Does Microsoft lie about the Linux features?

Discussion in 'Linux Networking' started by totojepast, Sep 12, 2003.

  1. totojepast

    totojepast Guest

    http://www.microsoft.com/windows/serverappliance/overview/compete.mspx

    "Linux uses clear text for authentication, and does not allow the
    configurations of individual permissions to the file level. Native support
    of standard encryption technologies is handled as an add-on."

    "Linux does not deliver comparable heterogeneous interoperability."

    "More than five options for a JFS, which are new to Linux; the depth of
    integration and regression testing can be scattered, and the number of
    real-world implementations limited."
     
    totojepast, Sep 12, 2003
    #1
    1. Advertisements

  2. What's that supposed to mean?
    FUD
     
    =?iso-8859-1?q?M=E5ns_Rullg=E5rd?=, Sep 12, 2003
    #2
    1. Advertisements

  3. totojepast

    Lew Pitcher Guest

    This probably is a troll, but a short answer won't hurt.
    No, Linux uses an industry standard one-way encryption for authentication
    Linux supports both Unix file permissions (which /are/ individual
    permissions) and ACLs, both at the file leve.
    1) The Linux kernel (2.4.22) includes standard encryption technologies.
    2) You /can/ add standard encryption technologies as add-ons to Linux, both
    at kernel and at application level
    Given that Microsoft's definition of heterogeneous is "a mixture of Windows
    3.1, Windows for Workgroups 3.11, Windows 95, Windows 98, Windows ME,
    Windows NT, and Windows XP", this statement is incorrect. Given that /the
    rest/ of the industry defines heterogeneous as including operating systems
    other than Microsoft Windows, then /Microsoft/ does not deliver
    "heterogeneous interoperability".
    All the journalling filesystems supported by Linux have a deep history of
    support, integration, and regression testing. Try telling Hans Reiser or IBM
    or Sun that their Linux JFS implementations are less stable than whatever
    MSWindows offers, and see what their answer is.

    --

    Lew Pitcher, IT Consultant, Application Architecture
    Enterprise Technology Solutions, TD Bank Financial Group

    (Opinions expressed here are my own, not my employer's)
     
    Lew Pitcher, Sep 12, 2003
    #3
  4. totojepast

    Martin Blume Guest

    That means that Linux does not run on as few architectures as
    Windows, does not have the same level of incompatibility between one
    version and the next as Windows, and is much more interoperable with
    other OSs than Windows.

    Regards
    Martin
     
    Martin Blume, Sep 12, 2003
    #4
  5. totojepast

    Neil Horman Guest

    Marketing Drivel.
    Complete lack of sources referenced. Worth little more than laughing at.


    --
    /***************************************************
    *Neil Horman
    *Software Engineer
    *Red Hat, Inc.
    *
    ***************************************************/
     
    Neil Horman, Sep 12, 2003
    #5
  6. totojepast

    Ori Guest

    You're looking it at the wrong way.

    "comparable hetrogenous interoperability" means interoperability that
    you can compare to Windows.

    They are right that Linux doesn't have comparable interoperability -
    it's in a class of it's own, light years ahead.
     
    Ori, Sep 12, 2003
    #6
  7. totojepast

    Ron Gibson Guest

    Fri, 12 Sep 2003 12:56:34 UTC,
    (=?iso-8859-1?q?M=E5ns_Rullg=E5rd?=) Noted:
    That has to do with the tightly integrated modules that make for the
    windoze OS. Note how almost any taxing operation immediately calls the
    BSOD module :)
     
    Ron Gibson, Sep 12, 2003
    #7
  8. totojepast

    Whoever Guest

    Actually, this is really funny. The only reason Windows provides
    "heterogeneous interoperability" is because of *nix tools such as SAMBA!
     
    Whoever, Sep 12, 2003
    #8
  9. Does Microsoft lie about Linux features? Why not? They lie about
    everything else.
    In telnet. Just like Microsoft's telnet client. So you use ssh,
    https, etc. - all of which are readily available for Linux.
    Unless you use ACLs. It's an old trick to compare your latest
    features with the competition's most primitive ones.
    That way you can substitute better ones as they become available,
    instead of being stuck with the vendor's (possibly broken) code.
    <gag, choke> This from the company whose idea of "portability" means
    being able to run on different flavours of Windows, but nothing else?
    Remember, one of the patches in Service Pack 2 for Windows 2000 was
    expressly designed to break Samba - which was getting a little too
    heterogeneous, I guess.
    Oh my God, they're giving users a choice!
    Innovation? Oh dear. Wasn't Bill Gates the one who was constantly
    whining about how the anti-trust suits against Microsoft were going
    to stifle their ability to innovate? I guess innovation is only a
    good thing if you're Microsoft.
    This scattered testing seems to yield better results than whatever
    program Microsoft has in place.
    As opposed to Microsoft's single implementation? Pot. Kettle. Black.

