Linux Myths

October 4th, 1999, Microsoft placed this article on their website, causing immediate outrage in the Open Source world and sparking the foundation of this website. "Why?", you might ask. The reason is that the LinuxMyths article makes some very strong claims about Linux without backing them up with sufficient evidence, often resorting to factual inaccuracies to "prove" their claims. The question of whether these factual inaccuracies were inserted on purpose or through lack of careful research on the part of the authors is outside the scope of this document. All I will try to do here is set straight the facts and try to generate inside the reader a larger awareness about this marketing tactic.

Rik van Riel
November 1999

Introduction

With all the recent attention around Linux as an operating system, it's important to step back from the hype and look at the reality.

Couldn't agree more, but unfortunately the rest of the article doesn't seem to stick to the facts in the way that the opening sentence promises...

First, it's worth noting that Linux is a UNIX-like operating system. Linux fundamentally relies on 30-year-old operating system technology and architecture. Linux was not designed from the ground-up to support symmetrical multiprocessing (SMP), graphical user interfaces (GUI), asynchronous I/O, fine-grained security model, and many other important characteristics of a modern operating system.

These are certainly things worth pointing out. The whole concept of files, directories, inodes, etc. is indeed 30 years old and still in use today. Not only by Unix-like systems, but also by VMS, OS/2 and Windows NT. The fact that Linux wasn't originally designed to support SMP and all the other technical buzzwords isn't really relevant either since the core part of the system has been completely redesigned to handle those just fine.

These architectural limitations mean that as customers look for a platform to cost effectively deploy scalable, secure, and robust applications, Linux simply cannot deliver on the hype.

I've read this sentence a number of times now, but I must say that I fail to see the connection between "delivering on the hype" and suitability for use in a business environment. I suggest we re-read the opening sentence and stick with that...

Myth: Linux performs better than Windows NT
Reality: Windows NT 4.0 Outperforms Linux On Common Customer Workloads

The Linux community claims to have improved performance and scalability in the latest versions of the Linux Kernel (2.2), however it's clear that Linux remains inferior to the Windows NT^® 4.0 operating system.

Now this is a strong statement to make. In order to back this up you'll need quite a lot of evidence.

For Web servers, the same PC Week tests showed Windows NT 4.0 with Internet Information Server 4.0 delivers 41 percent better performance on a single processor system and 125 percent better performance on a 4-way system than Linux and Apache.

When choosing a platform for a Web server, much more should go into consideration than whether a given OS can pump static pages across 4 100Mbit Ethernet cards. Web servers also routinely run cgi's and perform other tasks such as parsing HTML, performing server-side scripting tasks, and fetching results from database queries. If a machine is significantly slow in any one of these areas, it limits the amount of flexibility you have. In this scenario, it is NT that cannot deliver on the hype. As shown in a recent C'T Magazine benchmark, Windows NT's performance running cgi's written in Perl was far below the performance of a Linux system when running on the same hardware. If shoving out static pages is all you desire, you would be best advised to go with Solaris running Sun's own WebServer (as shown in a Web server showdown done by PC Magazine between NT, Solaris, and Linux.) The review and accompanying graph show that Sun's Web Server blew away the competition by dishing out an obscene 5,255 requests per second. When choosing between NT and Linux, Linux leaves you free to use a variety of free or commercial web servers, scripting languages, and cgi platforms. (THIS LAST PART NEEDS A GOOD CONCLUSION)

For e-commerce workloads using secure sockets (SSL), recent PC Magazine tests showed Windows NT 4.0 with Internet Information Server 4.0 delivers approximately five times the performance provided by Linux and Stronghold.

Apart from looking at the C'T story above, it would be good to keep in mind the benchmarking motto that any system can be tuned to be faster than any other system for any workload. Nothing expresses that thought better than this (satirical) piece on Segfault. [FIND URL AND LINK]

[IS IT ONE OF THESE?] Recap's Column: Mindcraft Proves NT Does Nothing Very Well
NT outperforms self on same hardware

Linux performance and scalability is architecturally limited in the 2.2 Kernel. Linux only supports 2 gigabytes (GB) of RAM on the x86 architecture ,¹ compared to 4 GB for Windows NT 4.0. The largest file size Linux supports is 2 GB versus 16 terabytes (TB) for Windows NT 4.0. The Linux SWAP file is limited to 128 MB. In addition, Linux does not support many of the modern operating system features that Windows NT 4.0 has pioneered such as asynchronous I/O, completion ports, and fine-grained kernel locks. These architecture constraints limit the ability of Linux to scale well past two processors.

