. with CI/CD, ARA, pipeline automation etc.), wh...
Now is the time for a truly global DX event, to bring together the leading minds from the technology...
In a recent survey, Sumo Logic surveyed 1,500 customers who employ cloud services such as Amazon Web...
Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures....
In today's always-on world, customer expectations have changed. Competitive differentiation is deliv...
Artifex Software began 25-years ago with Ghostscript, a page description language (PDL) interpreter ...
In an age of borderless networks, security for the cloud and security for the corporate network can ...
Isomorphic Software is the global leader in high-end, web-based business applications. We develop, m...
Cloud Storage 2.0 has brought many innovations, including the availability of cloud storage services...
In very short order, the term "Blockchain" has lost an incredible amount of meaning. With too many j...
For enterprises to maintain business competitiveness in the digital economy, IT modernization is req...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with exp...
Cloud-Native thinking and Serverless Computing are now the norm in financial services, manufacturing...