Glass panels: what OS? [Archive]

Brian Cox

June 23rd 04, 03:10 PM

Bruce Horn > wrote in message >...
> I've been wondering...
>
> What underlying OS do the various glass panels (Avidyne, Garmin, etc.)
> use? It might actually make me think twice about buying a particular
> system if I knew that (for example) it was Windows underneath.
>
> I would think that the glass panel folks would be using one of the
> real-time OS's that are designed for industrial applications, but I
> don't know for a fact.

If I recall correctly, the MX-20 MFD runs on a version of Win NT. The
Garmin 430/530 uses a proprietary OS.

I believe a lot of the displays use versions of embedded real time
operating systems (RTOS) that are versions of Linux. These aren't
your standard Red Hat versions, but are purchased from companies that
line test the OS and provide support. The OS can be documented to
comply with RTCA DO-178B requirements. One of the vendors is TimeSys,
and I think their OS is called Integrity. The cost of the support
consists of annual seat licenses for the developer. The benefit is
that the software is free. No licensing fee on a per-unit basis.

Another popular OS is VxWorks. It is supposed to be a good OS, but
there are licensing fees associated.

C J Campbell

June 23rd 04, 04:15 PM

"Bruce Horn" > wrote in message
...
> I've been wondering...
>
> What underlying OS do the various glass panels (Avidyne, Garmin, etc.)
> use? It might actually make me think twice about buying a particular
> system if I knew that (for example) it was Windows underneath.

The MX-20 runs plain vanilla Windows NT 4.0. I don't know why anyone except
software bigots would have a problem with that. There have been no known
problems with the OS in this application.

The Garmin G-1000 runs a proprietary OS.

Greg Copeland

June 23rd 04, 04:52 PM

On Wed, 23 Jun 2004 08:15:41 -0700, C J Campbell wrote:

>
> "Bruce Horn" > wrote in message
> ...
>> I've been wondering...
>>
>> What underlying OS do the various glass panels (Avidyne, Garmin, etc.)
>> use? It might actually make me think twice about buying a particular
>> system if I knew that (for example) it was Windows underneath.
>
> The MX-20 runs plain vanilla Windows NT 4.0. I don't know why anyone except
> software bigots would have a problem with that. There have been no known
> problems with the OS in this application.

Well, chances are, it's actually embedded NT, but I'll defer if you
factually know otherwise. The concern is, NT has a long history of
crashing and being less than stable. This is true of embedded NT, but to
a much lessor degree. So, for someone to have concern about the heart of
an important navigation tool, I think falls well outside of simple OS
bigotry.

There are many, many, excellent and respected embedded OSs. It just so
happens that anything from Microsoft tends to be on the bottom of the list
of stable and respected OSs. So, while you might dismiss it, I don't
think it reason enough to ignore the concern. Having said that, if real
world use shows the device to be rock solid, then I think that speaks
volumes, clearly out weighing the voice of concern.

Cheers,

Greg Copeland

Kyler Laird

June 23rd 04, 05:08 PM

(Paul Tomblin) writes:

>I remember a comp.risks article many years ago where one maker of avionics
>was said to prefer Windows because if something went wrong with the OS,
>somebody else would have to fix it,

*That* would be funny. I can imagine a bunch of panels being labeled "inop"
until Microsoft decides it wants to generate a fix.

>and another maker of avionics was said
>to prefer an open source OS because if something went wrong with the OS,
>they didn't have to wait for somebody else to fix it.

Or they *could* also let/pay someone else to fix it also. But at least
they can't play the "Oh, we're so sorry that your plane is now useless but
it's really out of our hands..." bit.

--kyler

Andrew Gideon

June 23rd 04, 05:51 PM

Kyler Laird wrote:

> (Paul Tomblin) writes:
>
>>I remember a comp.risks article many years ago where one maker of avionics
>>was said to prefer Windows because if something went wrong with the OS,
>>somebody else would have to fix it,
>
> *That* would be funny. I can imagine a bunch of panels being labeled
> "inop" until Microsoft decides it wants to generate a fix.
>

Worse: A virus comes with a Jepp database upgrade. Yikes!

- Andrew

Bob Noel

June 23rd 04, 11:59 PM

In article >, Greg Copeland
> wrote:

> Having said that, if real
> world use shows the device to be rock solid, then I think that speaks
> volumes, clearly out weighing the voice of concern.

The trick is to truly show that the device was indeed rock solid, and for
that history to be actually applicable to future use.

--
Bob Noel

Greg Copeland

June 24th 04, 05:20 AM

On Wed, 23 Jun 2004 22:59:18 +0000, Bob Noel wrote:

> In article >, Greg Copeland
> > wrote:
>
>> Having said that, if real
>> world use shows the device to be rock solid, then I think that speaks
>> volumes, clearly out weighing the voice of concern.
>
> The trick is to truly show that the device was indeed rock solid, and for
> that history to be actually applicable to future use.

Agreed.

C J Campbell

June 24th 04, 03:44 PM

"Greg Copeland" > wrote in message
...
> On Wed, 23 Jun 2004 08:15:41 -0700, C J Campbell wrote:
>
> >
> > "Bruce Horn" > wrote in message
> > ...
> >> I've been wondering...
> >>
> >> What underlying OS do the various glass panels (Avidyne, Garmin, etc.)
> >> use? It might actually make me think twice about buying a particular
> >> system if I knew that (for example) it was Windows underneath.
> >
> > The MX-20 runs plain vanilla Windows NT 4.0. I don't know why anyone
except
> > software bigots would have a problem with that. There have been no known
> > problems with the OS in this application.
>
> Well, chances are, it's actually embedded NT, but I'll defer if you
> factually know otherwise. The concern is, NT has a long history of
> crashing and being less than stable. This is true of embedded NT, but to
> a much lessor degree. So, for someone to have concern about the heart of
> an important navigation tool, I think falls well outside of simple OS
> bigotry.

The Apollo MX-20 boot-up screen says Windows NT 4.0

It has never failed. I have, however, seen the OS crash on Garmin handheld
GPS units. Frequently. To be honest, I would prefer the more stable Windows
OS.

All operating systems have a long history of crashing and being less than
stable. It would be interesting to know why you think Win NT would be
unstable on something like the MX-20. The device is dedicated to running one
program. It has no peripherals. It never runs for more than a few hours.
Basically, all the issues supposedly making Win NT unstable simply do not
exist on a closed box like this.

Greg Copeland

June 24th 04, 04:54 PM

On Thu, 24 Jun 2004 07:44:49 -0700, C J Campbell wrote:
>>
>> Well, chances are, it's actually embedded NT, but I'll defer if you
>> factually know otherwise. The concern is, NT has a long history of
>> crashing and being less than stable. This is true of embedded NT, but to
>> a much lessor degree. So, for someone to have concern about the heart of
>> an important navigation tool, I think falls well outside of simple OS
>> bigotry.
>
> The Apollo MX-20 boot-up screen says Windows NT 4.0

I'm actually not sure that it makes the distinction during startup.
Technically, the embedded kernel is a slightly different animal from the
desktop/server brethren. No paging support, for example.

>
> It has never failed. I have, however, seen the OS crash on Garmin handheld
> GPS units. Frequently. To be honest, I would prefer the more stable Windows
> OS.
>

Well, stability is always stated from a relative frame of reference.
Those that work higher up on the stability scale, tend to look down at NT
and consider it a toy OS.

> All operating systems have a long history of crashing and being less than

That's simply not true. NT has a long history of having one of the worst
stability records in the entire modern history of IT, short only of DOS
and perhaps early MACs (which had no MMU).

> stable. It would be interesting to know why you think Win NT would be
> unstable on something like the MX-20.

That would be because the OS is known to have stability issues and is
often less than reliable.

> The device is dedicated to running one
> program.

Yes, but that says very little about what's actually going on under the
covers. I don't have those details so I can only say we're probably both
ignorant of what's going on there.

> It has no peripherals. It never runs for more than a few hours.

This is probably one of the saving graces for it. One of the problems
common to NT, especially in the 3-4.x days, is a number of memory leaks in
the kernel. I believe I remember reading that even the embedded kernel
still suffered from memory leaks, but I would not be willing to walk out
on a limb with that assertion.

> Basically, all the issues supposedly making Win NT unstable simply do
> not exist on a closed box like this.

With all due respect, that's simply not true. MS has had a number of
issues with their OS, ranging from memory leaks to kernel crashes. The
important question, as it relates to this topic, does the application in
question trigger any of the known problems and/or bugs with the kernel?
Which is why I asserted that the real world performance should certainly
override the list of valid and well supported concerns. Notice that I am
not saying, never buy a device which has a MS OS in it. I'm simply
saying, use caution and let real world experience be your guide.

Personally, if I learn that a device is running a MS OS, I immediately
consider the device to be suspect until proven otherwise. That doesn't
mean that the alternative implementations (other devices) will always be
problem free. Just the same, the inclusion of a MS OS in a device should
always be treated as a yellow flag. Which means, use caution until proven
it's no longer needed.

Cheers,

Greg

John Theune

June 24th 04, 09:02 PM

Greg Copeland > wrote in
:

> On Thu, 24 Jun 2004 07:44:49 -0700, C J Campbell wrote:
>>>
>>> Well, chances are, it's actually embedded NT, but I'll defer if you
>>> factually know otherwise. The concern is, NT has a long history of
>>> crashing and being less than stable. This is true of embedded NT,
>>> but to a much lessor degree. So, for someone to have concern about
>>> the heart of an important navigation tool, I think falls well
>>> outside of simple OS bigotry.
>>
>> The Apollo MX-20 boot-up screen says Windows NT 4.0
>
> I'm actually not sure that it makes the distinction during startup.
> Technically, the embedded kernel is a slightly different animal from
> the desktop/server brethren. No paging support, for example.
>
>>
>> It has never failed. I have, however, seen the OS crash on Garmin
>> handheld GPS units. Frequently. To be honest, I would prefer the more
>> stable Windows OS.
>>
>
> Well, stability is always stated from a relative frame of reference.
> Those that work higher up on the stability scale, tend to look down at
> NT and consider it a toy OS.
>
>> All operating systems have a long history of crashing and being less
>> than
>
> That's simply not true. NT has a long history of having one of the
> worst stability records in the entire modern history of IT, short only
> of DOS and perhaps early MACs (which had no MMU).
>
>> stable. It would be interesting to know why you think Win NT would be
>> unstable on something like the MX-20.
>
> That would be because the OS is known to have stability issues and is
> often less than reliable.
>
>> The device is dedicated to running one
>> program.
>
> Yes, but that says very little about what's actually going on under
> the covers. I don't have those details so I can only say we're
> probably both ignorant of what's going on there.
>
>> It has no peripherals. It never runs for more than a few hours.
>
> This is probably one of the saving graces for it. One of the problems
> common to NT, especially in the 3-4.x days, is a number of memory
> leaks in the kernel. I believe I remember reading that even the
> embedded kernel still suffered from memory leaks, but I would not be
> willing to walk out on a limb with that assertion.
>
>> Basically, all the issues supposedly making Win NT unstable simply do
>> not exist on a closed box like this.
>
> With all due respect, that's simply not true. MS has had a number of
> issues with their OS, ranging from memory leaks to kernel crashes.
> The important question, as it relates to this topic, does the
> application in question trigger any of the known problems and/or bugs
> with the kernel? Which is why I asserted that the real world
> performance should certainly override the list of valid and well
> supported concerns. Notice that I am not saying, never buy a device
> which has a MS OS in it. I'm simply saying, use caution and let real
> world experience be your guide.
>
> Personally, if I learn that a device is running a MS OS, I immediately
> consider the device to be suspect until proven otherwise. That
> doesn't mean that the alternative implementations (other devices) will
> always be problem free. Just the same, the inclusion of a MS OS in a
> device should always be treated as a yellow flag. Which means, use
> caution until proven it's no longer needed.
>
>
> Cheers,
>
> Greg
>
>

This all being said, I work with a medical application that runs on
windows and we have had a lot of machines running 4.0 and our app ( and
nothing else ) that have run for very long periods of time 7x24. I think
our record is > 1 year and it did not crash, we rebooted it to load a
newer version of the app. On the other hand I've had a workstation
running NT 4.0 and a slew of other things that crashed on a real regular
basis. It depends on the apps. NT and Dos before it has to support a
slew of wild hardware from a bunch of venders and sometime things went
boom in the night. Macs have had a much better rep for stability because
Apple laid down the law as to what could be done in terms of hardware and
software. Apple may have had a more stable system but Dos/NT/Intel took
over the world.

