All games I want to play run very well and mostly the process is just "install -> play".
If a game has an aggressive anticheat, like Battlefield 6 or Valorant, it will not work and you can forget about it.
Controllers work fine, so do some wheels and other peripherals, but a good number of wheels, pedals, joysticks, VR headsets, and other wild and wacky input devices might not work that well or not at all. It mostly depends on whether the software for them runs on Linux, runs in Wine, or is needed at all. Not sure about VR, but I know it was a bit dire 1-2 years ago.
If you don't play hardcore simulator games, and don't play one of the competitive shooters with aggressive anticheat (e.g. CS2 and other competitive shooters run perfectly well), you can just install Linux, install Steam or one of the other launchers, and just hit play.
If you're not sure, you can check the status on https://protondb.com.
My setup is a custom version of the linux kernel that 'backdoors' itself and exposes host information to the windows vm making all the anticheats happy enough to work out of the box. Have not gotten banned in any of the games either. Custom VMM and EDK builds are required to block blanket detections of virtualized hardware.
I repurposed lookingglass to instead stream all the wdm buffers as seperate applications that I can open directly in linux like they're native applications. The neat part is that I forward all the installed applications to KRunner which talks to the windows vm and launches the application there and spawns a looking glass instance for that applications assigned path.
The only downside that this is a two GPU solution and you have to run any GPU intensive applications in windows.
I did contemplate playing this cat and mouse game and making anticheats accept that it's easier to just support linux instead of fighting it.
Any untrusted virtual machines don't run on my machine to begin with so it's alright.
This is largely true for games running directly through Steam, it can get pretty annoying for games that exist outside Steam.
Especially when you have to do things like apply an ".msi" style patch to a game .
It's doable, but the number of steps and tools you may have to pull in (such as protontricks) does get to be a bit of a pain at times.
For example: Add Diablo 2 exe to Steam. Run Diablo 2 in proton. This creates a folder like 123455 /home/user/.local/share/Steam/steamapps/compatdata/123455/. Then Add LOD to Steam, add this to the system launch STEAM_COMPAT_DATA_PATH=/home/user/.local/share/Steam/steamapps/compatdata/123455/ and you can run the installer on the older file data. Do the same for a mod patcher, etc.
If I really want to play Apex or Battlefield I’ll fire up my dual drive dual boot Windows, and in the meantime, no more Microsoft spying on me, forced Windows updates and reboots at random times, ads in my Start menu, Xbox apps and other bloatware, etc
The old stalker games run on the X-Ray engine (the mods on a modified OSS version of it). In my experience they've always worked pretty well, though the games are quirky in general.
Good hunting stalker.
Those games running on Proton are still produced on a Windows factory.
I assembled a PC last year from used parts specifically to try gaming on Linux after two decades with only the occasional FreeCiv or MineTest, and the experience with Steam is mostly painless. Impressive!
Yeah this is why I stick with Windows. Unlike it seems a lot of people on HN I don't really see any issues with it that would want to make me move away, especially as I already have WSL if I do need Linux, as WSL has GPU passthrough.
If you don't care about privacy issues or ads in your face, then yeah Windows is pretty good. I care a lot about that (and open source in general) so for me it's way worth it. But everyone is different and that's ok
Vague concerns about privacy are not strong enough reasons for me and most others, based on OS market share, to move away when the concrete reality is we can simply play more games on Windows. The only reason Linux gaming is getting good is because of Valve funding it heavily in the past few years for their own products like the Steam Deck, and to move away from an OS they have no control over in Windows, not because of privacy concerns which I guarantee you 99% of Steam Deck users don't give a shit about, they just want to play their games.
I actually agree with everything you said except the above. Valve (and their employees) do actually care about privacy concerns, regardless whether their users do or not. I agree that's not the primary reason they did it (it was because of Windows control as you said), but it isn't a non-zero factor.
If you play older games, particularly DOS/Win95 era titles, the concrete reality is that DOSBox and Wine have better compatibility.
Even some recent games, eg. Elden Ring, have unfixed stuttering issues on Windows that were fixed on-release in Proton. I'm willing to give Windows it's due because I don't think it's a terrible gaming environment, but it's a direct downgrade for a lot of the games I enjoy playing.
I thought it was fine, until a competitive player, friend of mine who has a machine comparable to mine saw the game running on mine and noticed a lot of stuttering and framerate loss. I don't believe it is a machine performance issue (Threadripper Pro 3XXX with a 3080p), and I was running a pretty standard Gnome Fedora 43 with NVIDIA drivers.
So if you are into competitive gaming, I guess it is debatable.
That being said CS2 runs substantially worse than CSGO. It at least kicked my addiction when it released, since it no longer ran at acceptable framerates on my laptop ahaha
> a good number of wheels, pedals, joysticks, VR headsets, and other wild and wacky input devices might not work that well or not at all
> If a game has an aggressive anticheat, like Battlefield 6 or Valorant, it will not work and you can forget about it
> Not sure about VR, but I know it was a bit dire 1-2 years ago
The determination of the average Linux user to ignore the faults of Linux is something to behold
When someone brings up issues related to Linux themselves, that’s clearly not “ignoring” them. It would be a true case of ignoring them if they simply kept quiet about them.
>> If a game has an aggressive anticheat
> the faults of Linux
And besides, as far as I know (well, maybe I'm missing something?), anti-cheat issues aren’t a fault of Linux itself.
Issues with anti-cheat aren't Linux's fault (the one to blame), but they are a fault (undesired attribute) of Linux.
Why do Windows users ignore the faults of Windows?
How many people care about support for Red Alert 2 and OG Xbox controllers on Windows 11 (assuming either of these truly don't work) versus people who care about the ability to play games like Fortnite?
The majority of people don't use fancy wheels that require custom software to work. Many people do use anti-cheat, but plenty of people don't need it.
They quote "If a game has an aggressive anticheat" and then state "The determination of the average Linux user to ignore the faults of Linux", which is accusing Linux of being at fault for the aggressive anticheat not working.
FWIW, I am not alone in that interpretation since this commenter reached the same conclusion: https://news.ycombinator.com/item?id=47718389
But I don't think we can conclusively say either one of our interpretations is correct.
Linux still doesn't have anywhere near as nice and cohesive as Group Policy, Active Directory etc.
Plus you can pay Microsoft to host it all for you on Azure.
Especially since it is easier to find badly underpaid (and not particularly competent) Windows sysadmins than it is to find badly underpaid Linux admins.
If anything the demand would be artificially high at the start of a mass migration, and then presumably level out to something similar to what we see today with Windows.
This is basically RHEL's entire business model.
You'd get a clusterfuck of a consensus spec, then they'd all get pissed off and develop their own incompatible versions anyway?