The writers at Microsoft made a clear error here. The swap space limit had been raised to 2GB per swap area (with multiple of those areas possible) a few months before they wrote this.
On the memory management part they have clearly been overtaken by the development speed in the Linux world. As their footnote stated there was a patch available to support up to 4GB of memory on the 2.2 kernel; that patch has now been integrated and the 2.2 series is up to par with NT on this one. The 2.3 (development) kernel supports even more memory, up to 64GB on x86 machines. Large files support is in the latest version of Linux too, even though our limit of 2TB is lower than the 16TB limit of Windows NT (although that difference shouldn't be very important to normal businesses, who still operate on the GB scale).

The other "advanced" features are in Linux too. This is not surprising since most of them are about a decade (or more) old now. Not at all "pioneered by NT", but 20 year old technology that was available in VMS years before development of modern Unixen or NT even started...
Async I/O and completion ports have been functional on network sockets and most other I/O mechanisms for quite a while now on Linux. The fine-grained kernel locks are indeed still a bit coarse on the 2.2 kernel, but they are good enough for almost all of the workloads. In the 2.3 kernel series, the locks are fully fine-grained and spinlock overhead on 4-processor machines has been reduced from 8% in the 2.2 kernel to 2% in the 2.3 kernel under a special, extra heavy, test load. This means that Linux scales almost linearly now on 4-way and 8-way SMP machines. LINK TO SGI TESTS

The Linux community continues to promise major SMP and performance improvements. They have been promising these since the development of the 2.0 Kernel in 1996. Delivering a scalable system is a complex task and it's not clear that the Linux community can solve these issues easily or quickly. As D. H. Brown Associates noted in a recent technical report,² the Linux 2.2 Kernel remains in the early stages of providing a tuned SMP kernel.

The text in this paragraph has been fully overtaken by the development speed of the open source community and is becoming more and more obsolete as you are reading this sentence. As shown by the test above, there's no real need for D. H. Brown to doubt the Linux community any longer, they have delivered what he hoped for.

Myth: Linux is more reliable than Windows NT
Reality: Linux Needs Real World Proof Points Rather than Anecdotal Stories

Windows NT 4.0 has been proven in demanding customer environments to be a reliable operating system. Customers such as Barnes and Noble, The Boeing Company, Chicago Stock Exchange, Dell Computer, Nasdaq and many others run mission-critical applications on Windows NT 4.0.

So have most of the other server OSes. Linux has proven itself to companies such as Daimler Benz, The Boeing Company (they use more than one product, each product where it makes sense to do so), Ikea, NASA, the Google search engine. Furthermore, Linux is the most common web server platform. LINK TO IOSCOUNT

Linux lacks a commercial quality Journalling File System. This means that in the event of a system failure (such as a power outage) data loss or corruption is possible. In any event, the system must check the integrity of the file system during system restart, a process that will likely consume an extended amount of time, especially on large volumes and may require manual intervention to reconstruct the file system.

Again, this was true the moment Microsoft wrote it. Now, slightly more than a month later, the Journalling file systems (that have been in the works for over a year now) are ready and being used in production environments. Journalling Reiserfs has been released and will be included in the upcoming SuSE Linux distribution. Journalling ext2 (aka. jfs, ext3) is officially still in beta testing, but already in widespread use in the most demanding production workloads. It will be used in the upcoming version of Red Hat Linux. Meanwhile, SGI has been busy porting their industry-proven XFS file system to Linux. That file system has been very well tested in the most heavy circumstances, it even has set a few world records.

There are no commercially proven clustering technologies to provide High Availability for Linux. The Linux community may point to numerous projects and small companies that are aiming to deliver High Availability functionality. D. H. Brown recently noted that these offerings remain immature and largely unproven in the demanding business world.

Another assumption by D. H. Brown that's being proven wrong while I'm writing this sentence. The Linux community has surprised critics over and over again by showing that they are able to develop such features in a time frame where no proprietary software company could do the same. With companies like SGI, IBM, Intel, Redhat, SuSE, Corel and HP backing these efforts, it's really no surprise that the Linux community advances faster than any single company could do.

Myth: Linux is Free
Reality: Free Operating System Does Not Mean Low Total Cost of Ownership

The Linux community will talk about the free or low-cost nature of Linux. It's important to understand that licensing cost is only a small part of the overall decision-making process for customers.

I couldn't agree more with Microsoft on this point. It is time that companies realize that there's more to software than just the sale price (or the lack thereof).

The cost of the operating system is only a small percentage of the overall total cost of ownership (TCO). In general Windows NT has proven to have a lower cost of ownership than UNIX. Previous studies have shown that Windows NT has 37 percent lower TCO than UNIX. There is no reason to believe that Linux is significantly different than other versions of UNIX when it comes to TCO.

