FreeBSD vs. Linux vs. Windows 2000

FreeBSD

Linux

Windows 2000

Reliability FreeBSD is extremely robust. There are numerous testimonials of active servers with uptimes measured in years. The new Soft Updates1 file system optimizes disk I/O for high performance, yet still ensures reliability for transaction based applications, such as databases. Linux is well known for its reliability. Servers often stay up for years. However, disk I/O is non-synchronous by default, which is less reliable for transaction based operations, and can produce a corrupted filesystem after a system crash or power failure. But for the average user, Linux is a very dependable OS. All Windows users are familiar with the "Blue Screen of Death". Poor reliability is one of the major drawbacks of Windows. Some of the major issues have been fixed in Windows 2000, but "code bloat" has introduced many more reliability problems. Windows 2000 uses a lot of system resources and it is very difficult to keep the system up for more than a couple of months without it reverting to a crawl as memory gets corrupted and filesystems fragmented.
Performance FreeBSD is the system of choice for high performance network applications. FreeBSD will outperform other systems when running on equivalent hardware. The largest and busiest public server on the Internet, at ftp.freesoftware.com, uses FreeBSD to serve more than 1.2TB/day of downloads. FreeBSD is used by Yahoo!, Qwest and many others as their main server OS because of its ability to handle heavy network traffic with high performance and rock solid reliability. Linux performs well for most applications, however the performance is not optimal under heavy network load. The network performance of Linux is 20-30% below the capacity of FreeBSD running on the same hardware 2. The situation has improved somewhat recently and the 2.4 release of the Linux kernel will introduce a new virutual memory system based on the same concepts as the FreeBSD VM system. Since both operating systems are open source, beneficial technologies are shared and for this reason the performance of Linux and FreeBSD is rapidly converging. Windows is adequate for routine desktop apps, but it is unable to handle heavy network loads. A few organizations try to make it work as an Internet server. For instance, barnesandnoble.com uses Windows-NT, as can be verifyed by the error messages that their webserver produces, such as this recent example: Error Message: [Microsoft][ODBC SQL Server Driver][SQL Server]Can't allocate space for object 'queryHistory' in database 'web' because the 'default' segment is full.
For their own "Hotmail" Internet servers, Microsoft used FreeBSD for many years.
Security

FreeBSD has been the subject of a massive auditing project for several years. All of the critical system components have been checked and rechecked for security-related errors. The entire system is open source so the security of the system can and has been verified by third parties. A default FreeBSD installation has yet to be affected by a single CERT security advisory in 2000.3

FreeBSD also has the notion of kernel security levels. These are much more powerful than simple run-levels since they allow the administrator to completely deny access to certain operating system functions such as reading /dev/mem, changing file system flags, or writing to disks without mounting a filesystem.

FreeBSD includes a very robust packet filtering firewall system and many intrusion detection tools.

The open source nature of Linux allows anyone to inspect the security of the code and make changes, but in reality the Linux codebase is modified too rapidly by inexperienced programmers. There is no formal code review policy and for this reason Linux has been suceptible to nearly every Unix-based CERT advisory of the year. This problem is compounded by the fact that distributions like Red Hat tend to turn on notoriously insecure services by default.

However, Linux does include a very robust packet filtering firewall system and many intrusion detection tools.

Microsoft claims that their products are secure. But they offer no guarantee, and their software is not available for inspection or peer review. Since Windows is closed source there is no way for users to fix or diagnose any of the security compromises that are regularly published about Microsoft systems.

Filesystem

FreeBSD uses the UFS (Unix File System), which is a little more complex than Linux's ext2. It offers a better way to insure filesystem data integrity, mainly with the "sofupdates" option. This option decreases synchronous I/O and increases asynchronous I/O because writes to a UFS filesystem aren't synced on a sector basis but according to the filesystem structure. This ensures that the filesystem is always coherent between two updates.

The FreeBSD filesystem also supports file flags, which can stop a would-be intruder dead in his or her tracks. There are several flags that you can add to a file such as the immutable flag. The immutable (schg) flag won't allow any alteration to the file or directory unless you remove it. Other very handy flags are append only (sappnd), cannot delete (sunlnk), and archive (arch). When you combine these with the kernel security level option, you have a very impenetrable system.

The Linux ext2 filesystem gets its performance from having an asynchronous mount. You can mount FreeBSD UFS filesystems as asynchronous but this is very dangerous and no seasoned Unix admin would do this. It's amazing that Linux is designed this way by default. Often a hard carsh permanently damages a mount. FreeBSD or Solaris can sustain a very hard crash with only minor data loss, and the filesystem will be remountable with few problems.

There are several new journaling filesystems in development for Linux that will fix some of these issues, but these will not be ready for the 2.4 release of Linux.

The Microsoft FAT filesystem and the newer NTFS are both plagued by over 15 years of backwards compatability with the earliest of PC-based filesystems. These filesystems were not designed for today's demanding server applications, they weren't even designed with a multi-user OS or networking in mind!

