I’m just tired. On the last post about having Linux at our work, many people that seems to be an IT worker said there have been several issues with Linux that was not easy to manipulate or control like they do with Windows, but I think they just are lazy to find out ways to provide this support. Because Google forces all their workers to use Linux, and they have pretty much control on their OS as any other Windows system.
Linux is a valid system that can be used for work, just as many other companies do.
So my point is, the excuse of “Linux is not ready for workplaces” could be just a lack of knowledge of the IT team and/or a lack of intention to provide to developers the right tools to work.
You must log in or register to comment.
deleted by creator
Yeah for a “red hat certified engineer” that seems like a weird hyperbole to die on
But it’s kind of true in practical experience. Show me one Linux virus that spread and made its way through some network.
I can show you more than i have fingers that have been affecting windows.
When it comes to workplaces, you can expect people to deliberately craft a virus and/or try that break into your system specifically. A lot of the world runs on linux, a lot of hackers try to break in to this world.
For personal use it may be true enough to be fine in practice, but it’s a very dangerous thing to believe for a professional setting with probably expensive equipment and valuable data.
Yeah. I know that. But that’s in theory. And it’s more hacking, not a virus.
If that’s really true, it’s surely possible to find an example of a virus that did it’s thing (spread) and do a bit of damage somewhere. And not just say hypothetically it’s true.
I know Linux can be hacked, because I had a webserver hacked. And i see all the logs and the hundreds of login attempts per second and automatic exploits in my logfiles. I have a good idea why most of the Linux boxes get hacked. And all I’ve ever seen were not updated server software resulting in rootkits. 0% is viruses in my experience. Rest is proper issues and maybe the bad guys have been quicker than you. But it’s mostly targeted and rare. And nothing compared to the stuff the windows guys had to deal with during the last year and switch off things until it had been patched properly. We mainly do our updates. And every few years there is a major screwup and you type in a few commands in the terminal to hotfix something. But that’s mainly it. And you can’t make it about any hypothetical issue. While there are supply chain attacks for example, my mom who is using Linux to write her letters and print forms is unlikely to need to learn about that. I told her she doesn’t need antivirus and viruses and trojans are more an academic thing with Linux. She doesn’t need to worry. I also talked about targeted attacks and being a valuable target. But that’s besides the point here. Hence my question and me wanting to stay on point.
Please just prove me wrong. I’m serious. All I could find are some harmless viruses from 2003 that didn’t even spread enough to have reliable numbers. Ransomware that affected ‘tens of users’. And you got the easy position. I advocate for Linux on the desktop. And it’s impossible to prove something is secure. I always have to go into detail, explain viruses, architecture, package managers etc to get my point across. You got the easy position. All you need is to find one counterexample.
And arguments are always the same. I do the whole talk and then say you don’t need antivirus because in real-life there are no viruses. And people ask me ‘but what if tomorrow there is one’. And sure. Nobody believes me when I say I’ve had a quick glance into the future with my crystal ball. But what kind of argument is that? What if I’m struck by lightning on the way home tomorrow if I take the bus instead of the car? I guess I’ll just die then. Many people have been under the influence of ‘windows-truths’ for too long and can’t imagine another world. Some people didn’t listen to the first part of my talk. And some just want the computer to work and a simple answer. I get all of that. But it doesn’t make something true or false.
[Edit: Sorry, had to post this again. I deleted the previous comment by accident instead of editing it what I was trying to do… And Lemmy doesn’t seem to federate deletions that quickly. I’m still learning things here…]
Yeah. I know that. But that’s in theory. And it’s more hacking, not a virus.
If that’s really true, it’s surely possible to find an example of a virus that did it’s thing (spread) and do a bit of damage somewhere. And not just say hypothetically it’s true.
I know Linux can be hacked, because I had a webserver hacked. And i see all the logs and the hundreds of login attempts per second and automatic exploits in my logfiles. I have a good idea why 99% of the Linux boxes get hacked. And that’s incompetence and carelessness. 0% is viruses in my experience. Rest is proper issues and maybe the bad guys have been quicker than you. But it’s mostly targeted and rare. And nothing compared to the stuff the windows guys had to deal with during the last year and switch off things until it had been patched properly. We mainly do our updates. And every few years there is a major screwup and you type in a few commands in the terminal to hotfix something. But that’s mainly it. Hence my question.
Here you go https://www.cynet.com/ransomware/linux-ransomware-attack-anatomy-examples-and-protection/ literally top of the results from googling “Linux ransomware”
Cybersecurity is all about preventative measures. It’s extremely irresponsible to go “yeah, it’s fine, nothing bad has happened so far!”. But even then that’s not quite true, since you yourself have written that your servers are being attacked all the time. And privilege escalation exploits are found all the time.