Kevin Darling

June 24th 04, 10:23 PM

"C J Campbell" > wrote in message >...
> All operating systems have a long history of crashing and being less than
> stable.

That's too broad a statement. There have been very stable embedded
OS's meant for applications like this, with no history of crashing,
and that are certified for use in life-critical situations. I believe
those are what others are saying they'd rather rely on.

> It would be interesting to know why you think Win NT would be
> unstable on something like the MX-20. The device is dedicated to running one
> program. It has no peripherals. It never runs for more than a few hours.
> Basically, all the issues supposedly making Win NT unstable simply do not
> exist on a closed box like this.

For something fairly simple like the MX-20, if the application is
proven stable, then I agree. One assumes that latency effects are
mitigated by using a faster CPU for example :) And locking pages in
memory, etc.

However, Microsoft themselves point out that Windows is not a hard
realtime OS, and should not be used in more demanding applications
such as fly-by-wire.

Best, Kev

leslie

June 25th 04, 12:16 AM

Kevin Darling ) wrote:
:
: However, Microsoft themselves point out that Windows is not a hard
: realtime OS, and should not be used in more demanding applications
: such as fly-by-wire.
:
http://www.gcn.com/archives/gcn/1998/july13/cov2.htm
Software glitches leave Navy Smart Ship dead in the water |
GCN July 13, 1998

http://www.gcn.com/vol19_no27/dod/2868-1.html
Navy carrier to run Win 2000

"...Lockheed Martin officials chose Microsoft in part because of the
company's "experience in computers, networks and systems," Lockwood
said. "We felt that Microsoft had a lot of insight" that could help
Lockheed Martin stay current with commercial technology, he said.

"This is a new area for us," said Keith Hodson, a Microsoft Government
spokesman. "Windows-based products have not traditionally been
associated with Defense Department-specific mission-critical
applications..."

http://www.cnn.com/2000/TECH/computing/08/08/carrier.windows.idg/
CNN.com - Technology -
Futuristic Windows version to control aircraft carrier - August 8, 2000

"...The CVN-77 win is a key triumph for Microsoft in the defense
industry, because it sets the stage for the company's participation in
the Navy's long-term, three-phase future carrier design program. "This
is not just the one ship. It will decide the architectures for the
next three ships," Roach said. Microsoft's agreement also includes a
back-fit program for seven other carriers, bringing the total to 10."

At least some PLCs are also used, per this description of the "Smart Ship"
system...

http://www.e-d-i.com/products_control.html
L-3 Communications SPD Technologies - Control Systems

"...The original MPCMS was physically removed from the ship and
replaced by 15 COTS Programmable Logic Controllers (PLCs) and 12
Windows NT-based workstations. The workstations and PLCs are connected
via Ethernet to a fiber optic Local Area Network (LAN). The LAN
consists of five Automatic Transfer Mode (ATM) switches configured in
a 155 Mbps full mesh, backbone. To enhance reliability, the
workstations and PLCs have redundant Ethernet connections to two
different ATM switches..."

--Jerry Leslie
Note: is invalid for email

Greg Copeland

June 25th 04, 01:34 AM

On Thu, 24 Jun 2004 23:16:44 +0000, leslie wrote:

> Kevin Darling ) wrote:
> :
> : However, Microsoft themselves point out that Windows is not a hard
> : realtime OS, and should not be used in more demanding applications
> : such as fly-by-wire.
> :
> http://www.gcn.com/archives/gcn/1998/july13/cov2.htm
> Software glitches leave Navy Smart Ship dead in the water |
> GCN July 13, 1998
>

That's actually an application bug and not an OS bug. One interesting
note is that they also highlight that Unix would be a much more reliable
option, which would be true, excluding SCO, and including Linux.

It's also worth noting, that traditionally, all MS OS's have somehow
managed to sidestep the DoD qualification phases. Some cash and palms are
usually suspected to be the reasons. In fact, while I don't have a link
off hand, there is a fairly well known quote, by a DoD (IIRC) guy, which
can be paraphrase as, "If Windows had been forced to go through the same
channels as every other OS, it would of never qualified."

Cheers!

Greg Copeland

June 25th 04, 01:38 AM

On Thu, 24 Jun 2004 07:44:49 -0700, C J Campbell wrote:

> It has never failed. I have, however, seen the OS crash on Garmin handheld
> GPS units. Frequently. To be honest, I would prefer the more stable Windows
> OS.

A worthwhile question, which is only going to help to obfuscate the
issue, but what makes you so sure it is the OS which crashed and not the
application? For the end-user, granted, there isn't much of a
distinction. Just the same, technically speaking, there is a huge
difference. ;)

Cheers!

Greg Copeland

June 25th 04, 01:56 AM

On Thu, 24 Jun 2004 20:02:34 +0000, John Theune wrote:

>
> This all being said, I work with a medical application that runs on
> windows and we have had a lot of machines running 4.0 and our app ( and
> nothing else ) that have run for very long periods of time 7x24. I think
> our record is > 1 year and it did not crash, we rebooted it to load a
> newer version of the app. On the other hand I've had a workstation

This is actually a gray area. Having a long update is generally not a
problem for just about any OS. The problems occur when the system is
under load for extended periods of time. While uptimes of a year for NT
systems are not unheard of, they are a generally considered a minority.
In fact, most companies with serious business applications running on a MS
platform, generally make rebooting the systems part of their required
maintenance. Most companies attempt a reboot ranging from weekly to
bimonthly schedules. The reasons generally range from stability, latency
issues, memory leaks, locked resources (because of the predominately
threaded environment), and overall degraded performance (generally
associated with memory fragmentation).

For many commercial Unix systems, uptime is commonly measured in years
(multiples). For many highend IBM systems, stories of machines running
for 15-20+ years, non-stop, are not unheard of. And then, those systems
lost power only because they were decommissioned.

If you don't mind me asking, what does your medical application do?

> boom in the night. Macs have had a much better rep for stability
> because Apple laid down the law as to what could be done in terms of
> hardware and software. Apple may have had a more stable system but
> Dos/NT/Intel took over the world.

Keep in mind that early macs did not have MMUs (Memory Management Units),
which is what provided protection for one process against another.
Likewise, it's also what prevents OS corruption from applications bugs.

Just rambling on I guess... ;)

Cheers.

Jens Krueger

June 25th 04, 04:53 AM

Bruce Horn > wrote:

> What underlying OS do the various glass panels (Avidyne, Garmin, etc.)
> use? It might actually make me think twice about buying a particular
> system if I knew that (for example) it was Windows underneath.

Avidyne uses WinNT in their Units, I've flown with the EX500 and the

--
I don't accept any emails right now. Usenet replys only.

Jens Krueger

June 25th 04, 05:09 AM

Bruce Horn > wrote:

> What underlying OS do the various glass panels (Avidyne, Garmin, etc.)
> use? It might actually make me think twice about buying a particular
> system if I knew that (for example) it was Windows underneath.

I've flown with an Avidyne Flightmax for a couple of months, before we
upgraded to the EX550. It ran WinNT (3.51 IIRC) on a PIII. It froze
every week or so during normal use and I got the Blue Screen of Death a
couple of times. Wasn't very reliable... I think we went through three
replacement units (All on warranty) before we finally got the 550.

The EX550 is a lot better, only freezing twice so far while acessing
airborne radar, according to Avidyne a problem with the Radar Interface.
I don't know if the 550 is still running WinNT as the boot screen no
longer shows any information about the underlying OS. The current one is
the second Unit though...

Cheers,
Jens

--
I don't accept any emails right now. Usenet replys only.

Gerald Sylvester

June 25th 04, 05:49 AM

> I have, however, seen the OS crash on Garmin handheld
> GPS units. Frequently.

I have a Garmin V mounted in my car. By now I can program anything in
there without looking and use it to drive to my nextdoor neighbor
(LA Story reference there :) ). anyway, yes, they do lock up but
not too frequently. In some regards they are more complicated.....it
calculates routes automatically while the Garmin aviation units only
have to calculate direct routing for the most part.

>To be honest, I would prefer the more stable Windows OS.

I don't.

> All operating systems have a long history of crashing and being less than
> stable.

I thought Linux rarely ever crashes but that is only what I've heard.
My company has part of it hardware running off of WX Works. That has
120 motors to control in real time with motor encoders plus
mechanoelectrical secondary feedback to compare the motor counts to,
assert interlocks when any of those are not within tolerances plus
much more and I've never heard of one crashing. I have heard of
the Windows XX boxes they are connected to crashing a lot more often
and they more or less doing a LOT less work. But every application
is different.

>It would be interesting to know why you think Win NT would be
> unstable on something like the MX-20. The device is dedicated to running one
> program. It has no peripherals. It never runs for more than a few hours.
> Basically, all the issues supposedly making Win NT unstable simply do not
> exist on a closed box like this.

And you never have to do processor intensive calculations like bold
facing a word.

Gerald

C J Campbell

June 25th 04, 06:23 AM

"Gerald Sylvester" > wrote in message
.net...
>
> > I have, however, seen the OS crash on Garmin handheld
> > GPS units. Frequently.
>
> I have a Garmin V mounted in my car. By now I can program anything in
> there without looking and use it to drive to my nextdoor neighbor
> (LA Story reference there :) ). anyway, yes, they do lock up but
> not too frequently. In some regards they are more complicated.....it
> calculates routes automatically while the Garmin aviation units only
> have to calculate direct routing for the most part.
>
> >To be honest, I would prefer the more stable Windows OS.
>
> I don't.
>
> > All operating systems have a long history of crashing and being less
than
> > stable.
>
> I thought Linux rarely ever crashes but that is only what I've heard.

Actually, I have a Red Hat Linux server. In the six months that I have owned
it, it has crashed four times and had to be restarted. OTOH, the Windows XP
Professional computers have not crashed even once during that time.

I hear a lot about Windows' instability. I say it is crap. All I can go on
is my own personal experience, but MS operating systems are the only ones
that I have ever used that can go for more than a few weeks without
crashing. What am I supposed to do? Believe my own experience, or believe a
bunch of anti-social geeks who begin frothing at the mouth and chewing the
carpet at the mere mention of Microsoft or Bill Gates?

Dylan Smith

June 25th 04, 08:17 AM

In article >, C J Campbell wrote:
> The MX-20 runs plain vanilla Windows NT 4.0. I don't know why anyone except
> software bigots would have a problem with that. There have been no known
> problems with the OS in this application.

Except even Microsoft recommends you don't use their software in safety
critical devices. If you've ever been exposed to the gory details of the
Windows API you'd agree with them.

--
Dylan Smith, Castletown, Isle of Man
Flying: http://www.dylansmith.net
Frontier Elite Universe: http://www.alioth.net
"Maintain thine airspeed, lest the ground come up and smite thee"

Dylan Smith

June 25th 04, 08:38 AM

In article >, C J Campbell wrote:
> Actually, I have a Red Hat Linux server. In the six months that I have owned
> it, it has crashed four times and had to be restarted. OTOH, the Windows XP
> Professional computers have not crashed even once during that time.
>
> I hear a lot about Windows' instability. I say it is crap. All I can go on
> is my own personal experience, but MS operating systems are the only ones
> that I have ever used that can go for more than a few weeks...

I agree with you on the stability issue; I did a lot of hard-core
development on WinNT 4.0, and my development system didn't need reboots
(there were issues with NT memory leaks which did force me to eventually
reboot, but these appear to be fixed now).

The vast majority of crashes I've had with any recent OS were caused by
hardware or bad drivers. (The joke is computers are just like road
safety - most crashes are caused by bad drivers). You must have some
dodgy hardware in that RH box, or dodgy hardware drivers. The RH
swervers I shepherd all had uptimes of greater than 400 days until I
needed to upgrade the kernel to a new version and reboot. That's the
only reason I reboot the Linux servers - for a brand new kernel. It
doesn't happen often.