Device Drivers The FreeBSD bootloader can load binary drivers at boot-time. This allows third-party driver manufacturers to distribute binary-only driver modules that can be loaded into any FreeBSD system. Due to the open-source nature of FreeBSD, it is very easy to develop device drivers for new hardware. Unfortunately, most device-manufacturers will only release binaries for Microsoft operating systems. This means that it can take several months after a hardware device has hit the market until a device driver is available. The Linux community intentionally makes it difficult for hardware manufacturers to release binary-only drivers. This is meant to encourage hardware manufactureres to develop open-source device drivers. Unfortunately most vendors have been unwilling to release the source for their drivers so it is very difficult for Linux users to use vendor supplied drivers at all. Microsoft has excellent relationships with hardware vendors. There are often conflicts when using a device driver on different versions of Microsoft Windows, but overall Windows users have excellent access to third party device drivers.
Commercial Applications The number of commercial applications for FreeBSD is growing rapidly, but is still below what is available for Windows. In addition to native applications, FreeBSD can also run programs compiled for Linux, SCO Unix, and BSD/OS. Many new commercial applications are available for Linux, and more are being developed. Unfortunately, Linux can only run binaries that are specifically compiled for Linux. It is unable to run programs compiled for FreeBSD, SCO Unix, or other popular operating systems. There are thousands of applications available for Windows, far more than for any other OS. Nearly all commercial desktop applications run on Windows, and many of them are only available on Windows. If you have an important application that only runs on Windows, then you may have no choice but to run Microsoft Windows.
Free Applications There are many, many gigabytes of FREE software available for FreeBSD. FreeBSD includes thousands of software packages and an extensive ports collection, all with complete source code. Many people consider the FreeBSD Ports collection to be the most accessible and easiest to use library of free software packages available anywhere. There are huge numbers of free programs available for Linux. All GNU software runs on both Linux and FreeBSD without modification. Some of the free programs for Linux differ between distributions, because Linux does not have a central ports collection. The amount of free Windows software is much less than what is available for Unix. Many Windows applications are provided as "shareware", without source code, so the programs cannot be customized, debugged, improved, or extended by the user.
Development environment FreeBSD includes an extensive collection of development tools. You get a complete C/C++ development system (editor, compiler, debugger, profiler, etc.) and powerful Unix development tools for Java, HTTP, Perl, Python, Tcl/Tk, Awk, Sed, etc. All of these are free, and are included in the basic FreeBSD installation. All come with full source code. Linux includes all the same development tools as FreeBSD, with compilers and interpreters for every common programming language, all the GNU programs, including the powerful GNU C/C++ Compiler, Emacs editor, and GDB debugger. Unfortunately due to the very splintered nature of Linux, applications that you compile on one system (Red Hat 7) may not work on another Linux system (Slackware). Very few development tools are included with Windows 2000. Most need to be purchased separately, and are rarely compatible with each other.
Development infrastructure FreeBSD is an advanced BSD Unix operating system. The source code for the entire system is available in a centralized source code repository running under CVS. A large team (200+) of senior developers has write access to this repository and they coordinate development by reviewing and commiting the best changes of the development community at large. FreeBSD is engineered to find elegant solutions for overall goals, rather than quick hacks to add new functionality. Linux is a Unix-like kernel that must be combined with the GNU system to make a complete operating system. Linux does not use any version control system so all bug-fixes and enhancements must be emailed back and forth on mailing lists and ultimately submitted to the one person (Linus) who has authority to commit the code to the tree. Due to the overwhelming amount of code that gets written, it is impossible for one person to adequately quality control all of the pending changes. For this reason there is a lot of code in Linux that was hastily written and would never have been accepted into a more conservative operating system. Microsoft Windows is a closed-source operating system driven by market demand rather than technical merit. New technologies are rushed into the product before they have been properly designed or fully implemented. Very little is known about the internal development infrastructure of Microsoft but the "blue-screen of death" speaks for itself.
Support Several organizations, including BSDi, offer a wide range of support options for FreeBSD. In addition to 24x7 professional support, there is a large amount of free, informal support available through Usenet newsgroups and mailing lists, such as questions@freebsd.org. Once a problem is found, source code patches are often available within a few hours. Many organizations provide professional support for Linux. All the major Linux vendors offer some level of support, and several offer full 24/7 service. There are many forums where Linux questions are answered for free, such as newsgroups and mailing lists. As a last resort, you can always use the source to track down and fix a problem yourself. Although support is available for Windows 2000, you should be prepared to spend as long as an hour on hold, with no guarantee that your problem will be resolved. Because of the closed source nature of Windows, there is no informal, free support available, and bugs are fixed on Microsoft's schedule, not your's. Since Windows 2000 is not updated frequently, you may wait years for bugs to be fixed.
Price, and Total Cost of Ownership FreeBSD can be downloaded from the Internet for FREE. Or it can be purchased on a four CDROM set, along with several gigabytes of applications, for $40. All necessary documentation is included. Support is available for free or for very low cost. There is no user licensing, so you can quickly bring additional computers online. This all adds up to a very low total cost of Ownership. Linux is FREE. Several companies offer commercial aggregations at a very low cost. Applications and Documentation is available for little or no cost. There are no licensing restrictions, so Linux can be installed on as many systems as you like for no additional cost. Linux's total cost of ownership is very low.

The server edition of Windows 2000 costs nearly $700. Even basic applications cost extra. Users often spend many thousands of dollars for programs that are included for free with Linux or FreeBSD. Documentation is expensive, and very little on-line documentation is provided. A license is required for every computer, which means delays and administrative overhead. The initial learning curve for simple administration tasks is smaller than with Unix, but it also requires a lot more work to keep the system running with any significant work load.

Total

FreeBSD

= 8
= 2
= 0

Linux

= 4
= 4
= 2

Windows 2000

= 2
= 1
= 7
1 http://www.ece.cmu.edu/~ganger/papers/CSE-TR-254-95/
2 http://advisor.gartner.com/n_inbox/hotcontent/hc_2121999_3.html#h8
3 Recent CERT Advisaries affecting Linux : Recent CERT Advisaries affecting Windows :

Additional Information

This document was prepared by Bob Bruce and Murray Stokely, with input from Matt Dillon, Nathan dude, and many others.