Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

MS Patches Go For Quality Over Quantity?

Zonk posted more than 8 years ago | from the can't-we-have-both dept.

Microsoft 225

greengrass writes "eWeek.com is running a story about another Microsoft 'study'. This one discusses how good Microsoft is at providing patches for their OS. This is Part 2 of 3 in a series of articles, the first of which compared Linux and Windows on legacy systems." From the article: "Bill Hilf, who is director of Platform Technology Strategy at Microsoft and heads its Linux and open-source lab, told eWEEK in a recent interview that 'the differentiator for customers is not the number comparison, but which vendor makes the patching and updating experience the least complex, most efficient and easiest to manage.'"

Sorry! There are no comments related to the filter you selected.

Focus Magazine Interview Haunts Gates (5, Interesting)

eldavojohn (898314) | more than 8 years ago | (#14463639)

I'll be the first to point this out (as I'm sure it's been pointed out many times on slashdot)--Gates has openly stated in an interview with Focus Magazine [cantrip.org] that users aren't interested in bug fixes.

I've read other interviews with Gates in which he went further to explain himself by saying that the feedback they received from users was rarely requesting a bug fix. He listed a percentage in the high nineties that was feedback suggesting new features. And so, with each upgrade and patch, the aim wasn't for security or bug fixes but instead for new features which a lot of people asked for. The engineers will blame him for taking that approach but I'm sure the businessmen will laugh and follow Gates all the way to the bank.

Now, to be fair, it seems he has changed his stance [go.com] (which--calm down--I believe people are allowed to do). And I applaud them if they really are trying to rectify what they made mistakes on in the past with their new patching strategy. There is (obviously) much debate about if they actually are trying to fix it and if these are actually quality patches. I'm sure the flamewar that ensues on this article will demonstrate that adequately.

I will make a speculation though. IN MY OPINION, the largest thing Microsoft has to fear is a perfectly secure operation system they have created and distributed throughout the world. This is because they will no longer have "upgrades" or new versions of Windows to offer costumers. Yes, some customers are looking for new features, but oftentimes I find myself on my Windows machine just begging it to behave properly as a cut and dry OS. If the rumors of Vista are true and it is an efficient and secure operating system that can function in plain jane deterministic manners, then I want it dual booting with Linux and nothing more ... ever.

Re:Focus Magazine Interview Haunts Gates (3, Interesting)

Information Architec (866239) | more than 8 years ago | (#14463709)

then I want it dual booting with Linux and nothing more ... ever.

IF Linux is as stable as you make out, and you want "nothing more...ever", then why not make it - or Windows for that matter - available as a chipset, like the good ol' BBC Microcompuetr of yesteryear...? Whatever the OS, why should I waste my time waiting for the system to boot up or shut down, when so many other devices have their OS's on EPROM....I just want to switch on and go.

Re:Focus Magazine Interview Haunts Gates (2, Informative)

repruhsent (672799) | more than 8 years ago | (#14463852)

...because Windows and Linux consume many, many megabytes (even gigabytes) of space, which is not feasible to manufacture into EPROM. Hard disks are slow, but for a reason; they're a cheaper storage device per gigabyte of data compared to EPROM.

Sure, you could put the kernel into EPROM, but that's a pain in the ass. Suppose you have a kernel vulnerability (be it in your Windows EPROM or your Linux EPROM). Now, suppose you're patching it from inside the OS and the power goes out. What now? With an EPROM containing your OS kernel, you're out of luck - you're going to have a boat load of fun getting your machine back up. If your kernel is on storage (like a hard disk) like everything else is, in the worst possible case scenario you have to reinstall your OS (which I bet a lot of people here do routinely anyway).

So, all in all, storing your OS in EPROM is a very, very bad idea. At least, right now.

Re:Focus Magazine Interview Haunts Gates (2, Insightful)

ReTay (164994) | more than 8 years ago | (#14463921)

IF Linux is as stable as you make out, and you want "nothing more...ever", then why not make it - or Windows for that matter - available as a chipset, like the good ol' BBC Microcompuetr of yesteryear...?

Because like any operating system you will eventually want to add something to the machine like a newer video card.... Or a new codex and then what happens when you turn off the machine? But even three seconds of thought would have told you that.
Eventually you (gasp) might even want to try a new distro....
For crying out loud talk about vendor lock...

Re:Focus Magazine Interview Haunts Gates (4, Informative)

Anonymous Coward | more than 8 years ago | (#14463735)

users aren't interested in bug fixes.

The thing is, he's right, he just didn't know it. Look at all the unpatched windows boxes that were spreading Slammer (or any of the other worms that spread like wildfire while using exploits that had been fixed months before). Users aren't interested in doing bug fixes.

Automatic Windows Update's gone a long way towards fixing this for them, but they'll need to ditch updates to windows carrying their own EULAs (which breaks automatic update, since it will sit around and backlog all the patches until someone logs into an administrative account (which users aren't supposed to do for everyday use, right?) in order to click the agree button) in order to truly automate everything.

Re:Focus Magazine Interview Haunts Gates (5, Insightful)

Tony (765) | more than 8 years ago | (#14463781)

If the rumors of Vista are true and it is an efficient and secure operating system that can function in plain jane deterministic manners, then I want it dual booting with Linux and nothing more ... ever.

Those rumours have preceded every version of MS-Windows since NT 3.51 (the most secure and stable version of MS-Windows to date, in my experience). I've stopped waiting for MS to produce an exceptional operating system. There are much, much better alternatives out there -- OS X, Linux, *BSD, Solaris, etc. What's the point of waiting for MS to play catch-up?

I'm interested in seeing Vista in action. I'll probably take a look when someone at work here picks it up. I don't hold out a lot of hope that it will beat the stability of Solaris, the ease-of-use and consistency of OS X, or the openness and general all-over chocolatey goodness of Linux and *BSD.

Let's see if they still group programs by vendor, and not by function.

Re:Focus Magazine Interview Haunts Gates (2, Insightful)

ChetOS.net (936869) | more than 8 years ago | (#14464036)

It is interesting though. You say that each OS has its strengths that Vista might not have... but in effect you are pointing out that none of those OSes have all those strengths.

If Vista can provide a good stability (which it should, XP is very stable), good ease-of-use, and "chocolately goodness", then it would be the best operating system for general consumption.

yeah 3.51 was the best (1)

steve_l (109732) | more than 8 years ago | (#14464311)

I remember running 3.51 on my 486/66; it was slick. It had the win3.x gui, "program manager", rather than the win95 one, but it just kept going.

One reason for it potentially being so good is it was the closest NT ever was to a microkernel; the gui really was user mode code running in the win32 subsystem. A duff display or print driver could never bluescreen the system, just the win32 subsys. Which was bad enough, but t least you could normally shut it down.

Nt4 pulled drawing kernel side, so any print/display driver will toast the OS.

