Total Cost of Ownership (TCO)

See what independent third-party analysts and customers have to say about weighing the TCO of Windows and Linux.

Eweek has written a story about the TCO between windows and linux with regards to the research by the yankee group eweek.com stating:

"Some of Microsoft's "facts" came from research by The Yankee Group. Then, Microsoft claimed that Yankee had found that switching to Linux from Windows was "prohibitively expensive, extremely complex [and] provides no tangible business gains." Things have changed. Now, Yankee Group senior analyst Laura DiDio has found that most U.S. businesses say there is almost no difference between the costs of maintaining Windows-based versus Linux-based corporate servers. Who knew? Well, anyone who's used both. According to DiDio, the true costs of server operating systems for an enterprise are determined by how long it takes to develop applications and ensure the security of servers. Development time, in my experience, has little to do with any operating system and a whole lot to do with your programmers' skills and tool sets. "

Reliability

Compare Windows and Linux on ease of maintenance, end-user availability, and predictability.

reliability
An attribute of any system that consistently produces
the same results, preferably meeting or exceeding its
specifications.

The reliability of a system is very dependent on the administrator or administrators managing the system. The better you know the system you work with, Windows or GNU/Linux, the more stable and reliable it is.

ZDNet has a story stating "A four-year research project has found 985 bugs in the latest Linux kernel - less than 20 percent of the figure that would be expected for proprietary software". This project in question is Coverity, the producer of a software to automate the detection of program defects and security vulnerabilities. At the website linuxbugs.coverity.com you can read more about the project.

I would like to thank Coverty, since as they say "Linux has revolutionized the computing world by providing a reliable server platform at a fraction of the traditional IT costs. As a service to the Linux community, and as a quality assurance test for our tools, Coverity periodically analyzes the latest Linux kernel and makes the results available to visitors to this website."

Another reason why GNU/Linux tends to be more reliable is the modular design. If one service stop, it seldom bring down the others. Using virtualization techniques such as Xen or Vserver you can also substancially reduce the time it take to recover from security attacks. Xen for one thing allow you to move live virtual servers, so that the only downtime you will get is when switching the IP-address routing.

Security

Examine recent studies that compare Windows and Linux on key security issues, such as the costs of patch management, efforts to patch, and vulnerabilities.

Security is one of my passions, especially digital signatures and encryption, then preferably using OpenPGP. OpenPGP is the most widely used email encryption standard in the world. It is defined by the OpenPGP Working Group of the Internet Engineering Task Force. The OpenPGP standard was originally derived from PGP (Pretty Good Privacy), first created by Phil Zimmermann in 1991. For more information you can visit secure-my-email.com .

A good article related to the get the facts campaign is to be found at theregister.co.uk .

I'm quoting: "But what's the truth? For every claim there is, somewhere, a counterclaim. But until now there has been no systematic and detailed effort to address Microsoft's major security bullet points in report form. In a new analysis published here, however, Nicholas Petreley sets out to correct this deficit, considering the claims one at a time in detail, and providing assessments backed by hard data. Petreley concludes that Microsoft's efforts to dispel Linux 'myths' are based largely on faulty reasoning and overly narrow statistical analysis. Even if you think you know this already (as we fear may be the case for numerous Register readers), we think you'll find it useful to be able to say why you know it, what the facts and the numbers really are, and where you can get the document to back up what you're saying."

The PDF article is located at theregister.co.uk I recommend that you read it.

"If we reality-check these conclusions against another scale, we find that vulnerability metrics used by the US Computer Emergency Readiness Team (CERT) return 250 results for Microsoft, with 39 having a severity rating of 40 or greater, and 46 for Red Hat, with only three scoring over 40. So simply making claims based on that one metric (as Steve Ballmer did, again, earlier this week) is like judging a hospital's effectiveness in dealing with emergency cardiac care from its average speed in dealing with all patients..."

One myth is that Windows only gets attacked most because it's such a big target, and if Linux use (or indeed OS X use) grew then so would the number of attacks.

When it comes to web servers, the biggest target is Apache, the Internet's server of choice. Attacks on Apache are nevertheless far fewer in number, and cause less damage. And in some case Apache-related attacks have the most serious effect on Windows. Attacks are of course aimed at Windows because of the number of users, but its design makes it a much easier target, and much easier for an attack to wreak havoc. Windows' widespread (and often unnecessary) use of features such as RPC meanwhile adds vulnerabilities that really need not be there. Linux's design is not vulnerable in the same ways, and no matter how successful it eventually becomes it simply cannot experience attacks on the same scale, inflicting similar levels of damage, as Windows.