When you are advocating for putting a system in a workplace, you need to do more due diligence and preparation than what you would for a personal system. Linux can be great for security! But you don’t just go “yeah it never gets viruses”.
Thinking about security in this manner is how all these companies have their vital data leaked all the time.
Edit: another thing, when you hear about companies hacked and all that, how often do they run Windows, and not Linux? Often that information isn’t shared, and so we don’t really know. But nearly all web infrastructure runs on linux, including a majority of the cloud. I’m sure a significant part of those hacks are targeted at linux systems.
And again, let me clarify, I’m talking about workplaces, companies, not personal use. Because for personal use I do agree that Linux with the defaults for most distributions is plenty safe.
Here you go
And yet another article containing 0 viruses. And only targeted attacks which we’ve kind of excluded because it’s another topic. I’m kinda halfway willing to count something like ‘QNAPCrypt’. But it’s mainly the fault of a single manufacturer having bad security in place. And it’s not really Linux at fault. Also something like QNAP will most likely affect consumers and small companies. I’m not sure… I’d like to see some actual numbers about how that played out.
I know about security. The main question is always: “What are you trying to protect against?”, “What’s YOUR attack scenario.” And that’ll vary a great amount. It’s different for companies and consumers. It’s different for servers and desktop computers. It’s even different for parts of infrastructure of the same company. I know about that. And I happily admit there are other kinds of attacks on Linux infrastructure. Only thing is, they’re kinda rare and viruses aren’t involved.
Regarding how often companies that get attacked also run Linux: That’s true. But you gotta look at the case individually. If Microsoft loses an authentication key that allows access to their cloud and AWS (or something like that). Sure. It’s potentially a severe attack on their infrastructure. They have been compromised. And they also run Linux servers. But how does that relate to the existence of Linux viruses?
Yes, they’re targeted attacks. That’s the point. That’s what you will be facing when putting Linux in your workplace. The main threat for workplaces will be targeted attacks.
So saying that putting Linux in your workplace because it has no viruses is irresponsible. Or at the very least it’s lying by omission.
The text in the post’s image literally says “just set it and forget it”.
I think I get it now. You’re using the word ‘virus’ as a synonym for an attack on computers. I’m using the word in the sense of a computer program that replicates on it’s own and in practice also spreads and does some kind of damage. I get why we cannot agree. But the distinction has vastly different implications.
I read that quote in the context it was written in. And I’d partly agree. If you’re talking with someone who has a small/moderately sized company and they’re thinking about renewing their Sophos subscription. Hot-glue the USB-ports and protect their samba-share against being encrypted by some ransomware… You can’t lump in highly targeted attacks on the top 5 companies in the world and every hypothetical scenario. Without any regards of statistical likelihood… If you want to condense it into a simple truth (which I think was the main point of that post), it’s: There are no Linux viruses. And there probably won’t be.
I think this is technically false. But practically true in the context it was written. And for most people anyways. If you want to talk about cybersecurity as a whole, your webserver and 150 PCs for your employers, I wouldn’t recommend paying a 14 yo $50 to set it up Linux and fire and forget.
I agree. “just set it and forget it” is just bad, bad advice. I think I know where that comes from. I’ve seen >10 years old RHEL servers that hadn’t been touched for quite some time. And a ridiculous hundreds and hundreds of days of uptime. They’re kind of “just set it and forget it”… But… You gotta do it right. Do updates. Have it set up properly and with security in mind. Put in the effort. Lock it down. Don’t expose them to the internet. Pay for longterm support and someone backporting patches and have them installed automatically etc… You can’t do it with any other OS (except for BSD and some specialized stuff). But you can’t say “set it and forget it”. I agree. That’s more than misleading. It’s just false.
There’s an entire list of them here
I’ve read that list. There’s not a single name that rings a bell. Which one of those had any consequences in real life and is more than an academic study?
(And besides that: Sure. It’s funny to make every program output your name. But it’s pretty harmless and not on the same level with viruses that do proper damage to a computer infrastructure. I wouldn’t lump all that together. That’s not right, either. And misleading.)
Your ignorance on the topic does not make the claim that there are “No viruses” on Linux any less absurd and inaccurate.
You have multiple cyber security experts in this thread telling you that you’re wrong. It is not on us to disprove the claim, or to educate you.
I don’t understand. You made the claim Linux viruses exist. Why is it now my job to disprove their existence?
It’s like with God, Vishnu, Thor, … You claim existence, you show me.
