Ballmer cites 'facts' in Microsoft's battle against Linux

But Linux vendors dispute Microsoft's claim that Windows is a better bet than open source for issues like security and total cost of ownership
Written by Graeme Wearden, Contributor and  Ingrid Marson, Contributor
Microsoft chief executive Steve Ballmer has used the software giant's latest executive email to stoke up Microsoft's fight against the rise of Linux.

The 2,600 word missive was titled "customer focus: comparing Windows with Linux and UNIX". In it, Ballmer repeated the key themes of Microsoft's Get The Facts campaign.

He claimed that Windows was a better choice than Linux in terms of security, total cost of ownership (TCO) and protection against legal action over patent violations -- charges that Linux companies were quick to challenge on Wednesday.

"As organisations increasingly rely on IT to perform mission-critical functions, and with complexity a growing challenge, choosing the right computing platform for the long term can make the difference between profit and loss, and between future success and failure," wrote Ballmer.

"And it's pretty clear that the facts show that Windows provides a lower total cost of ownership [than Linux]; the number of security vulnerabilities is lower on Windows; and Windows responsiveness on security is better than Linux; and Microsoft provides uncapped IP indemnification of their products, while no such comprehensive offering is available for Linux or open source," Ballmer added.

Gael Duval, co-founder of Mandrakesoft, believes that Ballmer's email is indicative of a change of strategy from Microsoft.

"We think that Microsoft is trying a new strategy to fight against Linux by spreading much FUD [Fear Uncertainty and Doubt] about Linux strongest points," Duval told ZDNet UK.

"In particular, the TCO argument can easily be modelled to fit their communication, but many studies -- in general the ones that aren't financed by Microsoft -- show that Linux' TCO is much lower than Windows', in particular because administering Linux is really a peaceful activity that doesn't require as many sysadmins as does Windows," Duval continued, adding that big organisations such as governments are getting increasingly tempted by Linux.

The executive email can be read in full here.

Get The Facts was launched this year as Microsoft's response to the growing interest that companies are showing in open-source software. It is partly based on research conducted by analyst firms, which Microsoft cites as evidence of its independence and accuracy. But the accuracy of Get The Facts has been challenged by some in the IT industry.

One key part of the campaign is the claim that Windows is more secure than open-source alternatives because Microsoft fixes vulnerabilities quicker than Linux vendors. This is based on a report carried out by analyst group Forrester, Is Linux more secure than Windows?. It stated that Microsoft had the lowest elapsed time between the disclosure of a vulnerability and the release of a fix.

"They found that Microsoft addressed all of the 128 publicly disclosed security flaws in Windows over the 12-month period studied, and that its security updates predated major outbreaks by an average of 305 days," wrote Ballmer.

But Linux vendors have repeatedly attacked the validity of this report.

Back in April, Debian, Red Hat, SuSE and Mandrakesoft all insisted that the study had little "real world value" because it does not help customers assess the "practical issues of how quickly serious issues get fixed".

Earlier this summer, Mark Cox of Red Hat security response team told ZDNet UK that his firm had worked closely with Forrester, and that these findings were flawed because the analyst group had just taken a simple average of the data.

"An average is not representative. Red Hat fixes issues which other operating systems wouldn't fix, such as temporary file vulnerabilities," said Cox, adding that the report also failed to take into account the severity of the issues.

"A vulnerability which could allow a remote attack on Windows was considered in the same light as a file vulnerability on Linux which makes the system slow down," said Cox.

A report published last week on IT news site The Register also appeared to shoot holes in Microsoft's claims over security. It claimed that Microsoft's argument is based largely on faulty reasoning and overly narrow statistical analysis, focusing on metrics that showed Microsoft in a good light.

Duval also has concerns about Microsoft's claims on security.

"Microsoft keeps on repeating always the same arguments, while an incredible number of sysadmins consider Windows security as a nightmare. For instance, when there is a security alert under Mandrakelinux, we can react in less than 24 hours and provide an updated package that fixes the issue. Is it the same for Microsoft?"

Editorial standards