[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: What part of "Total" in TCO do you not understand? -- it's not Microsoft's, just their users ...




Quoting mike808@users.sourceforge.net:
> Wow. That's a lot of money. So who, exactly, is "eating" these costs?
> I sure don't want it to be me. Do you?

You pegged it right there.  But it even goes deeper.

Microsoft _still_ refuses to turn on various defaults, because it considers 
letting the _customer_ deal with support costs related to worms is cheaper to 
them than handling support calls related to changing those defaults.

In fact, this was basically the "reading between the lines" one _could_ gather 
from the Blaster conference call.

> Hmm. Isn't Sobig an MSTD (MicroSoft Transmitted Defect)? 
> As in only Microsoft systems are affected?
> Ah. So *that* is who is eating that $11 BILLLION *PLUS* in extra
> costs.

While RPC issues _do_ affect UNIX/Linux systems as well, there are two major 
differences.

1.  UNIX/Linux patches _work_, and typically do not require a reboot
2.  UNIX/Linux patches do _not_ uninstall other patches or affect other services
3.  UNIX/Linux defaults are much better

#1 is a major reason why UNIX/Linux patches are adopted quickly, because they 
work and do not require a reboot.

#2 is the _major_reason_ why SQL Slammer hit big.  I was at a Fortune 10 
company when SQL Slammer "slammed" through our network for 3 days.  Even though 
the patch had been available for 6 months, Microsoft _knowingly_ (if you read 
all the docs on the patch) released 2 other patches that _uninstalled_ it 
before SQL Slammer hit.  It wasn't until 7 days before SQL Slammer hit that 
Service Pack 3 came out and re-patched it correctly (along with the other 
patches that uninstalled it).  Unfortunately for my Fortune 10 company, SP3 had 
not been "tested" for production, so the systems were only 2 weeks current, 
instead of 1 week.

#2 is the reason I _hate_ dealing with Microsoft products.  Microsoft is more 
than willing to expense its own administrators to protect its @$$.  At my 
Fortune 10 company, some people's jobs were "on-the-line" for not "keeping 
systems patched" _until_ I showed that the patch was uninstalled _because_ the 
sysadmins _were_ keeping "up-to-date"!  Most of the IT media, with exception of 
IDG publications, is too chicken to expose Microsoft's unprofessional attitude 
towards their own consumers with regards to actually taking _responsibility_ 
for such "overlooks."

#3 is as I detailed above.  Microsoft considers the "support load" of turning 
more secure defaults on to be undesireable, and it is far easier to "pass the 
buck" of security to its consumers.

> How much of that $11 BILLION in costs did *Linux users* have to bear?
> That's right. $0. Zero. Zilch. Nada. Nuttin. No-zink (in Sgt. Schultz
> accent).

Again, RPC issues _have_ hit Linux in worm form before.  But when they have, 
under 10,000 servers were infected, even though Linux _outnumbers_ Windows 
servers on the Internet.

> Maybe our slogan should be:
>     Linux. Now with *FREE* virus protection.

No, I'd change it to:  
  "UNIX/Linux, we've got our flaws too, but at least our
   patches actually work instead of making you!"

> So now we're up to $12.25 BILLION. And there's three months left to
> go. And then there's all of NEXT YEAR. And the year after that, ....

Yep, TCO of UNIX/Linux is just lower.  I say this as an original NT 3.1 beta 
tester and MCSE 2000 too with 10 years of NT/UNIX sysadmin experience.

> I don't remember seeing those line items on the "Total Cost of
> Ownership" reports and studies from Microsoft. Do you? Maybe they
> don't understand the meaning of the word "total"?

Correct.  Not only is _security_ is noticably absent, but they _redefine_ 5-
Nines to mean "unscheduled downtime" instead of "[all] downtime."  Otherwise 
Windows would _never_ achieve 5-Nines due to patches and reboots.

> What else don't they understand if they can't 
> even do basic math? (Well, besides Operating System security <g>)

That's because Microsoft relies on general CIO, as well as overall public, 
ignorance.