    Microsoft does seem to have its FUD machine working overtime.
    I love the way they try to argue that open source is less secure.
    Good grief, anyone can inspect the code for security holes.
    Someone might actually fix them. Better they remain hidden,
    along with whatever back doors you may have installed. Try
    googling for "Windows 95 registration wizard". Or "Microsoft
    Palladium Fritz". Then ask yourself whether you really want
    to give a closed-source OS an Internet connection and the run
    of your machine.
     
    Charlie Gibbs, Sep 12, 2003
    #9
  10. totojepast

    Whoever Guest

    I think that here they are talking about passwords when authenticating
    against a M$ domain. IIRC, this is only true for older versions of SAMBA.
     
    Whoever, Sep 12, 2003
    #10
  11. totojepast

    Peter Guest

    Customers would no doubt prefer one JFS and the saved resources
    applied to improving security.
     
    Peter, Sep 12, 2003
    #11
  12. [ Followup-To set ]


    [..]
    Nope, it does work perfectly, with every other POSIX unix system. Thx,
    to the great work of the samba.org guys it can in addition work with
    M$ boxes.

    I don't know any other OS that has this much interoperability.

    Please, don't think that there are only M$ and Linux...
     
    Michael Heiming, Sep 12, 2003
    #12
  13. totojepast

    Nucleon Guest

    Yes.
     
    Nucleon, Sep 12, 2003
    #13
  14. In comp.os.linux.advocacy, totojepast
    <>
    wrote
    The kernel operations use small integers (UIDs and GIDs)
    for authentication. I'd have to see how much encryption
    is in the kernel proper but this is more or less standard.
    I'd also have to see precisely how ACLs are implemented.

    Higher level stuff (/bin/login, PAM) of course uses such
    things as DES and RSA encryption, in order to give the
    process an ID that the rest of the system can trust.
    The standard method is to, when setting up an account,
    encrypt the password selected by the user, along with
    a bit of randomly-generated salt. When the user next
    logs in, his password is encrypted again, and the two
    compared.
    This is true enough, although it depends on the file
    system. I'm assuming you mean "one cannot set different
    permissions for each of a set of N individuals (N > 3,
    for various reasons)" in the above. Usually, this isn't
    a big issue.
    Don't know; I've not used it.
    This needs clarification. Windows, for example, does not do NFS well
    without third-party components. (I'm not sure if Chameleon is
    still around, for example.) A number of options exist for X
    servers over Windows (e.g., XWin32, eXceed, and of course
    Cygwin XFree86) but all are third-party products. (To be fair, X on
    Linux is a third-party product as well, as is NFS. However, most
    distros distribute it as though it were native to Linux itself.)
    Oh no, perish the thought that there should be more than 1 option!
     
    The Ghost In The Machine, Sep 13, 2003
    #14
  15. totojepast

    Bill Unruh Guest

    ]In comp.os.linux.advocacy, totojepast
    ]<>
    ] wrote
    ]on 12 Sep 2003 05:48:07 -0700
    ]<>:
    ]> http://www.microsoft.com/windows/serverappliance/overview/compete.mspx
    ]>
    ]> "Linux uses clear text for authentication,

    ]The kernel operations use small integers (UIDs and GIDs)
    ]for authentication. I'd have to see how much encryption
    ]is in the kernel proper but this is more or less standard.
    ]I'd also have to see precisely how ACLs are implemented.

    ?? not clear what this means (nor what MS means).
    uids and gids are not used for authentication, they are user
    identification.

    ]Higher level stuff (/bin/login, PAM) of course uses such
    ]things as DES and RSA encryption, in order to give the

    Uh, no. The crypt(3) uses a variant of DEs as a hash function
    which hashes the typed in password and compares it with the stored hash.
    The newer authentication uses a very munged version of MD5 as the hash
    function.
    RSA is not used, except as one possibility in ssh, where it is used to
    exchange a key for one of a variety of symmetric crypto systems, which
    is used to encrypt the messages between the computers.
    Maybe what they mean is on a dialin account, where linux pppd can use
    pap (as can Windows) which does send he password over the phone lines in
    the clear (for either MS or Linux) or chap5 which uses a strong
    encruyption, or chap80 or 81 which are MS inventions whose crypto
    strength is suspect at best.


    ]process an ID that the rest of the system can trust.
    ]The standard method is to, when setting up an account,
    ]encrypt the password selected by the user, along with
    ]a bit of randomly-generated salt. When the user next
    ]logs in, his password is encrypted again, and the two
    ]compared.

    hashed, not encrypted. In crypt(3) the salt alters the hash function.
    In the MD5 bsed system the salt munges up the successive MD5 hashes with
    transposition, etc.


    ]> and does not allow the
    ]> configurations of individual permissions to the file level.