Have you seen international projects without strong, centralized leadership?
You need to update your notes its not 90s.
Sometimes the perfectness of the product is less important than the fact that there was one opinionated decider.
It takes time to find a suitable replacement to a global monopoly.
The privacy threats were always there.
(people keep saying things like "only Congress has the power to declare war"; that may be technically true, but a war declaration is a piece of paper, and practically the authorization of force is at the personal disposition of the President)
Best time to start doing it was yesterday. Second best time to start doing it now. They are at "now" step.
Isn't it about time someone developed one?
The foundations are there; you can imagine an organization deploying laptops with, say, Ansible, and not giving users root on them. LDAP sort of matches the old capabilities of AD, but not completely. There's even a "SAMBA as fake domain controller" mode.
Ironically what it needs is a product or service which organizations can pay to take the problem off their hands. But then people get stuck in never paying for anything in the open source world.
Honest question: Why? If you want a Windows-like environment, run Windows.
I get this all the time when people ask about a Linux equivalent for something, and aren't really satistied when it doesn't work or look the same. Linux isn't a clone of Windows. Linux comes from an older heritage, and has a unique culture. You are in for a hard time if you want to use Linux like you would use Windows. That's a suboptimal experience, at best.
That said, of course Linux should be easy to manage. But Windows is from a single corporate entity, of course their management tools will be different. It used to be unix admins that laughed about people using Windows as servers. The culture around Linux is one of scriptabiliy where even the user interface, the basic shell, is one where every command is inherently a script. That's why management on Linux looks like Ansible and OpenSSH, not like Remote Desktop and Group Policies.
You could write something like Group Policies for Linux of course, but it wouldn't be a complete solution so people would just continue using Ansible, OpenSSH, and the respective package managers.
One of these questions where we, those doing the discourse, need to pick apart what the word "you" refers to here.
In this context, it is national governments, who have started to fear that there may come a day when they are not allowed to or able to or safe to run Windows. That gives rise to the question, "how can we get a system that minimizes the disruption of migrating away to Windows?"
Ultimately it's not about specifically wanting AD or GP as technologies, either, but the things they enable: seamless single-sign-on across an organization, and management of software security and updates across a fleet of desktops.
(possibly the thing that fills this hole is simply a fleet of consultants which go around explaining things to CIOs!)
I have some experience at places where Linux are run on desktops at scale, but they all have in common that these are engineers for whom Linux is the better experience to begin with. It's not like that for administrative staff and management. And as much as I'd like to tell people to use Prezi instead of Powerpoint, and Markdown instead of Word, sometimes Libre Office is the best answer.
We have to be practical. Still, I feel that too often it is engineering that has to use tools intended for administrative people. Once in a while, they other way around may not be that bad.
For a modern workplace, where smartphone and cloud based applications rule, the traditional Windows tools like AD and GP can only do so much. You also need MDM tools, and something like SAML. If you are looking for an out-of-the-box tool that can manage both Linux and Windows clients, Red Hat has FreeIPA. It's not AD, but it goes beyond that capability.
Because it works really well for a corporate environment where you require central management for your devices. Yes, the environments of Linux and Windows are different as you said, and unfortunately that means one will generally be better than the other within certain contexts. The corporate workstation use case is a gigantic one that Windows is currently dominating in, and this is terrible for Linux adoption because it means to get a job at a place that uses Windows you are incentivized to use it yourself so you can learn it. It also means that schools (which are often run like businesses internally) are way more likely to use it, so new students that are just learning how to use a computer are coming up on Windows.
Linux is indeed very different from Windows and that's fine, that isn't a problem at all and it has plenty of upsides. What should be clear is that this particular use case is a remarkable downside for Linux, and the mass adoption of Windows in the majority of businesses should make that self evident. Realistically Linux can and absolutely is used in business contexts in the same way as Windows (hence why France is going ahead with it), but it isn't as optimized for it as Windows is, when it totally could be. Macs have had some robust management platforms made for them that I've found pretty similar to AD for example. If someone developed a straight out AD clone for Linux that functioned more or less the same on the front-end it would be huge for Linux adoption in my opinion. Hopefully that answers your question.
Still nothing, three decades later. Not because Microsoft engineers couldn't do it, of course, but becasue they didn't want to. It doesn't fit the Windows model. They did recently adopt SSH, but that was because they want to use Windows in cloud-like environments, where expectations are set by Linux-style tools.
By the time Windows got to the point where it even could be centrally managed in any reasonable fashion, Linux environments was routinely run an order of magnitude larger still.
There is a reason why the whole cloud runs Linux. Anything else is a rounding error. That's because Linux is inherently so much less work to manage at scale.
If something like Group Policies would somehow be accepted by the Linux community, that could only be a step backwards. A well run Ansible or Puppet or similar environment works on a completely different scale.
PowerShell PackageManagement [1] and Remoting [2]
[1] https://learn.microsoft.com/en-us/powershell/module/microsof...
[2] https://learn.microsoft.com/en-us/powershell/module/microsof...
What's important to notice however, is that the oldest of these are from 2009. At no time in the intervening 15 years (!) did someone say "Windows is unusable for desktops because it is not manageable".
Group Policies also allow you to enforce things like browser configuration (proxy, homepage, search engine etc.) wallpapers, screen locks etc.
Can this be done on Linux? Honestly, I have no idea - I think gnome with gsettings/dconf can do that, but can KDE?
That's first and foremost a cultural difference, not a technical. Sure, there's nothing to prevent a Linux vendor to write "install scripts" that copy files willy-nilly across the file system, and many vendors have done this but always with disastrous results and since Linux people hate it, those products are either repackaged or stored in a separate directory far away from other files.
This means installing software at scale (any number of systems), or the question how to cleanly uninstall software it not a question you should ever ask in a Linux environment. The questions you should ask are different in a Linux environment. That is why the tools look different.
Tools like gsettings are culturally alien to the unix world. Instead, home directories are seeded with dotfiles. And dotfiles are kept in version control. Yes, that means that unix people can't answer the quesion how to lock the proxy settings so the user is unable to change them. Instead, should a sensitive system require it, they would instead manage by policy and disallow any traffic outside said proxy.
> This means installing software at scale (any number of systems), or the question how to cleanly uninstall software it not a question you should ever ask in a Linux environment.
And yet this is a problem that so many third-party vendors who try to support multiple Linux distributions have been struggling for years.
> Tools like gsettings are culturally alien to the unix world.
Sure, Linux and UNIX are coming from different roots, but "cultural" means nothing in large organizations, where computers are basically tools not that far from printers, projectors, even hammers. A way to do someone's job. I may hate locked systems, but then I don't have to support users who cannot find their trash bin on the desktop anymore.
