OT: Linux most breached OS

[Bill Vermillion]

On Sun, Nov 21 19:29  John Esak said 'Who you talkin' to? You talkin'
to John Esak?  I didn't do nuttin'.  I said: 


> s. I'd say 80% of the time or better, everyone else has
>
> > their bugs acknowledged and patches out the door--and MS has
> > yet to even verify that their bugs exist. Bill, you read
> > those alerts--am I wrong about this trend?

> Mark, I'm sorry, but you could not be more wrong. I have been
> getting updates on all of our 2000 and XP systems for the
> past couple years now. They come in daily, weekly, monthly...
> whenever they are needed.

And as of early this year it's the second Tuesday of the month, no
more popping up at random times.  MS is still taking heat from that
and in a couple of I/E holes this past summer they did put up
patches immediately instead of waiting for patch-day.

> These are security patches, o/s fixes, etc. Microsoft is far
> and away ahead of any other company or o/s in keeping its
> systems up to date... and making it easy for millions of people
> to avail themselves of these fixes/patches in a variety of
> automated/manual ways. You are just dead wrong.

Not entirely wrong.  I've seen security notices and patches 
for FreeBSD appears within as little as a couple of hours of the
hole finding.

> Incidentally, it is a matter of usability and convenience. JP
> mentioned the other day that he uses HylaFax because we were
> talking about VSI*FAX and a small thing in one of their scripts
> that I wanted to change. I asked him if HF had a package
> that could just be installed from a disk or a download file
> and immediately administered by any user/administrator. His
> response was interesting. He said, no, that was not the nature
> of free software.

Not true. I just to test I installed Hylafax - not that I need it
so I'll uninstall it in the reverse order.  pkg_add is the tool to
put things in, just like the name AT&T caem up with in about 1986,
and pkg_delete will remove it.

I did have to make one change to my environment because with the
addition of new hardware ports I had to change an environment
variable.  Instead of just i386, there are packages for
the alpha, amd64, i386, and ia64 archicttures. I had not updated
that one line since I put in 4.9 and I've been at 4.10 for months.
Since I there are only about 3 packages I add from binary I dont
use it often. And those are packages that have language
dependancies.  cvsup for example relies on Ruby, and if that is not
installed it builds that on the system and then the package.  That
can be about 2 hours.  So just installed the package takes
under a minute.  Most everything else I build from source by simply
going to the ports tree - where the stubs are - and type make.
That dl's the source and builds it.  pkg_add just installe
binaries.

In my  .profile I add this variable.

PKG_PATH=ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packagges-4-stable

I had to change it because of the rename in the hierrachy at the
master sites with the 4.10 release.

Once that was done I did this.

pkg_add -v $PKG_PATH/comms/hylafax-4.2.0.tgz   

The pkg_add program connected to the freebsd server, and installed
the Hylafax on my machine in less than 1 minute - probably under 40
seconds.

It did this without me having to download the package as it
installed on my local machine from the remote site.

> Hmmm. Very telling. When and if Linux(et al) has to supply
> an o/s that is administratable (is that a word?) by
> non-guru-programmer types... then we can compare apples to
> apples.

Well BSD is not Linux - for which I am thankful when it comes to
adding packages and adminstering the systems.

> For now and until then Linux and its offering will not be in
> the same ball game with Microsoft who is playing on a much
> larger field. I suppose the next big shot will be the Novell
> release of SuSe. More power to it. I hope it does a better job
> than *all* the other Linux's thus far.

In SuSE - which I hope you will admit is Linux, all you do
it type 'yast'.  The first item on the left is 'software'
and the choices ofr that are on the right panel.

Press tab to move to that panel, move down to 'install and remove
software', and the next menu move to 'search' type in hylafax,
a moment later it is highlighted, and you can choose to install it
right then and there.

If anyone with reasonable intelligence can't handle that they
shouldn't be adding software to the system.

> As for Free BSD... I like it and I like Verio's implementation
> of it as a virtual machine for me. It has a really good on-line
> management tool for normal things... and a really good set of
> tools for the shell administrator for installing anything from
> Spam Assassin to Python to just about anything. The BSD is kept
> up to date and I'm assuming as safe as possible....

One standards group moved their sites to my servers as Verio - at
least at that time - was staying with an older version of FreeBSD -
and for what reasons I don't know.

> something I am truly appreciative for... I don't want to be
> doing make's and configuring and updates... I have better
> things to do for the company using the O/S than just supporting
> the O/S.

That's why you outsource things like that.  For some people they
need a bit more control and often need more than a virtual server.

> At least that is a businessman's point of view. And still,
> I ask the one and only unanswerable question. What business
> could possibly run a Linux server/system *without* paying a
> programmer/administrator to constantly keep it together and
> updated?

If they run a fairly stable operation, and use it for something
like a web site and email, and everything else is on their MS
desktop machines, then there is not a whole lot of adminstration
that is needed.  You pay the person that does the Linux admin
just as you pay for people to perform work on the MS workstations.
And it's usually far more productive to have a company that does
that instead of having a local person who gets taken from their
real job when some other user has a problem.

Bill

-- 
Bill Vermillion - bv @ wjv . com