My beef with Windows is what goes on underneath. Unix-style operating
systems have remained pretty free of cruft in their underlying system
calls. Windows on the other hand is a nightmare and it's easy to see why
so many applications have security holes and other bugs in Windows - the
API forces some truly baroque code to be written which is just ripe for
bugs. For example, on a Unix-style OS, if your server program must
listen for input off, say, a serial port, a named pipe and a TCP/IP
socket, a single routine can handle it all. In fact, a single syscall -
select() - can handle waiting for input on all these things on a single
thread, and also checking whether a fd is ready for writing.
Under Windows, only the socket interface has select(). To wait
on input and check a handle can be written to on the others,
you need different API calls for each. This will mean you wind up
running three threads, and this exposes you needlessly to race
conditions and all the other things you have to think of in a
multithreaded executable.

Other madness: there are many things in Windows that can ONLY be set
with the GUI out of the box. This makes scripting unnecessarily hard
when you have to go hunting down third party tools, roll your own tool,
or download a Microsoft tool which should have been included in the base
OS (most of the Resource Kit tools exemplify this).

I also discovered yesterday whilst making a new Windows XP system image
that we will be rolling out on the new machines on our network something
else that's incredibly dumb. In the process of locking down and turning
off as many unneeded services as possible, I switched off the DHCP
client. The machines all have static IPs, and don't need it. But guess
what - if you turn off DHCP, you can't set up a static IP address with
the 'netsh' command! I almost fell off my chair with surprise when I
found that out.

Windows doesn't feel designed when you get to the gory details - it
feels congealed. Unix-type operating systems have their own
shortcomings, but Windows just takes the biscuit for so many badly
thought out designs. It's truly the Morris Marina of operating systems.

Since NT when it first came out was going to be completely incompatible
with DOS and Win3.x apart from via what is essentially emulation,
Microsoft could have done away with all this cruft. Instead, they blew a
wonderful opportunity to make a clean OS. Yes, Windows is stable, and
I'm happy with the stability of the Windows systems I herd. Yes, all
hardware and all software sucks. However, Windows sucks unnecessarily.

--
Dylan Smith, Castletown, Isle of Man
Flying: http://www.dylansmith.net
Frontier Elite Universe: http://www.alioth.net
"Maintain thine airspeed, lest the ground come up and smite thee"

Peter Duniho

June 25th 04, 09:21 AM

"Dylan Smith" > wrote in message
...
> [...] Yes, Windows is stable, and
> I'm happy with the stability of the Windows systems I herd. Yes, all
> hardware and all software sucks. However, Windows sucks unnecessarily.

It's funny. I've spent so many years reading all sorts of religious crap
about why Windows isn't any good that when I read a post like yours that
makes well-reasoned and legitimate complaints, I'm not really sure what to
do. :) As much as I like Windows (mainly because of familiarity with it),
I found myself nodding along with your post.

Anyway, I would agree that CJ's problems with his Linux system can probably
be traced to some issue with a particular driver for a particular piece of
hardware. Windows instabilities (and there are definitely some unstable
Window installations out there) are almost always traceable to some
third-party driver. That's the price you pay for supporting a wide range of
hardware. As Linux becomes more and more like Windows, we will be seeing
more and more of these same kinds of problems on Linux installations.

In our household we currently have two desktop PCs and two laptops. The
laptops get rebooted probably once a week or so, for reasons unrelated to
instability, but the desktops just keep chugging along. One is running
Windows 2000, the other is running Windows XP. Neither has ever crashed or
had to be rebooted because of some sort of software failure, and they have
gone months without rebooting for other reasons.

Programmability issues aside, Windows provides what I think is a very nice
user experience. It's different from other operating systems, but they all
have their problems and their strong points.

For what it's worth, it's my (very vague) recollection that the NT API was
not invented at Microsoft as a "clean sheet" API for NT specifically. Yes,
they had the opportunity to start fresh, but of course economics won out,
and they used a pre-existing template on which to base the OS. Plus, in
spite of the all-new underlying implementation details, they needed to be as
compatible with the existing Windows API as they could. They could
practically guarantee NO adoption of the NT/Win32 API if it bore no
resemblance to the API already in use.

In any case, I would have no problems using a Windows-based box in an
airplane, assuming it had gone through the same qualification testing that
any avionics box is required to. I know from personal experience that it's
quite possible, and not even all that difficult to configure and code on a
Windows installation in a way that ensure system stability.

Pete

Peter Duniho

June 25th 04, 09:23 AM

"Dylan Smith" > wrote in message
...
> Except even Microsoft recommends you don't use their software in safety
> critical devices.

IMHO, that's as much a CYA move by a company that's self-insured and has
deep pockets, as it is any sort of real indication of what they think of the
suitability of their OS for stuff like that. If they were serious about
keeping NT out of "safety critical devices", they wouldn't sell it to people
using it for "safety critical devices".

Pete

Bob Noel

June 25th 04, 11:22 AM

In article >, "C J Campbell"
> wrote:

>What am I supposed to do? Believe my own experience, or believe
> a bunch of anti-social geeks who begin frothing at the mouth and chewing
> the carpet at the mere mention of Microsoft or Bill Gates?

well, as long as you have an open mind...

--
Bob Noel

Kyler Laird

June 25th 04, 02:08 PM

Bob Noel > writes:

>The trick is to truly show that the device was indeed rock solid, and for
>that history to be actually applicable to future use.

'taint no trick at all; we do it with voting machines now.

Bwahaha...

--kyler

Kyler Laird

June 25th 04, 02:08 PM

"C J Campbell" > writes:

>It would be interesting to know why you think Win NT would be
>unstable on something like the MX-20.

As a user of 1966 aviation technology, I look at "stability" over
a longer term than a few hours.

Manufacturers who use proprietary software like NT give up control
of their products. In the short term, that means that they might
not be able to make required changes in a timely manner. In the
long term, it means that a very expensive piece of equipment could
become a paperweight, or at least much less useful than it could
be, at the whim of a third party (MS).

The risk of those things happening is, I hope, fairly low, but I
still prefer to deal with a company that takes more control of its
product when investing such a large (to me) amount.

--kyler

Tom Sixkiller

June 25th 04, 04:12 PM

"C J Campbell" > wrote in message
...
> >
> > I thought Linux rarely ever crashes but that is only what I've heard.
>
> Actually, I have a Red Hat Linux server. In the six months that I have
owned
> it, it has crashed four times and had to be restarted. OTOH, the Windows
XP
> Professional computers have not crashed even once during that time.

Hmmm...we're running Oracle on two Linux servers and they've not crashed in
the 10 months I've been at the company. Before that, the company I was at
ran HP-Ux on HP-9000's and they didn't crash in the two years we had them
before the company went under. Well, they burped twice for seven or eight
minutes each time, but the failover was instantaneous.

>
> I hear a lot about Windows' instability. I say it is crap. All I can go on
> is my own personal experience, but MS operating systems are the only ones
> that I have ever used that can go for more than a few weeks without
> crashing.

Hmmm...our WinXP workstations crash about twice a week. We (before I was
there) unloaded Win2000 servers for Linux when we had to shut down at least
twice monthly. Those Win2000 servers, BTW, we set up my Microsoft, so don;t
say that we didn't do it right. The Linux servers were set up by our own
techs, though our #1 geek has an MasterSci EE

> What am I supposed to do? Believe my own experience, or believe a
> bunch of anti-social geeks who begin frothing at the mouth and chewing the
> carpet at the mere mention of Microsoft or Bill Gates?

Why should we believe you? :~)

Bill Denton

June 25th 04, 04:51 PM

<snip>
Hmmm...our WinXP workstations crash about twice a week. We (before I was
there) unloaded Win2000 servers for Linux when we had to shut down at least
twice monthly. Those Win2000 servers, BTW, we set up my Microsoft, so dont
say that we didn't do it right. The Linux servers were set up by our own
techs, though our #1 geek has an MasterSci EE
<snip>

Most of the time, when a shop has Linux boxes, it doesn't have techs, it has
OS evangelists, who have a vested interest in insuring that Windows boxes
fail. In most instances, if they would spend as much time learning how to
administer Windows boxes as they do playing with Linux boxes they would see
a marked decrease in their failure rate.

Most Linux heads tend to be geeks, and they tend to put all kinds of geek
crap on their computers. Of course, none of this geek crap is written to
Microsoft standards because geeks know much better ways to do things. If you
put crappy, non-standard software on a machine, it will crash, no matter
what the underlying operating system.

When a new aircraft rolls out the door of the Cessna factory, it was "set
up" by Cessna technicians. But that doesn't mean someone who doesn't know
what they're doing couldn't crash it 15 minutes later.

So, which is better: Windows or Linux? That's like asking which is better:
hammers or screwdrivers. In both instances, you are looking at a tool, and
for a given job one may be superior. But it won't be superior for all jobs.

And consider this: Do you send email? A large chunk of the recipients of
that email get it across networks that weren't set up by Phd/EE's, but were
instead set up by a reasonably intelligent person who saw the need for a
network, read a couple of Windows books, and was able to set up a Windows
network, thanks to the user-friendly Windows installation routines. If they
had needed to rely on Netware, or Linux, or any of the other non-Microsoft
systems those networks would never have been built.

And, in many instances, that's what counts...

"Tom Sixkiller" > wrote in message
...
>
> "C J Campbell" > wrote in message
> ...
> > >
> > > I thought Linux rarely ever crashes but that is only what I've heard.
> >
> > Actually, I have a Red Hat Linux server. In the six months that I have
> owned
> > it, it has crashed four times and had to be restarted. OTOH, the Windows
> XP
> > Professional computers have not crashed even once during that time.
>
> Hmmm...we're running Oracle on two Linux servers and they've not crashed
in
> the 10 months I've been at the company. Before that, the company I was at
> ran HP-Ux on HP-9000's and they didn't crash in the two years we had them
> before the company went under. Well, they burped twice for seven or eight
> minutes each time, but the failover was instantaneous.
>
> >
> > I hear a lot about Windows' instability. I say it is crap. All I can go
on
> > is my own personal experience, but MS operating systems are the only
ones
> > that I have ever used that can go for more than a few weeks without
> > crashing.
>
> Hmmm...our WinXP workstations crash about twice a week. We (before I was
> there) unloaded Win2000 servers for Linux when we had to shut down at
least
> twice monthly. Those Win2000 servers, BTW, we set up my Microsoft, so
don;t
> say that we didn't do it right. The Linux servers were set up by our own
> techs, though our #1 geek has an MasterSci EE
>
>
> > What am I supposed to do? Believe my own experience, or believe a
> > bunch of anti-social geeks who begin frothing at the mouth and chewing
the
> > carpet at the mere mention of Microsoft or Bill Gates?
>
> Why should we believe you? :~)
>
>
>

C J Campbell

June 25th 04, 04:51 PM

"Bob Noel" > wrote in message
...
> In article >, "C J Campbell"
> > wrote:
>
> >What am I supposed to do? Believe my own experience, or believe
> > a bunch of anti-social geeks who begin frothing at the mouth and chewing
> > the carpet at the mere mention of Microsoft or Bill Gates?
>
> well, as long as you have an open mind...

Keep coming up with straight lines like that and you might find a whole new
career opportunity.

C J Campbell

June 25th 04, 04:54 PM

"Tom Sixkiller" > wrote in message
...
>
>
> > What am I supposed to do? Believe my own experience, or believe a
> > bunch of anti-social geeks who begin frothing at the mouth and chewing
the
> > carpet at the mere mention of Microsoft or Bill Gates?
>
> Why should we believe you? :~)

Obviously, you should believe me because I am an infallible genius. All
those other guys are lunatics.

Tom Sixkiller

June 25th 04, 05:24 PM

"C J Campbell" > wrote in message
...
>
> "Tom Sixkiller" > wrote in message
> ...
> >
> >
> > > What am I supposed to do? Believe my own experience, or believe a
> > > bunch of anti-social geeks who begin frothing at the mouth and chewing
> the
> > > carpet at the mere mention of Microsoft or Bill Gates?
> >
> > Why should we believe you? :~)
>
> Obviously, you should believe me because I am an infallible genius. All
> those other guys are lunatics.

