Windows vs. Linux. The debate rages on. For me, one product, one flavor settled the debate...kubuntu.
So why doesn't everyone use Linux? And why do many, many companies (specifically companies that run their own websites) choose IIS?
This is the question I have set out to answer. I don't believe there is any proof that Windows, especially IIS 6.0, is more secure or stable. Certainly, the internal design of the operating systems are very different with Linux being more secure by design. There is quite a bit of misinformation and skewed statistics available on the internet, like the 2005 CERT list of vulnerabilities by operating system, but be careful about just looking at that list and immediatly assuming Windows is more secure. After you remove the entries for other programs, duplicates, propriety distributions and separate them by distribution, the numbers look a bit better.
Linux Is Safer From Viri than Windows
In my experience, this is true. And there are a few reasons in my opinion. The nature of Linux, design of the operating system and the manner in which the operating system functions.
Linux comes in many different distributions. You can even build your own distribution. So if you had 5 different computers running Linux, chances are you could have 5 different distributions running 5 different configurations and having 5 different pieces of software to do the same task. It is very hard for the average virus creator to target a large number of computers that run Linux because of the sheer number of coniguration, software and kernel combinations.
Ever since it's inception, even before Windows even thought of using password protection, Linux was designed and released as a multi-user operating system. There is only one "administrator" account called root and users were strongly discouraged from running as root. The reason is that many exploits and viri depend on the user's access level on the computer you are logged in to to do it's dirty work. Up until Windows XP, the average user ran as an administrator on Windows. Now "Microsoft Best Practices" says not to run as an administrator.
So what are you supposed to do if you do something that requires root access (or an administrator, such as changing a setting or installing a program)? Linux has sudo or kdesu. This is a screen that pops up, or a prompt if you're using a command prompt, that asks your for your password. It then checks to make sure you're ok to perform that task. This is automatically setup in kubuntu and ubuntu. You can also use the su command to switch users.
Sounds familiar doesn't it? If you've been reading about Vista, M$ is copyi.. I mean implementing this in their latest release, but several years behind linux. It was weird switching users in Linux using the command prompt.
The system architecture, or the way the system works, is designed from the ground up in a much more superior fashion when compared with Windows. The kernel is small and focused while the Windows kernel is large and bloated. Many of the external functions, even going as far as serving asp pages and the like, use the kernel.
The Linux kernel does little more than manage the hardware. Other libraries are loaded to do virtually everything else. This is why Linux hardly ever crashes, and rarerly ever needs to be rebooted. This is the proper function of the kernel.
The Cost of Linux is Less Than Windows
In most cases, Linux is free. Most of the applications (all the ones I use from day to day) are free as well. Linux and these other free applications are "open source" and are licensed under the GNU. Essentially, this license says that you are free to distribute the software, alter it and charge a fee for delivering it or installing it. But you have to provide the source code for the software and provide the same license.
Many people, being used to paying out the nose for software, have a hard time grasping the open source concept. "How do they make money or stay in business" is the question most frequently asked. Well, "they" are usually a group of volunteers working towards making a project. People come and go on these projects, but the software is developed with strict standards and in a highly organized fashion. Other people will see a need or deficiency in the application, create a fix or feature and add that to the code repository.
This development model creates highly stable, useful and user-friendly software. Often times, these projects get started because someone wanted a free alternative to another software project.
Generally, these groups make money two ways. Supporting the application or software and by donation. Often times, some of these groups will use their application and startup a business selling a complete product at a very low price. Sophos is little more than a customized email server using open source software.
Linux is Highly Customizable
Google uses Linux internally. Their entire search infrastructure is made up of "clusters" of Linux systems. This is a cheap way to go...but the major reason Google went this route was the ability to build a custom operating system.
With operating systems like Windows, you have no choice what to install as far as the operating system is concerned. Yes, you can add and remove add ons, but let's face it. You can't even remove Internet Explorer (IE is part of the operating system..hence it's vulnerabilities...use FireFox kids).
With Linux and quite a bit of knowledge, you can build your own tiny operating system..used to do exactly what you need it to do. No more, no less.
So...Why Not Linux?
I believe there are two reasons why most companies choose Windows over Linux.
First there is the availability of training programs, certifications, degrees and skilled, proven administrators. There is a plethora of training programs, degrees and other pieces of paper to prove you are good with Windows. Shoot, nearly anyone can become a Windows system administrator and never touch a command line. And this is because of the second reason...
The GUI, or Graphical User Interface. I fully believe the GUI is the major reason most companies are turned off by Linux. Linux is relatively new to the land of the GUI. And this isn't because no one thought of it, or because of a deficiency in the operating system. It's because the Linux command line is one of the most powerful and upstages the GUI in almost every way. In Windows, you do most of the work using a GUI and some things can be done with the command line. In Linux, it's the opposite. An administrator with a BASH shell is a dangerous thing.
There are other considerations like training the employees of a company to use Linux, hardware requirements and a general shift in thinking among others, but I believe these are the two major reasons.
Although, as a side note, I cringe when I see 500 computers running Windows in an organization where most of what is done is word processing, email and web surfing. With new Linux "flavors" like kubuntu, using Linux is as easy as using Windows.