Re:Focus Magazine Interview Haunts Gates (4, Insightful)

ZombieRoboNinja (905329) | more than 8 years ago | (#14464007)

"IN MY OPINION, the largest thing Microsoft has to fear is a perfectly secure operation system they have created and distributed throughout the world. This is because they will no longer have "upgrades" or new versions of Windows to offer costumers."

Just to play devil's advocate, Apple's OS is largely bug-free and secure, and yet quite a few people pay cash money for an upgrade every year or so. This is presumably because each new release of OSX has enough cool features to give it some appeal, even without a bunch of critical security updates.

Would Apple sell enough upgrades to make a profit if they weren't making money from hardware (and iPod) sales? Maybe not, but it's worth asking.

More M$ Hooey (5, Insightful)

TripMaster Monkey (862126) | more than 8 years ago | (#14463667)


Microsoft Corp. seems to be moving away from focusing on the actual number of security patches and updates that it and its software competitors release.

But of course they are...since Joe Brockmeier and Joe Barr of NewsForge [newsforge.com] , as well as Pamela Jones of Groklaw [groklaw.net] did such a masterful job of debunking the ridiculous annual summary of vulnerabilities by US-CERT [us-cert.gov] (discussed earlier on Slashdot [slashdot.org] ), Microsoft has necessarily had to switch propaganda tactics.

Instead, it is concentrating on making it easy and efficient for customers to obtain the security fixes and update their systems.

That's funny...I've never had a problem with my Yast Online Update...

"...patching, particularly for security, is not a 'Microsoft problem,' but something that affects all operating system and platform vendors," Hilf said.

Nice straw man, Hilf. No one is claiming that non-Microsoft operating systems don't need to be patched. The issue is whether the patches are issued in a timely manner...or not [microsoft.com] .

Re:More M$ Hooey (2, Interesting)

HardCase (14757) | more than 8 years ago | (#14463774)

What about Cox's boasting that Red Hat took the initiative to notify its users about the Flash issue? According to him, Microsoft left its customers in the dark - but the security issue had absolutely nothing to do with either Red Hat or Microsoft. Are we now to depend upon our OS vendor to provide us with security updates for our third party applications? How far does it go?

The whole Linux versus Microsoft thing is like arguing politics. You've got a few zealots on the fringes and a vast number of people who are perfectly happy with what they've got. The zealots are loud and shrill but, in the the end, they represent a tiny minority.

Want a bad analogy? It's like Ford saying that you should buy a Mustang because a Camaro sucks (yes, I know that Chevy doesn't make Camaros anymore - work with me here).

-h-

Re:More M$ Hooey (3, Insightful)

TripMaster Monkey (862126) | more than 8 years ago | (#14463881)


What about Cox's boasting that Red Hat took the initiative to notify its users about the Flash issue?

This quote sums it up nicely:

From TFA (emphasis mine):
In late 2005 when flaws were found in Macromedia's Flash Player, Red Hat took responsibility for providing users with a vulnerable version of the Flash plug-in and made an update available, he [Cox] said.
How far does it go?

Basically, if you are the one to provide the software, you are responsible for getting the patches to the users. This is one big reason the *nixes performance in US-CERT's annual summary of vulnerabilities appeared so poor...because the *nixes were also issuing patches for all the software that came bundled with the OS.

Re:More M$ Hooey (-1, Troll)

jedidiah (1196) | more than 8 years ago | (#14464101)

The vast majority of people are wallowing in their own filth and simply don't know any better. They aren't happy because Microsoft produces something worthwhile. They aren't even necessarily happy either.

Re:More M$ Hooey (5, Interesting)

IAmTheDave (746256) | more than 8 years ago | (#14463847)

That's funny...I've never had a problem with my Yast Online Update...

Nor have I had any issues with Windows Update on XP or Windows 2000/2003 Server or Professional. While patches may be a little lacking in expediency (sp?) it couldn't be easier to do. I love that I can have my office XP computer patch itself while my servers download but do not install patches without my explicit command. I can't imagine Windows Update - and especially automatic Windows Update being easier to use, even for non-power users.

Right now, I think that OSX and Windows XP/2000/2003 really have the best in patching, with certain Linux distros being up there as well. Easily getting updates to users is no longer an issue, it's the speed/efficiency with which said patches become available that is to be compared.

Re:More M$ Hooey (4, Insightful)

m50d (797211) | more than 8 years ago | (#14463930)

One difference - you mention office, but I suspect most software on a typical user's machine is not covered by windows update. Wheras as a gentoo user, everything on my machine is updated with one command. MS is doing well looking after their own products, but any application can compromise the system - they should try and get every windows program vendor using windows update.

Re:More M$ Hooey (1)

ookaze (227977) | more than 8 years ago | (#14464032)

While patches may be a little lacking in expediency (sp?) it couldn't be easier to do

That's because with your enterprise licence, you did not have to validate your version of Windows XP.

Re:More M$ Hooey (-1)

Foxxz (106642) | more than 8 years ago | (#14463877)

Microsoft: We put the K in Kuality!

-Foxxz

Re:More M$ Hooey (1)

RealProgrammer (723725) | more than 8 years ago | (#14463926)

Not only that, but the number of flaws and their severity is so much more important than how nice your patch system is that they shouldn't even be compared.

Remember the old "if Windows were a car" joke?

I'd rather have a car that just keeps running than one that I need to get fixed all the time, even if the dealer makes it really easy. I'd rather have a car that doesn't get taken over by organized crime if I don't buy the optional armor plating. I'd rather have a car I can let the kids drive without having to give them the title.

I'd rather be able to upgrade my car for free, whenever I want. I'd rather not have pull off the highway and restart the engine to fix whatever is wrong (and it's just the CD player acting up). It's great that it comes with a CD player, but I'd rather not be stuck with that one if I find something better. Same for the engine, transmission, and even the armor plating: if I find a better part, I'd like to be able to slap it on and have it fit. Without restarting the engine, unless that's what I'm replacing.

I love analogies (0, Troll)

somersault (912633) | more than 8 years ago | (#14464324)

I'd switch off the engine while replacing parts on my car otherwise I'd choke on the exhaust fumes or have to do it outside. Err. Do normal people really need an analogy to see that Linux is better than Windows? Oh dear.

really? (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#14463671)

Maybe they should open source windows so se can see all the problems and make more problems

The patches just rarely add functionality (-1, Offtopic)

generationxyu (630468) | more than 8 years ago | (#14463673)

XP still doesn't have support for Bluetooth, and didn't even support WiFi until SP2. The problem with this is that it stifles innovation -- technology just isn't going to take off if it doesn't work in Windows.

Re:The patches just rarely add functionality (2, Interesting)

CheechBG (247105) | more than 8 years ago | (#14463798)

Umm, WinXP SP2 (not sure if it's just SP2, but that's all I run before I got my BT dongle) does have support for Bluetooth. Sorry.