We practice very hard.

Greg Copeland

June 25th 04, 05:56 PM

On Thu, 24 Jun 2004 22:23:08 -0700, C J Campbell wrote:
>> I thought Linux rarely ever crashes but that is only what I've heard.
>
> Actually, I have a Red Hat Linux server. In the six months that I have owned
> it, it has crashed four times and had to be restarted. OTOH, the Windows XP
> Professional computers have not crashed even once during that time.
>
> I hear a lot about Windows' instability. I say it is crap. All I can go on
> is my own personal experience,

Well, industry experience, by far, supports a contrary position. I do
agree that personal experience is hard to counter. Just the same, Linux
is regarded as being much more reliable, and it has earned that
reputation. This is not to say that Linux can not be crashed. That is,
as you know, simply not true. Having said that, *generally* if Linux is
crashing, it's not the fault of the OS. Are third party drivers being
used (tainted kernel)? Is the hardware of good quality? When was the last
time the memory has been checked for errors? Is ECC memory being used? Is
the power clean? Is it hooked up to a conditioning power unit?

> but MS operating systems are the only ones
> that I have ever used that can go for more than a few weeks without
> crashing. What am I supposed to do? Believe my own experience, or believe a
> bunch of anti-social geeks who begin frothing at the mouth and chewing the
> carpet at the mere mention of Microsoft or Bill Gates?

Worth noting, uptimes of weeks are considered laughable in IT. Only
semi-recently has Microsoft begun to see uptimes, across the board,
measured in anything other than hours or days. Linux and most unixes,
traditionally measure uptime in months and years. I personally have run
several Linux and BSD servers which had uptimes in years (a little over a
year and the other was 1 1/2 years). Both were rebooted because of power
outages.

So, while personal experience may be telling you a different story, I can
assure you that Microsoft's horrible reputation is very, very, very well
deserved.

Cheers,

Greg Copeland

Greg Copeland

June 25th 04, 06:06 PM

On Fri, 25 Jun 2004 10:51:32 -0500, Bill Denton wrote:

>
> Most of the time, when a shop has Linux boxes, it doesn't have techs, it has
> OS evangelists, who have a vested interest in insuring that Windows boxes
> fail. In most instances, if they would spend as much time learning how to
> administer Windows boxes as they do playing with Linux boxes they would see
> a marked decrease in their failure rate.
>

That's simply not true in least.

> Most Linux heads tend to be geeks, and they tend to put all kinds of geek
> crap on their computers. Of course, none of this geek crap is written to
> Microsoft standards because geeks know much better ways to do things. If you
> put crappy, non-standard software on a machine, it will crash, no matter
> what the underlying operating system.

That's simply not true in the least. Applications should not be able to
crash an OS. If it can, that's a serious OS bug. I would say that you've
been exposed to MS' OS a little too long without understanding what else
is out there.

>
> So, which is better: Windows or Linux? That's like asking which is better:
> hammers or screwdrivers. In both instances, you are looking at a tool, and
> for a given job one may be superior. But it won't be superior for all jobs.

Not really. Both do the same roles. Thusly, it's fair to do a hammer to
hammer or screwdriver to screwdriver comparison.

>
> And consider this: Do you send email? A large chunk of the recipients of
> that email get it across networks that weren't set up by Phd/EE's, but were
> instead set up by a reasonably intelligent person who saw the need for a
> network, read a couple of Windows books, and was able to set up a Windows
> network, thanks to the user-friendly Windows installation routines. If they
> had needed to rely on Netware, or Linux, or any of the other non-Microsoft
> systems those networks would never have been built.

Hate to tell you this, but the vast majority of the 'net is run on
Unix/Linux. It's considered to be the backbone of the 'net. Worse,
because the cost of entry to run windows is so low and they are commonly
used as endpoints on the 'net, windows computers are currently considered
the biggest threat and the greatest plague to date. As an example,
currently, the vast majority of spam actually originates from comprimised
win computers being used as open spam relays. These points have not been
lost in Washington either. Windows computers and their security are
considered a threat to national security. Feel free to check the
Department of Homeland security. Notice that the NSA is happy to develop
using Linux?

Long story short, friendly does not translate to reliability or any other
picture you're trying to paint.

>
> And, in many instances, that's what counts...

You seriously should check your facts.

Cheers,

Greg Copeland

Greg Copeland

June 25th 04, 06:09 PM

On Fri, 25 Jun 2004 13:08:41 +0000, Kyler Laird wrote:

> Bob Noel > writes:
>
>>The trick is to truly show that the device was indeed rock solid, and for
>>that history to be actually applicable to future use.
>
> 'taint no trick at all; we do it with voting machines now.
>
> Bwahaha...
>
> --kyler

LOL. I doubt the majority here are able to follow the humor there.

Cheers!

Dylan Smith

June 25th 04, 06:25 PM

In article >, Bill Denton wrote:
> Most of the time, when a shop has Linux boxes, it doesn't have techs, it has
> OS evangelists, who have a vested interest in insuring that Windows boxes
> fail. In most instances, if they would spend as much time learning how to
> administer Windows boxes as they do playing with Linux boxes they would see
> a marked decrease in their failure rate.

I have spent a great deal of time making sure Windows boxes are properly
configured and stay up. It's a goal I pursue with great zeal. If the
boxes stay up, the users don't whine. Users that are seen and not heard
because their computers aren't broken mean I have a nice day.

> Most Linux heads tend to be geeks, and they tend to put all kinds of geek
> crap on their computers. Of course, none of this geek crap is written to
> Microsoft standards because geeks know much better ways to do things. If you
> put crappy, non-standard software on a machine, it will crash, no matter
> what the underlying operating system.

That is wrong. The only software that should be able to actually crash a
machine is stuff running in kernel-land. User-land software, no matter
how badly written, should NEVER be able to crash the OS. That's the
whole point of protected mode on Intel ia32 (i.e. 386 and up)
processors. If an application causes an OS to crash, then *there is a
bug in the OS*.

> And consider this: Do you send email? A large chunk of the recipients of
> that email get it across networks that weren't set up by Phd/EE's, but were
> instead set up by a reasonably intelligent person who saw the need for a
> network, read a couple of Windows books, and was able to set up a Windows
> network, thanks to the user-friendly Windows installation routines. If they
> had needed to rely on Netware, or Linux, or any of the other non-Microsoft
> systems those networks would never have been built.

That is woefully inaccurate. You've certainly been able to set up RedHat
through the GUI only with just a few mouse clicks for a number of years.
The problem with Windows isn't its stability (almost ALL the actual
Windows NT crashes since NT4.0 I've witnessed were caused by bad
hardware with just a few notable exceptions which have since been
fixed). Part of the problem with setting up Windows, especially in a
corporate environment where you want to deploy many machines, and run
arbitrary updates on many machines is there is *so* much stuff that can
ONLY be done in the GUI and simply cannot be scripted out of the box
without downloading a whole heap of third-party stuff.

Windows is still a complex system. The consequences of 'normal users'
setting up Windows themselves (especially in a corporate environment) is
the spread of worms, insecurely-set-up servers and a network that's
difficult to maintain when it's in. A Windows administrator must be
every bit as competent, smart and devious as his Unix counterpart.
Companies who think Windows admins are less expensive are often hiring
reboot monkeys. You get what you pay for.

--
Dylan Smith, Castletown, Isle of Man
Flying: http://www.dylansmith.net
Frontier Elite Universe: http://www.alioth.net
"Maintain thine airspeed, lest the ground come up and smite thee"

Andrew Gideon

June 25th 04, 06:30 PM

Greg Copeland wrote:

> Hate to tell you this, but the vast majority of the 'net is run on
> Unix/Linux.

Well...UNIX and Cisco's IOS.

- Andrew

Bill Denton

June 25th 04, 08:54 PM

"Greg Copeland" > wrote in message
...
> On Fri, 25 Jun 2004 10:51:32 -0500, Bill Denton wrote:
>
> >
> > Most of the time, when a shop has Linux boxes, it doesn't have techs, it
has
> > OS evangelists, who have a vested interest in insuring that Windows
boxes
> > fail. In most instances, if they would spend as much time learning how
to
> > administer Windows boxes as they do playing with Linux boxes they would
see
> > a marked decrease in their failure rate.
> >
>
> That's simply not true in least.

I have seen quite a few Linux admins who had to use cheat sheets for even
the most rudimentary Win server tasks. And during the dot.com bust I saw
more than one Linux admin deliberately allow their Windows boxes to
deteriorate so they couild make the Linux boxes look better, and thus
preserving their jobs.
>
> > Most Linux heads tend to be geeks, and they tend to put all kinds of
geek
> > crap on their computers. Of course, none of this geek crap is written to
> > Microsoft standards because geeks know much better ways to do things. If
you
> > put crappy, non-standard software on a machine, it will crash, no matter
> > what the underlying operating system.
>
> That's simply not true in the least. Applications should not be able to
> crash an OS. If it can, that's a serious OS bug. I would say that you've
> been exposed to MS' OS a little too long without understanding what else
> is out there.

I have seen applications crash NT workstation and server four or five times,
and I've crashed Win2K Professional twice; once with Flight Simulator. A
couple of years ago I worked for a software company, and a test suite run of
one of our applications brought down two Linux boxes and one Unix box.
Everything can crash.

And I saw a Win2K server mysteriously begin going BSOD, for no observable
reason. It looked just like a software crash. I worked in the IBM building
in downtown Chicago, where you would expect the power to be good, but it
turned out we were getting power sags which were crashing the machine. It
was plugged into the same outlet with a workstation which never had a
problem. I did some testing, and discovered that the sags were long enough
to drop the server, but not long enough to effect the workstation. I put in
a UPS; no problem. But as I said, it looked just like a software problem.
How many other hardware problems get blamed on the OS?
>
> >
> > So, which is better: Windows or Linux? That's like asking which is
better:
> > hammers or screwdrivers. In both instances, you are looking at a tool,
and
> > for a given job one may be superior. But it won't be superior for all
jobs.
>
> Not really. Both do the same roles. Thusly, it's fair to do a hammer to
> hammer or screwdriver to screwdriver comparison.

It's not a matter of which will do the job, it's a matter of which will do
the job best. And there are things that Win will do better than Linux and
vice-versa. And better is not just a matter of benchmarking: in some small
towns you might find 10 Win administrators and zero Linux administrators. In
that case, Linux is totally worthless. It's all a matter of matching the OS
to the need.
>
>
> >
> > And consider this: Do you send email? A large chunk of the recipients of
> > that email get it across networks that weren't set up by Phd/EE's, but
were
> > instead set up by a reasonably intelligent person who saw the need for a
> > network, read a couple of Windows books, and was able to set up a
Windows
> > network, thanks to the user-friendly Windows installation routines. If
they
> > had needed to rely on Netware, or Linux, or any of the other
non-Microsoft
> > systems those networks would never have been built.
>
> Hate to tell you this, but the vast majority of the 'net is run on
> Unix/Linux. It's considered to be the backbone of the 'net. Worse,
> because the cost of entry to run windows is so low and they are commonly
> used as endpoints on the 'net, windows computers are currently considered
> the biggest threat and the greatest plague to date. As an example,
> currently, the vast majority of spam actually originates from comprimised
> win computers being used as open spam relays. These points have not been
> lost in Washington either. Windows computers and their security are
> considered a threat to national security. Feel free to check the
> Department of Homeland security. Notice that the NSA is happy to develop
> using Linux?

And I hate to tell you this, there were LAN's long before the Internet
became "prime time". I did my first Windows For Workgroups (NETBUI) network
in 1992, the Internet did not begin to achieve any sort of mass penetration
until 1996 or so. While the majority of the servers may run Unix/Linux, most
of the outbound data quickly goes through a router onto a Windows network,

I agree with you about the increased vulnerability of Windows, but a case
could also be made that the associated protocols, which were designed by
Unix guys, were poorly engineered. Had they been better designed the spam
problems would not exist. I don't make that argument, but if you talk about
Windows vulnerabilities, you also have to consider lacadasical engineering.
>
> Long story short, friendly does not translate to reliability or any other
> picture you're trying to paint.
>
>
> >
> > And, in many instances, that's what counts...
>
>
> You seriously should check your facts.