If there are that many experts around. Why can’t they do more than link a Wikipedia article that doesn’t (yet) contain the information I’ve specifically asked for? Shouldn’t they know at least something themselves? At least know 1 name from the worst offender? Why does the other half of experts not know the distinction between virus and other forms of malware? And that it makes a difference here?
I see that people disagree with me. But I seriously doubt that there is a single expert around.
I swear I’m not trolling. If you’re an expert, just give me the name. I’ll even try to look it up myself and if it’s a virus and spread across a few hundred computers around the world and maybe more than 2 or 3 companies and I can find maybe a newspaper article that says it did some harm, I promise I’ll accept that and change my opinion. At least tell me you’ve learned in uni that Linux viruses definitely exist in the wild, but no studies have been done because of X or Y. And we have no numbers. I would think that’s very curious because there are so many linux servers out there, but I’d at least have something to work with. (And don’t take things out of context.)
The original post made the claim, I merely stated fact that Linux can be vulnerable to viruses like any other OS.
Want a straight forward answer?
https://www.linux.com/training-tutorials/myth-busting-linux-immune-viruses/
A virus is a specific type of malware but for the general public is broadly synonymous with malware. Ask the average user, and the commenter in the OP screenshot, what the difference is without looking it up and they can’t tell you.
A virus doesn’t need to be spread broadly for it to be concerning, impactful or dangerous. Often these attacks are very carefully targeted at the victims.
A vulnerability is generally exploited by a virus to inject code by either modifying memory or files the target program relies on. One such vulnerability was
With this vulnerability it was possible to modify any file on a Linux device, meaning viruses would be simple to implement and deploy. Many android devices are still vulnerable.
To think that all possible vulnerabilities have been fixed, or are known to linux developers, would be extremely naive.
Furthermore a virus is often targeting a specific application and while OS level controls restrict the avenues of attack it doesn’t prevent flaws being introduced by developers.
You’ve already been given a list of viruses for Linux, if you’re genuinely so concerned with defining them by impact you can look them up. You have the information needed to do this yourself, and it is not my responsibility to educate you, though I do seek to counter misinformation where possible.
Well, the first article pretty much says what I’m saying. In theory there can be viruses. In the real world they have pretty much no effect. They are more a curiosity than something that really exists and has had consequences. It even says you’re installing antivirus because of the windows clients, not because there were linux viruses.
The second article also is about a security vulnerability and talking about potential consequences. Not a virus that uses this as means to infect people. Not actual consequences.
We’re going in circles. I’m sorry.
And a virus and a vulnerability in some software (or kernel) that can you get hacked are two entirely different things:
- They affect different parts of your infrastructure. It is unlikely that someone executes random binaries on your webserver. It is very likely that someone wants to listen to Spotify while editing 150 excel spreadsheeds. So it’s likely your employers execute stuff on their workstations. Also you wouldn’t install a browser in an AWS cloud instance to look at lewd websites. You’re going to use Chrome on your workstation. Viruses affect other and distinct parts of your infrastructure.
- You protect for them by different means. Antivirus helps with viruses. For targeted attacks on your webserver, you have firewalls, filter requests, keep your software updated. And don’t do silly stuff. I’ll admit rootkit detection is kind of similar to antivirus. There is some overlap, for example you should also keep Chrome updated on your employers workstation. But updates won’t help you against a virus editing a file on the network share to replicate. You do vastly different things to protect against the different security threats that your company faces.
- All the threats have different consequences. Some things just try to wreack havock in your company. Some things you’ll barely notice but hackers are stealing information. Some things try to extort you. Either by blackmailing you to pay to get your data back, or so it doesn’t get leaked. The next few workdays after that happened will be very different, depending on which of those possibilities happened.
So while talking about cybersecurity. Why would I lump all that together and strip the words of their meaning? And in this case on top: One thing is something that actually happened. The other things are just words about something hypethetical. I’m aware you have to protect against potential threats. Nonetheless both things are something different.
Regarding your advice: Yes. I’ve looked it up. I found no viruses that had any significant real-world impact. Hence me insisting on it. I said in my first comment I want to see impact. Not an academic study. Because context matters. We’re talking about someone advertising Linux to an undetermined group of people. These people are concerned with implications for them. If they need to worry. Not if in theory anything can happen. That doesn’t help you choose between two options. And we’re talking about ‘simple truths’. They’re kinda always false. But people want to hear them. They want it condensed into one sentence. Because they own a company that manufactures car tires and they don’t want to get a 20 minute lecture about computer attack vectors. They want to hear if they need to worry about their Linux server. Is it safe or not, do I need to pay someone to install Sophos? And be done with it.
You’re twisting my words so they lose meaning. And change the context. And then posting articles about something related but not the thing.
Well, there are virus as any kind of device that runs any logic, the thing here is that is harder to get hacked than with this kind of tools that Windows uses.
