John Halamka has a penchant for experiments with new
technologies. In 2004, the now 44-year-old CIO of the Harvard Medical School and CareGroup, which runs the Beth Israel Deaconess Medical Center, who is also a practicing emergency room physician, was one of the first people to have an RFID chip containing a link to his medical records implanted in his body (it's near his right triceps.) Next April, he and Harvard geneticist George Church will become the first humans to have their DNA sequenced and their full genetic makeup posted on the Web.
MORE ON CIO.COM
But as a health-care administrator, he's not solely interested in testing the cutting-edge, Orwellian technologies that make headlines. The PCs inside the hospital have to work too. So when Halamka's laptop running Windows XP interrupted several presentations with inopportune antivirus and application updates, he decided his next big initiative would be to determine which desktop operating system—Windows XP, Apple's OS X or Linux—is the most secure, most reliable and easiest to use in a corporate environment.
For three months, Halamka ditched his Windows laptop. He replaced it first with a MacBook running OS X. Then he spent a month using a Lenovo ThinkPad X41 running a dual-boot configuration of Red Hat Enterprise Linux Workstation and Red Hat Fedora Core. Finally, he took up a Dell D420 subnotebook running Microsoft's Windows XP. After evaluating all three to determine which worked best for him, he plans to begin testing his preferred setup with users, most of whose desktops currently run Windows.
Halamka judged the three operating systems according to a variety of criteria including their performance, user interfaces and enterprise management capabilities, such as the ability to configure applications, easily organize file systems, and establish granular security control. We followed Halamka's progress, and now we have his conclusions. We've also ask three other experts to take a look at Halamka's findings and add their own insights.
Introduction (Part 2)
Halamka admits to a bias against Microsoft: He thinks the
complexity of the Office product suite hampers its performance and makes it more vulnerable to viruses and spyware. Halamka says that at a dinner with Microsoft CEO Steve Ballmer in 2004, he told Ballmer that he doesn't use 80 percent of the features in Office and suggested that Microsoft develop a simpler, more secure and reliable product (Ballmer's response, he says was to cite statistics that indicated lots of users like 95 percent of Office's features). Halamka is also skeptical of Microsoft's future in creating simpler, more reliable products, given Bill Gate's upcoming retirement and the company's appointment of Chief Technical Officer Ray Ozzie to succeed Gates as chief software architect. (See our story "Beyond Vista" for more on Microsoft's future goals.) "Ray is brilliant, but his two products, Lotus Notes and Groove Networks, are both huge systems that taxed networks. So what's the likelihood of Microsoft coming up with a simple, reliable product suite? Pretty low," Halamka says. Meanwhile, Halamka notes the rise of Google and Linux as credible challengers to Microsoft's dominance and Apple's adoption of Intel chips as a way to boost the performance of its products and enhance their potential to be used in a corporate environment.
Few companies are seeking alternatives to the Microsoft desktop, according to Roger Kay, president of Endpoint Technologies Associates, an IT research company based in Wayland, Mass. "People are risk averse. They don't like to try new things. It's inertia that holds Microsoft in place," he says.
Even organizations that are seriously investigating Linux and Apple tend to keep their evaluations on the QT, according to Rob Enderle, an IT analyst. Enderle says that public companies don't like to publicize their experiments because if their attempt to switch from one operating system to another fails, they want to be able to quickly and quietly sweep the project under the rug—lest they draw negative attention or jeopardize their relationships with existing vendors.
Halamka tested the operating systems himself before testing them with users because he wanted to know firsthand what problems users might encounter and get a sense of whether his IT department will be able to easily and cost effectively maintain the platform. He conducted the experiment before the release of Apple's Leopard and Microsoft's Vista operating systems for two reasons: He had the time in his schedule to learn the nuances of the different operating systems, and he prefers testing established, stable technologies rather than new releases.
"Being a CIO in 2006 is a lot harder than it was two years ago," says Halamka. Users don't tolerate even three minutes of downtime, he says, and IT budgets aren't growing with users' demand for bandwidth and storage. "CIOs who are budget constrained have to ask themselves if their organizations could save a couple hundred thousand dollars a year by using an open-source product that's almost like Microsoft office," he says. "This is about making sure industry can do what it needs to do better, faster, cheaper and more reliably."