My facts are fine. I have made a decent living off Windows, so I don't see
it as the Devil incarnate. I know there are problems there. But there are
problems with every OS on some level or another. I don't have any problem
with Linux; one of these days I will probably get around to learning it.
Where I do have a problem is with people who aren't willing to understand
that both Win and Linux are viable operating systems. It's simply not an
either/or situation.

>
>
> Cheers,
>
> Greg Copeland
>

Dylan Smith

June 25th 04, 11:09 PM

In article >, Bill Denton wrote:
>> That's simply not true in the least. Applications should not be able to
>> crash an OS. If it can, that's a serious OS bug. I would say that you've
>> been exposed to MS' OS a little too long without understanding what else
>> is out there.
>
> I have seen applications crash NT workstation and server four or five times,
> and I've crashed Win2K Professional twice; once with Flight Simulator.

Which means the OS has some serious bugs. Either that or bad drivers
(I've come across some hideously bad - I mean really inexcusably bad
video drivers).

As for Windows being easy to set up (you cited WfWG), Macintosh networks
were that easy to set up in 1988 - we had a Mac network at school then.
It's hardly Windows that has made setting up LANs easy. Setting up the
LAN isn't even quarter of the battle - keeping it up *and secure* is a
much bigger chunk of it. An easy GUI setup and few scripting tools, and
an insecure default configuration means that the easy set up has a
really nasty sting in the tail, as evidenced by the hundreds of
thousands of hosts listed in Spamhaus's XBL (Exploits Blacklist). You
need proper admins (i.e. ones you'll have to pay well) to keep your
network secure even if it runs Windows. Admins who know how to write
scripts to automate jobs. That kind of thing. Having some non-admin set
it up with the easy-to-use GUI is just a malware breeding ground.

--
Dylan Smith, Castletown, Isle of Man
Flying: http://www.dylansmith.net
Frontier Elite Universe: http://www.alioth.net
"Maintain thine airspeed, lest the ground come up and smite thee"

C J Campbell

June 25th 04, 11:23 PM

"Dylan Smith" > wrote in message
...
> In article >, Bill Denton wrote:
> >> That's simply not true in the least. Applications should not be able
to
> >> crash an OS. If it can, that's a serious OS bug. I would say that
you've
> >> been exposed to MS' OS a little too long without understanding what
else
> >> is out there.
> >
> > I have seen applications crash NT workstation and server four or five
times,
> > and I've crashed Win2K Professional twice; once with Flight Simulator.
>
> Which means the OS has some serious bugs. Either that or bad drivers
> (I've come across some hideously bad - I mean really inexcusably bad
> video drivers).
>
> As for Windows being easy to set up (you cited WfWG), Macintosh networks
> were that easy to set up in 1988 - we had a Mac network at school then.
> It's hardly Windows that has made setting up LANs easy. Setting up the
> LAN isn't even quarter of the battle - keeping it up *and secure* is a
> much bigger chunk of it. An easy GUI setup and few scripting tools, and
> an insecure default configuration means that the easy set up has a
> really nasty sting in the tail, as evidenced by the hundreds of
> thousands of hosts listed in Spamhaus's XBL (Exploits Blacklist). You
> need proper admins (i.e. ones you'll have to pay well) to keep your
> network secure even if it runs Windows. Admins who know how to write
> scripts to automate jobs. That kind of thing. Having some non-admin set
> it up with the easy-to-use GUI is just a malware breeding ground.

Fine, if you have a huge corporation that can afford a bunch of well-paid
admins. Your argument is beginning to sound an awful lot like you don't
think most people should have computers and that you think that the general
public is a menace. That isn't the fault of Windows. You know, the Internet
would not be nearly so big today if it weren't for all of those incompetent
Windows users that are able to access it. Get rid of them and you dry up 80%
of the business base. The rest would not be worth keeping the Internet
running. You could not even go back to the days when only research
facilities and the military had Internet access. It would be gone,
completely. So, although you think that the public are a threat, maybe you
might start asking yourself what would happen if you really got your way.
Maybe you are a bigger threat than the public you despise.

Andrew Gideon

June 25th 04, 11:35 PM

C J Campbell wrote:

> You could not even go back to the days when only
> research facilities and the military had Internet access.

Considering the economic damages caused by each major worm run, that might
not be a Bad Thing. We'd lose a *lot*. But it might be better, in the
long run.

Still, there's a third alternative: safe computing. Unfortunately, the idea
that anyone can run a computer network has already been sold to an
unsuspecting public. While this might be true in an ideal world (and we
are getting closer to that over time), the fact is that networks require
maintenance and tuning and the occasional safety fix just like aircraft and
automobiles do.

People don't mind using mechanics or A&Ps because we're told it's necessary.
Had people not been sold the aforementioned lie, then perhaps this wouldn't
be a problem. Unfortunately, this idea has settled in and taken root.

- Andrew

Peter Duniho

June 26th 04, 12:45 AM

"Dylan Smith" > wrote in message
...
> As for Windows being easy to set up (you cited WfWG), Macintosh networks
> were that easy to set up in 1988

They were that easy as long as you stuck with Appletalk. Again, the big
reason Macs are "easy" and "stable" is that there's practically no variation
in configuration from computer to computer. (And frankly, I've seen the Mac
bomb icon often enough to know that the word "stable" doesn't necessarily
apply to a Mac any more than it applies to any other OS).

They were hard then to set up in a mixed environment with non-Apple
technologies, and frankly, I still find it daunting at times when trying to
get different platforms to talk to each other on the same network, even when
it comes to configuring the Macintosh.

Pete

Peter Clark

June 26th 04, 01:32 AM

On Fri, 25 Jun 2004 13:30:48 -0400, Andrew Gideon >
wrote:

>Greg Copeland wrote:
>
>
>> Hate to tell you this, but the vast majority of the 'net is run on
>> Unix/Linux.
>
>Well...UNIX and Cisco's IOS.

FWIW, Cisco IOS and Juniper's JunOS are both based on BSD.

Teacherjh

June 26th 04, 02:02 AM

>> People don't mind using mechanics or A&Ps because we're told it's necessary.

The difference is, anybody with a nearby library can learn how to fix a car or
an airplane. This is not true of Windows, or any closed source software. The
innards of windows are a secret. You cannot be sure of what the operating
system (or any commercial program) is =really= doing. I find that scary. With
open source, even if I personally don't want to open the hood, so to speak, I
know that there are lots of geeks who have already looked under the hood, and
any nefarious stuff would have already been publicized in a place I could look.

Imagine having a new aircraft come on the market, but nobody is allowed to do a
preflight. The mechanism for rasing the gear is a secret. The avionics are
coupled to the autopilot, but you are not permitted to know how. And you may
not fly without the transponde operating in mode Q.

Jose

--
(for Email, make the obvious changes in my address)

Bob Noel

June 26th 04, 03:24 AM

In article >, Greg Copeland
> wrote:

> >>The trick is to truly show that the device was indeed rock solid, and
> >>for
> >>that history to be actually applicable to future use.
> >
> > 'taint no trick at all; we do it with voting machines now.
> >
> > Bwahaha...
> >
> > --kyler
>
>
> LOL. I doubt the majority here are able to follow the humor there.

ya can't follow what ain't there. :-(

--
Bob Noel

leslie

June 26th 04, 04:44 AM

Greg Copeland ) wrote:
: On Fri, 25 Jun 2004 13:08:41 +0000, Kyler Laird wrote:
:
: > Bob Noel > writes:
: >
: >>The trick is to truly show that the device was indeed rock solid, and for
: >>that history to be actually applicable to future use.
: >
: > 'taint no trick at all; we do it with voting machines now.
: >
: > Bwahaha...
: >
: > --kyler
:
:
: LOL. I doubt the majority here are able to follow the humor there.
:

Here's an article for those who didn't catch the humor:

http://www.commondreams.org/headlines03/1013-01.htm
All the President's Votes?

--Jerry Leslie
Note: is invalid for email

C J Campbell

June 26th 04, 06:09 AM

"Andrew Gideon" > wrote in message
online.com...
> C J Campbell wrote:
>
> > You could not even go back to the days when only
> > research facilities and the military had Internet access.
>
> Considering the economic damages caused by each major worm run, that might
> not be a Bad Thing. We'd lose a *lot*. But it might be better, in the
> long run.
>

Better for whom? I submit that your protests are essentially the same as
those of the priests when Gutenberg started printing Bibles. Your high
priesthood is threatened now that the unanointed masses have access to
computers and networks. The reaction was violent when personal computers
were first introduced. The IT priesthood constantly warned of the dangers of
personal computing. Most big corporations and government agencies adopted
policies prohibiting employees from using anything but the company
mainframe. Never mind that the IT priests could not deliver what people
wanted: their own spreadsheets and word processors. Employees had to meet
off site in secret to get real work done on their personal computers.

After thirty plus years, nothing has changed. The ancient priesthood still
tries to hold onto its power, railing against the dangers of Microsoft and
Windows and, yes, personal computing. The days of the priests are numbered.
I think that is a Good Thing.

> Still, there's a third alternative: safe computing.

Again, safe for whom? Apparently the high priests are concerned only for
their own safety, ie, jobs.

>
> People don't mind using mechanics or A&Ps because we're told it's
necessary.

As a matter of fact, many people do mind.

Peter Duniho

June 26th 04, 07:00 AM

"Teacherjh" > wrote in message
...
> >> People don't mind using mechanics or A&Ps because we're told it's
necessary.
>
> The difference is, anybody with a nearby library can learn how to fix a
car or
> an airplane. This is not true of Windows, or any closed source software.
The
> innards of windows are a secret. You cannot be sure of what the operating
> system (or any commercial program) is =really= doing.

There is no such thing as "closed source software", not as you describe it.

The operating system is only mysterious to people who don't take the time to
look at the software. 100% of the operating system is delivered to every
person who installs it, and it is right there for anyone to look at.
Deciphering what the operating system does is orders of magnitude harder
than reverse engineering an airplane engine (for example), but it is not
impossible by any means. How do you think independent third parties
discover vulnerabilities in any operating system?

You can be every bit as sure of what the operating system is really doing as
you like. You need only invest the time and effort to do so. Open source
is somewhat easier to review, but the truth is, if you aren't looking at the
compiled machine code that is actually running on your computer, you don't
really know what the software is doing. The high-level C/C++ (or whatever)
code is very useful for giving you a good idea, but only the actual compiled
result can be considered to be a 100% certain description of what the
computer is doing.

Pete

Greg Copeland

June 26th 04, 07:34 AM

On Fri, 25 Jun 2004 22:09:50 -0700, C J Campbell wrote:
>> Still, there's a third alternative: safe computing.
>
> Again, safe for whom? Apparently the high priests are concerned only for
> their own safety, ie, jobs.
>

Actually, it's the "high priests" which are trying to hold the line
against safe computing because it's a very high, steep, and sliperly
slope. It's the general public and CTO-Q-public which seems to be pushing
the line for that.

Greg

Greg Copeland

June 26th 04, 07:48 AM

On Fri, 25 Jun 2004 23:00:14 -0700, Peter Duniho wrote:

> "Teacherjh" > wrote in message
> ...
>> >> People don't mind using mechanics or A&Ps because we're told it's
> necessary.
>>
>> The difference is, anybody with a nearby library can learn how to fix a
> car or
>> an airplane. This is not true of Windows, or any closed source software.
> The
>> innards of windows are a secret. You cannot be sure of what the operating
>> system (or any commercial program) is =really= doing.
>
> There is no such thing as "closed source software", not as you describe it.

I disagree.

>
> The operating system is only mysterious to people who don't take the time to
> look at the software. 100% of the operating system is delivered to every
> person who installs it, and it is right there for anyone to look at.
> Deciphering what the operating system does is orders of magnitude harder
> than reverse engineering an airplane engine (for example), but it is not
> impossible by any means. How do you think independent third parties
> discover vulnerabilities in any operating system?
>

That's a different issue.

> You can be every bit as sure of what the operating system is really doing as
> you like. You need only invest the time and effort to do so.