And I mean getting viruses like this:
- On Windows -> https://www.theregister.com/2023/07/21/microsoft_key_skeleton/
- On Mac -> https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/
So yeah, I don’t need many apps that my Mac has and could be used to hack me with 0 click interaction or with valid Windows certified programs. Still, the “no virus” is not the only reason, updating a Linux system is just a few seconds and your work could have their own repository mirrored and monitored.
(not a virus directly from a package manager or distro tho).
However nothing prevents someone from hosting malware on github, or fake “safe” distros.
There can also be a slip and people not seeing a project turned into malware.
I know about this issue, I have read about it already. No one uses this unless noobs watching YouTube tutorials.
Cannot be compared to the vulnerabilities I pasted (0 click exploit). Any system can be hacked, Linux is the most used OS and still have fewer viruses issues as others, but it still has as any system has.
The linux kernel is not completely secure by default, neither is any specific distribution. No internet connected device could possibly be “set and forget”. Security can not be taken lightly
Yup, that is right, any device can be hacked.
Wtf are you talking about. Linux isn’t a distro.
And the example isn’t a “only noobs use it”.
It’s an example of an exploit existing since many years. And which could have appeared in a random package, while staying invisible.
I said distro instead OS, Linux is the most used OS, many people behind working in secure the Linux environment. The example of this exploit also exists on Mac and Windows for years, and it will always happen.
An admin user will know what they are doing, and I doubt they will install a package from an external source downloaded randomly on internet, for the non-admin users, without sudo they can’t install/infect that malware on your Linux.
I said distro instead OS, Linux is the most used OS,
Wrong, Linux totals 3% of the desktop market which is what’s being discussed in the original post.
many people behind working in secure the Linux environment.
Many people work on securing Windows so your point is…?
The example of this exploit also exists on Mac and Windows for years, and it will always happen.
Whataboutism.
An admin user will know what they are doing, and I doubt they will install a package from an external source downloaded randomly on internet, for the non-admin users, without sudo they can’t install/infect that malware on your Linux.
Wrong. This is so wrong. The most common and effective attacks start with phishing people who think they know better. A user downloading a zip or rar file is enough, they don’t need to be an admin or have sudo rights.
Seriously just stop talking about a topic you have zero knowledge on. I suggest you do a SANS course if you’re actually interested in learning.
Wrong, Linux totals 3% of the desktop market which is what’s being discussed in the original post.
There are more servers than users in this world, even your car runs Linux.
Yeah, I remember your previous post. They were irritated at you secretly subverting security restrictions put in place by your company to use an unapproved OS on THEIR company machine and network without their permission. Not that it’s “not ready”. They were also warning you that you were treading in dangerous water, legally.
Now you’re manipulating us by telling us it was just all about IT admins “not being ready” for Linux, not about it being a major security breach.
You have no rights on other people’s machines and networks that you do not own unless explicitly granted. Period. The same would apply if you were to bring a Windows workstation into a Linux-based organization.
At my previous job in a Fortune 500, circumventing the IT security policy is ground for instant dismissal. Like literally marched right out of the office kind of dismissal. We had an IT breach before and it cost the company US$300m to fix, and IT security was locked down HARD after. At best, OP is not wise.
Yeah, this straight up happened to a dude I was rather fond of. We were working in desktop support for a big fintech company, and he used his not-quite-admin privileges to bypass the bootlock on the laptops for personal use. I warned him that it was a bad idea, he brushed it off. Was gone by the next week.
My previous post? Was not mine, I don’t do that to my work company laptop, I stick with what I have, Mac.
Downvoting because of point #4. That’s a catastrophically naive mindset, and a sure recipe to get your shit pwned if you’re running an IT org and you think that’s an accurate statement.
it’s important to mention wherever that incorrect point is brought up:
the only reason people say there are no viruses on linux (which is wrong from the get go) is because there just isn’t enough market share for lots of malware to be written and distributed with a linux target in mind. it is out there and it is a risk, just much rarer than windows malware. if more people start using linux, user-targeted linux malware in the wild will likely become just as common (and effective) as the stuff targeting windows.
never assume your system is safe by default and requires no hardening or awareness from the user/org.
The only truly secure computer is one that’s air-gapped, disassembled, the components put in a faraday cage, which is then lowered into a hole and filled with concrete. And even that’s not necessarily a sure thing, in the context of possible future technology.
The only safe computer is one that doesn’t exist.
That sounds a lot like a quote from the Cyberpunk 2020 rpg.