In fact, I believe that MS's drivers, as simplistic as they are, are far and away better than Toshiba's BT stack (Try to set up BT HotSync with a Treo 650 over Toshiba BT drivers). Unfortunately, they don't hold a candle to the WIDCOMM drivers.

The real travesty in all this is the fact that there are 3 separate comm stacks for the exact same hardware. Even worse is that they are licensed in such a way that I cannot use the WIDCOMM drivers for a BT device that came with Toshiba drivers. However, I can use the MS drivers for anything.

Re:The patches just rarely add functionality (3, Informative)

HardCase (14757) | more than 8 years ago | (#14463822)

XP still doesn't have support for Bluetooth...

You mean the Bluetooth connection between my notebook and my cellphone that I use to connect to the Internet on the road doesn't really work? Uh oh...

-h-

Re:The patches just rarely add functionality (2, Interesting)

Mr. Underbridge (666784) | more than 8 years ago | (#14463843)

Nice troll, but make it less obvious. Win 2K had support for WiFi, for chrissakes. I believe 98 did too, eventually.

Correction. (-1)

SalsaDoom (14830) | more than 8 years ago | (#14463962)

Win2k and below only support wireless with 3rd party applications -- generally supplied by the hardware vendor, the OS itself doesn't have any support for the devices. Go ahead and plug in a wireless pci card into a win2k box, if you don't use the vendor's software you won't be able to connect to a damn thing.

--SD

Re:Correction. (1, Insightful)

Mr. Underbridge (666784) | more than 8 years ago | (#14464027)

So if I plug in communications hardware from 2005 into an OS from 2000, and don't install drivers, it doesn't work? News at 11...

Re:Correction. (0)

Anonymous Coward | more than 8 years ago | (#14464187)

Yes, it happens all the time on my Linux machine. I've never installed a driver, yet the stuff works. That's what patching is supposed to do - update the software. It just goes to show how Microsoft charged an arm and a leg for Win2k, then let it rot after a service life shorter than NT, and certainly shorter than Win98.

Since this is posted under a story about patching Windows, it's all relevant.

This microsoft patch will probably open... (-1, Troll)

LeddRokkenstud (945664) | more than 8 years ago | (#14463674)

This microsoft patch will probably open up about 5-8 other security vulnerabilities.

It may be good.... (5, Insightful)

Anonymous Coward | more than 8 years ago | (#14463677)

It may be good to have lots of patches, but once you have a car where the duct tape weighs more than any other parts combined, isn't it time to just get another car?

Re:It may be good.... (0)

Anonymous Coward | more than 8 years ago | (#14463824)

Isn't that why Microsoft comes out with each new version...

Perhaps it's time to change brands.

Re:It may be good.... (1)

hackstraw (262471) | more than 8 years ago | (#14464261)

It may be good to have lots of patches, but once you have a car where the duct tape weighs more than any other parts combined, isn't it time to just get another car?

That and isn't the quantity == to the quality? I mean shouldn't sufficient quality mean that all known security issues are fixed?

Efficient? (3, Insightful)

IceCreamGuy (904648) | more than 8 years ago | (#14463691)

I wouldn't normally think of 4 hours and 6 zillion reboots as "efficient" or "easy". -Julius

Flamebait? (4, Informative)

Anti-Trend (857000) | more than 8 years ago | (#14463966)

...maybe. Wrong? Not really. The only thing more rediculous than rebooting a workstation several times after a small batch of updates though is doing the same with a server. I'm going to get a tad bit off topic, but in the same thread of throught, so bear with me. Every time someone posts on Slashdot that Unices have better uptimes than Windows boxen, you invariably get a half-dozen disgruntled Windows admins spouting off numbers of how long their servers have been up. What they don't take into account is that if those systems have been up as long as they claim, the necessary updates have not been applied. Most Windows updates still require that a system is rebooted before the patch actually takes effect. Unix-like systems, on the other hand, are routinely patched hot, and typically only require a reboot in the case of a kernel update or invasive hardware maintenance. If Microsoft does finally fix the design flaw that requires one to reboot after nearly every patch, it will not be innovative so much as becoming more Unix-like in design.

Uh, no. (5, Insightful)

Benanov (583592) | more than 8 years ago | (#14463715)

How about, which vendor makes the patches unnecessary (i.e., few and far between) because it released a solid, working program?

I don't want patch quality. I want program quality.

I work in proprietary software. Most places that do proprietary software are overworked and quality suffers. (EA is an extreme example where workplace quality suffered as well as program quality.)

In the places I've worked, everyone's too busy doing what they've been assigned and they're overworked because they're understaffed. Hiring more people means less money for the company so that generally doesn't happen.

With FOSS, anyone can pick up the source if they have some spare time and hack away at it, and even if individual contributions are small, there's always someone with some spare time and a different view about how something should work.

Once you start doing for money's sake, you spend more time worrying about your bottom line than about quality.

Re:Uh, no. (1)

LeddRokkenstud (945664) | more than 8 years ago | (#14463745)

There's just no way program quality is going to happen... Do you want to wait another 3 years for Windows Vista, just so people can exploit subtle vunerabilities? MS is doing a great job.

Re:Uh, no. (0, Troll)

TripMaster Monkey (862126) | more than 8 years ago | (#14463925)


MS is doing a great job.

Somebody tell Taco Slashdot is broken...it's started stripping the <sarcasm> tags from posts again.

Re:Uh, no. (0)

Anonymous Coward | more than 8 years ago | (#14463899)

I don't want patch quality. I want program quality... I work in proprietary software.

Sorry, but your not Microsoft's target market.

Re:Uh, no. (0)

Anonymous Coward | more than 8 years ago | (#14463918)

With FOSS, anyone can pick up the source if they have some spare time and hack away at it

This is the biggest load of shit argument I've ever heard about using open source. 99% of the users will never produce a single patched line of code because they're not even programmers. They're far more likely to introduce bugs if they tried to fix something.

Re:Uh, no. (2, Insightful)

Hiro Antagonist (310179) | more than 8 years ago | (#14463936)

It's not money that's the problem; it's a devotion to accruing every possible unit of negotiable currency that causes the problem. There are a lot of businesses, most of them privately held, that make 'slightly less' than a ton of money by doing something different, and caring about the customer instead of the bottom line.

Public companies don't have this luxury; they have to care about 'the bottom line', because they are responsible to their shareholders before they are responsible to their customers. In a private company, the customer comes first and foremost, and the difference in quality is measurable.

Look at BMW and Mercedes --- BMW is privately owned, and whether or not their styling appeals to you, it would be hard to argue that they aren't top-notch in terms of quality, funtionality, and service. Mercedes, on the other hand, canned the complimentary service option a few years ago[1], and offers far less 'bang-for-the-buck' in the luxury car market.