Mac OS X: Looking Better for Business
Configuration: Intel-based MacBook running OS X with Apple's Safari Web browser, Microsoft's Entourage e-mail application, Apple's Pages 2 desktop publishing system for word processing and Apple's Keynote presentation application.
What he liked: Like many CIOs, Halamka was predisposed to think that Apple computers aren't enterprise class. However, he learned during his month using the MacBook that the Apple Remote Desktop management system offers many of the features IT departments would need to roll out a fleet of Macs enterprisewide, including tools for configuring applications, controlling what software is installed on desktops and applying upgrades. He also learned from some friends who are Mac power users how to tweak the Mac's underlying file structure—something desktop administrators will have to know to support users. (Apple deliberately hides the complexity of its file structure from users so that they don't have to spend time administrating their computers and organizing their files.)
Another characteristic of the MacBook that helps with IT support and administration is its reliability. Halamka prized the fact that his MacBook didn't crash or freeze once during the month he used it. And his work was never interrupted by automatic antivirus or antispyware updates—a frequent annoyance with Windows.
Because Halamka travels an average of four days each month, remote e-mail access is of paramount importance to him, as it is to any other frequent flier. He had easy access to his Entourage e-mail during the eight days he traveled while using the MacBook once his IT department made a small change to CareGroup's firewall. Because Entourage uses the public Internet and the WebDAV protocol for online collaboration and file management, Halamka didn't need a separate VPN log-in to get his e-mail (messages are encrypted using SSL).
Access to all internally developed Web-based software using his Safari browser was also problem-free because his IT group builds all homegrown applications to work with any browser. And when he was on the go, OS X switched flawlessly from one wireless network to another, which he thinks makes the MacBook a great tool for mobile knowledge workers. The MacBook never skipped a beat as he went from a meeting at Harvard (which uses the WPA/PEAP wireless network) to a meeting at CareGroup (which uses EAP-FAST client) to an informal meeting at Starbucks (which uses a public network).
In addition to his CIO duties, Halamka is involved in a number of extracurricular IT-related initiatives (including serving as chairman of the national Healthcare IT Standards Panel). As part of his work, he gives 150 lectures or presentations each year. Thus, he needs an effective tool for creating presentations. He found what he needed in Keynote, which he finds refreshingly simple compared with PowerPoint.
Keynote doesn't offer all the special effects for which PowerPoint is famous. Consequently, Halamka found the application forced him to focus more on his message and the points he wanted to make on each slide rather than on whether he wanted a sound to accompany each slide change. This is not to say that Halamka's presentations were boring, or text-heavy. Macs are known for their multimedia capabilities, and he took advantage of these, incorporating digital audio and video into a lecture he gave on mushroom poisoning.
Finally, as a power user of search, Halamka grew fond of Spotlight, the search function on the MacBook that indexes and searches for all content on the 80GB hard drive. It even searches and indexes Entourage e-mail, which is stored on the hard drive.
What he disliked: In April, Apple announced its support for the
Windows operating system on its machines. The move was designed to convert Windows users to stylish Mac hardware. Considering so many businesses are Microsoft shops, IT industry observers thought Apple's support of Windows might win over some corporate customers. But Halamka found running Windows on his MacBook "slightly finicky".
Mac users have two options for running Windows: Apple's Bootcamp, which requires a reboot each time you want to switch from OS X to XP, or Parallels, which enables XP to run within OS X but was problematic when switching between wired and wireless connections (update). He found he had to renew his IP address whenever he entered Parallels to ensure the IP address would be successfully renegotiated. Because of these inconveniences, Halamka gave up on running Windows XP and most of its attendant applications on his MacBook and used the MacBook's software suite instead. He found that to be adequate with one exception: some Windows-centric commercial browser-based apps, such as a radiology system from General Electric, wouldn't run in Safari. They use ActiveX controls that work only in Internet Explorer.