Linux is very targeted by hackes, Linux is the OS (most used by servers/infrastructures) that keeps most personal data while Windows is just to hack users that miss click or gets hack by Windows vulnerabilities. Hackers do targets to Linux systems as all servers and infrastructures runs Linux. They do target, but it’s just different intention or methods.
while you are correct that linux systems are targeted by bad actors all the time, the distinction that i am making here is that a vast majority of the time malware is targeted towards organizations and their linux servers, which could be both unapplicable and unseen to a home linux user. not much of that hacker effort is going into distributing malware that would find and infect a personal linux user like myself through, for example, a compromised public web page. instead, most of that user-targeted malware is made to infect windows users simply because they outnumber linux users by a large amount.
i guess what i mean to say is that there is plenty of malware for every type of popular system as well as people and organizations to exploit it, but due to the effects of having a small user market share, home linux users can develop this misinformed notion that traditional malware you might get from a web download or malicious email does not exist for linux.
yup. found a virus at work because our on premise confluence wasnt patched in time. fun times
My server with 2.4 kernel would like a word with point 4?
The issue is that OP made a sweeping blanket statement of “there is no Linux malware” which is demonstrably false, and a deeply unsafe narrative to push.
Exactly my point :-)
Very true. Also the degradation due to installed programs hasn’t been a thing for some time. Even if something does happen you can refresh without losing any data very easily these days.
I feel like OP has never worked in a corporate IT job before and has zero clue what it actually entails to manage a large fleet of desktop PCs used by the average office worker.
Not just that, for majority of corporate customers the OS is the last thing on their mind. Your office workers are going to complain about anything unfamiliar.
I’ve had end users complain because the icon for the link to our intranet on their desktop changed. They freaked the fuck out.
Folks. It’s the same shitty IIS server. Just a different icon.
When Microsoft changed Office to the ribbon menu system I had to design and run a whole training program with multiple trainers to travel the country to teach people in our company how to use it. All of the helper tools and documentation were not enough.
People absolutely freak out at change when it comes to computers especially.
Seconded, this looks like it was written by a high school edgelord that just got into linux, and has zero understanding of how corporate systems are actually built, and how diverse the IT landscape is.
Yes. So much yes.
Sure, at least half of the FAANG use Linux. But they use a homegrown Linux flavor often maintained by an entire dedicated team. Not some random ass Ubuntu or Mint ISO you downloaded; these images are custom tailored to the workflows, dev needs, security needs, and even package management needs of the corporation. They often carry a complete profile template that integrates with whatever they’ve chosen to enforce authentication, have a lavish on-board remote monitoring system, you name it.
I do have, let’s not assume things. My Mac device isn’t connected to that IT infrastructure, we have no support to connect to the company network neither, and I work for a pretty big company. So my question is, for the lack of support I get for the Mac, why can’t I just use Linux as many devs on my work are requesting the same if there isn’t any support for Mac, Windows Defender also runs on Linux and all can work perfectly.
Not an IT expert, not a sysadmin, not a tech guru by a long shot, but as Linux user, I call this post bullshit.
The biggest problem wouldn’t be about having it manage all the machines in a network; it would be having to deal with every dick and jane complain about how they can’t change their desktop background or some other trivial thing they can do on windows or how a specific program is not available or doesn’t feel the same.
Transition into an all-Linux production environment would require a top-down non-negotiable decision and the willingness from top brass to provide trainning down the line and deal with a good deal of shennanigans from middle management.
And no virus on Linux? Yes, it has some built in features that make a bit more robust but there are rootkits and other malware out in the wild capable of hurting a linux system. And if popularity is to come to Linux, at some point there will be a need to harden the standard security protocols to ensure system safety, not forgetting that 90% of the time the main problem is between the chair and the keyboard.
the only thing I’ll say is the piece about “no viruses” would kinda go away if desktop Linux picked up at all. the security on a default Linux system is worse than macos and windows with substantial hardening efforts needed. the only reason viruses and other malware isn’t common on Linux as is is because of the tiny user base.
with all this said, if enterprise use got more common, security would quickly become an important aspect.
Security through obscurity.
It’s the same nonsense we used to hear about Macs not getting malware.
I’d argue the sandboxing you get from xdg desktop portals in applications installed from Flatpak and Snap is a lot better than windows giving full system access to an application when it asks. Keeping a program’s access domain specific is a lot better security than Mac OS or Windows. Not to mention the security improvements from Wayland paired with Pipewire preventing applications access to things like the desktop, clipboard, and audio without explicit permission. And I haven’t even mentioned SELinux yet. In an office setting you could certainly lock down a system pretty easily and prevent things like fishing attacks and even spear fishing. Windows and Mac OS are inherently security through obscurity because they are proprietary and rely on hackers to not know quite how they work, but Linux is resilient because it has more eyes on it and because distributions can modify the kernel specifically for added security like with the SELinux patches.
what obscurity… is that?