You can seed dotfiles for all users, but you can't really enforce that user cannot for example move his taskbar from bottom to the top of the screen without policy enforcement. gsettings/dconf may be culturally alien to this world, but it is (or at least was) solving an actual problem. A problem we may not care about, but some companies do.
Now, I think there is an interesting discussion here to be had - given this latest push from Windows to Linux, as a way of distancing Europe from US, would adding features that bridge this policy enforcement gap between Linux and Windows is desirable?
15-20 years ago I was going to say yes, but back then I cared so much more about Linux as Windows alternative for office use. Today I actually prefer Linux Wild West and how hard it is to lock it into any sort of MDM.
There's a bazillion tools that let you manage files like that across thousands of servers/desktops but the hot one right now in enterprises is Ansible (which would make it trivial to push out an update to such a configuration).
Chrome has a similar file: /etc/opt/chrome/policies/managed/lockdown.json
"Ah yes, but what stops the user from downloading the portable version of a browser and using that?"
You can mount all user directories with +noexec. Also, Apparmor lets you control which applications can make network connections if you want to get really fine-grained.
Other applications have similar policy files. For example, Visual Studio Code has /etc/code/policy.json which—for example—would let your company lock down which extensions are allowed to be used/installed.
The most popular way to control user desktops that I've seen is to have your user login via LDAP (just like AD), optionally with Kerberos and then have their permissions to various things controlled via those groups. For example, if you were building a "desktop policy" for Linux users across your organization, you'd probably make a .deb or .rpm that installs some udev rules that grant or deny access to various things based on which groups the users are in.
Of course, you can also control things down at the user level. You could put a script in /etc/profile.d/ that does whatever you want when the user logs in. You can even make it dependent on how they login (detect remote SSH session or local login).
There's also dconf and KDE's Kiosk mode if you really want to lock shit down to annoy TF out of your users (haha).
Once you've got your Linux desktops setup the way you want (which is usually just a matter of making your_company_desktop.deb or .rpm) to customize things/permissions, you have so much power to do things you can't do on Windows. The fine-grain control in Linux is unreal: You can give a specific user access to run and do very, very specific things as root (Windows Administrator equivalent) without much effort at all.
Linux also lets you lock down the hardware in ways Windows doesn't support. For example, you can chattr +i to make certain devices/files immutable. You could compile a custom kernel that doesn't even have USB mass storage support. What's more secure than that? Haha.
BTW: You can also make all USB mass storage devices read-only with a simple udev rule. You can even add exceptions for special things!
Now, how well is dconf integrated with all the software you want to run is another thing (it was done by GNOME, and ignored by KDE), and whether this is still the way they are all moving is yet another question but the infrastructure was being built.
Group policies don't exist and won't ever exist on Linux. Group policies are LDAP entries that are copied on system boot and user login into their respective parts of the local registry. Software may then read, interpret and use those registry entries. On Linux that wouldn't work for numerous reasons. First, on a multiuser system rebooting to apply configuration changes is not viable. On windows that's apparently fine because its single-user anyways, and reboots are an accepted fact of life. Also, to apply a system policy that is intended to limit what a user could do, asking the user's software nicely via registry entries is stupid and insecure. Lots of software won't even read the registry and have group policies that it will obey. Want to get around an Internet Explorer Group policy? Use Chrome or Firefox!
So what you do instead on Linux is: If it's just configuration, just copy it over, using the usual text configuration formats that are common on Linux. There are lots of tools to do this, starting from simple hack jobs like using scp to full configuration management systems like ansible or puppet. The "group" part is handled by those systems as part of their function, you can easily group/subgroup/discover/inventory/parameterize. If it's policy, so you want to restrict what a user can do, you use the higher-privileged layers of the system to put in actual restrictions, not just "group policy" suggestions. You can configure the user's home directory to be mounted noexec, so software execution after an unauthorized installation is impossible. You can put them in containers, namespaces, limit their resources and system access using cgroups, filesystem permissions, and more fine-grained permission systems like SELinux. If you are so inclined, you can forbid the user from opening files starting with the letter 'f', using eBPF syscall filters (this will of course break everything, but I needed a stupid example ;). All those can also be configured with your configuration management system of choice.
Just as a comparison: Our windows team needs 3h just to re-image a laptop, just for windows. After that, all the software needs to be reinstalled, all the data copied over. Then, after 2 days and 10 reboots or something, it will have picked up all the policies, updates and things and maybe be usable. Our Linux installation takes 45 minutes. Including all the software that was previously assigned to this system, including all the settings. It will be fully updated, configured and usable after the first reboot.
But when you’re talking about enterprise management of thousands of devices, you need some kind of consistent security policy management. That requires running OS software that accepts remote policy management, which is a very specialized configuration and not just “vanilla Linux”.
You can get really far with LDAP, but I’ve only used it for remote accounts, file shares, and sudoer config. I’m sure there are more policy configurations that would be possible with a more advanced tool.
I suspect the RHEL world has something to offer here, but I’d love to see a more general and commonly supported solution developed. It would make Linux more of an option for enterprise managed endpoints.
But, I agree with you - for an enterprise customer, this really needs to be some kind of paid/supported product. I wouldn’t want the French government to rely on some scripts that worked on my small cluster.
Managing lots of configuration files/scripts across many thousands of servers, desktops, devices, etc is a long-solved problem. Most enterprises use Ansible or similar.
In almost every way, managing many thousands of Linux desktops is much simpler and more straightforward than Windows. If you're using Ansible playbooks, you can keep everything nice and tidy in a single place and everything you'd ever want to customize is managed via a plaintext file you can modify with your editor of choice.
You can organize them however you want or even use a GUI to change stuff (if you pay for Ansible Enterprise or whatever it's called... Or use one of the FOSS alternatives).
Managing Linux desktops at scale really isn't much different than managing Linux servers at scale.
Every Linux system that supports SSH potentially "accepts" remote management! The challenge is just putting it into a framework.
Enterprise environments use a number of tools like Powerbroker, UCS, Centrify/Delinea etc to bind linux machines to active directory and manage identity and access through active directory. This is for mixed environments with both Windows and Linux machines.
For pure linux environments, there are a number of tools like FreeIPA/IdM, Samba AD/DC (for A/D like management), and OpenText's eDirectory for the current version of Novell's eDirectory counterpart to A/D. They all provide centralized user/host/policy/access management.
Since Entra+Intune are the recent MS products, cloud-based equivalents are Jumpcloud+Fleet, Okta PAM, FreeIPA/IdM.
I really hope some of these answers are ergonomic enough for windows sysadmins to accomodate this transition.