The difference is one of practicality and man hours. With even the source
code, it would take man-years to review NT's code, for example. It would
probably take several orders of magnitude more man-years if it all had to
be done as the machine language level. Ack!

> Open source
> is somewhat easier to review,

Somewhat? Try, practicle versus nonpractical. Now, consider the number
of C and C++ programmers. Now, consider the number of even semi-decent
assembler and/or machine language programmers around these days. Starting
to see a resource problem?

> but the truth is, if you aren't looking at the
> compiled machine code that is actually running on your computer, you don't
> really know what the software is doing.

This is, of course, a valid point. Just the same, a *mostly* moot point
given the openess of today's open source compilers. GNU's compilers, for
example, are self hosting. That means it compiles a compiler, which
it then uses to compile a new compiler. Then, the new compiler is used to
compile another compiler to compare with the previous compiler, to ensure
that everything is built properly. So, about the only way you're going to
get a surprise there is **if**, your current compiler is trojaned AND it's
smart enough to pass the trojan on to the new compiler. That means it
would have to know when it's compiling a new compiler.

Aside from that, compiler bugs are really the only issue to worry about.
Which means, for the vast, vast, vast majority of the cases, source code
is king!

> The high-level C/C++ (or whatever)
> code is very useful for giving you a good idea, but only the actual compiled
> result can be considered to be a 100% certain description of what the
> computer is doing.

Basically, short of a hidden compiler trojan, the source is still the
preferred reference, by anyone's measure. The compiled code is only
checked to ensure proper optimizations or to validate unexpected behavior
which may seem to not coincide with the source (compiler bug, for example).

Long story short, there is a world of difference between open source and
closed source software. The biggest being, it's completley unpractical to
even aspire to audit a closed source OS or application of any significant
scope without the source. Chances are, it would be much easier to write
your own software solution rather than attempt to audit a closed source
solution at the machine language level.

Greg

Greg Copeland

June 26th 04, 08:12 AM

On Fri, 25 Jun 2004 14:54:19 -0500, Bill Denton wrote:

>
> I have seen quite a few Linux admins who had to use cheat sheets for even
> the most rudimentary Win server tasks. And during the dot.com bust I saw
> more than one Linux admin deliberately allow their Windows boxes to
> deteriorate so they couild make the Linux boxes look better, and thus
> preserving their jobs.

During the .com boom, there where plenty of completely unqualified people
working in IT. People often needed warm bodies to support their 1, 2,
4 business plans. The scales heavily lean toward WIN admins, IMO, but I
have no doubt that there have and are unqualified Linux/Unix admins out
there too. In fact, I've met unqualified HP/UX admins too. A rotten egg doesn't
spoil the whole batch unless you attempt to cook with it.

>
> I have seen applications crash NT workstation and server four or five times,
> and I've crashed Win2K Professional twice; once with Flight Simulator. A
> couple of years ago I worked for a software company, and a test suite run of
> one of our applications brought down two Linux boxes and one Unix box.
> Everything can crash.

Granted, but if an application crashes, it's an OS bug. There are many
ways to "bring down" a system, but not all of these are bugs. In many
cases, it's improper configuration or hardware for a task.

>
> And I saw a Win2K server mysteriously begin going BSOD, for no observable
> reason. It looked just like a software crash. I worked in the IBM building
> in downtown Chicago, where you would expect the power to be good, but it
> turned out we were getting power sags which were crashing the machine.

This is exceedingly common. The more machines you get on a circuit, the
dirtier the power is going to become. People often rush to purchase surge
protecters but fail to realize the brownouts are actually far, far worse
for their computer. Not to mention, very common. They often go
completely unnoticed but cause bit-flip errors or even physical gate
damage to some components. I could go on, you I think you get the point.

> It
> was plugged into the same outlet with a workstation which never had a
> problem.

Different CPUs, chipsets, power supplies, and yes, even computing trends,
can all make a significant difference. Not all computers are created
equal.

> I did some testing, and discovered that the sags were long enough
> to drop the server, but not long enough to effect the workstation. I put in
> a UPS; no problem. But as I said, it looked just like a software problem.
> How many other hardware problems get blamed on the OS?

I'm sure many.

>
> It's not a matter of which will do the job, it's a matter of which will do
> the job best. And there are things that Win will do better than Linux and
> vice-versa. And better is not just a matter of benchmarking: in some small
> towns you might find 10 Win administrators and zero Linux administrators. In
> that case, Linux is totally worthless. It's all a matter of matching the OS
> to the need.

Well, my statement assumed everything being equal. But you are right.
I'm a strong believer in the best tool for the job. If your room of a
thousand monkeys only know typewriters, you don't give them word
processors and hope for the best. You have a valid point here.

>
> And I hate to tell you this, there were LAN's long before the Internet
> became "prime time". I did my first Windows For Workgroups (NETBUI) network

Done that too. Ohh...you remember arcnet? Hehe. Those were the days.

> in 1992, the Internet did not begin to achieve any sort of mass penetration
> until 1996 or so. While the majority of the servers may run Unix/Linux, most
> of the outbound data quickly goes through a router onto a Windows network,

Well, before the big days of the net, most were military, dod, and
university users, so it was still mostly unix. Granted, as it grew,
windows networks were certainly plugged in.

>
> I agree with you about the increased vulnerability of Windows, but a case
> could also be made that the associated protocols, which were designed by
> Unix guys, were poorly engineered. Had they been better designed the spam
> problems would not exist. I don't make that argument, but if you talk
> about Windows vulnerabilities, you also have to consider lacadasical
> engineering.

Hehe. I don't think that's fair. IPv4 works rather well for what it was
designed to do. It's just the IPv4 has grown well beyond it's original
design. This is why IPv6 exists. This is why everyone is wanting the
Interent to transition to IPv6. It addresses most every complaint of
IPv4. So, I don't think it's fair to blame the designers if the market
refuses to adopt the correct technology.

Having said that, spam is actualy an issue of the SMTP protocol and not
the IP protocol. Granted, better facilities in IP may of helped. But
let's face it, the current SMTP protocol (and associated RFCs) would be
hard pressed to become more spam friendly. If you insist on pointing a
finger, feel free to point a finger at the right group. ;)

Cheers!

Greg

Dylan Smith

June 26th 04, 09:23 AM

In article >, C J Campbell wrote:
> Fine, if you have a huge corporation that can afford a bunch of well-paid
> admins. Your argument is beginning to sound an awful lot like you don't
> think most people should have computers and that you think that the general
> public is a menace.

No, I think Windows as it currently stands is unsuitable for the general
public. Windows as it stands is fine in an environment where a corporate
admin can look after the network. It's not the users fault, it's the
fault of Microsoft because the configuration is insecure by default.

Windows as it stands should have at
least the software firewall on *by default* and almost all services
(most services which home users will never use) *off* by default.
Finally, MS has decided to listen and will have the firewall on by
default in Service Pack 2. Security researchers have been saying this
for *years*, and only now is it being done.

In this instance, Windows 98 is better than Windows XP. The real
problems didn't start happening until XP came out. Windows XP was a
retrograde step for home users on the internet - it just allowed them to
be 0wn3d because of all the additional potentially exploitable (and as
it happens, actually exploitable) services that were running.

It's not a problem with the users. It's entirely a problem with Windows.
The users are essentially decieved - it's a nice easy to set up system,
but they've been tricked into having a system that claims to be easy to
use and maintain, but really requires an expert system administrator to
make secure.

> That isn't the fault of Windows.

But it IS the fault of Windows. Having a number of insecure services
turned on by default which the vast majority of home users will *never*
use on a network is purely the fault of Microsoft. The PC manufacturers
also have some responsibility to bear - they could have at least thought
about it and set up a reasonably secure disk image when they duplicated
the hard disk loads for their PCs.

In any case, the Macintosh has been easy to set up since the 1980s
(including setting up a Mac LAN) so ease-of-use is hardly a Microsoft
innovation. It's just a pity that the hardware platform wasn't open.

> might start asking yourself what would happen if you really got your way.
> Maybe you are a bigger threat than the public you despise.

Gosh, you're reading an awful lot into my post that I didn't write. I
don't think I've seen a non-sequitur like that since Lord Tebbit managed
to turn a radio interview on obesity into how the Government was
encouraging buggery!

--
Dylan Smith, Castletown, Isle of Man
Flying: http://www.dylansmith.net
Frontier Elite Universe: http://www.alioth.net
"Maintain thine airspeed, lest the ground come up and smite thee"

Dylan Smith

June 26th 04, 09:29 AM

In article >, C J Campbell wrote:
>> Still, there's a third alternative: safe computing.
>
> Again, safe for whom? Apparently the high priests are concerned only for
> their own safety, ie, jobs.

Safe for the general Internet-using public. Is it too much to ask that
operating systems designed for personal use on personal computers aren't
set up by default to be running a huge bunch of exploitable server
processes?

--
Dylan Smith, Castletown, Isle of Man
Flying: http://www.dylansmith.net
Frontier Elite Universe: http://www.alioth.net
"Maintain thine airspeed, lest the ground come up and smite thee"

David Reinhart

June 26th 04, 02:02 PM

It's already happened.

Dave Reinhart

Andrew Gideon wrote:

> Kyler Laird wrote:
>
> > (Paul Tomblin) writes:
> >
> >>I remember a comp.risks article many years ago where one maker of avionics
> >>was said to prefer Windows because if something went wrong with the OS,
> >>somebody else would have to fix it,
> >
> > *That* would be funny. I can imagine a bunch of panels being labeled
> > "inop" until Microsoft decides it wants to generate a fix.
> >
>
> Worse: A virus comes with a Jepp database upgrade. Yikes!
>
> - Andrew

David Reinhart

June 26th 04, 02:04 PM

Gives a whole new meaning to "the blue screen of death", doesn't it? ;-)

Dave Reinhart

C J Campbell wrote:

> "Bruce Horn" > wrote in message
> ...
> > I've been wondering...
> >
> > What underlying OS do the various glass panels (Avidyne, Garmin, etc.)
> > use? It might actually make me think twice about buying a particular
> > system if I knew that (for example) it was Windows underneath.
>
> The MX-20 runs plain vanilla Windows NT 4.0. I don't know why anyone except
> software bigots would have a problem with that. There have been no known
> problems with the OS in this application.
>
> The Garmin G-1000 runs a proprietary OS.

David Reinhart

June 26th 04, 02:09 PM

I'm not a big fan of SCO anymore, and I haven't had to work with the SCO UNIX
for about 10 years, but I used to be the SA for the SCO box that ran the plant
that produces all the chemicals used by a major chip maker. I had that system
so tweaked that when I quit they didn't bother to replace me and the system
kept running fine until it was replaced about five years later. They only
called me in "on contract" once in that whole period and that was for a
hardware problem.

Dave Reinhart

Greg Copeland wrote:

> On Thu, 24 Jun 2004 23:16:44 +0000, leslie wrote:
>
> > Kevin Darling ) wrote:
> > :
> > : However, Microsoft themselves point out that Windows is not a hard
> > : realtime OS, and should not be used in more demanding applications
> > : such as fly-by-wire.
> > :
> > http://www.gcn.com/archives/gcn/1998/july13/cov2.htm
> > Software glitches leave Navy Smart Ship dead in the water |
> > GCN July 13, 1998
> >
>
> That's actually an application bug and not an OS bug. One interesting
> note is that they also highlight that Unix would be a much more reliable
> option, which would be true, excluding SCO, and including Linux.
>
> It's also worth noting, that traditionally, all MS OS's have somehow
> managed to sidestep the DoD qualification phases. Some cash and palms are
> usually suspected to be the reasons. In fact, while I don't have a link
> off hand, there is a fairly well known quote, by a DoD (IIRC) guy, which
> can be paraphrase as, "If Windows had been forced to go through the same
> channels as every other OS, it would of never qualified."
>
> Cheers!

Peter Duniho

June 26th 04, 04:44 PM

"Dylan Smith" > wrote in message
...
> [...]
> Finally, MS has decided to listen and will have the firewall on by
> default in Service Pack 2.

Yes, they have. And it will cost them a lot of money, because now every
user that winds up wanting to do something that the firewall won't allow by
default (because it locks down the system by default) will cost Microsoft
money so that they can have their questions answered because they can't be
bothered to RTFM.