It means that just because something doesn’t get attacked as often, doesn’t mean that’s it’s invulnerable.
Or rather that people treat something as if it’s invulnerable because they haven’t experienced an attack.
Linux doesn’t get viruses because people running Linux have common sense.
Just look at all those big brain Linux users
You mean the ones that go on endless circlejerks about their favourite distro or editor? Those users?
(and I’m speaking as a 25+ years user)
Everyone can have mistakes, I just think it’s much harder to get infected with Linux.
Linux is ready for workplaces and has been for a very very long time. That is irrelevant if workplace IT support is not ready for Linux and has no budget or time to get ready for it. All your points are meaningless and have never been the problem. The problem is with management, policies and getting in house support for things and all the work involved in that. Depending on the size of the company it can take a lot of time effort and money to retrain IT staff to support Linux. And IT staff are already overworked, under-budgeted and don’t always have the time to support extra things.
I’d love to not have to deal with Linux at work, but this really reads like someone who has never actually dealt with the realities of a corporate environment.
Yes, Linux is free, but staff time isn’t. Who cares if multi billion dollar companies spun up their own Ubuntu derivatives - there are maybe 100 companies in the world with the resources to make that make sense. Yes, AD and Intune suck but they are still miles faster and easier to get stood up than trying to build all the infrastructure yourself with Ansible or whatever, especially if you aren’t already a tech shop.
“Oh you can compile your own kernel” how is that going to make it easier for the accounting department to get their shit done?
“You don’t see viruses on Linux” is a semantic argument - Linux systems get hacked all the time.
It’s hilarious. A multinational corporation isn’t going to let you compile your own kernel, even if for some reason you felt the need.
Hey now, “you don’t see viruses on Linux” doesn’t need to be a lie. There are barely any Linux antivirus solutions, so the many Linux viruses you can pull in go unnoticed for months or years!
Same as Windows and Apple their closed source makes it impossible to know how long they have been hacked, you depend on the company transparency.
This feels like it was written by someone who hasn’t done sysadmin of a Windows network in a long time. Everything is online and is almost always one click now. Provisioning, removing permissions, updating email filters, adding users. Each item is so much easier now than it used to be. I loving running my PopOs install but let’s not pretend that SysAdmin is the 90s nightmare it once was.
At best, it means sysadmin have to support both Linux and windows. You’re going to double everyone’s tools.
This reads like an engineer who is way too invested in using their toolset and thinks everyone else is stupid for not using the same. Like someone who has never worked in management or had to make business decisions. They are looking at it only through a tech viewpoint.
Not only would you need to have an IT team that knew how to manage and support it (which costs money and time) but you then have to train your entire work force which costs insane amounts of time. You would have to do IT training for every new hire for them to even use their computer. That sort of time and training (which takes two employees, the trainer and trainee) costs a lot of money, far more than any OS licensing or end user software costs. Plus the decreased work output while the user to get used to the toolset.
In a software development company, sure, Linux might be a valid option. But it’s not ready for most companies main workforce. And it’s not a technological issue. It’s a human resources issue.
Many places support MacOS as well, so it would only be a third additional toolset. Plus, there’s a ton of overlap between toolchains, which reduces the overhead further. If you’re supporting enterprise MacOS, you’re probably using Foreman, JAMF, or Puppet with Active Directory.
Not to mention, a lot of places already have Linux servers, so the configuration management toolchains and expertise may already exist in a given organization, unless they’re absolutely pathologically mired in the Windows ecosystem. Which, granted, is a lot of places, but you’re making it sound far harder than it would be in a real world situation.
It’s also a tech issue. Linux Desktop is a mess and breaks constantly as soon as you start to tweak it. And every damn plug in is maintained by a few different people with no commitment of backwards compatibility. It’s a disaster and incredibly time intensive to troubleshoot every broken desktop on patches.
Linux is great for running technology services. Linux DE is and has been a disaster for 20 years now.
Wtf is “Linux desktop”? There are more than a dozen different mainstream desktop environments and window managers that have different degrees of maturity, stability and complexity so this blank statement is very hard to support. Not even talking about the servers/prtocols behind it. I can certainly not confirm that experience on Sway, Gnome and Hyprland and with how young the latter is, I would actually expect it to break.
So no, from a technical perspective, Linux is absolutely ready as long as you stick to stable distros and configurations.
Edit: wording
Lolol gnome, stable, 🤣🤣🤣
And I guess kdes swap to Wayland has been an easy joy for most people. I definitely don’t see bitching every other week about electron apps breaking.