Although Entourage worked seamlessly for e-mail, he observed some annoying quirks and weaknesses. For example synchronizing the e-mail application with Microsoft Exchange for the first time took the better part of a day. The reason: Entourage stores all of a user's e-mail on his hard drive (Halamka's takes up 3GB), in contrast to Microsoft Outlook, which, by default, stores it on a server. The time-consuming synchronization process was a one-time problem. A minor annoyance is that users, whether they're in the office or on the road, have to wait for all of their new mail to download from the server before they can read any new messages. However, this is the same problem faced by PC users if they choose to keep e-mail stored on their laptop, which is an option with Outlook.
Meanwhile, he had trouble managing complex recurring appointments in Entourage. In such cases, he had to use Outlook Web Access on his Mac. Halamka found that none of the advanced features of Outlook Web Access 2003 (the Windows version), such as easy scrolling and deletion of messages, works on the Mac. That gave him more reason to ditch Windows applications in favor of the software bundled with his Mac and to tolerate Entourage's few functional shortcomings.
With any new technology comes a learning curve, and the Mac, while known for being easy to use, still requires some getting used to. For widespread deployment at CareGroup, Halamka would have to create thorough training manuals for users accustomed to Windows since some of the functions one takes for granted on PCs, such as printing screen shots and right clicking, aren't obvious on Macs. He doesn't want his users to have to navigate all the Apple lore and oral tradition the way he did when learning the ins and outs of his MacBook. He says it took him about three days to get completely comfortable with the machine.
Update: Subsequent to posting this story, additional products for running Windows on a Mac have been released. As of Feb. 1, 2007, these include a product in public beta test from VMWare and CrossOver from CodeWeaver.
Workarounds: As happens anytime one tries to integrate new
technology into an existing environment, Halamka had to come up with some workarounds to get the MacBook to function properly and to work with seemingly incompatible systems. For the most part, these were straightforward, requiring a switch from running OS X to XP, slight reconfigurations of enterprise applications or the installation of a patch.
For example, CareGroup's Juniper Networks' VPN wasn't compatible with the MacBook, and it crashed the computer the first time he tried to connect (which he needed to do in order to access the Microsoft Exchange address book or secure websites behind the firewall, such as CareGroup's PeopleSoft portal). Halamka notified Juniper of the problem, and a day later the vendor developed a patch for the VPN software. After that, the VPN worked flawlessly with the MacBook. In addition, before he could run his video files that were created in the Windows proprietary Audio Video Interleave format (formerly Windows Video Format), he had to download some shareware.
When it came to making presentations, Halamka discovered the MacBook doesn't have a standard connector to hook it up to a projector. He had to get an adaptor cable and carry the mini-DVI to XGA cable with him. But when he connected his Mac to a projector via the adaptor cable, it usually figured out the proper display resolutions automatically.
Conclusion: Halamka says the MacBook's reliability far
outweighed any challenges he had with the learning curve. Though he's not ready to deploy it yet, he thinks it has potential as an enterprise platform. He'll have to test it out on a larger number of CareGroup employees to be sure. However, he does think the MacBook suited his needs as a CIO superbly.
"At the moment, where my role is so much about change management and effectively communicating with everyone who works for me and with my customers, multimedia is very important to me. A MacBook, which is extraordinarily good at managing multimedia, is actually a superior knowledge worker tool to XP, which is probably a better development environment," he says. But since he's not writing a lot of code, he adds, "the Mac does seem to hit the sweet spot of what I need."
Second Opinion: Making the MigrationA Mac expert weighs in
By Jason Snell
I'd echo John Halamka's thoughts about running Windows on
Mac hardware: Parallels Desktop is definitely the better option, and it generally runs well, but it has the occasional quirk. Users who buy a Mac should expect to spend most of their time using Mac OS X, not switching into Windows. For the vast majority of tasks, the Mac-native software will do the job. Windows is there if you need it, but most users view it as a tool to be used only when absolutely necessary, not as a major part of their Mac-using experience.
Websites that require Internet Explorer for Windows used to be the bane of Mac users' existences, but these days most Web developers are building their apps using Web standards and testing for Firefox compatibility, which generally means they're compatible with the Mac version of Firefox (and sometimes with Safari too).
