Comparing Vista <> Linux ,
Some points and factors that i would like to log it , maybe it's a type of reference for 1D10T Microsoftians
Guy quotes => /*... */
me => Bold
/*
OK, let me ask you a simple question about Linux shell:
Can you explore object models in linux shell? (i.e. SQL Server, Oracle, etc)? So you can go to any object and type dir and you'll get all the relations, functions, properties, variables, etc?
*/
-Oracle doesn't use .net in linux so that's silly question
-There already is a object-based shell try to google "object+shell" Linux.
Personally, I'd map those things onto fs-level objects, fs-named.
/*
And about viruses, please don't ever mix viruses with vulnerabilities, if a virus is working on your system due to a vulnerability, then it's a security issue, otherwise it's not related to security at all, it's just another program!
*/
You should realize looking at that list that it's mostly third party software
1)There are TONS of applications available for linux that are all free. A lot are on this list
2) Security in open source projects tends to be more proactive and open- so more vulnerabilities are reported , at the time windows is a closed source and facing always vulnerabilities even at the system level.
3) if you want to compare the security as it relates to YOUR system, look at remotely exploitable vulnerabilities in the services you are running not a random list of programs from 2 years ago
/*
Enterprise Linux is not for free (its price is more than windows server)
i.e.:
The most expensive edition of Windows Server is Windows Server 2003 R2 Enterprise Edition, it costs $3,999 for 25 CALs, and it comes in 32bit and 64 bits.
While redhat Red Hat Application Stack premium costs $8,499
*/
The application stack is a marketing term and it's not more than a bunch of applications,
You have to know what you want to do before thinking in what you want to use.
You don't need "integrated applications and solutions", you need a system that does something.
And Linux provide a bunch of applications in different distros for this purpose and you can make your own application stack for free.
/*
1- When I referred to Oracle I was giving an example (by the way google is supporting .Net since version 10).
*/
Even if Oracle 10 is supporting .Net but not under Linux.
/*
2- I don't think that "vulnerabilities" in kernel fall under "3rd party tools"
*/
Kernel is always as i said an "open source project tends to be more proactive and open- so more vulnerabilities are reported" in a comparison to win kernel.
/*
3- Refer back to my last post about the term "free", nothing free in this world
*/
All the bunch of available open source softwares aren't free ?!! with an already applications integrations and inter managed dependencies all in one distro available for download and with available support from its communities from all over the world.
SOME FACTS
-USer-mode((glibc=linux/unix style) || (win32=c runtime)) both refere to standard C style lib
-Win32 has huge dependecies on the NT kernel
-Win32 API the that manipulate the kernel vista
Linux vulnerabilities:
-Most linux vulnerabilities are found and fixed by the kernel developers before they are at all popular for exploits
-If we want to make a comparison, look at the TIME ( the time the exploit was in wild , with exploit code available and used, until the time a patch was released, sum that up for all remote exploits on both kernels ) that vulnerabilities had exploit code in the wild not the number of them.
-Also , we should consider whether we will be depending on the distro to manage our security updates , or get them directly from kernel source update, the former will increase the time an exploit is available .
-Number of _public_ vulnerabilities = number of vulnerabilities reported by people.
That has precious little to do with the number of vulnerabilities present and undiscovered
that said , linux is a changing target ; it gets more new code in than closed systems(or more slowly developing software in general).
-There are many reasons people normally know these reasons, and saying "foo X is more secure than Y, because it has less _public_ vulnerabilities" is pretty moot
Kernel comparison :
-Vista kernel can not be compared to linux one cause nt kernels do not provide unix semantics to programs
-The NT kernel doesn't natively support *any* devices except the serial port , which is used to dump memory when you get a BSOD ;)
-Windows drivers are supplied by the vendors.