You know Reddit is still around, if you like it better, you can go back. No one here would fault you.
Nah
So you’re purposefully using something you dislike even more than something you call shitty? Really healthy habits there, no wonder you’re a miserable to be around.
I’m actually hoping this place is successful. I don’t think it will be but I’m here for now. You really are inventing an imaginative story from a user name.
Removed by mod
KDE is still working great on X11, which is the standard for most users anyway.
👌👍 whatever you say.
The only thing better than good in the world of business is standard. Windows may be bad, but it’s the industry standard for a ton of commercial applications. A lot of software that companies use are designed for Windows, from antivirus software to Microsoft’s office suite to audio and video editing software and more. Every copy of Windows is also a lot more standard than Linux distros; the customizability of Linux makes it a lot harder to provide support compared to every single Windows user being locked into certain things. As far as the IT team being “lazy” or having “a lack of knowledge” on supporting Linux, they’re working on the company’s dollar, and unless there’s a strong, justifiable reason to increase their workload by supporting another operating system, it’s an unnecessary expense for the company. There certainly are cases where there are strong, justifiable reasons such as with Google, who maintains two Linux based operating systems and needs their staff to know how to work with them, or in situations where Linux substantially outperforms Windows for the tasks employees are doing to the point that supporting Linux is worth it, but “it can do most of what Windows can alongside features that don’t matter to the companies’ operation” isn’t the best selling point
That’s what I hope Flatpaks can change. Heck, maybe even wasm based applications.
Why are you posting a screenshot of text instead of just linking to the source?
Downvoted. Were better than this.
Were but not anymore!
Fucking reddit normies. I don’t know why mods arent cracking down on this
If you want, I can delete the photo, so we can talk about the topics, it’s just a screenshot from Quora responses.
The post if overall very naive and while I do agree with using Linux for IT work he doesn’t give the best point either.
First of all, the customization. A lot of Linux users LOVE to point this out but 1. it isn’t for everyone 2. it won’t be compatible with every softwares. While modern Linux OS’s tend to be well tailored for devs due to most the work being command bases and having version control, it will not work out for everyone either as for a lot people it won’t be convenient. Most users just want an out of the box and ready to use OS rather than a never ending mess of fixing and customizing stuff.
Second, and the most stupid thing from this post, is that Linux will never have any malwares due to it being “well secured”. The reason why linux malwares aren’t viral is because about 3% of people using a computer in the world use linux, even less for work considering that a lot of these people use SteamOS for playing games. Other than that, Linux is a kernel, It runs code. So on this basis Linux is as vulnerable as windows. And considering the biggest attack vector isn’t some fancy exploits but someone sitting on chair in front of his computer, you can guess that Linux isn’t out of risk of any cyber attacks.
I’ve run Linux in the workplace, with permission of course (because I’m not stupid). In this case, everyone was their own IT person, and it was everyone’s responsibility to maintain their Linux system. Major software updates often failed on dev machines and required help from more knowledgeable Linux users, but it was doable. The whole thing was a security nightmare, though. The place ran on dark IT, firewalls and antivirus were a joke, half the team needed a Windows VM to test features, and every year there was someone who found out during an audit that their computer hadn’t received updates in nine months. The soft rule was that if you took more than four hours to bring a broken system back to life, you’d just install windows because time is money.
There’s basically no remote administration or patch management. Restricting users to non-root accounts breaks tons of important things, like “applying security updates”. Flatpak has made the application side of things easier, though. There’s kerberos integration, but no active directory. Saltstack and alternatives works great if you know how to use it; most IT teams don’t.
Linux has the advantage thst most kids coming out of school don’t know how computers work anyway. They do all of their work on phones and tablets growing up, so when they get into the office it doesn’t really matter what kind of computer you put in front of them. Could he a Chromebook, could be Fedora, could be Windows.
The most challenging problem is that as a business, you need to pick a software stack and company hardware. Most hardware is built to he used with Windows, most professional software doesn’t even run on Linux, even with WINE. If your entire company runs in a web browser then sure, Linux is an option, if you can find the right hardware. You’ll be spending quite some time configuring systems to disable root, connect to the management system, and force things like updates and security configurations, though.
Then there’s drivers and external facing software to consider. Printers, for example, are quite necessary. Easy access to email is also essential, but getting ActiveSync or EAS to work on any Linux system is a massive pain. The closest I’ve gotten to is using Thunderbird with a few addons, but that still required entering my credentials three times. I believe Gnome may integrate with contact and email sync these days, but the account providers seem to be limited to Google and Microsoft. You need to take special care to select laptops that will work with things like docks and beamers for presentations and working on site. To get some docks to work, you may need to set up your own repository to provide packages like evdi and DisplayLink with drivers signed by the company’s secure boot keys.