Halamka used a MacBook, which is Apple's consumer laptop. If he had been using a MacBook Pro (which might be a more appropriate choice given his expertise and title), he wouldn't have found himself needing a $15 mini-DVI adapter for his projector; the MacBook Pro has a standard DVI port and includes a DVI-to-VGA connector in the box.
The article makes Keynote sound like a "light" version of PowerPoint. My experience is that Keynote presentations actually offer far more options (in terms of transitions and slide builds) than PowerPoint does. I can always tell when someone is using Keynote, but that recognition is because of extra effects, not the lack of effects. It might be more accurate to say that Keynote doesn't offer the same effects as PowerPoint.
As a Mac user, it's encouraging to see that many of Halamka's complaints are the sort you'd expect from someone trying to make a transition from their familiar Windows operating system to the Mac's somewhat different approach. Although Mac users can rattle off the "Vulcan Death Grip" required to take a screen shot (Command-Shift-3) and know that on the Mac "right click" is synonymous with "Control click," it's not always obvious to new users how these things work.
Jason Snell is VP and editorial director of Macworld (Macworld's publisher is a sister company to CIO's publisher.)
Linux: Admirable, But Not Yet an Option
Configuration: Lenovo X41 laptop loaded with two Red Hat Linux operating systems—Fedora Core 5 and Red Hat Enterprise Linux (RHEL) version WS 4 U3—so that Halamka could test both. Each system ran the following open-source desktop applications: Firefox Web browser, OpenOffice (version 1.x on RHEL and 2.x on Fedora) and Evolution e-mail with Novell's Ximian Connector for Microsoft Exchange (Connector is an extension to Evolution that functions as a Microsoft Exchange Server client for Linux and Unix desktops and workstations).
What he liked: Contrary to what Microsoft says on its website, Linux can be a stable, reliable desktop operating system. But not all varieties of desktop Linux are created equal. Halamka says RHEL in particular lends itself well to corporate computing environments because the infrequent changes Red Hat makes to the OS are well tested and documented. The testing and documentation of changes and upgrades gives corporate IT departments the confidence they need to support and administer Linux on the desktop and to know that it won't be the source of hundreds of furious calls from users to the help desk.
Fedora, on the other hand, is a lot of work to maintain because, unlike RHEL, it's so frequently updated (see "What he disliked," below). But those frequent updates enable support for the latest hardware—for instance, EVDO wireless broadband cards—as well as rapidly evolving applications such as OpenOffice and power management applications.
As for open-source office productivity applications, Halamka fell in love with Firefox. The application didn't crash on him once, and he found it easy to use. He particularly loved the tabbing function that let him open new webpages without having to open a separate browser window. And he didn't encounter any problems accessing CareGroup's Web-based corporate applications with Firefox, because they're based on open standards. Halamka liked Firefox so much that he made it the default browser on his MacBook and on the new Dell laptop he tested. OpenOffice worked well for word processing, presentations and spreadsheets. In addition, he did not encounter any serious problems working with Microsoft Office documents. Between OpenOffice and Adobe Acrobat, Halamka says he had all the office productivity tools he needed.
What he disliked: Although a stable operating system like
Red Hat is easier to manage, it also doesn't support the latest technologies, features and functionality. Sometimes, it doesn't even support tried-and-true technologies like USB drives or basic features like sleep. A potential stumbling block to deployment at CareGroup, Halamka found, is that RHEL doesn't incorporate the drivers that automatically detect networks or support new hardware, such as those wireless broadband cards or the tablet computers clinicians use to access electronic health records and e-prescribing applications.
Neither RHEL nor Fedora could recognize a USB drive when Halamka plugged one into his laptop. Each time he added one, he had to mount it manually by writing a command. Thus, moving 250MB of files from his MacBook to his Lenovo X41 took him two hours. Halamka notes that his Linux engineers, who have been using Fedora on their own computers, were eventually able to get that OS to recognize USB drives after installing the necessary updates.
When Halamka wasn't using his computer, the RHEL OS sucked the life out of its battery or the electrical outlet into which it was plugged because he couldn't put it to sleep. Fedora's sleep feature worked half the time. When it didn't function properly, he had to reboot.