-Apart from proprietary drivers, like ATI NVIDIA etc, the Linux kernel contains all the drivers, in windows , when you buy a new card/whatever the vendor supplies a driver the majority included with wondows are made by the vendor and certified by M$ (and the vendor got it from the guys who made the chip)
Linux shell / PowerShell :
As a test for shell performance,
-I'd toss in a command line like
"time for file in *.jpg;do convert "$file{file%.jpg}.png";done > convert.log"
measure time of the following for every file with extension .jpg, call the convert command with as first parameter the filename, as second parameter the filename with the trailing '.jpg' replaced with '.gif,' end of loop write all output generated by the loop to convert.log.
-I do not know how this would be done in PowerShell, but i expect it to be rather painful
-I assume any shell worth the name has some mechanism like pipes, but i doubt they would come close to the flexibility you have with line-based data and tools like tr, grep and sed
-Questions regarding Power shell :
Is there anything resembling ‘which’?
Is there anything like history expansions (!$, !*, !!)?
What about command substitution (ls -l `which ls`)?
What about background jobs ?
Object model :
-Personally, I'd map those things onto fs-level objects, fs-named.
-We would produce a text representation of the object, which would then be manipulated through the usual tools and converted back into an object by a program if it so desires , there is nothing preventing us from writing a program (which you could call from bash) which parses such expressions and does things accordingly , though command-line-interfaces to dbus work this way.
Finally what about the /Proc in Vista , is there something could be the same and with the exact possibilities ?
Vista or any Window$ is available for how many Archs ?
-Win32 has huge dependecies on the NT kernel
-Win32 API the that manipulate the kernel vista
Linux vulnerabilities:
-Most linux vulnerabilities are found and fixed by the kernel developers before they are at all popular for exploits
-If we want to make a comparison, look at the TIME ( the time the exploit was in wild , with exploit code available and used, until the time a patch was released, sum that up for all remote exploits on both kernels ) that vulnerabilities had exploit code in the wild not the number of them.
-Also , we should consider whether we will be depending on the distro to manage our security updates , or get them directly from kernel source update, the former will increase the time an exploit is available .
-Number of _public_ vulnerabilities = number of vulnerabilities reported by people.
That has precious little to do with the number of vulnerabilities present and undiscovered
that said , linux is a changing target ; it gets more new code in than closed systems(or more slowly developing software in general).
-There are many reasons people normally know these reasons, and saying "foo X is more secure than Y, because it has less _public_ vulnerabilities" is pretty moot
Kernel comparison :
-Vista kernel can not be compared to linux one cause nt kernels do not provide unix semantics to programs
-The NT kernel doesn't natively support *any* devices except the serial port , which is used to dump memory when you get a BSOD ;)
-Windows drivers are supplied by the vendors.
-Apart from proprietary drivers, like ATI NVIDIA etc, the Linux kernel contains all the drivers, in windows , when you buy a new card/whatever the vendor supplies a driver the majority included with wondows are made by the vendor and certified by M$ (and the vendor got it from the guys who made the chip)
Linux shell / PowerShell :
As a test for shell performance,
-I'd toss in a command line like
"time for file in *.jpg;do convert "$file{file%.jpg}.png";done > convert.log"
measure time of the following for every file with extension .jpg, call the convert command with as first parameter the filename, as second parameter the filename with the trailing '.jpg' replaced with '.gif,' end of loop write all output generated by the loop to convert.log.
-I do not know how this would be done in PowerShell, but i expect it to be rather painful
-I assume any shell worth the name has some mechanism like pipes, but i doubt they would come close to the flexibility you have with line-based data and tools like tr, grep and sed
-Questions regarding Power shell :
Is there anything resembling ‘which’?
Is there anything like history expansions (!$, !*, !!)?
What about command substitution (ls -l `which ls`)?
What about background jobs ?
Object model :
-Personally, I'd map those things onto fs-level objects, fs-named.
-We would produce a text representation of the object, which would then be manipulated through the usual tools and converted back into an object by a program if it so desires , there is nothing preventing us from writing a program (which you could call from bash) which parses such expressions and does things accordingly , though command-line-interfaces to dbus work this way.
Finally what about the /Proc in Vista , is there something could be the same and with the exact possibilities ?
Vista or any Window$ is available for how many Archs ?
No comments:
Post a Comment