It's probably something like "inception -> adoption -> convenience". For Windows it was the same, was it not? It wasn't absolutely convenient to use, it was just better (in terms of usability and features for the average consumer), and convenience came after (Windows XP, Windows 7). Sadly the functionality degraded, and now all that is left is convenience.
Europe doesn't want to depend on US infrastructure, that's the only reason to do this.
Nobody cares about Linux "freedom" or open source.
I take your word for it (I know of Kerberos and LDAP and Netscape and Sun trying to make such palatable, but clearly haven't followed that in the last quarter-century).
That assumes however the server to be currently MS Windows. For government agencies, I'd rather expect some Mainframe to be (and remain) in place. Surely IBM (or here rather Groupe Bull) has user authentication/authorization figured out (more than half a century ago, methinks).
A good example of that would be what happened with Docker. Off the top of my head cgroups, namespaces, seccomp, overlays and capabilities had been around for a while before it got rolled up in a nice utility in 2013 and opensourced in 2015. Hence the containerization movement. Solaris zones and FreeBSD jails were nice but they always were let's say a bit too bearded.
Most workplaces don't have strict bans on personal mobile devices, and some of the ones that do, don't have the kind of physical perimeter defense that can detect people getting lazy about whether or not they carry their personal mobile devices into the workplace. That makes perimeter defense into security theater anyway. We need a rethink about what we are guarding against and how we're doing it.
If you're talking about select work apps on your mobile device, sure, but that's limited attack surface.
If you're talking about employers who let unmanaged mobile devices hop on their internal network... I've never seen that. Maybe at a hypothetically perfect zero-trust shop?
And I get it's extra work, but I've seen some weird "But if you'd just built this a bit differently, you would have gotten all these free security bonuses to your posture" gaps.
Imho, a huge part of the problem is invisibility. I'm firmly of the belief the US government should be running scans on entities in regulated industries (defense, healthcare, utility, telecom) with regulated redress of any findings.
Trusting private industry isn't working.
The insight in AD+GPO wasn't in either thing, but in the +. Each would be far less useful without the other.
For the first part, Group Policy (GPO) can set the screen to lock after 2 minutes of inactivity, say, which works because there are Windows subsystems built to look for a reg key for their config, and policy templates exposing that config in the GUI management tools. Or group policy configures which security group can "logon as a service" which works because Windows has system-wide and domain-wide pervasive Access Control Lists (ACLs). GPO configures that Background Intelligent Transfer Service (BITS) should limit its bandwidth use, which works because Windows Updates use BITS. Or sets the machine-wide SSL cipher order, because Windows software uses system-wide schannel not OpenSSL. Or GPO sets what your default printer will be and that's only useful because decades of 3rd party Windows software was written to use the standard Windows printer dialog, or User Documents path, or whatever.
For the second part, Active Directory is a tree-shaped organization tool; in screenshot[5] that I quickly Googled, the tree on the left has a folder named "Sydney" and below that "Sydney Users"; this lets sysadmins organise the company computer accounts, user accounts, and security groups by whatever hierarchy makes sense for that company - e.g. by country, office, team, department, building floor, etc. Then Group Policy overlays on that structure, and the policies are composable.
e.g. in this basic screenshot of the group policy manamement GUI[6] it's showing at the bottom a list of all group policy configurations that have been made in a domain such as "Block PowerShell", and higher up it shows the policy "PsExec Allow" has been linked inside the "ADPRO Computers" folder. So users and computers in that folder in AD, will get those policies applied. In screenshot[7] you can see a basic example showing corporate computers getting machine-wide settings, corporate users getting user-level MS Office config, and Executives get settings that nobody else gets. (This echoes the registry having separate HKEY_LOCAL_MACHINE and HKEY_CURRENT_USER subtrees). Screenshot[8] shows the relatively tidy GUI on the right for seeing which settings have been configured in a policy.
If you apply more than one GPO to a folder, the users/computers will get the all the policy settings combined. This is often what people complain about when logging on to a corporate Windows machine takes ages, btw. You can filter GPOs on a case-by-case basis to build patterns like "apply this machine-wide policy to all computers in the Sydney folder which are members of the WarehouseComputer security group" or "apply these logon-settings to employees in New York who are members of Finance and logging onto a laptop". So companies which have been around for years can have really (messy) big and intricate designs which would be a lot of work to migrate.
3rd party programs can release XML files which plug into the GPO management, and the programs were written to expect to be configured by registry keys so they can pick up those settings; there are templates for configuring FireFox[1], Chrome[2] Adobe Acrobat[3], Word, Excel, Office[4], VMWare Horizon, Lenovo Dock Manager, Zoom, RealVNC, LibreOffice, Citrix, FoxIT Reader, and so on. The more enterprisey a tool is, the more likely it will plug into that ecosystem. Then all kinds of 3rd party reporting and auditing tools look there to see if your company is compliant with this or that; the whole thing is integrated with Windows' domain-wide ACLs so you can give some admins permissions to view or edit just their regional subset of this.
As usual the lockin is not that they do something amazing that nothing else can do, the lockin is that Windows domains have been around in this format for 30 years since NT4 and Windows 2000, and it has huge inertia, familiarity, is deeply embedded in a lot of companies, you can easily and cheaply hire lots of people who know how to use and manage it, you can send screenshots of it to auditors and they understand it, if you don't know how but you have a bit of (oldschool) Windows experience then clicking around will get you the basics, you can buy 3rd party auditing software that will send you a management friendly report with green ticks saying almost everything is fine but you should change this setting for security...
[Yes of course you can build your own custom replacement for every single thing, just like you can build your own custom replacement for any software; it's "just" ldap and kerberos and dns and some scripts and site-to-site policy replication and management tools und und und].
[1] https://support.mozilla.org/en-US/kb/customizing-firefox-usi...
[2] https://support.google.com/chrome/a/answer/187202?hl=en
[3] https://www.adobe.com/devnet-docs/acrobatetk/tools/DesktopDe...
[4] https://www.microsoft.com/en-us/download/details.aspx?id=490...
[5] https://www.windows-active-directory.com/wp-content/uploads/...
[6] https://activedirectorypro.com/wp-content/uploads/2022/09/gp...
[7] https://www.varonis.com/hs-fs/hubfs/blog%20posts/Group%20Pol...
[8] https://redmondmag.com/articles/2016/01/12/~/media/ecg/redmo...
I am sure that's something the Gnome Foundation could figure out if they had a grant to do so.
What you list are no showstoppers, and since its a well known topic I cant imagine why some EU-funded effort in say 2 billions over next 3-5 years shouldnt reaolve it once and for all, for entire world. Well invested money.