Fedora's major problem, according to Halamka, is that the operating system is in "permanent beta." It's a standard procedure in the development of Fedora for open-source developers to constantly release updates and enhancements and leave it to the user community to test for interoperability with other applications. Consequently, when Halamka downloaded these updates onto his computer, they often caused other applications to crash. He says figuring out which applications would work and which wouldn't after downloading 200MB of updates every few days "was liking spinning a roulette wheel."
On the application side, neither RHEL's nor Fedora's version of the open-source e-mail application Evolution worked well as a client for Microsoft's Exchange server. In two days of trying, Halamka wasn't able to synchronize his Evolution client with CareGroup's Exchange server because Evolution was so unstable. If the process of synchronizing the messages on Halamka's hard drive with the Exchange server was interrupted for any reason (for instance, if the network was slow) the synchronization operation restarted from the beginning.
Evolution was so temperamental that Halamka couldn't use his computer for anything while Evolution was syncing with Exchange. What's more, Evolution frequently locked up and required forced quits, requiring Halamka to turn to Outlook Web Access to synch with Exchange. Were it not for that workaround, Halamka might not have been able to use e-mail—an untenable situation for someone whose job relies upon it.
The problems Halamka encountered with Linux on the desktop meant he had to build as much as an extra hour into his day for troubleshooting—even after one of his Linux engineers spent 20 hours over the course of one week configuring his machine. (This was not the smooth, out-of-the-box experience he had had with his MacBook.) And although Halamka is an accomplished Unix administrator (he wrote a textbook on Unix at the ripe old age of 19), tinkering with the operating systems took up precious time. "I don't want to spend my day writing command lines," he says.
Workarounds: Halamka couldn't connect to CareGroup's corporate network the first time he tried doing so running RHEL. The OS didn't quickly recognize the wired connection or have the drivers for his flavor of wireless connectivity. One of his Linux engineers told him how to manually activate both the wireless and wired connections by selecting "Network" from the "System Settings" menu and providing a root password. That seemed to solve the problem for the wired connection, but he had to activate the wireless connection each time he wanted to use it.
Conclusion: Halamka desperately wants Linux to work on a
laptop because he so admires the open-source philosophy of developers working together to improve computing. But he acknowledges that the OS—at least the RHEL or Fedora versions of it—is not ready for prime time. In fact, he was surprised that running Linux on the desktop was so problematic, even though he knew getting it all to operate properly the first time would be a challenge. "The fact that [Linux] can work most of the time [only] with tinkering—and after a team of PhDs figures out the exact configuration for a specific combination of hardware—does not scale for CIOs with heterogeneous laptop inventories," says Halamka. "I never got to the point where if I had to give a speech, I could open the lid of my laptop, launch my presentation and know it was going to work."
For Linux to become practical and affordable to run on PCs, he adds, hardware manufacturers will have to configure Linux software for specific machines. In part, this is because—according to a conversation he had with Red Hat executives—the company has no plans to support desktops and laptops.
Halamka notes that Lenovo is providing custom Linux configurations for its top-of-the-line T60 machines and that Linux configuration service providers such as EmperorLinux.com will custom configure SUSE Linux to run on Lenovo products for a fee of a few hundred dollars. He says that having one of these companies custom configure the operating system to a specific piece of hardware would prevent some of the problems he ran into and would dramatically reduce the amount of time IT staff spend configuring hardware and software.
As for the specific operating systems Halamka tried, he thought he'd prefer RHEL over Fedora for desktop use at CareGroup because in healthcare, reliability is crucial. Nevertheless, right now it's probably suitable only for limited applications, such as a public kiosk providing web access through Firefox or use of OpenOffice. As for laptop users, he concluded that even though Fedora was pretty unstable right now, support for new features is as important as reliability. He notes that Fedora is constantly improving because of those frequent updates. "In another year, it may be a full-featured, highly reliable, user-friendly system that supports laptops. In two years, the same may be true of RHEL," he says.
Meanwhile, he's not giving up on his quest for a simple, reliable Linux desktop operating system. Because his first attempts didn't meet his expectations, he plans to test-drive other Linux OSs, including Debian, Novell's SUSE and Ubuntu.