Online gaming will be a big area of support, but there are plenty of other
applications that look like end-user client applications but which wind up
hosting at least one "server" port.

By blaming Microsoft only, you are starting to sound like those rabid
anti-Microsoft people CJ was talking about. Microsoft had genuine economic
motivation to make their operating system easier for dumb people to get
working and it's unreasonable to lay all (or even most) of the blame at
their feet for catering to their audience.

> In this instance, Windows 98 is better than Windows XP.

That's like saying "in respect to high-speed crashes, the Ford Model A is
better than the 67' Mustang".

Windows 98 was insecure in plenty of other ways, and since the vast majority
of computer security problems have more to do with social engineering than
software engineering, those insecurities in Win98 more than trump XP's
issues.

As long as you allow a human being access to the operating system, there
will be problems. Windows had a very specific, and very different set of
requirements from any other operating system on the market today, and it
evolved in a very predictable way. Sure, there's room for improvement, but
the blame game doesn't help anyone, and frankly, because the anti-Windows
rhetoric has always been so blatantly religious, with little rational
justification, it's not surprising that tiny nuggets of truth have been
ignored for so long.

I know if I had some zealot in my face all the time about my unholy
lifestyle choices, I probably wouldn't pay much attention to him if he told
me my zipper was down.

Pete

Greg Copeland

June 26th 04, 05:02 PM

On Sat, 26 Jun 2004 08:23:44 +0000, Dylan Smith wrote:

> In article >, C J Campbell wrote:
>> Fine, if you have a huge corporation that can afford a bunch of well-paid
>> admins. Your argument is beginning to sound an awful lot like you don't
>> think most people should have computers and that you think that the general
>> public is a menace.
>
> No, I think Windows as it currently stands is unsuitable for the general
> public. Windows as it stands is fine in an environment where a corporate
> admin can look after the network. It's not the users fault, it's the
> fault of Microsoft because the configuration is insecure by default.
>

This is true. Security has never been a significant priority for MS.

> Windows as it stands should have at
> least the software firewall on *by default* and almost all services
> (most services which home users will never use) *off* by default.
> Finally, MS has decided to listen and will have the firewall on by
> default in Service Pack 2. Security researchers have been saying this
> for *years*, and only now is it being done.

Rumor has it, that they will be making such changes in the future. Worth
noting, that I believe I read the XP SP2 will even make the firewall start
BEFORE the interfaces go live. Which means their software fire will
become more than worthless. Keep your fingers crossed. ;)

> It's not a problem with the users. It's entirely a problem with Windows.
> The users are essentially decieved - it's a nice easy to set up system,
> but they've been tricked into having a system that claims to be easy to
> use and maintain, but really requires an expert system administrator to
> make secure.

This is true. Which certainly does create many problems. Just the same,
in fairness, it requires an expert on any system to properly maintain and
keep secure.

>
>> That isn't the fault of Windows.
>
> But it IS the fault of Windows. Having a number of insecure services
> turned on by default which the vast majority of home users will *never*
> use on a network is purely the fault of Microsoft. The PC manufacturers
> also have some responsibility to bear - they could have at least thought
> about it and set up a reasonably secure disk image when they duplicated
> the hard disk loads for their PCs.

This is a fair complaint. Along those lines, many Linux distros had some
problems because newbs would select every service under the sun and enable
them without knowing what was going on. So, while having available the
shortest path to stupidity stinks, it still boils down to making sure you
have an administrator that's worth a dang. This is true, no matter what
OS you have. Granted, a bad admin, from a security perspective, might be
able to hide easier on non-Win platforms, eventually, they will get caught
with their pants down without regard for the platform that they admin.

Cheers,

Greg

Greg

Greg Copeland

June 26th 04, 05:08 PM

On Sat, 26 Jun 2004 13:09:44 +0000, David Reinhart wrote:

> I'm not a big fan of SCO anymore, and I haven't had to work with the SCO UNIX
> for about 10 years, but I used to be the SA for the SCO box that ran the plant
> that produces all the chemicals used by a major chip maker. I had that system
> so tweaked that when I quit they didn't bother to replace me and the system
> kept running fine until it was replaced about five years later. They only
> called me in "on contract" once in that whole period and that was for a
> hardware problem.

Ya, I hear ya. I've used SCO's "Always Stopped Clustering" and it left a
bad taste in my mouth. Their support was worthless. It seems that
it's the user's fault that a single application instance can DESTROY
every node in the cluster (including the filesystem), by simply starting
it up. When I say destroy, I mean go get your install disks and reformat
from scratch. Oddly, there was nothing wrong with the application, but
they still refused to support it. I've also used SCO on some X.25 private
switched networks, where we aso had some stability issues there. Granted,
it might of been an Eicon driver issue or something like that. Just the
same, I've never, personally, been impressed with SCO uptimes. So, perhaps
my persional bias is showing. ;)

Cheers,

Greg

C J Campbell

June 26th 04, 06:14 PM

"Dylan Smith" > wrote in message
...
>
> No, I think Windows as it currently stands is unsuitable for the general
> public. Windows as it stands is fine in an environment where a corporate
> admin can look after the network. It's not the users fault, it's the
> fault of Microsoft because the configuration is insecure by default.
>
> Windows as it stands should have at
> least the software firewall on *by default* and almost all services
> (most services which home users will never use) *off* by default.

Actually, it is home users that tend to use those services the most, for
things like on-line gaming and such.

Now, I know a lot of Windows users. I realize that most computer admin types
have real problems with trusting the general public with anything more
complicated than an Etch-A-Sketch, but I tend to believe that the general
public is a little smarter than that. All the home users I know have
personal firewalls, anti-virus software, etc.

The vulnerable computers that I have seen are the office computers which are
maintained by so-called professional administrators who have turned off all
these protections for their own convenience.

C J Campbell

June 26th 04, 06:16 PM

"Dylan Smith" > wrote in message
...
> In article >, C J Campbell wrote:
> > Fine, if you have a huge corporation that can afford a bunch of
well-paid
> > admins. Your argument is beginning to sound an awful lot like you don't
> > think most people should have computers and that you think that the
general
> > public is a menace.
>
> No, I think Windows as it currently stands is unsuitable for the general
> public. Windows as it stands is fine in an environment where a corporate
> admin can look after the network. It's not the users fault, it's the
> fault of Microsoft because the configuration is insecure by default.
>
> Windows as it stands should have at
> least the software firewall on *by default* and almost all services
> (most services which home users will never use) *off* by default.
> Finally, MS has decided to listen and will have the firewall on by
> default in Service Pack 2. Security researchers have been saying this
> for *years*, and only now is it being done.

Besides, what does any of this have to do with aircraft displays? Who gives
a hoot whether an Apollo MX-20 has its firewall turned on or not?

C J Campbell

June 26th 04, 06:45 PM

"David Reinhart" > wrote in message
...
> Gives a whole new meaning to "the blue screen of death", doesn't it? ;-)
>

You are going to die if your MX-20 fails?

Andrew Gideon

June 26th 04, 09:28 PM

Greg Copeland wrote:

> This is, of course, a valid point. Just the same, a *mostly* moot point
> given the openess of today's open source compilers. GNU's compilers, for
> example, are self hosting. That means it compiles a compiler, which
> it then uses to compile a new compiler. Then, the new compiler is used to
> compile another compiler to compare with the previous compiler, to ensure
> that everything is built properly. So, about the only way you're going to
> get a surprise there is **if**, your current compiler is trojaned AND it's
> smart enough to pass the trojan on to the new compiler. That means it
> would have to know when it's compiling a new compiler.

Which method of propagation has been discussed (rather famously) in the
past, no?

<grin>

- Andrew

Andrew Gideon

June 26th 04, 09:42 PM

C J Campbell wrote:

>
> "Andrew Gideon" > wrote in message
> online.com...
>> C J Campbell wrote:
>>
>> > You could not even go back to the days when only
>> > research facilities and the military had Internet access.
>>
>> Considering the economic damages caused by each major worm run, that
>> might
>> not be a Bad Thing. We'd lose a *lot*. But it might be better, in the
>> long run.
>>
>
> Better for whom?

You'd have to ask the economists that produce these numbers.

> I submit that your protests are essentially the same as
> those of the priests when Gutenberg started printing Bibles. Your high
> priesthood is threatened now that the unanointed masses have access to
> computers and networks.

That's foolish. Once upon a time, I was a software engineer with a nice job
that paid reasonably well. Then, this tool I'd used for year exploded in
popularity. As a result, my income surged. Despite the "hard times" and
"burst of the bubble" neither I, nor my other "long time in technology"
friends, were adversely impacted.

In other words, the exploion of personal computing, esp. involving
networking (my particular area of interest has always been in network
computing) has been *wonderful* for me.

So by what am I threatened?

No, what I see is a picture larger than myself. I see people that have
years of work lost because they don't do proper backups. I see people that
have monies and "identities" stolen do to poor system security (ie. the
latest IE spoof, or just the sniffers installed at a Kinkos). I see
reports of millions+ in damages cited for each of these major worm runs.

All of these are, in theory, preventable. But this would require education.
This would require that people understand that these are not toasters, but
machines of enough complexity that ongoing care and maintenance is
necessary. Unfortunately, that education could work against some company
bottom lines, and so a lie is put out instead.

Is the cost worth the benefit? I cannot say. So I *don't* say. But I
certain don't opine that the introduction of the Internet to the masses is
an unmixed good. There has been a definite cost. Worse still, it is a
cost that need not have been paid.

If you're looking for a priesthood protecting its own, I think you're
looking in the wrong direction.

- Andrew

Andrew Gideon

June 26th 04, 10:17 PM

C J Campbell wrote:

> Besides, what does any of this have to do with aircraft displays? Who
> gives a hoot whether an Apollo MX-20 has its firewall turned on or not?

You know, this is a very good question. It caused me to have a sad thought.

Today, GA avionics is much in the same place that PCs (not just MSFT
environments) were in the late 80s: mostly stand alone, perhaps with a
local LAN (ie. MFD, simple weather download, etc.). What if avionics take
the connectivity leap that general computing has taken?

For example, one of the problems with MSFT environments is that they ship
with all "discover all devices on the net" mechanisms enabled and insecure.
This is terrific for ease of constucting a network. Just plug it in, and
it works.

Avionics manufacturers could take the same path: standard protocols for
discovery and then communication would make plugging a new device into the
avionics "bus" cheaper/easier.

Of course, add one device which communicates between avionics buses (ie.
perhaps a TCAS or some nifty function riding a mode S), and we've MSFT
machines on an internetwork all over again...except we'll be airborn at the
time.

Scary.

- Andrew

Andrew Gideon

June 26th 04, 10:18 PM

David Reinhart wrote:

> It's already happened.

Really? Wow. Have you a citation I could read? I'd like very much to
learn more about this.

- Andrew

Andrew Gideon

June 26th 04, 10:22 PM

C J Campbell wrote:

> You are going to die if your MX-20 fails?

That was in a Futurama episode. They'd gone back in time to a point before
GPS. As the ship approached Earth, warnings sounded. No GPS, Navigation
failing, the ship was going to crash. "Not if I can help it", says Leela
the pilot. Then the engines power down. "Oh. I guess I can't."

Yep. The GPS is that important.

<Laugh>

- Andrew

G.R. Patterson III

June 26th 04, 10:44 PM

Peter Duniho wrote:
>
> Yes, they have. And it will cost them a lot of money, because now every
> user that winds up wanting to do something that the firewall won't allow by
> default (because it locks down the system by default) will cost Microsoft
> money so that they can have their questions answered because they can't be
> bothered to RTFM.

Microsoft charges for user support. They'll *make* money on this deal.

George Patterson
None of us is as dumb as all of us.

Peter Duniho

June 27th 04, 12:03 AM

"G.R. Patterson III" > wrote in message
...
> Microsoft charges for user support. They'll *make* money on this deal.

First of all, they only charge for phone support. Secondly, even with the
charge, product support is not a profit center.

I can't tell if your tongue is in cheek, but if not, you're way off base.