[1] It used to be that purchasing a luxury automobile meant that the manufacturer would stand behind your purchase in every conceivable way, and complimentary maintainence was a part of this package. Mercedes used to be very good at this, and had one of the best service packages in the industry. Now, you get to pay for your own service to go along with your top-of-the-market-priced car, and the build quilty has been nickel-and-dimed below that of a Nissan. Sad to see such a nice car company go down the tubes.

anyone else think it's odd (4, Interesting)

subtropolis (748348) | more than 8 years ago | (#14463737)

that the head of their "Linux and open-source lab" is also their "director of Platform Technology Strategy"? Why ever should that be?

Re:anyone else think it's odd (0)

Anonymous Coward | more than 8 years ago | (#14464309)

Did you ever read the Halloween documents [catb.org] ? Microsoft actually thinks Open Source is a threat! Since those documents were written, Linux has gained a boatload of ground in market share, so I'm sure the threat is even greater in their minds today.

So the manager of their Open Source lab is going to be the best guy to strategize about how to beat Open Source. Makes perfect sense.

I was looking for... (2, Insightful)

sam1am (753369) | more than 8 years ago | (#14463738)

..which vendor makes the patching and updating experience the least complex, most efficient and easiest to manage.
And here I was looking for the vendor that would keep my systems the most secure. Silly me.

Not most enterprises (1)

truthsearch (249536) | more than 8 years ago | (#14464024)

In big companies upper and usually middle management care more about ease of distribution than security. They only care that their short term costs are low when it comes to patching. Other than that they rely completely on the vendor to be rigorous in testing and patching. Big financial firms, for example (and from my own experience), do not test Microsoft application and OS security much. They assume MS will simply take care of it. When patches come out they simply make sure their custom software isn't broken when installing it and proceed. Functionality bugs are found by developers and internal tech support and often reported to Microsoft. But no one is seriously testing security of anything but custom apps.

Actual break-ins almost always go unreported and therefore cost these big companies almost nothing. But they want to claim they're doing all they can for security. Therefore they only care about the cost to patch, not the cost to secure.

slashdot articles (2)

TheDoctorWho (858166) | more than 8 years ago | (#14463741)

just aren't doing it for me anymore.

here we have some MS guy going on and on about a problem that needs to be addressed before your release software, not after

answer (-1)

pintomp3 (882811) | more than 8 years ago | (#14463744)

neither

Yeah because (1, Insightful)

masklinn (823351) | more than 8 years ago | (#14463750)

the differentiator for customers is not the number comparison, but which vendor makes the patching and updating experience the least complex, most efficient and easiest to manage.

Yeah, because typing "apt-get update" and "apt-get upgrade" once in a while is so damn hard to manage.

Re:Yeah because (1)

richardablitt (897338) | more than 8 years ago | (#14463914)

It's not even that hard anymore. Not sure about Debian, but with Ubuntu you get the option of having an icon in the notification area which downloads updates autimatically (similar to Yast)

Re:Yeah because (1)

masklinn (823351) | more than 8 years ago | (#14464028)

No idea, I mostly use the CLI and only start X if I actually need it.

Re:Yeah because (1)

AngelofDeath-02 (550129) | more than 8 years ago | (#14464096)

The problem is that even with notifications if it isnt done automatically, it won't get done by some people...

I'm mostly thinking about my grandmother. But yah, she would be so intimidated by typing anything that the only way it would happen is me sshing into the box and doing it myself!

but yah - ubuntuu seems to have a nice setup - I'll have to check it out

Re:Yeah because (1)

atherton2 (728611) | more than 8 years ago | (#14464069)

You are missing the point to the average computer user not the average geek, that is complex and scary. They want to click on an update button, click continue/next 5 times then finish. Then have the computer tell them the world is happy and rose tinted.

What they do not want is a command line, and lots of text, that to them is meaningless nonsense.

I think apt-get update/upgrade is easy, but most /. readers are not most users.

Re:Yeah because (1)

truthsearch (249536) | more than 8 years ago | (#14464089)

He's not talking about the home user. He's talking about corporate desktops and servers. You can't have apt-get running automatically on thousands of machines and expect it to never break any custom apps. It's all about the custom software in big companies. Patches have to be tested against all of these custom apps and then distributed in a controlled manner. Sure, we all know it's easy to set up an internal system to distribute these patches. But big companies with custom apps written on Windows need easy patch distribution from Microsoft. And that's what he's claiming to provide.

efficient? (4, Interesting)

BushCheney08 (917605) | more than 8 years ago | (#14463753)

...but which vendor makes the patching and updating experience the least complex, most efficient and easiest to manage.

My office recently donated some P3 machines to a homeless shelter. The process of wiping the drive and installing Win 2000(SP4) and updating it to be current took nearly 4 hours for one machine. This was a machine that had just the OS. I had to run Windows Update and reboot at least a dozen times. Each time, I'd select and install all patches available. Due to prerequisite patch dependencies, however, each update/reboot cycle would make another 10-15 patches available. Hardly efficient. You'd think they could roll it all up into one huge patch and make it available. (And yes, I can understand the need for some places to avoid certain patches - make that the option, not the norm!)

Re:efficient? (0)

Anonymous Coward | more than 8 years ago | (#14463863)

Eh? I thought he was singing the praises of unix.

Re:efficient? (1)

BushCheney08 (917605) | more than 8 years ago | (#14463913)

Probably. I didn't read TFA. I just needed to gripe a little because my boss threw that on me the other day thinking it would take 10 minutes.

Re:efficient? (1)

Lord Byron II (671689) | more than 8 years ago | (#14464098)

You also forgot having to upgrade the Windows Update Setup Tool so that it could run the "Genuine Advantage" tool.

But lets compare this to any SuSE Linux release in the last few years. It has an option for downloading updates from inside the installer, which can take between 30-60 minutes to download and apply, and then requires no reboot, although certain updates (such as the kernel) won't become active until a reboot is done. Then SuSE Watcher will download and apply any future kernel updates.

So, fewer reboots, no mandatory reboots, option for updating before starting an exposed system, 1/4-1/8th the time, and no extra time downloading the updater or any version checking software.

Re:efficient? (-1, Troll)

Anonymous Coward | more than 8 years ago | (#14464281)

Four hours for a SP4 install? That's odd. I wiped a system, and installed Win2K SP1 for the customer, and ran the update system to bring the software to current SP4, downloading every update available, needed or not. Took me just better than an hour for the updates, and 45 minutes to wipe the drive and install the OS from scratch. (I did opt for installing the media direct from the hard drive which does make the install faster). I personally like how much easier it is to update microsoft's OS versus various linux distributions. There are those days where Microsoft's update servers are too busy to handle the load...but, this reminds me of my FC3 install. When I first installed FC3 on one of my machines, I really admired the update process. I then discovered a few problems with the update process, and people can argue that these are 'my' problems, but this will explain why the windows update is easier (Even if it has twice as many bugs).