Second Opinion: Hardware's the IssueA Linux expert weighs in
By David Torre
Having read of John Halamka's experience using Fedora and
RHEL on an X41 tablet PC, I was not surprised by the mixed results. About 90 percent of Halamka's issues were hardware-related. Coincidentally, the X41 is not listed as officially supported by either Fedora or RHEL on Linux vendor Red Hat's website.
My Dell D600 Fedora laptop has the same network card as Halamka's X41, yet I always achieve network connectivity immediately. My suspend to disk (sleep) feature works flawlessly. As for USB thumb drives, my laptop happily recognizes my Cruzer Micro with every insert. However, in the business world, end user perception plays a key role in acceptance of new technologies. I couldn't agree more with Halamka's opinion: If it is to be successfully deployed on end user systems, Linux must be able to function in heterogeneous environments with as little tweaking as possible. It's simply not practical to spend countless hours building one perfectly compatible laptop.
One alternative is for hardware vendors to provide the necessary hardware specifications to the Linux and open-source developer community. This is already commonplace, but some companies are more inclined to provide specs than others.
It's the hardware companies such as Dell or Lenovo that will put the final seal of approval for Linux support on their machines. As a consequence of many variations, hardware vendors will likely pick a small handful of Linux OS versions to officially support for their various systems. If you work in an organization where support and compatibility are not optional, then you'll need to choose one of the officially supported distributions from your hardware vendor.
However, the beauty of Linux is that you can take the more corporate officially supported path, or you may opt for the "some assembly required" approach. Keep in mind, not all organizations can afford commercial operating system licenses and expensive hardware support contracts. The "problem" of having so many Linux versions is also a strong point for Linux users because they're not bound to one OS vendor. This is not the case in the Microsoft world.
In summary, my hope is that Halamka continues to entertain the idea of using Linux. I would recommend using an operating system more suitable to desktops such as Ubuntu or Linspire, as opposed to the more server-oriented distributions such as Fedora or RHEL. He could also consider a non-Linux open-source alternative to Microsoft Windows such as FreeBSD, Skyos or Haiku on end user systems.
David Torre is the founder and CTO of open-source consultancy Atomic Fission.
Windows: Only One Way to Work: Locked Down
Configuration: Dell D420 subnotebook running Windows XP
with Microsoft Office, Internet Explorer and Firefox
What he liked: As the academic year at Harvard Medical School geared up in September, Halamka was relieved to return to a familiar operating system that didn't require an hour of troubleshooting every day. He had no problems accessing his e-mail or any other application while traveling because the Outlook e-mail and calendaring client is specifically made for the Exchange server CareGroup uses—unlike Microsoft's Entourage e-mail client [Entourage was previously mislabeled an Apple product] that Halamka used on his Mac and the open-source Evolution e-mail application.
Because Windows is the top-selling operating system, new hardware such as GPS modems and EVDO wireless cards are always developed first for XP. So Halamka rarely worries whether his computer is going to recognize a new device or network; it's pretty much a guarantee. For example, one day in September, just as he was about to start a two-hour interactive lecture at Boston University that required him to use the Web, he realized the network cable in the room wouldn't reach his laptop. Rather than move his computer to an inconvenient spot in the lecture hall, he simply fired up the wireless broadband connection on his computer to get Internet access. "I was able to get myself out of a jam because so much is available for XP," he says. "Monopoly does generate interoperability."
The fact that he can easily change the OS's underlying file structure with a simple right click enabled him to configure his XP desktop to look like the desktop on his MacBook. He was so taken with the MacBook's clean user interface that he wanted to replicate it on his Dell, so he created a short cut that takes him to all the files he's working on. The only other items on his Dell desktop—as on his Mac—are a trash can and a launch bar with icons for his e-mail client, Firefox client, a calculator, a notepad and wide area network wireless connectivity.
What he disliked: The drawback of Windows' widespread
interoperability is that figuring out what driver you need to enable certain functionality can be confusing. For instance, when Halamka tried to connect his laptop to CareGroup's wireless network, the wireless driver that came with his Dell didn't work properly. He wasn't sure if Dell's website or Intel's would have the fix he needed, so he spent time on both sites. (He found a patch on Dell's website but then had to go to Intel's site for the most updated one.)