Pete

Blanche

June 27th 04, 02:59 AM

Greg Copeland > wrote:
>On Sat, 26 Jun 2004 13:09:44 +0000, David Reinhart wrote:

[snip SCO stuff]

Greg, David -- I've got a SCO box at work (which, fortunately
someone else worries about). However, as is wont to happen with
a large organization over many years, we've lost the source code
for a critical component (FORTRAN and C). Which means we're living
with static code that customers need updated but we can't do it.

Do either of you (or anyone else out there) know of any
decompilers for Fortran or C on the SCO? It's an intel box,
latest version of SCO OS.

*help!*

thanks

PS: remove the "blackhole" to respond privately or post here if
there's not too much opposition.

Tom Sixkiller

June 27th 04, 05:40 AM

"C J Campbell" > wrote in message
...
>
> Now, I know a lot of Windows users. I realize that most computer admin
types
> have real problems with trusting the general public with anything more
> complicated than an Etch-A-Sketch, but I tend to believe that the general
> public is a little smarter than that. All the home users I know have
> personal firewalls, anti-virus software, etc.

Considering that something like over 80% of "general public" people run
their internet connection with no firewall and no virus protection, that's
interesting.

> The vulnerable computers that I have seen are the office computers which
are
> maintained by so-called professional administrators who have turned off
all
> these protections for their own convenience.

Really? How many have you seen?

Tom Sixkiller

June 27th 04, 05:42 AM

"C J Campbell" > wrote in message
...
>
> Now, I know a lot of Windows users. I realize that most computer admin
types
> have real problems with trusting the general public with anything more
> complicated than an Etch-A-Sketch, but I tend to believe that the general
> public is a little smarter than that. All the home users I know have
> personal firewalls, anti-virus software, etc.
>
> The vulnerable computers that I have seen are the office computers which
are
> maintained by so-called professional administrators who have turned off
all
> these protections for their own convenience.
>

Sounds like CJ is shilling for the local (Washington) company. :~)

Dylan Smith

June 27th 04, 09:10 AM

In article >, Peter Duniho wrote:
> Online gaming will be a big area of support, but there are plenty of other
> applications that look like end-user client applications but which wind up
> hosting at least one "server" port.

I doubt gaming will be a big area of support - all the games I play
online work through my hardware firewall without the need to open any
ports. If you want to run a game _server_ it will affect you, but most
Internet game servers are on co-located boxes because of the bandwidth
requirements. It will affect LAN parties, but since LAN parties tend to
be hosted by geeks anyway, it won't really be a problem.

There are very few end user applications that need to listen on a port.

> By blaming Microsoft only, you are starting to sound like those rabid
> anti-Microsoft people CJ was talking about. Microsoft had genuine economic
> motivation to make their operating system easier for dumb people to get
> working and it's unreasonable to lay all (or even most) of the blame at
> their feet for catering to their audience.

I'm not blaming them for catering to their audience, they could have
easily done that without leaving so many services the vast majority of
users don't use open and vulnerable to attack without lessening the
usability of the system. Windows XP Home Edition, out of the box, is
like a poorly-configured *server* and it's supposed to be a home user's
OS.
It's not just Microsoft, it's the PC manufacturers. It often takes them
forever to pre-patch their default load of Windows with the security
updates Microsoft puts out. It wouldn't surprise me if PCs are still
shipping without Service Pack 1. Machines we recently got had SP1 but no
critical patches, which have been out for quite some time.

--
Dylan Smith, Castletown, Isle of Man
Flying: http://www.dylansmith.net
Frontier Elite Universe: http://www.alioth.net
"Maintain thine airspeed, lest the ground come up and smite thee"

Dylan Smith

June 27th 04, 09:16 AM

In article >, C J Campbell wrote:
> Actually, it is home users that tend to use those services the most, for
> things like on-line gaming and such.

Umm, I play rather too many online games than is healthy, but I've never
needed to use the services in question (for example, RPC and LSASS, two
recently exploited services in Windows). In fact, my hardware firewall
doesn't allow anyone from the Internet to connect to a port on my PC yet
all the games I play work.

--
Dylan Smith, Castletown, Isle of Man
Flying: http://www.dylansmith.net
Frontier Elite Universe: http://www.alioth.net
"Maintain thine airspeed, lest the ground come up and smite thee"

Andrew Gideon

June 27th 04, 04:14 PM

Dylan Smith wrote:

> nyone from the Internet to connect to a port on my PC yet
> all the games I play work.

I'm not much of a game player (since xtrek became unpopular {8^), but I'm in
an organization which includes a number of game builders. They've
impressed me with their tricks for dealing with firewalls (really: the NAT
boxes most consumers call firewalls). From my rough observation, in fact,
they're ahead of the H.323 industry in that area.

Those softwares often still have issues with firewalls and NAT boxes, though
improvements have been occurring.

- Andrew

Greg Copeland

June 27th 04, 06:29 PM

On Sat, 26 Jun 2004 19:59:01 -0600, Blanche wrote:

> Greg Copeland > wrote:
>>On Sat, 26 Jun 2004 13:09:44 +0000, David Reinhart wrote:
>
> [snip SCO stuff]
>
>
> Greg, David -- I've got a SCO box at work (which, fortunately
> someone else worries about). However, as is wont to happen with
> a large organization over many years, we've lost the source code
> for a critical component (FORTRAN and C). Which means we're living
> with static code that customers need updated but we can't do it.
>
> Do either of you (or anyone else out there) know of any
> decompilers for Fortran or C on the SCO? It's an intel box,
> latest version of SCO OS.

Well, I'm not aware of any SCO specfic decompilers. Chances are, if it's
production code, you guys did not leave debugging information compiled in.
Thusly, this can not be "decompiled" in any meaningful way. But, I don't
know for a fact as I'm not aware of the specific linker details on that
platform (assuming you're not using GNU tools). Just the same, I'd be
amazed if you can not get a disassembler. The problem is, you will of
changed your source langauge from FORTRAN and C to x86 assembler. That
alone is going to create another issue. Then, toss in the scale of
groking all that, ouch!

>
> *help!*
>

I'm sorry, but I don't think I'll be able to help much. Now, if you want
to rewrite it, I'll be happy to provide contact information. ;) I am a
consultant and would be happy to help you guys explore your options.

Cheers,

Greg Copeland

David Reinhart

June 27th 04, 09:05 PM

Sorry, can't help you. I was strictly an SA and never did any
development work on the platform.

Dave Reinhart

Blanche wrote:

> Greg Copeland > wrote:
> >On Sat, 26 Jun 2004 13:09:44 +0000, David Reinhart wrote:
>
> [snip SCO stuff]
>
> Greg, David -- I've got a SCO box at work (which, fortunately
> someone else worries about). However, as is wont to happen with
> a large organization over many years, we've lost the source code
> for a critical component (FORTRAN and C). Which means we're living
> with static code that customers need updated but we can't do it.
>
> Do either of you (or anyone else out there) know of any
> decompilers for Fortran or C on the SCO? It's an intel box,
> latest version of SCO OS.
>
> *help!*
>
> thanks
>
> PS: remove the "blackhole" to respond privately or post here if
> there's not too much opposition.

David Reinhart

June 27th 04, 09:13 PM

It was in a discussion either in Flying or AOPA Pilot about Jeppesen's
Skywriter system, the one that lets you download database upgrades and load
them onto a datacard. As I recall the PC was infected with the virus
passed it on. Sorry, I can't give you which month it was.

Dave Reinhart

Andrew Gideon wrote:

> David Reinhart wrote:
>
> > It's already happened.
>
> Really? Wow. Have you a citation I could read? I'd like very much to
> learn more about this.
>
> - Andrew

David Reinhart

June 27th 04, 09:16 PM

See the wink emoticon? That indicates the remark was not intended to be
serious.

Dave Reinhart

C J Campbell wrote:

> "David Reinhart" > wrote in message
> ...
> > Gives a whole new meaning to "the blue screen of death", doesn't it? ;-)
> >
>
> You are going to die if your MX-20 fails?

Peter Duniho

June 27th 04, 11:19 PM

"Dylan Smith" > wrote in message
...
> I doubt gaming will be a big area of support - all the games I play
> online work through my hardware firewall without the need to open any
> ports. If you want to run a game _server_ it will affect you, but most
> Internet game servers are on co-located boxes because of the bandwidth
> requirements. It will affect LAN parties, but since LAN parties tend to
> be hosted by geeks anyway, it won't really be a problem.
>
> There are very few end user applications that need to listen on a port.

You obviously do not spend a lot of time playing a wide variety of computer
games online.

A number of games on the market today support online, peer-to-peer
multiplayer gameplay. And with every single one, every time someone has a
firewall or NAT router in the mix, there's trouble getting it set up. A few
gamers are also network-savvy, but most are not.

Just as for-example: why don't you go check the Neverwinter Nights forums at
http://www.bioware.com and see whether you think there are "very few" people
playing Neverwinter Nights that don't need to listen on a port or otherwise
figure out their firewall configuration.

It is simply not true that "most Internet game servers are on co-located
boxes". Most Internet game is done peer-to-peer, which means one of the
players is actually the server. To make matters worse, Gamespy (to name a
popular "meeting place" game server, used by Neverwinter Nights as it
happens) uses a variety of ports, and so for a person to host a game there's
not even just a single port they need to configure, there's a whole slew of
them (or slough, if you prefer :) ).

It's hard enough getting Gamespy (and similar) to work with a NAT router
hardware box, but once XP SP2 comes out, there's going to be all sorts of
new "how do I do this?" questions from gamers.

> I'm not blaming them for catering to their audience, they could have
> easily done that without leaving so many services the vast majority of
> users don't use open and vulnerable to attack without lessening the
> usability of the system. Windows XP Home Edition, out of the box, is
> like a poorly-configured *server* and it's supposed to be a home user's
> OS.

Again, you simply do not understand the number of operating system
components that act as servers, even if the user has not intentionally
decided to be a big-time Internet server.

I will agree that more than 50% of users (significantly more) never use
those services. But enough do, and of those, most will complain that they
can't figure out how to get it working, even if all that's required is to
click a checkbox to turn it on. Users are dumb and lazy, and rather than
try to figure things out and RTFM, they will just make the phone call or
send the email and ask someone else to fix it for them.

In any case, I've run out of ways to relate this back to aviation, so you'll
have to carry on the debate without me from this point on. I *will* suggest
that you do a little more research (Googling is sufficient if you use the
right search terms) so that you actually understand what multiplayer games
require of their users to get them to work behind a firewall or NAT router
(like Windows Internet Connection Sharing). It's not nearly the non-issue
you claim it is.

Pete

Dylan Smith

June 28th 04, 08:31 AM

In article >, Peter Duniho wrote:
> A number of games on the market today support online, peer-to-peer
> multiplayer gameplay. And with every single one, every time someone has a
> firewall or NAT router in the mix, there's trouble getting it set up. A few
> gamers are also network-savvy, but most are not.

All recent games take into account the fact there will probably be a NAT
router somewhere along the line because they are so common. *ALL* the
ISPs here recommend a NAT router for their broadband connection, and
when I lived in the US, NAT routers were certainly not the exception on
a broadband connection even a couple of year ago.

> It is simply not true that "most Internet game servers are on co-located
> boxes". Most Internet game is done peer-to-peer, which means one of the
> players is actually the server.

I have not played a single peer-to-peer FPS, undoubtedly one of the more
popular genres of online games since FPS games stopped using IPX.
I have not come across a single public gameserver or clanserver for
games like UT, RTCW, Enemy Territory et al. hosted on a home server.
Game companies will have to *adapt* if they want to listen to a port.

> Again, you simply do not understand the number of operating system
> components that act as servers, even if the user has not intentionally
> decided to be a big-time Internet server.

Yes I do. They should be off by default.

What's more of a problem: someone having to ask in a forum about how to
forward 45835/udp, or the massive problem with spam and trojaned boxes
we're stuck with now? It seems like the OS was far too usable for trojan
writers, too. Again: games are not a huge problem. Especially compared
with the ongoing problems with owned boxes.

--
Dylan Smith, Castletown, Isle of Man
Flying: http://www.dylansmith.net
Frontier Elite Universe: http://www.alioth.net
"Maintain thine airspeed, lest the ground come up and smite thee"