Language Selection

English French German Italian Portuguese Spanish

Threats to Linux: Expertise and acceptance

Filed under
Linux

Do you know what most large Solaris installations have in common? Mis-management. What seems to happen is that the people in charge get there on the basis of large system experience in the eighties and then forcefully apply that expertise regardless of whether it's appropriate to the technology or not. That's what happened to a lot of large business projects started on Solaris in the mid to late ninties, why there was a resurgence in mainframe sales as these projects were written off in 2000 one and two, and why there's now a threat that the same thing is about to happen with Linux.

Linux installations, so far, have mainly been compromised by the expertise evolved to cope with the day to day emergencies associated with managing Microsoft's products. I think that's about to change as the big guys grab "the coming thing" and try to twist it into what they already know.

Look at Linux implementations in (bigger) business or government and in a majority of cases what you see is people trying to treat it as a one for one substitute for Windows - producing rackmounts stuffed with PCs all individually licensed from Red Hat, all running one application each, and all being routinely shut down for patch installation and "preventative reboot."

It's not that the people doing this are dishonest or incompetent - quite the contrary they're honestly doing what they've been taught to do, it's just that they haven't internalized the fundamental truth that Unix isn't Windows and so think their expertise applies. In reality, Linux isn't as good a Windows product as Windows, so the net effect is generally to increase cost to the employer while decreasing benefits.

The mainframers all want to virtualize or partition - despite the fact that these technologies address problems that don't exist on Unix. The windows generation wants to use lockdowns, proxies, anti-virus software, and the rackmount approach to SMP for the same reason: these are the things they know how to do and therefore the things they will do -and so what if the problems these solutions address don't exist in Linux.

It's insanely frustrating to hold a conversation with someone who's deeply committed to this kind of technological miscegenation. Typically you're dealing with someone who looks and sounds like a decent human being you'd be happy to have as a friend or neighbour -until you hit the job spot and what spews out are absolute certainties made up of absolute nonsense.

Recently, for example, I found myself explaining to a bunch of Windows people that DHCP started as Sun's bootp support for diskless devices, entered the Windows world as a means of temporarily assigning an IP address to a Windows 3.11 PC so it could be used to access the internet, and became unnecessary, and therefore inappropriate, for fixed network installations when Microsoft finally adopted TCP/IP.

These were bright people, honest and competent in their own way, but I would have won more converts arguing for the replacement of email by trained mice scurrying around carrying digitally inscribed slices of well aged lunar cheese. As a group they agreed that it would be a good idea to use non routable addresses internally, but nothing was going to change their true and certain knowledge that address allocations must be handled through DHCP.

What's going on with them, and their mainframe predecessors, is management by knowledge accretion -the setting in stone of managerial reflexes gained through thirty years of experience and applied, unchanged, to technology they've never seen before.

As a process, accretion works well for making sandstone, but it's not so smart for IT management -and the consequences are usually bad for the technologies involved because the people responsible for the resulting failures blame the tool far more often than they blame themselves.

By Paul Murphy
ZDNet

More in Tux Machines

OSS Leftovers

  • Canada’s Spy Agency Releases its Cyber-Defense Tool for Public
  • Canadian govt spooks open source anti-malware analytics tool
    The Communications Security Establishment (CSE) said the AssemblyLine tool is designed to analyse large volumes of files, and can automatically rebalance workloads.
  • Microservices served on blockchain, in open source
    Cloud application marketplace company Wireline is working with open source blockchain project developer Qtum The new union is intended to provide a conduit to consuming microservices at [web] scale using blockchain at the core. As we know, microservices offer the ability to create Application Programming Interfaces (APIs) without having to manage the underlying hardware and software infrastructure. [...] The Qtum a blockchain application platform combines the functions of Bitcoin Core, an account abstraction layer allowing for multiple virtual machines and a proof-of-stake consensus protocol aimed at tackling industry-use cases. The Qtum Foundation, headquartered in Singapore, is the decision-making body that drives the project’s development.
  • Rendering HTML5 video in Servo with GStreamer
    At the Web Engines Hackfest in A Coruña at the beginning of October 2017, I was working on adding some proof-of-concept code to Servo to render HTML5 videos with GStreamer. For the impatient, the results can be seen in this video here
  • Working Intel CET Bits Now Land In GCC8
    A few days back I wrote about Intel's work on Control-flow Enforcement Technology beginning to land in GCC. This "CET" work for future Intel CPUs has now landed in full for GCC 8. The bits wiring up this control-flow instrumentation and enforcement support are now all present in mainline GCC SVN/Git for next year's GCC 8.1 release.
  • Using Gitea and/or Github to host blog comments
    After having moved from FSFE’s wordpress instance I thought long about whether I still want to have comments on the new blog. And how I would be able to do it with a statically generated site. I think I have found/created a pretty good solution that I document below.

Security Leftovers

  • Where Did That Software Come From?
    The article explores how cryptography, especially hashing and code signing, can be use to establish the source and integrity. It examines how source code control systems and automated build systems are a key part of the software provenance story. (Provenance means “a record of ownership of a work of art or an antique, used as a guide to authenticity or quality.” It is increasingly being applied to software.)
  • Judge: MalwareTech is no longer under curfew, GPS monitoring [Updated]
    A judge in Milwaukee has modified the pre-trial release conditions of Marcus Hutchins, also known online as "MalwareTech," who was indicted two months ago on federal criminal charges. Under US Magistrate Judge William Duffin’s Thursday order, Hutchins, who is currently living in Los Angeles, will no longer be subject to a curfew or to GPS monitoring.
  • [Older] Leicester teen tries to hack CIA and FBI chiefs' computers
    A teenager attempted to hack senior US government officials' computers from his home. Kane Gamble, 18, from Coalville, Leicestershire, pleaded guilty to 10 charges relating to computer hacking. His targets included the then CIA director John Brennan and former FBI deputy director Mark Giuliano.

Debian: pk4, Freexian and More

Kernel and Graphics: ZenStates, AMDGPU, RADV, Vulkan, NVIDIA

  • ZenStates Allows Adjusting Zen P-States, Other Tweaking Under Linux
    ZenStates is an independent effort to offer P-States-based overclocking from the Linux desktop of AMD Ryzen processors and other tuning. ZenStates-Linux is an open-source Python script inspired by some available Windows programs for offering Ryzen/Zen CPU overclocking from the desktop by manipulating the performance states of the processor.
  • AMDGPU DC Gets A Final Batch Of Changes Before Linux 4.15
    The AMDGPU DC display code has a final batch of feature updates that were sent in this weekend for DRM-Next staging and is the last set besides fixes for the "DC" code for the 4.15 target.
  • Valve Developer Lands VK_EXT_global_priority For RADV Vulkan Driver
  • Vulkan 1.0.64 Adds In Another AMD-Developed Extension
    Vulkan 1.0.64 is out this weekend as the newest specification refinement to this high-performance graphics/compute API. As usual, most of the changes for this minor Vulkan revision are just documentation clarifications and corrections. This week's update brings just under a dozen fixes.
  • NVIDIA TX2 / Tegra186 Display Support Isn't Ready For Linux 4.15
    While the Jetson TX2 has been out since this past March and it's a phenomenal ARM development board, sadly the Direct Rendering Manager (DRM) driver support for it still isn't ready with the mainline Linux kernel. Thierry Reding of NVIDIA sent in the Tegra DRM driver changes for DRM-Next that in turn is staged for Linux 4.15. Reding commented that there is prepatory work for the TX2 (Tegra186) but it's not all ready for upstream yet.