1) the Fedora Core update process generally led me to insane download times. I spent over a week downloading the base install of Fedora Core 3.

2) Because I am not a linux master, I can't figure out why some of my updates failed to install
because of 'dependancy issues' or conflicts. This made no sense, because the software was already
installed, but the updater is telling me that it can't install a program because it conflicts with
something else already installed. I may not be good with linux, but most normal windows users would not be able to figure out even to the extent that I did why the update process is goofing up and/or
not letting them install updates to software they already have.

3) installing new programs is a lot easier now than it has been in the past, with package management
like RPM, YUM, and the GUI interfaces for them. That said, every program has dependancies. Some programs have a LOT of dependancies. Due to the nature of the way this works, those programs could
be vastly superior..at the same time, program_X may require an older version of something that program_Y updates..so, program_Y breaks program_X. I can't remember specifics, but this has happened to me in the past. I am not a programmer.. I used to write simple programs in Pascal, but this would
hardly be relevant for me to try and update a program on my box just to solve an issue like this.

I have had downloads fail with the windows update service, and in fact those downloads have become broken, so that no matter how many times I retry, I can't install that particular update. (happened to me twice with the .NET framework 1.1 update). But, no matter what updates I install, and other than the problems with the .NET failure, I've never had other problems, and I've never broken anything that I had on the system beforehand.

People complain about microsoft, myself included. Yeah, their products are bloated, buggy, full of bad code/bad design/flawed security. But for most people, it is the only choice they can make.

As far as what I've seen with 'avoiding' certain patches...from what I've seen, you can avoid certain
patches with both windows update and the many linux update options.

I fully support open source. I even use a lot of open source apps and recommend them highly over any commercial alternative. But, if Linux had the dominant market share in consumer desktop OS, more software vendors would be writing their software for linux. More of that software would be categorized as commercial, and you'd have to buy it or steal it. Then, there are so many distributions of linux, and not all of them are 100% compatible with eachother..while making the required software ports would not be too difficult, imagine the confusion for joe blow when he goes to the store and finds six different releases for the game he bought? Where would the vendor draw the line? they won't release their source code so you can recompile. more likely, they'd force everyone to use Linux based off of a single original distribution, like RedHat, Slackware, or Debian.

When linux systems become that controlled, the differences between Linux and Windows start shrinking..the choice becomes less 'choice' and more 'necessity'.

People choose windows because it works, it does what they need, and it does it efficiently.
It's not anyone's fault but the end user that they don't understand computers all too well. Hey, if I can install an OS and patch it in under 2 hours, install some basic applications in a matter of seconds without getting dependancy warnings, or downloading 10 additional things just so the program will run, I'd say that's one of the reasons why windows is so rampant.

Linux users hate windows. BSD users usually hate linux, windows users often get confused by linux and BSD.. mac users hate non mac computers. the arguments are all kinda pointless.

Hmm... (1, Funny)

fumanchu32 (671324) | more than 8 years ago | (#14463761)

apt-get has been very painful and difficult for me to use.

Re:Hmm... (1)

und0 (928711) | more than 8 years ago | (#14463907)

And you never tried synaptic, you need the mouse...

least complex? (3, Insightful)

ScislaC (827506) | more than 8 years ago | (#14463785)

"but which vendor makes the patching and updating experience the least complex"
I will say that Windows Update was better than anything else I had seen when it was initially introduced (I will admit to not having used Linux then though). However, any modern distros I've used (Ubuntu & Suse most recently) actually have a far LESS complex patch and update mechanism... because they patch all of the software and libraries as well, not just the OS. And they do it the same way as windows with a little notifier in the system tray (yeah, they don't autoinstall as far as I've seen, but, a couple clicks doesn't add to complexity as far as I'm concerned). Just my .02 on that part...

A definiton (-1, Flamebait)

Maljin Jolt (746064) | more than 8 years ago | (#14463790)

MSQP, Microsoft quality patch, n.:

A patch for Microsoft product that provides arithmetically less number of holes than it patches. So, a very long set of MSQP is incrementally converging to partial correctness.

Just fix the problems please (1)

digitaldc (879047) | more than 8 years ago | (#14463795)

Tests at Microsoft's Linux lab show that counting the raw number of security updates required by the various operating system flavors is not as meaningful as examining the efficiency of the update process.
Microsoft Corp. seems to be moving away from focusing on the actual number of security patches and updates that it and its software competitors release. Instead, it is concentrating on making it easy and efficient for customers to obtain the security fixes and update their systems."


I have an idea, how about putting more money into security and quality control and focusing on fixing the problems quickly instead of how many they do or how complex the process is?

Personally... (1)

RandoX (828285) | more than 8 years ago | (#14463812)

If I have to deal with bugs and patches, I'd rather have Gates & Co. take the time to do the patch correctly. Having a fast, bad patch hose my system would upset me more than a slow, good patch that MIGHT leave me vulnerable for an exploit that MIGHT get through my firewall, router, and AV and MIGHT hose my system.

(Please, bring forth all the comments about how I don't have to deal with bugs and patches if I switch to _______ now.)

Re:Personally... (1)

McGiraf (196030) | more than 8 years ago | (#14464091)

You don't have to deal with bugs and patches if you switch to _______ now.

Easy (1)

chronicon (625367) | more than 8 years ago | (#14463820)

'the differentiator for customers is not the number comparison, but which vendor makes the patching and updating experience the least complex, most efficient and easiest to manage.'

apt-get update
apt-get upgrade

Done!

It doesn't get much simpler for the user does it?

Re:Easy (1)

louden obscure (766926) | more than 8 years ago | (#14463944)

i also would reccomend running

apt-get clean

i have a smallish HDD and really don't need to keep all those downloaded .debs on hand.

Re:Easy (1)

alexhs (877055) | more than 8 years ago | (#14463947)

Yeah, except that apt-get update is in a crontab.
So apt-get upgrade is sufficient, difficulty halved :) (halfed?)

Re:Easy (1)

idonthack (883680) | more than 8 years ago | (#14463986)

IIRC, it's even easier in Ubuntu. Click the blinky update icon, type your password, and let it go.

Debian (0, Redundant)

Spazmania (174582) | more than 8 years ago | (#14463823)

which vendor makes the patching and updating experience the least complex, most efficient and easiest to manage

Yeah, that would be Debian Linux: "apt-get update; apt-get upgrade". No reboot required and nothing breaks.

In Other News... (0, Redundant)

MikeyTheK (873329) | more than 8 years ago | (#14463837)

Crack-addicted strippers announced that their new focus isn't on the quality of their appearance, or the quantity of time you get, but how easy they were once you forked over your $200 and donned your virus protection. In addition, they pointed out that free sex with, say, some hot chick you meet at a party is overvalued compared to sex with them because they are professionals with experience and know-how that you just can't get from your average, ordinary girl.