"Users have to be pretty savvy and be able to navigate various manufacturing sites to track down drivers to support this stuff," he says. Because Microsoft does not control the hardware its software runs on, figuring out which drivers will work with any given configuration is what makes Windows harder than Apple to use, he adds. In the corporate setting, systems administrators do most of this searching—part of what gives Windows its reputation for being time-consuming to manage.
By contrast, Halamka continues, because Apple governs much of the hardware and the software in the Macintosh world, Apple can preconfigure its machines with all the proper drivers installed.
One of Halamka's major criticisms of Microsoft has been that its products are overburdened with features, and that this complexity leads to bugs and security vulnerabilities. In particular, he finds Internet Explorer "so slow and bloated" and vulnerable to viruses and spyware that he made Firefox the default browser on his Dell. "Firefox is smaller than an IE service pack. [And] it doesn't bother me with security warnings." The reason is that Firefox doesn't support Active X controls (code that lets Web applications share information with each other, and which can introduce security vulnerabilities). "So all the security holes that are a huge burden when you use IE don't exist in Firefox," he says. Although he acknowledges that Firefox is not problem-free, he says its vulnerabilities are far fewer and less severe than IE's.
Workarounds: Halamka made two decisions that helped him
prevent annoying operating system and application slowdowns, lock-ups and interruptions that cramp his computing style.
Having used XP since 2002, he's noticed that the more applications he installs, the slower and more unstable the operating system becomes. So to keep it in tip-top shape, he's keeping his software stack simple. He vowed to install as few additional applications as possible and to install only Microsoft manufactured and branded software at that (except for Firefox).
The other action he took was to create two separate log-ins: one with administrator privileges, which he would use on the rare occasions when he wants to install new software, and one with no administrator privileges, which he uses on a daily basis. The latter prevents websites he visits from downloading Active X controls. Halamka says these Active X controls, in addition to creating security holes, can introduce the software conflicts and hardware incompatibilities that cause crashes and slowdowns. The user-only log-in also prevents his computer from automatically downloading software updates from Microsoft at inopportune moments, like during presentations.
By taking those steps, Halamka says he's achieved "a version of XP that actually hasn't crashed in 30 days. "As long as I keep [the OS] in that totally static state, it'll be OK."
Conclusion: Halamka says it's possible to run a secure, stable
and reliable version of Windows provided you configure XP properly and don't make any changes to it. "If you give yourself system administrator privileges and you install software and serve a lot of websites, the likelihood that the OS will be corrupted is high. You can prevent yourself from getting hurt, but you have to have a really locked down environment," he says.
Maintaining a locked-down desktop has worked out OK so far, though it sometimes requires accommodation by his colleagues. He decided not to use Visio for creating or viewing diagrams of process flows and org charts because even though it's now a Microsoft product (Visio was acquired in 1999), it includes dynamic link libraries (DLLs) that cause instability and conflicts with other applications. And so when someone sends him a Visio file, he asks them to send him a .jpeg of whatever they want him to look at instead.
At the time this story was reported, Halamka had maintained his laptop in this static state for two months. He realizes he may have to add Visio (especially if colleagues tire of sending him .jpegs), but he says he's still going to try to keep his applications to a minimum.
For the user community at large, however, controlling what's on the desktop isn't realistic. In the hospital, which has to abide by the regulations outlined in the Health Insurance Portability and Accountability Act, users are more willing to accept a controlled desktop computing environment, Halamka says. But for Harvard Medical School's 18,000 faculty members, dictating what they can use on the desktop is an exercise in futility. You can't tell a Nobel laureate what applications they can and can't run, he says. They'll "run whatever they think will make them the most productive," regardless of the headaches this causes the IT department.
Second Opinion: Compatibility at a PriceWords from a Windows Expert
By Roger Kay
John Halamka has hit on Microsoft's biggest advantage: its
dominance in the software industry. Windows' universality in the corporate world is what makes it so sticky. Companies want their applications and documents to be compatible with their partners', suppliers', customers' and colleagues' applications and documents. They also want their computers to be able to read today files created 10 or 20 years ago. Microsoft offers such flexibility. It's hard to replace a computing environment that provides that level of compatibility, even if it is bloated and buggy.