Some places are using Okta for many of those functions too. Trump’s instinctive parasitic slumlord behavior may be enough for the sleepy Europeans to get their shit together.
I've no idea what current internal Microsoft org divisions are.
It's now Intune (via OMA-DM), and Entra. Both of those products are about as bad as you might imagine the "cloud" versions of GP & AD might be.
They are better, in ways -- no longer having to care and feed for domain controllers is nice, and there's no longer an overhead for additive policy processing, so endpoints only get a single set of policy and log on much quicker -- but for the most part, enterprise management of Windows devices is in a worse place than it was ten years ago.
Try to figure out how long it will take an online Intune device to discover a new policy: As far as I can tell the answer is "eventually". There are bandaids for this, because of how infuriating it is, of course, but all time guarantees are basically gone.
Ask me a decade ago what an enterprise should do, and my answer would be straightforward: AD, GPO, Exchange.
The answer now is not simple.
That was also the answer two decades ago. But if AD and GPO are now dead, what killed them and what are the options? Is the problem mobile and BYOD?
I’ve been primarily on Macs since that time where endpoint management isn’t much, so there are fewer knobs to fiddle with. In some ways it’s nice in that admins can’t screw around too much with my system. In other ways, I’m sure Macs feel limiting for those in charge of enterprise security. However, most endpoint management feels like it’s written for Windows with Macs as an afterthought for checklist security. Knowing that, I’m happy there are fewer places for dodgy software to be able to interface with the OS.
(Edit: added quote to top)
The changing world. AD and GPO come from the mid 1990s before pervasive internet, before WiFi, before Cloud computing, before people had multiple computers, before iPhones, before AWS cloud infrastructure, before Kubernetes, before cheap fast hardware for virtualization, before cheap bulk storage, before BYOD and WFH and everything-as-web-app. Before that was the world of isolated 8-bit machines, expensive Solaris workstations and Unix mainframes with expensive admins, and after say 1998 the world was cheap Compaq/HP/IBM hardware running Windows server and Windows 9x desktop, and after about 2003 it was Windows Small Business Server (AD, GPO, SQL, Exchange, SharePoint) and XP Pro desktops.
Cracks started showing when people wanted to logon to a laptop away from the office when it couldn't refresh policies, run logon scripts, talk to domain controllers; when people wanted 'offline files' from a company file share while away from the office, but wanted their corporate email to work when their laptop was online but not pull down company settings over a dialup modem. More cracks when they got a Blackberry or iPhone, more when AppStores appeared and people expect to be able to install whatever they like, more with the rise of Apple Macbooks, with the growth of website based services people can use from anywhere, more with Amazon AWS where company infrastructure is on someone else's premises, more with BYOD and WFH, more with people expecting software to be cost-free, being trivially able to spin up Linux web and database servers because there was plenty of CPU/RAM/Disk and no worries about licensing costs.
> "it’s nice in that admins can’t screw around too much with my system"
If it's a company device, it isn't your system. The company has legal oblications and practical concerns that conflict with your desires as an individual. That might be pushing full-disk encryption or updates, or auto-locking, or restricting use of USB or websites to block potential customer information leak points, or trying to stop you saving work locally that might be lost if the device fails, or trying to stop your device being an entry point for malware or ransomware, or trying to stop you screwing around with their system which costs them employee time to fix and your downtime while it's broken.
What killed AD & GPO was Microsoft, in their bullheaded push toward Azure everything. Instead of listening to what it was that the enterprise customers actually wanted, they designed a system that made sense to them, but to no one else. The original UI was written in Silverlight. It was horrific.
There was LDAP and Kerberos support for *nix management, but nothing you’d deploy over a thousand end devices.
And you’re right, it wasn’t a question that got asked, because there wasn’t ever a second choice - AD was the only option.
I remember it almost being a trope at the time that every Kerberos question thread eventually landed on some subtle / niche incompatibility or edge case.
Linux has a lot of the pieces but is principally lacking a solid distribution system - in particular a big missing component is the network-based SELinux policy distribution system which you can see some hooks in for the concept of a "policy server" which never eventuated.
SELinux would be a lot more viable if it had a solid way to federate and distribute policy and has some nice features in that regard (i.e. the notion that networked systems can exchange policy tags to preserve tagging across network connections).
Imho, this was historically (and continues to be) Microsoft's Achilles heel.
Large parts of the company reflexively wrote features / tooling as manual-first, code-second (or never).
In hindsight, what was missing was a Gates-level memo circa 2000 similar to Amazon's API one: all teams are required to build their configurators to be programmatically exposed.
Unfortunately, I don't think Ballmer was enough of a technologist (and was likely too distracted) to intuit that path not taken.
I doubt they’d care about which OS they’re on. Corporate tightens their laptops beyond belief, so all they’re really running is Teams and Excel. This seems to be the case for a lot of friends I talk to, no one gives a damn about Windows anymore. Heck, my sister-in-law moved to Ubuntu of her own choices, despite having low tech literacy.
I think "Easy" has been the excuse for everything humans do in every day and age.
It makes zero sense for businesses to use Windows if they're only doing PowerPoint and video conferences.
See proton, heroic launcher, etc, etc.
Cyberpunks own benchmarking suite runs 30% faster (for whatever reason; my wintendo install is stock and nothing but nvidia drivers) on the ntfs windows partition on Arch.
Windows sucks and I hope to see the demise of Microsoft during my lifetime(crosses fingers).
1. Productivity / Business (~43%)
Includes:
Microsoft 365 (Office, Teams) - these can be likely ported to Linux if they're not already since they also work on MacOS? LinkedIn Dynamics (ERP/CRM)
~$120.8B
2. Cloud (~38%)
Includes:
Azure (runs on mostly linux, and moving cloud provider as a big corp is expensive, I don't see massive companies stuck in azure infra moving from it) Server products (Windows Server, SQL Server, etc.)
~$106.3B
I fully support the demise of Windows as an OS
But microsoft as a company has shifted away from Windows as their source of revenue, and will probably not be impacted too badly if it were to die completely.
Similar to Germany with its DeutschlandStack and some migrations already ongoing.
I thought the Mac versions were not a full fledged port and were missing features present in Windows.
Now I'm not saying I actually know my way around PPT or that I'm some presentation whiz, but this can probably be done with the browser version. Just like the "new" Outlook is simply a new Edge skin.
I work for a company that has drunk the MS Kool-Aid and then went back for a refill, yet I've never had any issue using the web version of the suite ever since it came out. I don't even run Windows on my work laptop. Teams is the only app that seems marginally better in its heavy version (heh), since it supports separate windows for the calls.
I haven't used PowerPoint in years as I think my needs are pretty simple but I wonder what I'm missing.
