Windows/LINUX development times. Now replying to JDT's response --- firefox v/s windows for WIFI security
Hi, I was busy. Happy Parsi New Year.
JTD replied whose reply I intepret as follows that Windows (am I correct ---- does not have a secure kernel like UNIX)---- then how is Windows security done. Now, for all over Mumbai/INDIA, WIFI can we say that we have to have a secure kernel ---- for banks can one advocate a "develop new applications / enhancements over LINUX development tool with Windows running on top of LINUX using the emulator VIRTUALBOX which is open source).
Now the key issue is that has anyone taken a software project of say one year and shown it is cheaper to develop using Windows v/s LINUX for the "easy to use touted set of Windows tool v/s which tool set to use of LINUX".
Not over the entire life-cycle, but just over six months time to go live. What if we take a fresh graduate of say visual basic/ASP from a windows school and put him thru linux programming ------ how will the development cycle be cheaper/prototyping cycle be cheaper.
Erach
Erach wrote:
Hi, I was busy. Happy Parsi New Year.
JTD replied whose reply I intepret as follows that Windows (am I correct ---- does not have a secure kernel like UNIX)---- then how is Windows security done.
Actually JTD's answer meant that the kernel and user space memory allocation are well defined in linux and not so much in windows this means that user run programs are less likely to affect a system's security in linux than it is in windows (correct me if I am wrong)
Now, for all over Mumbai/INDIA, WIFI can we say that we have to have a secure kernel ---- for banks can one advocate a "develop new applications / enhancements over LINUX development tool with Windows running on top of LINUX using the emulator VIRTUALBOX which is open source).
what is the need for windows if an equivalent program can be made available in linux, sometimes even "windows programs" run glitch free in linux using WINE
Now the key issue is that has anyone taken a software project of say one year and shown it is cheaper to develop using Windows v/s LINUX for the "easy to use touted set of Windows tool v/s which tool set to use of LINUX".
the issue with such a study is that the people concerned are generally reluctant to move to a new platform, given that, I can vouch for the usablity of linux with a personal example, my dad has been bed ridden since 2003 and internet is one of the few links that keeps him in touch with the outside, he was just as new to windows as he was to linux thus making him one of the best judges for such a comparison, well he loves to work in linux as much as possible and wonders, why everyone still sticks to windoze.
Surya
On Monday 18 Aug 2008 18:11, Surya Pratap wrote:
Erach wrote:
JTD replied whose reply I intepret as follows that Windows (am I correct ---- does not have a secure kernel like UNIX)---- then how is Windows security done.
Actually JTD's answer meant that the kernel and user space memory allocation are well defined in linux and not so much in windows this means that user run programs are less likely to affect a system's security in linux than it is in windows (correct me if I am wrong)
Partly right. But the windows kernel itself is riddled with holes some diliberate some due to various backward compatibility issues. That apart security by obscurity is a known evil security practice. therefore not having the source available for scrutiny as well as patching is a strict NO for anything concerned with security.
Now, for all over Mumbai/INDIA, WIFI can we say that we have to have a secure kernel ---- for banks can one advocate a "develop new applications / enhancements over LINUX development tool with Windows running on top of LINUX using the emulator VIRTUALBOX which is open source).
Virtulization does not solve the security issue. Virtualization merely provides the ability to better utilise hardware and manpower.
On Friday 22 Aug 2008, jtd wrote:
[snip] Virtulization does not solve the security issue. Virtualization merely provides the ability to better utilise hardware and manpower.
Virtualisation does solve /a/ security issue, namely that of containing cracks into a limited environment. For instance, I'd rather someone crack a virtual machine running HTTP through a hypothetical Apache exploit (on a server with multiple virtual machines running different applications) than the whole server using the same exploit.
It's not a panacea, but it does help you improve security. On the flip side are the costs of virtualisation, whether hardware, IP addresses or management.
Regards,
-- Raju
On Friday 22 Aug 2008 13:08, Raj Mathur wrote:
On Friday 22 Aug 2008, jtd wrote:
[snip] Virtulization does not solve the security issue. Virtualization merely provides the ability to better utilise hardware and manpower.
Virtualisation does solve /a/ security issue, namely that of containing cracks into a limited environment. For instance, I'd rather someone crack a virtual machine running HTTP through a hypothetical Apache exploit (on a server with multiple virtual machines running different applications) than the whole server using the same exploit.
True, as you point out, for a very limited definition of true. In many (most?) cases exploiting a doze hole is all that is required to zombie all the other doze boxes connecting to the service. Comprising the entire host is not necessary, perhaps not even desirable.
It's not a panacea, but it does help you improve security. On the flip side are the costs of virtualisation, whether hardware, IP addresses or management.
Agreed. The OP might have realised the danger in trying to paper over deeply embedded architectural security issues.
On 18-Aug-08, at 1:14 PM, Erach wrote:
Now the key issue is that has anyone taken a software project of say one year and shown it is cheaper to develop using Windows v/s LINUX for the "easy to use touted set of Windows tool v/s which tool set to use of LINUX".
in my experience it is more expensive to develop in FOSS, for the simple reason that the developers hired have to actually know what they are doing, so cost much more. In the long run, though, once the software is developed and deployed, the software is far cheaper to maintain. If I am not mistaken, when Munich opted for FOSS, the FOSS bid was much higher than the proprietary software bids.
Kenneth Gonsalves wrote:
On 18-Aug-08, at 1:14 PM, Erach wrote:
Now the key issue is that has anyone taken a software project of say one year and shown it is cheaper to develop using Windows v/s LINUX for the "easy to use touted set of Windows tool v/s which tool set to use of LINUX".
in my experience it is more expensive to develop in FOSS, for the simple reason that the developers hired have to actually know what they are doing, so cost much more. In the long run, though, once the software is developed and deployed, the software is far cheaper to maintain. If I am not mistaken, when Munich opted for FOSS, the FOSS bid was much higher than the proprietary software bids.
The general opinion of people in the software industry (programmers and potential clients) is that Windows programmers are cheaper and available in large quantities whereas FOSS programmers are few and quote astronomical rates for their work.
On Monday 18 Aug 2008 22:23, Rony wrote:
Kenneth Gonsalves wrote:
On 18-Aug-08, at 1:14 PM, Erach wrote:
Now the key issue is that has anyone taken a software project of say one year and shown it is cheaper to develop using Windows v/s LINUX for the "easy to use touted set of Windows tool v/s which tool set to use of LINUX".
in my experience it is more expensive to develop in FOSS, for the simple reason that the developers hired have to actually know what they are doing, so cost much more. In the long run, though, once the software is developed and deployed, the software is far cheaper to maintain. If I am not mistaken, when Munich opted for FOSS, the FOSS bid was much higher than the proprietary software bids.
True. What was not included in the closed quote was all the costs incurred over the life of the data. Standard accounting practice would budget over 3 yrs. This is a distinct disadvantage to FOSS where a program tends to have an indefinite life. Further for a given industry the requirements will be 95% same. With FOSS the costs for using the software in another city would be 10 to 15% of the first time costs, not 100%, as the case would be with a closed solution.
The general opinion of people in the software industry (programmers and potential clients) is that Windows programmers are cheaper and available in large quantities whereas FOSS programmers are few and quote astronomical rates for their work.
shows that the costing exercise is crappy and / or that the clients data is not important.
Having said the above, NEVER focus on cost as a USP - this goes for any product - but on the strengths that you have and is missing from the competition.
-
Erach -
jtd -
Kenneth Gonsalves -
Raj Mathur -
Rony -
Surya Pratap