Debian Linux security updates rock... (1)

PeFu (90322) | more than 8 years ago | (#14463839)

... at least most of the time.

If you are happen to use Debian GNU/Linux you are used to type
apt-get update
followed by
apt-get upgrade
every once in a while. Works pretty nice and I only once had
a broken Firefox, which was fixed soon.

I think these volunteers Martin Schulze, Michael Stone and all the others
do a phantastic job here.

I like to say Thank you to them here in public!

Full credit to eWeek... (3, Insightful)

Chicane-UK (455253) | more than 8 years ago | (#14463858)

Reading that article made such a refreshing change compared to the Microsoft 'propaganda' stories we usually get linked to. eWeek gave Linux vendors the chance to answer and explain all of the figures which seemed to side with Microsoft - and invairiably once dissected, the usual Microsoft massaging of figures clearly comes to light.

One great example was this:


Interestingly, Microsoft's Hilf has a personal Red Hat workstation in his office that he uses on a daily basis. He selected a random week in October to provide a snapshot of the updates made to his Red Hat Enterprise Linux workstation over that period. He found that, between Oct. 6, 2005, and Oct. 11, 2005, his workstation was updated 66 times.

"I chose those dates randomly," he said. "I use this system daily, so it was literally a snapshot of a given workweek. All this illustrates is that patching and updating are part of any 'living' software system. It is part of the nature of modern software: Things change, bugs happen, features get added, and software needs to get updated."

But Red Hat's Cox pointed out that the second update release for RHEL4 was issued Oct. 5, resulting in a very large number of updated packages over the period of a day or two, "which is what Hilf saw. We only issued two Update releases for RHEL4 in 2005, so he was quite unlucky in his choice of a random snapshot," he said, tongue in cheek.



Unlucky indeed. Nice to see some unbiased reporting and not just verbatim duplication of Microsoft comments and 'press releases' for a change.

No mention of effective (0)

Anonymous Coward | more than 8 years ago | (#14463869)

Interestingly they made no comment on caring how effective their patches are.

Doesn't matter whether it fixes the problem - as long as it's easy to install.

Easier? (0, Redundant)

beezly (197427) | more than 8 years ago | (#14463872)

From the article;

"...which vendor makes the patching and updating experience the least complex, most efficient and easiest to manage"



apt-get update
apt-get upgrade


It doesn't get much easier than that.

Re:Easier? (0)

Anonymous Coward | more than 8 years ago | (#14464117)

Even easier...

yum update

Advice for Bill (and you can pay me later...) (2, Interesting)

ArtDent (83554) | more than 8 years ago | (#14463890)

I've had the Automatic Updates icons staring at me from my system tray for the last couple of days. The reason I haven't yet installed the latest security update (KB908519) is because I *know* from past experience that it will ask me to reboot afterwards. I use this machine for work, and like just about everyone else in the world, I've got many different tasks on the go, so I've got several programs open, and I don't want to close them, lose all their state, and spend several minutes rebooting. So, I'll say "no", and later forget that I was supposed to reboot.

I'll promptly install patches when doing so doesn't require unnecessary reboots. If the kernel isn't being patched, don't make me reboot!

Re:Advice for Bill (and you can pay me later...) (1)

Kman_xth (529883) | more than 8 years ago | (#14464030)

Since SP2 you simply cannot 'forget' to reboot, since the windows security update manager systray thingy keeps demanding a reboot every x minutes. And requesting input focus every time it does so, thus interrupting you from doing your work.

But how does a distribution like Ubuntu handle the restart/reboot problem then? Yeah it asks to install updates and sure, it doesn't require a reboot when patching non-kernel stuff. But when does the actual patch get applied? When the patched app gets restarted? When the library is reloaded? And how does it guarantee stability when an app was still running while patching, and starts to reload a recently patched library (which only works on the patched app version)?

Re: Bill Gates Response! (1)

jftitan (736933) | more than 8 years ago | (#14464262)

Sure no problem, what I have had my staff and I work on for the past few years is, once you have applied the patch, your Windows operating system will reboot for you. This isn't really new technology, its a feature that has been requested by most if not all Windows Users.

  Please rest assured that your Windows will reboot FOR you, after a said amount of time. You know because you've applied a patch it doesn't mean a BSOD reboot wont happen in 5..4..3..2..

Why doesn't Microsoft... (1)

Billosaur (927319) | more than 8 years ago | (#14463898)

...spend a little more money patching and improving their software and a little less of it trying to convince us all that they're paragons of programming virtue, since we don't believe it anyway.

Argh, more buzzwords (2, Insightful)

Alioth (221270) | more than 8 years ago | (#14463927)

Why does everything have to be a such-and-such "experience". I don't want a patching experience at all, I want to have it happen in such a way that it's a non experience. They make it sound like it should be a movie or a fun fair by calling everything a such-and-such "experience"!

Re:Argh, more buzzwords (1)

segedunum (883035) | more than 8 years ago | (#14464025)

That's pissing me of as well. Everything is an 'experience', or they always have a great 'story'. I just end up feeling sick.

Fedora Security Patches? (1)

LordKazan (558383) | more than 8 years ago | (#14463929)

yum update -Y

go back to working

Typing apt-get (1)

schlichte (885306) | more than 8 years ago | (#14463943)

its Windows... Typing is so DOS... -closes clickable charmap-

these posts are nothing but indirect MS promotion (0)

Anonymous Coward | more than 8 years ago | (#14463980)

These days, every time I see a 'critical' MS post on Slashdot I am suspicious about it.

The idea of these posts appears to be to get some positive news about Microsoft across to their opponents without being too obvious about it.

This trick consists of two parts:

1) Microsoft did something bad!

2) But hey, at least they are now doing something good.

The first part gets our attention because superficially it appears to be critical of the 'enemy', but the bit that is meant to register is the second bit.

By all means post positive Microsoft stories if you want, then we can see the post for what it is, but let's have less of the spin.

It's all about closing the window. (1)

Bob9113 (14996) | more than 8 years ago | (#14463990)

'the differentiator for customers is not the number comparison, but which vendor makes the patching and updating experience the least complex, most efficient and easiest to manage.'

Speaking as a customer who manages a few servers and workstations at a company that has hundreds of the former and tens of thousands of the latter, I disagree. The differentiator for me is made up of two factors; window of vulnerability and severity. Spending two extra hours preparing to apply a patch that arrives one day sooner is a win in my world. And that is indeed a numbers game; one which could be, but has not been, analyzed by this sycophantic series.