It's a bit of a shame that the above link is the only link Microsoft could produce to support the "Linux is more expensive than NT" claim. Especially since most of the numbers in that piece don't add up and the cost per transaction on Solaris would be lower than for NT. Taking into account the fact that price differences in hardware and licensing are quite a large portion of the price difference, there is no reason to assume that Linux has the same TCO as Solaris. See this analysis by Thomas Pfau for the maths.

The very definition of Linux as an Open Software effort means that commercial companies like Red Hat will make money by charging for services. Therefore, commercial support services for Linux will be fee-based and will likely be priced at a premium. These costs have to be factored into the total cost model.

Of course they should. But since there is no reason to assume that Linux support service would be any more expensive than NT support, there is no reason why this argument should make any impact on the NT vs. Linux discussion.
There is one difference, however. The Linux support companies have the source code to the operating system available. This allows them to really fix the problems their customers might experience, even to add new features on customers' demands; this is in great contrast to the support you can get on commercial platforms where the support company is dependant on the manufacturer and can only put workarounds in place to avoid the problem...
Because of this you might even argue that while both support fees will be similar, the open source support companies will be able to provide more value for money!

Linux is a UNIX-like operating system and is therefore complex to configure and manage. Existing UNIX users may find the transition to Linux easier but administrators for existing Windows^®-based or Novell environments will find it more difficult to handle the complexity of Linux. This retraining will add significant costs to Linux deployments.

I think I spot another blunt statement here :) "and therefore complex...", looks like they'll never learn. Now if they would give any arguments as to why a Unix system would be harder to administer, but no... It should be worth noting that Unix-based administrators usually have the same opinions about NT though, suggesting that the difference really isn't that large.

The retraining part is, of course, true. But that also deserves a few points worth noting. One of them is that administrators also need training to go from one version of a system to the next, as well as periodic courses to get up to date. The other thing is that the training budget only is a small part of the total cost, things like downtime and overtime because servers crash in strange moments and an administrator needs to work all night to reformat and reinstall the machine tend to be far greater costs to the business in question than the occasional training course.

Linux is a higher risk option than Windows NT. For example how many certified engineers are there for Linux? How easy is it to find skilled development and support people for Linux? Who performs end-to-end testing for Linux-based solutions? These factors and more need to be taken into account when choosing a platform for your business.

Despite being asked as purely rethorical questions, the questions Microsoft is asking can be answered in the favor of Linux. While it is true that Microsoft certified engineers outnumber Linux certified engineers at the moment, that doesn't mean you can't find certified Linux engineers. Most major Linux distributors, including Red Hat and SuSE, offer training and certification services, which are producing numerous new certified Linux engineers every week. Documents like the Consultants HOWTO can help you finding a qualified engineer in your location. Finding skilled development people is just as easy - look into any of the mailing lists or newsgroups dedicated to the development of Linux applications or the Linux operating system itself. Red Hat offers Developer training and certification [TODO: Do other distributors do this as well?]. As for support, just turn to your Linux distributor, or Linux support companies like LinuxCare. For many support questions, even the (free) Linux support through newsgroups and mailing lists like linux-newbie is sufficient.

Myth: Linux is more secure than Windows NT
Reality: Linux Security Model Is Weak

All systems are vulnerable to security issues, however it's important to note that Linux uses the same security model as the original UNIX implementations--a model that was not designed from the ground up to be secure.

NT's roots go back to MS-DOS with it's FAT filesystem which has absolutely no security features whatsoever. NT installs into a FAT partition which must later be manually converted to NT's native filesystem if desired by the user.

Many NT applications were actually written to run on Windows 9x and expect a single user environment. All user configuration information is therefore kept in files in shared areas such as the applications installation directory or, worse yet, the NT system directory. In order for these applications to be useful, users must be allowed to read and write files in these locations.

Linux only provides access controls for files and directories. In contrast, every object in Windows NT, from files to operating system data structures, has an access control list and its use can be regulated as appropriate.

The statement is correct, but forgets about the fact that under Linux (and all other UNIX-like operating systems), everything in the system is represented as a file. For example, the first local printer will be represented by the file /dev/lp0, and an IDE harddisk is the file /dev/hda. By doing access controls on these files, you are controlling access to the devices.

Linux security is all-or-nothing. Administrators cannot delegate administrative privileges: a user who needs any administrative capability must be made a full administrator, which compromises best security practices. In contrast, Windows NT allows an administrator to delegate privileges at an exceptionally fine-grained level.