I can see that the Microsoft ecosystem gives control on who can view files and provides collaboration and control. Both of which would be useful in the corporate world.
Is there's somethnig other than that or is it just ease of use?
For the most part I see people using MS Office tools because it's what they are familar with. They're familar with it because it's the only thing their IT department will allow them to use.
At the moment i have long html page with key event for next and previous, tiny script to check on specif markup for autoscroll.
I'm guessing it's not compatible with Teams and that MS make sure it doesn't work properly with LO produced PPT files.
Whenever we are talking migration out of the windows world, there is always a group of MS fanboys that pretend that you can't replace a software with another one if it doesn't even have the exact same set of features down to the smallest details while totally ignoring the interesting features the replacement can have.
The reality is there are never 1:1 replacement and Microsoft would have never had any sort of success in the office area to begin with that sort of nitpicking.
2. move to Cloud and use electron wrappers because not even MS can bother making native apps on their shitty platform
3. Make Windows so shit that even hardcore power users can’t debloat it.
The moat of Windows is gone. Games, office work, all the classic arguments, have basically vanished in the last 5-10 years. The only surprise is why more people don’t get in the life rafts, when the ship is listing at 45 degrees. Is it because there’s still an army of workers and institutional inertia trained in Active Directory?
That's like staffing a neurosurgery department with dentists. Or a dental clinic with neurosurgeons, it does not matter, you can have decades of experience working with a drill in the head area and still be the wrong person for the job.
Yes, that is a huge driver of inertia. I've had to battle that in so many different companies now, and it is absolutely aggravating. That on top of comments about how Linux sucks from someone who either has never used it, or has only used it on a server and thinks that is all Linux has to offer, are absolutely soul destroying.
Windows persists in the workplace where the cost to replace it is significantly higher than keeping it, and keeping it doesn't cost much to begin with. Part of that cost would be training, yes.
The other part is finding compliant equivalents for the rest of the software they use. If the MFA, VPN, chat, email, etc. are all already vetted and designed to be compatible, there's no way they'd want to switch. Many policies regarding proprietary information disclosure are also built off this ecosystem and the certifications Microsoft's cloud already has.
Or businesses are just clueless face-less entities who have no idea what they're doing. Probably the truth is a little bit of both.
Businesses choose it because it works with what they already have, the existing tools, processes, skills and because Microsoft was always a safe choice by virtue of being almost implicit. They choose Microsoft because they're already deep into Microsoft, it's the option carrying the lowest risk and lowest short term cost.
Switching to Linux is complex, expensive and risky. The transition is long and expensive, plagued with teething issues, your MS focused knowledge is redundant, the patience of your sponsor can run out before the move delivers anything of impact. Who wants to take such risks when they can just not rock the boat and call it a day?
Not to mention my very large emulation library.
I have no idea what you are talking about.
Where we are at now is that the pain of moving away from Windows is acceptable for many larger organizations and governments, especially those with flat or decreasing budgets. You can just swap out the OS layer and keep other processes the same - keep using Office with just the browser versions if you want, or move to an alternative (like EU-based). Teams works on Linux. There is no moat on Windows anymore
And many of those tool providers could see for 10-20 years now that if they didn't provide a web based version sometime soon, they would go out of business sooner or later.
There are almost no applications that a government employee should be running natively on their machine anyway.
> designed for scenarios where full ownership and operational independence from Microsoft is required
In France's case, Capgemini and Orange have a joint venture to operate datacenters that Microsoft runs Azure and Office on top of [1]. Moving away from Windows and Teams would still reduce their dependence on Microsoft substantially. But if the core goal is to reduce dependence on non-European suppliers, I would be wary of the French government buying services from "Bleu" when it's mainly Microsoft and a couple of consultancies in a trenchcoat.
[0] https://learn.microsoft.com/en-us/azure/azure-sovereign-clou...
[1] https://www.capgemini.com/news/press-releases/capgemini-and-...
Plus, it's all open source, so the rest of the world is free to use it as well!
Those initiatives are usually open source. It's just that many times, each country wants to make their own. But it's still better than staying with the TooBigTech monopolies.
This hits hard. I'm a French citizen who made an open source alternative to Dropbox [1], I would have never thought my own government to attempt competing in my niche. I did contact the people at DINUM and it seems they are more interested in making their own than contributing to existing projects they don't fully control
e.g. Qwant is a re-skin of Microsoft Bing
It's a great move overall.
"Today, Europe receives 99% of the answers to search queries from external infrastructures. We believe, however, that a higher level of digital sovereignty is essential for a functioning democracy and economy. With our new web index, we are creating a European perspective on politics, culture and values. This is a long overdue step towards more plurality in the digital world, which is also being called for by our society."
To be honest this does not sound much better. 40 years ago maybe I would have preferred EU values over the US' puritan values. Nowadays I'd just expect a different flavor of poison.
Bpifrance, the Caisse des Dépôts, France 2030, Horizon Europe, etc.
To access that money, you need the right narrative. So companies learn to wrap their pitch in sovereignty language, get the grants, and then quietly build on top of AWS, Azure or GCP.
Not that it's dramatic, but there is a difference between hosted in France (where dependency still exists), and hosted + engineered in France.
Hopefully this transition to Linux is going to push France government to get rid of Crowdstrike, it's insane they let such backdoor run inside.
Adoption of Free Software:
2012 Prime Minister circular — the most important formal turning point: Orientations pour l'usage des logiciels libres dans l'administration, signed on 19 September 2012. It explicitly gave guidance to public administrations on free software use.
2016 Digital Republic Law — reinforced the direction by encouraging public administrations to use free software and open formats.
2021 action plan for Free Software and Digital Commons — launched after the Prime Minister’s circular of 27 April 2021, with goals to increase awareness, use, publication of source code, and reuse across administrations.
2024–2026 LaSuite / Suite Numérique — current state-led open-source collaboration suite, presented by DINUM as a coherent set of open-source tools for public agents and positioned as part of the state’s sovereignty strategy
Rollbacks and proprietary deals
Microsoft “Open Bar” contract with the Ministry of Defence / Armed Forces — a major counterexample. The Senate records say the framework agreement started in 2009 and was renewed for 2013–2017 and 2017–2021, without publicity or competition, giving the ministry broad access to Microsoft’s catalog.
Criticism and replacement with UGAP purchasing — later reporting says the open-bar arrangement ended in February 2021 and was replaced by a convention via UGAP, but the ministry still relied on broad Microsoft licensing and associated services.
2025 education procurement for Microsoft — a public tender worth 74 million euros for the Ministry of Education and higher education services was attributed to Microsoft, showing that proprietary dependence continued alongside open-source policy.