Further fueling Windows' universality in the corporate world is, as Halamka points out, that so much new technology is developed to work with it. That's because software developers are always after the most seats (seats represent revenue). When I worked for a software developer, we loved the Mac, but we built applications for Windows because we stood the greatest chance of making the most money developing software for Windows.
Like Halamka, I have a set of keyboard macros I originally derived from the Apple II keyboard that I've nursed along through progressive versions of DOS and then Windows. Windows' flexibility allows me to perform this trick, but the fact that I have to do so points to the OS's inherent inelegance, which Halamka has noted. I also share Halamka's criticism of too much complexity in Microsoft software. One of my issues with Windows is how chatty it is. It's always talking to you, telling you that your antivirus software needs to be updated, asking you if you want to try a program from a partner, telling you that your save function hasn't been executed properly. It's like an old aunt who's always on your case. Fortunately, you can shut off some of those features—unlike your aunt. My opinion is that all OSs tend toward bloat. The good news is that Vista, which I've been testing, dances quite agilely for a fat man.
I laud Halamka's effort to keep the software stack on his machine simple. That's good discipline if you can manage it.
Roger Kay is president of consultancy Endpoint Technologies Associates.
Final Conclusion: Which Operating System Wins?Macs Could Make an Enterprise Move
After three months of experimentation and comparison,
Halamka concluded that his dream machine is a Dell D420 notebook that runs OS X. Unfortunately, such a machine doesn't currently exist out of the box.
He prefers Dell's hardware over Apple's because it weighs 3 pounds less than the 5-pound MacBook he toted around for a month, and it emits far less heat. "[That's] the only thing preventing me from using the Mac," he says.
He prefers OS X's security, reliability and simple user interface over that of XP. And though he still has high hopes for running a version of Linux that is reliable and full-featured, he hasn't found an OS that's up to the task. (He says that SUSE on the Lenovo T60 may be the answer, since it will be the first commercial laptop with Linux configured and supported by the manufacturer.) But until Apple develops a lighter-weight laptop or decides to license its software for installation on other machines, Halamka is sticking with XP on his D420 for professional use. For personal use, he's keeping the MacBook. Having two computers—one for work and one for play—is a change for Halamka, who used one computer for both prior to this experiment.
Nevertheless, Halamka did take the first steps toward deploying Macs in the enterprise. Before this experiment, Beth Israel Deaconess Medical Center employees could use only PCs. But Halamka has changed the hospital's official computer purchasing policy to allow the use of Macs, with the understanding that medical center workers may not get as much support for their Macs as they get for their PCs. Halamka simply doesn't yet have enough Mac experts on his staff.
Meanwhile, at Harvard Medical School, which has a separate IT staff and different purchasing policies, 50 percent of desktops are already Macs. Halamka has promised Mac users the same level of service and functionality to which Windows users are accustomed. For instance, Mac users at the medical school had trouble maintaining access to their centralized storage, which was not designed for use by Macs. So Halamka purchased Macintosh servers that sit in front of the centralized storage, and Mac users now connect to it via these servers.
Although he has no immediate plans to replace any Windows desktops with Macs, Halamka says he's going to watch the price and performance of Apple's newest OS, Leopard, which Apple is scheduled to release in spring 2007. If Leopard offers better administration tools than OS X and is more tightly integrated both with Outlook and with Microsoft's Exchange server, Halamka would be more inclined to initiate the broader use of Macs. He would want such improvements to ensure that Leopard users won't encounter as many of the problems he ran into accessing his Outlook calendar and delegation functions.
Halamka says testing alternatives to XP has been a valuable exercise because it made him realize that the Mac can be a viable computing platform for enterprise users.
"I used to think that the Macintosh was something used by free spirits just to be different," he says. "Now I realize the Mac has such superior human factor engineering that it's used by people because they can be more productive. If Apple comes up with a 2- or 2.5-pound 12-inch-screen laptop that runs cool, has better integration with Exchange, and if Vista turns out to be the beast it could be, then I probably will move to a Mac."
Senior Web Editor Meridith Levinson can be reached at firstname.lastname@example.org