This is another piece of misinformation. Someone claiming Linux security is all or nothing obviously hasn't heard of user groups, the sudo command, which permits certain users to execute specific commands as root (the system administrator account), or setuid bits, which can make programs being executed as a specific user, no matter who is really calling them. This allows tools like the configuration tool LinuxConf to always have the privileges to change something, and pass some privileges on to trusted users, according to the rules set by the system administrator.

Linux has not supported key security accreditation standards. Every member of the Windows NT family since Windows NT 3.5 has been evaluated at either a C2 level under the U.S. Government's evaluation process or at a C2-equivalent level under the British Government's ITSEC process. In contrast, no Linux products are listed on the U.S. Government's evaluated product list.

Linux has not been certified to comply to these standards, which does not mean it would not pass the certification if someone ran the tests. The reason this is not being done is the cost of these certifications - volunteers from the Linux community don't have Microsoft's money. Also, it's interesting to see they're forgetting to mention that Windows NT is C2 safe only if it doesn't have a network card or any other connection to the outside world. Windows NT 4.0 was never certified.

Linux system administrators must spend huge amounts of time understanding the latest Linux bugs and determining what to do about them. This is made complex due to the fact that there isn't a central location for security issues to be reported and fixed. In contrast Microsoft provides a single security repository for notification and fixes of security related issues.

There may be no official central location for Linux security, but there are official central locations for security updates of every Linux distribution. Due to the open source nature of Linux, security bugs are usually fixed within hours of being discovered, and Linux distributors are doing a good job at getting the fixes into their respective security update repositories. For example, every big Linux distributor, including Red Hat, Mandrake and SuSE, had the bind 8.2.2_P3 security update within 2 days after it was released. NT Administrators will know that it usually takes longer for Microsoft to release a hotfix, or even a service pack to address similar issues. People who are interested in security also have the option to join the bugtraq and CERT mailing lists, and get notifications about security leaks and their fixes as soon as they are discovered.

Configuring Linux security requires an administrator to be an expert in the intricacies of the operating system and how components interact. Misconfigure any part of the operating system and the system could be vulnerable to attack. Windows NT security is easy to set up and administer with tools such as the Security Configuration Editor.

The statement saying an administrator should be an expert in the operating system and how components interacts, and that misconfigurations in any part can make the whole system vulnerable is true of every operating system, including both Linux and Windows NT. Linux security is easy to set up and administer with tools such as KDE, GNOME, LinuxConf and WebMin.

Myth: Linux can replace Windows on the desktop
Reality: Linux Makes No Sense at the Desktop

Linux as a desktop operating system makes no sense. A user would end up with a system that has fewer applications, is more complex to use and manage, and is less intuitive.

Linux was not meant as a desktop operating system when it started, but is quickly making progress in the desktop area. It is true that right now, Linux has fewer applications, but many applications are being ported right now, and everything an average user will need (including a full set of office applications like StarOffice, and browsers like Netscape) is already available, in many cases for free or at a much lower price than a comparable Windows application. Also, if there is no native Linux application for your needs, Linux can run Windows applications to a certain extent - emulators like Wine or TWin are not perfect, but they're getting better quickly. Also, you have the possibility to basically run Windows within Linux using tools like VMWare.

With KDE and GNOME, the statement that Linux is complex to use and less intuitive is no longer true. You can do everything a normal user will need in a graphical user interface. Shell commands may look cryptic to someone who isn't used to them - but they are very useful to advanced users (some things can be done much faster in a command line interface than in any graphical interface), and if you don't know how to handle them, you don't need to use them. The shell is comparable to the DOS Prompt in Windows (it's just more powerful) - it's better for some things, but new and non-technical users won't need it.

Linux does not provide support for the broad range of hardware in use today; Windows NT 4.0 currently supports over 39,000 systems and devices on the Hardware Compatibility List. Linux does not support important ease-of-use technologies such as Plug and Play, USB, and Power Management

Another piece of misinformation - Linux supports way more than 39,000 systems and devices. Linux has supported Power Management for years. PCI Plug and Play support is no problem at all in Linux. ISA Plug and Play cards are currently not being autoconfigured, but can be used without problems. While USB is not supported in the current stable kernel, very usable USB support patches are available. The current Linux development kernel, 2.3.29 at the time of writing, has full support for USB and ISA Plug and Play autoconfiguration, and is generally usable. Windows NT 4.0, on the other hand, does not support USB and Power Management without special add-ons.

The complexity of the Linux operating system and cumbersome nature of the existing GUIs would make retraining end-users a huge undertaking and would add significant cost

When they see me doing something in KDE, many non-technical users are surprised when I tell them I am using Linux, because they can't tell the difference. Any end-user who is familiar with the Windows GUI can handle Linux GUIs like KDE and GNOME without a lot of retraining.