Now I agree that for the typical home end user, the above description may be fair. A patch that can be applied by the end user that arrives late is better than a fast patch that cannot. But that only highlights the necessity of taking a hybrid approach to patching if the operating system in question is intended for expert and layman alike (as is XP). Get the info and the preliminary patch to me quickly. Make it pretty for the end user as soon as possible.

Consider then how Linux works; Debian or Gentoo are not necessarily as user friendly, but they get patched at lightning speed. Ubuntu, SuSE, or Lindows (whatever it's called now) may take a bit longer with patches, but have easier point-and-click interfaces for handling them.

They key to evaluating an MS product (1)

Luscious868 (679143) | more than 8 years ago | (#14464002)

If you want to know the key to evaluating the weaknesses of a Microsoft product simply look for any studies relating to the product. If there's a study saying a certain aspect of the product is well done then you can be sure that part sucks. When your a large company like Microsoft and you have a good product, it speaks for itself in terms of word of mouth. Regular advertising is all you need. When you've got a weakness then you need a "study" because the word of mouth isn't so hot.

Quality? (0)

Anonymous Coward | more than 8 years ago | (#14464022)

Quality? What, is each Microsoft patch hand-crafted from luxurious Corinthian leather and hand fit to the operating system? Two things matter: If the patch is released in a timely fashion, and if it fixes the problem. Wake me up when one of Microsoft's engineers writes a critical patch for his code - while on vacation in Greece - and uploads it via an antiquated dial-up line.

As far as the experience of updating, it sure is a lot easier for me to do...

swaret --upgrade (part of program name)

...than it is to go to a website, download and install a new ActiveX control, reboot, go to the website again, download an ActiveX control again, tell it to run genuine advantage, wait, load the update program, pick an option, hit the "review and install" button three times, and then wait 20 minutes while the overloaded update servers pass me a 300KB update at 16KB/s.

wait wait wait... (1)

SharpFang (651121) | more than 8 years ago | (#14464137)

I didn't RTFA. I don't think I need. All I needed to see is "Linux", "Microsoft", "patches", "legacy systems". With emphasis on the last one.
Take my three legacy systems: Mom's Pentium MMX 166 webbrowsing machine, my 486 firewall and my work machine, P2 300, 256M RAM. Or something around these lines, somewhere up to 64MB RAM... WHAT systems run on these machines?
Mom's computer runs Win98. Dumbed down interface plus low system requirements. (Sorry: Easy, Lightweight, Stable, pick any two.) My job machine runs NT. It could run 2k but it would slow down so much that the it would risk stalling machine it drives. My 486 runs Debian.
Now which one is most secure? Seems the 486 Debian box, firewall with automatic security updates. Update quality/Legacyness ratio: very high. Neither 98 nor NT are supported anymore. No security updates for them at all. Zero divided by old/medium equipment.

What kind of "legacy" hardware do you need to benefit from the "quality patches" issued by Microsoft? How soon your current hardware will become "legacy", your OS "unsupported", your software "obsolete"? In my case the firewall fulfills its role at 100% efficiency, running some extra services, allowing remote login, being rock-stable and secure. NT quality: 90%. Behind dedicated firewall, running antivirus, crashes less than once a month, provides all I need. Win 98: some 60%. Still somewhat slow, security in hands of Firefox, antivirus and the 486 firewall, crashes on regular basis despite clean system.

Legacy systems are dead for Microsoft. Talking about quality patches for them is laughable.

easiest to manage? You're kidding, right? (1)

Aqua OS X (458522) | more than 8 years ago | (#14464138)

"the differentiator for customers is not the number comparison, but which vendor makes the patching and updating experience the least complex, most efficient and easiest to manage."

Honestly, Windows update is downright clunky and annoying. I don't know what's worse, having to jump to the web browser, the limited availability of combined patches, having to restart / install / repeat if you're behind in updates, needed to download separate patches for popular MS apps that are not included within Windows Update, stupid taskbar warnings, or the simple fact that if you don't update frequently your computer will give you hepatitis.

Re:easiest to manage? You're kidding, right? (1)

TheSkepticalOptimist (898384) | more than 8 years ago | (#14464158)

Or, you can turn on Automatic Updates and forget about it. Set and Forget.

Although the need to reboot after most updates is a continued tiresome necessity on Windows. But then, even on OSX reboots are necessary.

The patches often do more damage (1)

comforteagle (728960) | more than 8 years ago | (#14464165)

I refuse to update anything on my gaming (win) machine unless something I want to do absolutely requires it. Often the patches (SP2 ??) do more damage. On top of that you often end up in a time consuming wasteland of endless updates of other files that fix that what damage that patch has done.

Of course I can only do this because I refuse to use email or IE on this machine.

M$$$ (1)

umbrellasd (876984) | more than 8 years ago | (#14464191)

Like most M$ crap (their studies are as buggy as their software), this is nonsense. The number of bugs absolutely matters. Even if you patch quickly and easily, a large number of bugs does not inspire consumer confidence. I bought a Honda recently, not because of concerns about repair cost or time, but because I simply felt more secure with the production values and history of the company. (Right or wrong, that is why I made a $20K choice and I am not the only one that did over quality concerns.) I was able to make this choice because the market is competitive.

The only thing that will lead M$ to better quality is competition. When the desktop monopoly cracks and a competitor is offering feature parity with reduced bug counts, they will be forced to improve. Otherwise, they will simply do the minimum necessary to maintain their hegemony.

The idea of charging people money for beta quality that will cost them even more money due to serious vulnerabilities and forced upgrades is loathesome. It is even more unfortunate that the consumer has largely come to accept this in the absence of an alternative. Apple is building a quality product right now, but at a pretty large margin on hardware. Linux is on the rise, but in the desktop market, it is not quite where it needs to be (for many reasons including economic pressure created by M$ deals with vendors).

Oh, well.

yes, let us believe the head of the MS Anti-Linux (2, Insightful)

Locutus (9039) | more than 8 years ago | (#14464202)

My gawd Jim, this is a marketing company for heavens sake! ( not sure why Dr McCoy came to mind...)

Why would anybody think there is any truth to what the head of Microsofts anti-Linux group says?
Do you think he might have a little motivation to make sure people THINK their OS smells like roses?
I do.
IMO

But thankyou Mr Hilfe for making sure CIO's, CTO, etc know that Linux is on Microsofts mind. THAT,
combined with what their employees are experiencing is great for your competition. :-)

LoB

Neither (0)

Anonymous Coward | more than 8 years ago | (#14464215)

Judging by recent /. submissions, neither quality
http://it.slashdot.org/article.pl?sid=06/01/10/223 0212 [slashdot.org]

nor quantity
http://it.slashdot.org/article.pl?sid=06/01/11/153 9226 [slashdot.org]

There is something real wrong with Microsoft's "ship now, patch later" brand of software development. I recently setup a brand new Dell for a new client. Because of phone line problems, he was limited to about 28.8 kbaud on his dialup connection. Now, realize, this was the latest Dell XP Home image, presumably with all the latest patches at the time of build. I connected and proceeded to do the update. After all, how long could it take?