2025–2026 public-private partnerships in sovereignty language — France and Germany announced a partnership with Mistral AI and SAP for sovereign AI in public administration, which is not a free-software rollback in the strict sense, but it is a clear example of the state pursuing sovereignty through private-sector partnerships rather than purely internal open-source development.
---
Conclusion:
Like anything in capitalism: it's a constant fight, permanent struggle. The big private companies will try to massively impact political life.
So, there IS in France this 'feeling', this consciousness, throughout the political landscape (mostly on the left and also a little bit on the right) that we need to have some sovereignty over our data, services, software, etc.
Every once in a while, a right-side political figure, who are basically ruling since 2000, (except from 2012-2017 where France had a social-democratic government and president) has a sparkle of dignity, decency, logic, and honesty towards the best interests of the country and leans towards Free Software adoption. But...the lobbies are always there to rollback each decision, or part of each decision, and gradually gain back their influence.
This is not really true, since 2017 we have a centrist president. For the legal power, see https://en.wikipedia.org/wiki/National_Assembly_(France)#Fif....
Might not be 100% Europe-made from the get go, but good ideas and executions often start with small steps and iterate rather than having something groundbreaking out of the gate.
That said, I won't deny that Jolla is much more trustworthy than Google or Apple.
Someone correct me if I'm wrong, as I'm not super familiar with Jolla's/Sailfish's architecture, but isn't most of the OS actually FOSS, while there is a thin proprietary compatibility layer, and that's about it? Was some months ago I last read about it so could be misremembering, but seems like a good first step at the very least.
https://forum.sailfishos.org/t/sailfish-os-clarifying-claims...
https://forum.sailfishos.org/t/sailfish-os-clarifying-claims...
Consumer don't care if the OS is proprietary, as long as it works and there is a responsible party they can trust to serve them the offering.
See: https://postmarketos.org/
FWIW, it's not just the EU that needs this urgently: most of humanity sorely needs a trustworthy mobile OS that's not designed against their interests.
Manufacturers maintain long running forks of Android (often very old Linux kernels) with their drivers hidden in their fork's source.
I'm a firm believer in the right to repair software - and the fact that it's illegal to reverse engineer binary blob drivers (or proprietary software at all) is a shame (not that you could even untangle a driver from a binary blob of a Linux fork). I'd go as far as feeling strongly that drivers should be open source, and if they aren't, documentation sufficient for the community to write drivers should be made available by manufacturers.
Linux on M5? Should be easy
Linux on an X Elite Surface Book? Should be easy
Ubuntu Touch on my Pixel 9? Should be easy
Android TV on my TV? Should be easy
Proxmox on my 5g mobile router? Should be easy
No drivers / locked bootloaders = not possible
Where? I don't think it's illegal in the US at least. The only things I'm aware of that may have legal issues are related to radios, specifically modem/baseband stuff, and maybe WLAN cards.
It seems like a waste not to use an existing, well-developed, hardened, open source base, that at the same time provides great compatibility with most existing apps.
Since it is open source, it would always be possible to fork if AOSP goes off the rails.
I think the primary issue is that it is currently hard to get embargoed security patches, unless you have some partnership with an OEM.
Linux is good in that you can combine things that work, so it is more flexible than windows. But desktop wise I don't see it becoming really dominant; GTK is now a GNOMEy-only toolkit. Qt is too busy focusing on their own business model. Desktop Linux is not useless, but it is really just sub-par compared to Windows. I also use Win10 on a second computer; I don't like it but I use it for testing. Linux lacks decision-making power focus (and corporations such as IBM/Red Hat are selfish, so these will never reach any "breakthrough" like the infamous Desktop of the Year, which I heard will come next year together with GNU Hurd ... I think).
Each to their own. My experience is the opposite (I use KDE). I have to use Windows at work and it's always such a pain. At least Windows 10/11 finally has multiple workspaces natively and some keyboard shortcuts for managing windows (ironic), but I would have preferred to stay in Windows 10.
Now Windows doesn't even support proper suspend anymore and it won't stay in the "modern standby" either. Constantly waking up and doing god knows what with fans screaming. When I take a look what it's doing, task manager claims that nothing resource intensive is going on. I'm guessing it's hiding some internal processes. It calms down when I put it to sleep again. Sorry for the rant, I better stop before I start.
As a French citizen who own a business [1] that is in direct competition with this incentive from my very own government, I'm happy to disclose more than 50% of my customer base is already in America and France represent about 1%.
Above all, I'm also surprised on how those same organization are using Anthropic or OpenAI or other close source solutions for their agent harnesses instead of going for Open Source.
Malte just yesterday showed how powerful innovation with small teams can be achieved particularly in EU.
I hope they start looking for those alternatives too for their agentic systems, beyond using pi-mono.
That should be a good lesson in anthropology : the delta between knowing something and acting upon it tends to be immediate necessity. We're still an immature species as we haven't learned to be lazy at scale, that is putting the right amount of work early on to do the least overall. But I'm optimistic we'll get there.
I believe the largest Linux Desktop initiative in France is GendBuntu[1] for the National Gendarmerie
[1] - https://en.wikipedia.org/wiki/GendBuntu?useskin=vector
I hope our French friends can learn from this initiative during the adoption phase.
> Reiter denied that he had initiated the reversal in gratitude for Microsoft moving its German headquarters from Unterschleißheim back to Munich
Lots of companies have flip flopped based on this, and that's what happened in MS case.
Tbh not saying MS didn't play dirty in general, but not necessarily in this.
The apps are available now, so reasons to be optimistic.
When LiMux and similar efforts happened around 2004 most business applications were Windows only. Even the ones that purported to be web used windows only technology and required IE and Windows.
Now with years of business budget controlling types using their Macs and smart phones and wanting access to the their apps the majority - even MS's stuff - can be run well in a browser on almost any OS.
Apparently it was a decision by mayor Dieter Reiter after excessive lobbying by Microsoft. At roughly the same time, Microsoft moved their German headquarter back to Munich. What a coincidence...
People think company hardware is their personal hardware and they have preferences.
I had a company phone once (terrible experience) and I'd routinely get txts from random services and people outside our company thinking it was the previous owner. The last employee who had used it mixed company use and personal use.
Definitely the right call on Windows, though. Even my parents (in their mid-seventies) moved to Linux this year.
And Linux development and adoption helps everybody not just France. A win win.
It's a shame that we have no equivalent to Google or AWS in Europe and now that it seems LLMs might eat search, we don't have any of those either.
I think we've been far too complacent about the direction of travel across the Atlantic. Trump and his crew are the new normal, and the key players in Silicon Valley are on board.