When over 93% of a "Who wants to be a Millionaire" picks "Wired" over "Slate" 
as a magazine published by Microsoft, people simply belive that Microsoft 
invented everything they use and rely on ... including the Internet -- even 
though Gates himself said it was a "fad" in his 1995 book!

> Guess who the ISP gets to pay for that? Yep. Their customers. You and
> me.

I just moved to Bloomington, IL, so I'm on dial-up right now.  It's 
_impossible_ for me to surf because my firewall is getting over 1 Blaster hit 
per second on the local Earthlink POP.

> "We regret to inform you that due to increased operating costs, 
> we are forced to increase our rates ..."
> Ever get one of those letters from a vendor? I know I have.

Yep.  Computing has _increased_ operating costs for companies.

Which is why companies that have their business on the Internet do _not_ run 
Windows.  Apache powers almost the entire Internet 500.

> Too bad I can't send one of my own to my boss. :=)
> Really? So *my* business cable-modem on their shared network can be
> impacted by their other customers who have Microsoft systems?

Yep.

> Wow. Think about that.

The funny thing is that gurus at Microsoft _predicted_ Melissa _before_ it hit 
in 1998, and Microsoft did nothing.

> In FOUR years: OVER $53 BILLION DOLLARS.
> Sheesh, That's more than Bush just asked Congress for the war in Iraq.

Yep.

[ SIDE NOTE:  The US suffered $400B in _direct_ damages due to 9/11 ]

> *THAT* is "The Microsoft Tax" those TCO reports don't want to talk
> about. And all the DOJ has to show for it is a "settlement" (after
> getting a *GUILTY* verdict, no less)

The problem with anti-trust lawsuits is that they are brought on by _large_ 
competitors who have their _own_ interests.  That was the case with the US DOJ, 
it wasn't about small companies and consumers, it was about large companies 
that are sometimes _no_better_ than Microsoft *COUGH*Oracle*COUGH*.

Some of the far smaller, private lawsuits against Microsoft are much better.  
Microsoft regularly goes into a company, signs a NDA and _ignores_ it because 
they _know_ they are big enough to fend them off with lawyers after they've 
made billions by _stealing_ their IP and other inventions.  Very sad!

In fact, the OS with the _most_ SCO code _is_ Windows -- more than _any_ System 
V UNIX brand!!!  Microsoft DOS has had SCO code in it since 1982.  I mean, 
where do you think directories came from?  SCO XENIX!  Microsoft had access.  
So it was a _no_brainer_ for Microsoft to re-license after IBM called SCO's 
bluff and didn't buy them out.

> for Microsoft to give *more* of its defective software free to
> schools (while deducting full retail value from its taxes and 
> settlement "damages"), and a pimply 17-year-old that changed
> "SOBIG"

No joke.  Microsoft spends $50K to "give away $1B" in write-off -- they _make_ 
money!  In return, Microsoft wanted the US to "dismiss" over 100 _private_ 
lawsuits by small companies and individuals who had had their IP stolen!

> to "P3NI5" after we were a week into the SoBig MSTD epidemic.
> Maybe he learned how to use the "rename" command on that free WindowsXP
> his school installed.

Just like Microsoft has Akamai "rename" Apache so it reports itself as IIS.  So 
much of Microsoft's Internet presence is BSD, Linux and Solaris-based, largely 
outsourced to companies like Akamai -- and has been for almost 3 years now!

> Linux. Now with *FREE* virus protection.
> Linux. No subscription required. Ever.
> Linux. Unlimited upgrades.

UNIX/Linux.  We have holes and worms too.  But we have patches that work, don't 
require a reboot and _never_ adversely affect things.  Integration might be 
what you like for the desktop with Windows, but its the _death_ of security on 
the server.


-- 
Bryan J. Smith, E.I.  mailto:b.j.smith@ieee.org  http://thebs.org


-
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.