Six and a half frickin' hours! That's how long!

I recommended that he turn off automatic updates (otherwise, the background ownloads will be chewing up all of his meager bandwidth) and only force updates manually just before he goes to bed at night and let it chug all night long next time. I admonished him to do this at least once a week, but my guess is that it will soon be forgotten.

Is it any wonder that there are still unpatched machines out there?

Microsoft propaganda machine in attack mode? (2, Insightful)

penguin-collective (932038) | more than 8 years ago | (#14464217)

There is just one story after another about Microsoft "going for quality" and "Microsoft running on machines just as small as those Linux runs on", "Microsoft having fewer vulnerabilities according to some web site", and "Microsoft this" and "Microsoft that". If you read carefully, most of those stories were actually initiated by Microsoft.

So, that makes me wonder: is this just the season for the Microsoft propaganda machine to become active? Or is Linux striking more fear than usual into their hearts?

Different Attitudes (0)

Anonymous Coward | more than 8 years ago | (#14464231)

"the differentiator for customers is not the number comparison, but which vendor makes the patching and updating experience the least complex, most efficient and easiest to manage."

As many /.ers have pointed out, most Linux updates are in no way complex, inefficient, or difficult to manage. On my Ubuntu boxes, whenever an update is available, a little red circle with a line through it pops up in my icon notification tray. It doesn't bother me like Windows updates, but it waits for me to click on it. When I do, I click one or two more things indicating (what) I want to update, and it does it all automatically and then goes away. I don't remember ever having to reboot a box after updating, except for one time when I updated the Kernel.

On the other other hand, nearly every time I've updated Windows I've had to restart. Additionally, I keep getting notified to install the anti-spyware program--NO, I DON'T want it. GO AWAY.

Regarding the mentality that MS has versus Linux programmers, Microsoft tries to create patterns. Heck, their model is the "Patch Tuesday" plan, which explains it exactly--you get a ton of updates, all of the latest ones, on a certain Tuesday. Linux distributions, on the other hand (at least the ones I use), allow a user to download the updates as soon as it is finalized.

Microsoft's plan is a bad idea. While Linux doesn't "judge" its updates, instead releasing them upon completion, Microsoft *tries* to hold off until "Patch Tuesday," but then they occasionally make exceptions for notoriously bad exploits. The problem with this theory is that Microsoft programmesr have to make a value call--is this exploit bad enough that it has to be fixed now, or can it wait until next Tuesday?

In other words, your ability to run a secure system is in the hands of people who work for Microsoft. *They* get to make the call on exploits, and if a problem isn't "severe" enough, looks like you're SOL until next Tuesday.

Microsoft is playing to the less-computer-savvy individuals with this move. I think most people who have a good idea of what they're doing on their computer will always want to get any exploits fixed as soon as possible--the Linux method works well for them. But the other users, a huge portion of those who use computers, like habits. They don't like to be interrupted. I would guess a large portion of them are even annoyed by the popups on "Patch Tuesday" and click off of them the first or second few times!

Microsoft had to make a decision when determining which patch method to use--do we update systems as soon as possible, keeping users safe; or do we keep users happy by not interrupting their work suddenly, instead using a planned-out method? Microsoft went with the "keep users happy and oblivious" method, though, which shouldn't be a huge surprise.

If you disagree with such a method, at least take comfort in the flak they catch whenever they fail to fix a zero-day exploit as soon as they can--which they've certainly had happen in the recent past. I don't think you're going to find many people complaining about Linux's method of updating, except when you read Microsoft misinformation like the linked article that uses doubletalk attempting to "justify," using technological excuses, for a decision that was really based on a P.R. call--placate users.

Spinning for PHBs (1)

eyepeepackets (33477) | more than 8 years ago | (#14464260)

PR skills must be listed as part of this guy's job description.

He's using an old PR trick: If the message you were "staying on" becomes fouled, spin the subject to something positive related to the same subject. Microsoft folks are stretching and spinning so far and so hard this past year they seem to be living in a different universe. But that is just tactical.

The strategy behind such behavior is "The Big Lie." Repeat the same lie in front of people over time and you'll soon have a few who believe it, and if you target the right people in the first place -- PHBs in this case -- you'll have believers with budgetary control. The problem with this is the simple law of "Truth Physics:" Truth is lighter than lies and will always raise to the top of the pile, so to keep truth buried one must constantly pile on lies -- or truth will out. The practioner of the "Big Lie" can never, ever stop spewing BS or the game is lost.

That Microsoft is straining so hard and spewing so much BS these days suggests they know they're in trouble; that the BS being spewed is less and less connected with reality suggests they are starting to panic.

Rhetorical question: How long does a house of cards take to fall?

Happy Friday the 13th.

Why people care about quantity (1)

AndyChrist (161262) | more than 8 years ago | (#14464284)

People care about quantity of fixes because of the quantity of bugs and holes.

If they just had a handful of good quality bugs, careful, deliberate releases of a few good quality patches would be perfectly acceptible.

Right......Quality (1)

segedunum (883035) | more than 8 years ago | (#14464294)

So now that no one believes the crap about Windows having less updates and exploits than a Linux distribution (where a Linux distribution includes a huge amount of functionality), and every notification ends up getting multiplied, has failed they've tried to focus on the quality of their own patching experience? Give me a break.

The reason why Microsoft has Patch Tuesday is because Windows and their products are so badly designed that they can never be totally sure how a patch will be taken by a system at any time. It just isn't modular. They need to roll more and more patches up into one ball because they just don't have any method at all for package managing their operating system. Also, Patch Tuesday makes them look better numbers-wise.

I'd be pretty confident to update my Linux distribution with a new Firefox or a new patch that comes through YaST for KDE, albeit on a test system first, and be confident that the thing will come back up whatever the machine was being used for (that's if a reboot was necessary, which it isn't except for a kernel). If I updated IE would I be confident nothing else was going to be affected? No, I damn well wouldn't and I've been extremely wary of patching Windows at all, especially when used as a server. Patching is not a way of life in the data centre, or anywhere else for that matter. It's done only when it's necessary.

mod 0p (-1, Troll)

Anonymous Coward | more than 8 years ago | (#14464301)

wasn't on Steve's Its readers and imPlementation to is ingesting bring your own else up their asses lesson and dying. All major for trolls' Surveys show that

"Quality" updates my ass (1)

kadathseeker (937789) | more than 8 years ago | (#14464338)

Yeah, I had a great experience with SP2. My PC only took 10 minutes to startup after that, and crashed regularly. Whee. Now I run Windows Nemesis (SP2 preinstalled) on a WD 36GB Raptor and startup in less than a minute.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?