    The Unix permissions are less flexible than a full ACL system.
    Most users will never notice, but for the few for which it is important,
    it is important.


    ]This is true enough, although it depends on the file
    ]system. I'm assuming you mean "one cannot set different
    ]permissions for each of a set of N individuals (N > 3,
    ]for various reasons)" in the above. Usually, this isn't
    ]a big issue.

    ]> Native support
    ]> of standard encryption technologies is handled as an add-on."

    The MS encryption suffers from a severe flaw in that noone can test it.
    It is secret. That is a fatal flaw. Encryption MUST be open. Its purpose
    is to hide due to lack of trust. Why should you trust MS?



    ]> "More than five options for a JFS, which are new to Linux; the depth of
    ]> integration and regression testing can be scattered, and the number of
    ]> real-world implementations limited."

    Lets see, more than five, but limited? Hmm.
     
    Bill Unruh, Sep 13, 2003
    #15
  16. What "customers"?

    Linux is not a "company" that is a "vendor".

    And in any case, what some nebulous notion of "customers" imagine they
    want does not mandate, suggest, or even encourage any behaviour of
    developers that they aren't paying or otherwise trying to influence.

    What happened, to lead to there being 5 journalled filesystems, was
    that independent groups of developers _CONTRIBUTED_ code that they
    were working on.

    1. Stephen Tweedie was paid by Red Hat to work on ext3, as an
    extension of ext2.

    2. Hans Reiser has been working on numerous filesystem enhancements
    for _years_, and journalling isn't the most interesting thing
    about his filesystem.

    3. IBM contributed code they had already written.

    4. Ditto for SGI.

    Hmm. That's only 4 journalled filesystems.

    The notion that you could change their minds (without doing anything
    to motivate them) and see this magically turn into support for
    something else is something out of fairy tales.

    And the notion that there were any resources to be "saved" is as much
    in your mind as the notion that there are "customers" involved. The
    majority of the effort involved was committed before _any_ journalled
    filesystem started being committed to the official kernel stream.
     
    Christopher Browne, Sep 13, 2003
    #16
  17. totojepast

    Peter Guest

    My apologies, I thought that MS was offering 5 JFS options for its
    servers, hence my comment. It is a sign of vibrancy in the open
    source community that several keen people and ortganisations
    contribute in this area.
     
    Peter, Sep 13, 2003
    #17
  18. totojepast

    Ed Murphy Guest

    Did Samba defeat the breakage? (I'm running samba-2.2.7a-8.9.0
    and my wife has Win2K Pro, I think with SP3, and we haven't noticed
    any problems.)
     
    Ed Murphy, Sep 13, 2003
    #18
  19. If you'd read the link, you'd see that it's talking about Active
    Directory Integration, and authenticating against AD.
    ACL's require a lot of patching to implement, and most administration
    tools don't support them. While, it's technically true that Linux *can*
    support ACL's, it doesn't do so by default and even when patched has a
    lot of caveats to go with them.
    It also makes it easier to shim a trojan in between.
    One thing Microsoft has always been good at is making sure their file
    systems are rock solid. While you might criticise the design of some of
    their file systems, the implementations are very thoroughly tested
    before they even let a beta tester see them.
     
    Erik Funkenbusch, Sep 13, 2003
    #19
  20. totojepast

    Andy Zhang Guest

    MS's ignorance never ceases to amaze me. Whoever wrote this probably hasn't
    a clue what Linux is, much less ever tried using it. On top of that, MS
    started using Linux for its internet services. Such hyptocrites.

    Never mind the fact that Windows uses 14-character case-insensitive
    passwords for authentication over the wire. Never mind the fact that Windows
    would win the "most insecure OS" award. Never mind the fact that NTFS is
    plagued with backward-compatibility issues like storing filenames in
    DOS-style 8.3 format (even though they never intended DOS to read NTFS
    partitions). Never mind the fact that NTFS screws up file permissions by
    making random files have their permissions erased from time to time (yes,
    I've had it happen to many-a-files). Never mind the fact that MS tried to
    reinvent Kerberos and claim that it's just as secure as the time-tested,
    standards-compliant one. And never mind the fact that MS uses the same
    kernel, drivers, userland components, etc for both NT Server and
    Workstation, the only difference being a registry key valued at $1500+.
    "Look at me! I can throw together big words that make no sense together
    too!" Hetrogeneous to what? Blowing up every time you forget to install a
    critical update?
    What's wrong with lots of options? I don't particularly like having 32kb
    clusters on a partition. What about ext2/3, ReiserFS, and everything else
    that's supported on Linux? What do you have with Windows? FAT or FAT or FAT
    or NTFS (and the insane fragmentation that come with each).

    So, in short, yes, MS does lie. Lies very much indeed.
     
    Andy Zhang, Sep 13, 2003
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.