Linux is for Bitches

Pardon the slight profanity; I don’t generally like to swear when I’m trying to make a point, but I didn’t invent the name of this site.

The views espoused by the author are obviously not much different from those in this excellent article in USENIX’s own journal, ;login:. (You’ll need to be a member to access that link, by the way) I’ve complained before about the proliferation of poorly-configured, poorly-managed Linux boxes taking over from the Windows boxes. It’s obviously still continuing to happen. Of course, the vendors are partly to blame, too. When the author of linuxforbitches.org writes about /var being an inappropriate place for web content (I wholeheartedly agree) you have many vendors to thank for that.

I lay the blame for the kernelized web-server, though, at the foot of Linus himself. Given that Linus is so militant about accepting patches, idiotic or not, I’m surprised — no, shocked — that he accepted this one. Considering that many kernel hackers are the same folks who probably bitched and whined about insecurity and instability when Windows NT 4.0 moved the drivers from user mode to supervisor mode (or Ring 1 to Ring 0, I don’t remember the exact terminology), the kernelized web server is a completely brain-damaged idea. It should be removed from the kernel at once, if it hasn’t already been so excised.

You know, despite all the claims about Linux’s stability, it still has a long way to go before it achieves the stability level of the BSDs. Under heavy workload, Linux still doesn’t cut mustard. Andrew Hume from AT&T Research presented a paper at HotOS-iX entitled Operating Systems: Shouldn’t They Be Better? True, he takes Solaris 2.6 to task in this paper as well, but the Linux flaws he describes are pretty shocking (these are from David Oppenheimer’s summary notes in August’s ;login::

Hume described eight problems the Gecko [his billing system] implementers experienced with Linux (versions 4.18 through 4.20), including Linux’s forcing all I/O through a file-system buffer cache with highly unpredictable performance scaling (30MB/sec. to write to one file system at a time, 2MB/sec. to write to two at a time), general I/O flakiness (1-5% of the time corrupting data read into gzip), TCP/IP networking that was slow and that behaved poorly under overload, lack of a good file system, nodes that didn’t survive two reboots, and slow operation of some I/O utilities such as df. In general, Hume said that he has concluded that "Linux is good if you want to run Apache or compile the kernel. Every other application is suspect."

The problem with many people measuring "stability" of Linux is that they think it’s a relative measurement: as long as it’s more stable than Windows, then it’s good. This is obviously a stupid way to look at it. Just because my Kia[1] doesn’t have exploding tires, doesn’t mean that it’s a particularly safe car.

People working on performance and stability in the Linux kernel are far outnumbered by the people trying to get their little pet project into the tree — vis à vis the kernelized webserver. Admittedly, performance and stability aren’t the most exciting research areas, but making Linux as stable as the BSDs is critical to its long term success. I mean, who cares if Linux can run on a zSeries or S/390 if the thing goes down like a ton of bricks when you throw a heavy workload at it?

Ultimately as a system administrator, I care much more about stability, and failing that, predictable, recoverable failure, rather than "feature-niftiness". When you have 1000 user accounts to manage and you get DDoSed, I want an OS that is feature-conservative but rock solid.

And that, in a convoluted way of my saying so, is why I don’t run Linux on my servers.

[1] I don’t, for the record, own a Kia. 🙂

SCO

I’m just waiting for SCO to declare itself in violation of its own trademarks, and sue itself.

TicketMaster’s Privacy Policy is a joke.

Ed Foster pointed out in a recent GripeLog entry that TicketBastard‘s privacy policy is a complete joke. To paraphrase the point of the article: If you have ever bought a ticket from TicketBastard, they have reserved the right to sell all your personal information to their "Partners" and they specifically state in their privacy policy that you may not ever opt-out of receiving spam from their "Partners".

Although we would all love to avoid TicketMaster, unfortunately they have a monopoly in this country — behold, my friends, the American Dream! Anyway, if you can’t find a patch, at least find a workaround: my workaround would be: a) Don’t buy tickets online through Ticketmaster.CA or Ticketmaster.COM; b) Pay cash when you buy Ticketmaster tickets in person at the Ticketmaster outlet; c) Give fake credentials if the ticket clerk asks you for them (although I can’t see why they would).

I’m aware that this behaviour would probably tip off the authorities in the police state we call the U.S.A., since it probably matches some kind of Terrorist Profile generated by the Abteilung der Faterland-Sicherheit. If that isn’t ironic…

FoundStone marketing weasels

If you get the Daily Dave newsletter run by Dave Aitel over at Immunity, Inc. you’ll already have seen this. In a recent message he pointed listmembers to an internal FoundStone memo forwarded to that fantastic site, InternalMemos.Com.