Technical support can be done. You won’t get anything as useful as RDP or plain old Teamviewer, but as long as you force X11, you can do remote support at least. Local support works well, though you may need a working network connection to authenticate your sudo-user. Boot repair and system restore can be done mostly, assuming you’ve set up a big enough /efi partition.
There’s no good UI for updating things like the password of an encrypted drive, so that’ll be a problem for your end users. All solutions require root access, which means someone from IT needs to initiate and monitor the process of changing the encryption password, which is rather annoying. Support for TPM+PIN with any kind of modern KDF is also mediocre, you need to pick a distro with sysyemd-boot to get thst to work.
Secure boot can be pulled off, though thst does require managing keys, which your IT team needs to be set up for. You’ll need to pick a vendor thst has some kind of Linux-based firmware management tool to distribute these keys during first boot up, but you can mash together a provisioning boot USB, I suppose. This has the added benefits of preventing people from messing with their corporate laptops and trying to circumvent IT policy, assuming the password on the firmware is good enough.
Antivirus is quite difficult on Linux. Enabling ClamAV works, but vulnerability management and intrusion detection on Linux is geared towards servers. Vendors like Microsoft provide endpoint security for Linux systems, but if you’re going to run Windows Defender, you may as well just stick Windows on the damn thing.
You’ll still end up with annoying problems that Linux hasn’t solved yet, like “hibernate doesn’t function unless you disable all security”, but Linux has made some great usability strides.
I agree that claims thst Linux doesn’t work in the workplace is based mostly on ignorance. However, it doesn’t make business sense to train and hire a team of Linux maintainers when there are tons of trained and prepared Windows admins out there. Can it be done? Definitely. Should it be done? If you, as the boss of your company, care about Linux, sure, why not. Just make sure to set up training sessions, sane defaults (sane for the end user, not for you), good Linux images, the right support infrastructure, and the right business processes before you start.
Should you use Linux to save cost? No, that’s ridiculous. An hour of IT debugging some kind of application crash is worth the money to buy multiple Windows licenses. Should you use Linux because of the user freedom it provides? Sure, if you don’t mind dealing with customers that have ISO security requirements for their vendors and if you absolutely trust everyone in your company to know the difference between a kernel and an initramfs. Should you tolerate the lone warrior who insists on installing Linux on their managed company device? If they sign a document that states they’ll pay for any and all damages to the company and its hardware in case they mess up, maybe. Getting those millions of lost revenue after a ransomware attack will be a challenge though, it’s probably best to forbid unmanaged operating systems.
Edit: as for the Google example, it got replaced by gLinux. Googlers can use Windows, macOS, some versions of Linux, and ChromeOS. Nobody is forcing them to use Linux.
You won’t get anything as useful as RDP or plain old Teamviewer
Is there something I’m missing? Teamviewer is available for Linux and I’ve done remote support with it: https://www.teamviewer.com/en/download/linux/
I…assume it also works as the machine being remoted into?
Teamviewer on Linux works… ish. It doesn’t do Wayland and it’s basically the Windows version of Teamviewer packaged with Wine.
My experience with it hasn’t been very great. Even as a client I’ve run I to Teamviewer having trouble getting connected. Restarting the service (running as root, of course) a couple of times seemed to help but that may have been random luck.
Ir could just be me, but if my experience is anything to go by, it’s not something I would use for a business.
I would probably go with VNC or something else instead of Teamviewer for supporting Linux desktops remotely. Maybe set people up with a pointy-clicky script to do a reverse SSH tunnel to a central host, or do it over a VPN connection.
Getting xvnc to actually see the user desktop and controlling the user’s mouse is kind of a pain to set up, but I suppose it’s better than some proprietary software that works through compatibility layers.
I think X2Go is probably better, though I haven’t used it in a while; I don’t know how well it’s maintained.
Yeah, I’m not sure what the state of the art is these days. Maybe SPICE? I’ve used that to control VMs through tunneled SSH before.
Ah, I see. I only used it once, so it’s not something I do often, but it worked perfectly for me as a client to a Windows computer.
The thing is a little simplistic: Linux is perfect if your job is coding, working with enterprise web UIs, sending mail and/or using Office Suites, which to be fair is like 90% of office jobs.
For the other 10% use cases, Linux isn’t just ready yet because, for example, the company that produces analytic equipment doesn’t even bother to acknowledge the existence of Linux for their data log software. And then there is Adobe. Adobe are just a bunch of cunts.For everything but coding, there’s ChromeOS. That’s even Linux, technically! I can see a company running on ChromeOS.
That’s even Linux, technically!