I really will just let that memo stand on its own. There’s hardly anything to add but to state the obvious: marketing people are weasels. (See my previous entry on July 5th for Scott Adams’ bang-on perspective on marketing drones.)

Dilbert…

… describes perfectly my thoughts about marketing weasels. (D=Dilbert, M=Marketing Weasel)

D: This product would melt the polar ice caps and doom humanity.
M: That’s okay.
D: You’re part of humanity.
M: No, I’m in marketing.
D: I won’t help you destroy the planet.
M: That’s what I said until I saw the free t-shirts.

Aside from having to sell your soul, it appears that working in marketing is a dream job. Spend the company’s money with no accountability, hire subordinates solely on the basis of breast size, and if management tries to nail you for poor sales, blame the developers.

Maybe it’s just me, but I didn’t go to school for five years to be overriden by some marketing drone whose qualifications for the job include being a clerk at Chapters, and her physical attractiveness. Period.

SQLite

I haven’t tried this yet, but it looks really cool. It’s basically an almost-SQL92 complete implementation of a database engine without a separate database process required — the databases are stored on disk as files. I’m hazarding a guess that this sprung from the limitations of Berkeley DB as a scalable, lightweight file-based database implementation.

Surprisingly the missing features list (that stop it short of full SQL92 compliance) is fairly short, which implies to me that even transactions are supported.

Seems like a great tool for small jobs where a full-blown PostgreSQL or MySQL database is just overkill.

An UNRant

I decided today that I don’t always want to sound like a crusty old coot in this journal, so I thought I should write a quick journal entry about what I consider to be fantastic pieces of software. So briefly, here are my top five nominations. Continue reading →

OpenType Font File causes Windows to crash

Had a good time investigating this:

OpenType Font File causes Windows to crash.

Microsoft hasn’t acknowledged the bug’s presence, nor have they issued a fix. So right now, if you’re running Win2K or XP, you’re vulnerable. In my case I was able to lock up a Win2K machine so badly that it refused to ever boot again, claiming that some device driver was missing or corrupted.

Whee! Go Microsoft.

Update: (08/25/2003) This is repaired in Windows 2000 Service Pack 4. I can’t speak for XP.

Proliferation of Poorly-Configured Linux Boxes

Someone in ;login: magazine a few issues back talked about the proliferation of poorly-configured Linux boxes, and how the volume of these will eventually outstrip the quantity of poorly-configured Windows boxes as Linux increases in popularity. The notion that Linux is more secure than Windows falls apart when you have clueless users who willfully follow directions like those listed on Ximian‘s website to install Ximian Desktop 2.0:

There is nothing to download first, just follow the instructions below.

<snip>

Open a terminal window.

Using the su command, become superuser (root).

Type the following command or cut and paste it into your terminal: wget -q -O - http://go.ximian.com |sh

Great job, Ximian. Encourage people to download a shell script, as root, and blindly execute it — no MD5 sanity check, nothing. I mean, it makes me want to compromise go.ximian.com and replace the index page with a text file containing “rm -rf /”. It’s also fabulous that they advocate using the -q (quiet) switch with wget, so that I could now hack the httpd.conf to send a redirect to my own website, which could provide a text file containing “rm -rf /” — and the 302 Temporarily Moved code would NEVER be seen by the user.

What is wrong with these people? Isn’t it blazingly obvious that this is a stupid thing to do?

I mean, you all know Microsoft blows… admit it!

At work we’ve been trying out a wonderful tool from Dave Aitel of Immunity Security called SPIKE. I haven’t tried to actually use SPIKE to generate any DCE RPC calls that would actually cause a Windows box to detonate, but partly it’s because that’s not really my job; I don’t detect the vulnerabilities, I just reproduce them. Also I really don’t give two hoots about Windows and I really couldn’t be bothered to go out there, attach a debugger to something like lsass.exe and see what fails.

Still, SPIKE seems to be a great tool if that (deciphering obscure and complex protocols) is your cup of tea. I’ll spare you the lecture on how shitty Microsoft’s protocols are, except that if you ever analyze a conversation between a bunch of Windows boxes using something like Ethereal, you’ll see how there is very nearly a status flag for everything. Clearly, protocols like LSA over DCE-RPC over SMB over NetBIOS < !!!!> were never clearly thought out by anyone, and this is the result. I joked to a colleague that the only reason we need 100Mbps Ethernet is to carry around all this excess Microsoft baggage whenever Windows boxes need to talk to each other. Honestly, Windows boxes are just as chatty as Netware machines running IPX. All you really have to do is capture the traffic on a Microsoft LAN that’s destined to the broadcast address, and you can glean an incredible amount of information.

Go get SPIKE here and enjoy yourself. (Warning: We had problems compiling under GCC 3.x. Stick to 2.x for now; 2.95.3 seemed a good choice.)