Any European government not currently working towards independence from US tech is being almost criminally neglectful.
If you mean assembled then there are lots of very small European companies that make custom build PCs.
Economies of scale in the US, a single language, and cheap transport, mean that the US companies grow very big internally, very easily. And then go international without much effort. The same is not true in Europe, so there's not a huge Dell, HP, or IBM equivalent.
In 2026, the only country on the entire planet that can likely make their own computer with 100% their parts and labour, and is actively trying, is China.
In the 90s and up until the early 00s we used to have quite a few pretty serious contenders, but they are all dead now: ICL, Siemens-Nixdorf, Tulip, Bull, Olivetti, etc.
As a European dev, because I like RISC-V and because of the geopolitical situation I wouldn't bet on x86 in the long term.
Though at least the Chinese are predictable, unlike dealing with the USA.
Also, some partners are more reliable than others. If China becomes as volatile as the US, it would change the risk assessment and stimulate other parts of the industry.
This is a way way more concerning topic. The irony is that China might be the one fixing that dependency + bring prices down.
One bomb on the Netherlands and it is over for nearly all the worldwide supply-chain, 10 or 15 years of regression.
Even worse, they can remotely kill the machines for political reasons.
Of course the components are not European made. But Dell's components are not US made either.
I can also buy a Japanese or Korean (or Chinese) computer. There is no dependency on a single country.
Recently, not so many I suppose. But many of the earliest computers were European, so surely we could get there again at one point, hardly impossible.
Seemingly, the US might be able to design good computers, but it cannot make them themselves. This should make it easier for others to do the same, design the computer in country X but actually make it somewhere else, just like the US. Yet we're not seeing this at all.
I am perplexed by people who use condescending phrases like this. You think we track what you said before?
Americans for their part would probably be very happy to use made-in-Europe software on their computers whenever applicable.
Well, no one has mentioned computer hardware until you did.
Surely you understand how "all the motherboards are made in Taiwan" is less of an immediate risk to sovereignty than "all of our business and personal data is stored on American servers and subject to US law"
It would be nice if Europe could produce its own computers, but right now no one can except China, so what is your point? That limited sovereignty efforts undertaken in the realm of reality are futile and that enables you to get some cheap shots in for whatever reason?
Well, you can use the old hardware which you've already got if you get cut off from foreign suppliers. But the same is true for software. It's even more true for software.
If the French government and other Europeans were serious about reducing or eliminating dependency on American cloud services, they should switch to older versions of MS Office and MS Windows be done with it. No need to retrain your workers, and a realistic and speedy way to implement it.
That does not make any sense at all. These are full of known security vulnerabilities.
1. Graphic design software is subpar (expecially when compared to mac) and very often under supported. And GIMP has absolutely the worst UX of any program I've ever seen for such a widely recommended software. 2. Gamedev (i.e. Unity) is much less stable and annoying to work with (mac is much better but Windows still wins) 3. Older hardware support, most of the times you can use a super old software (say a printer) and it works. Linux much better than mac for this, from my experience 4. Lots of things on Win are plug and play, Linux is a pain of custom drivers from dead githubs. Mac slightly better or worse, it might either exist as a stupidly expensive application or have to jump hoops to get a driver in.
And I know people say "just use Wine" or "GIMP is actually great and free" but at the end of the day, I want my main driver to be stable and good to use. If anytime I save a project running via Wine has a non 0% chance of it crashing and bringing down my entire work, it's not going to happen.
I do use and recommend Linux quite extensively but that's why I always have 3 different systems at any given time:
1. Win: gamedev, hardware stuff or bigger games, some design, GPU heavy work. 2. Mac: design, light GPU work, browsing and portability (battery life and cooling is fantastic) 3. Linux: everything else
This hasn't changed in the past 10+ years, even though now I can see much more gaming happening on Linux, which is very nice.
For example locked communication devices are huge national security risk, so Apple will have their money frozen and given two options:
1) Open up iOS etc, bring all the servers to EU. Continue business as usual, EU financial institutions may choose to use Apple services as Apple pay but they may choose to bypass it. EU developers may choose to use Apple App Store services and pay the Apple's fees or they may choose to bypass it. Apple may chose to make Xcode a paid software, developers may choose not to purchase Xcode and use other non-Apple tools and pay nothing to Apple.
2) Use credit against the frozen money to refund your users if they bring their devices to you. All the Apple devices will be locked out from EU mobile providers(technically very easy for iPhone, simply by blocking devices with Apple IMEI on EU networks) and any remaining devices of the users will be refunded with the Apple's money. After some grace period, any money remaining in Apple's account will be transferred to Apple and if Apple wants to do business in EU again will have to do the option 1.
I'm bit on the doomer side of things, so I think that if Trump keeps his current course and power, at the end of the term American software industry will shrink by %90 as it will be expelled from most of the world and will be serving to 350M people instead of 8B people. Its amazing how US is screwing up its dominant position in this incredibly lucrative industry that lets them serve a market of 8B people and accumulate huge wealth in the process.
How is that going to work? Apple will still be under the CLOUD Act, so Europe would still be vulnerable. The only solution would be for Apple to fork into two completely separate companies, which is unlikely to happen.
Most likely there will initially just be a lot of chaos, because nobody is prepared for this scenario. There will be huge supply issues, COVID will look like nothing (both in terms of groceries, etc. and getting replacement hardware). Then Europe will on the short term rebase to Chinese/Korean/Taiwanese hardware, with probably an AOSP fork on the mobile side and Linux on the desktop/server side.
But it will be terribly messy. Nobody seems to prepare, because everyone thinks this scenario is unthinkable or they just don't want to put in the effort. Even all the people that I know that are talking about digital sovereignty are still using their iPhones, MacBooks, or GMS Android phones.
I am trying to tell tech people that the time to start switching is to alternatives is now, since tech people are usually early adopters and can help other people. But most switch from GMail to Proton Mail and proclaim victory. January 2026 (remember the good ol' days when the US wanted to take Greenland with force if necessary?) was already forgotten after 4 weeks or so.
Being messy isn't a worse outcome than US invasion. Europeans aren't rooting to live like Americans or go to wars for America and the tech thingy will be a nuisance at most.
How is that going to happen if the US attacked Europe?
The returned devices may be sold to 3rd party markets if Apple isn't cooperating.
Most value/assets are in the US, I don't see how Apple in the EU would have enough interesting assets to refund. If 30% of the 450M inhabitants in the EU have an iPhone and the purchase price was 1000 Euro on average, that would be 135B Euro. I would be surprised if they have a fraction of that in the EU as assets. The primary useful asset I could think of is if the iOS source code was also stored somewhere in the EU. I guess in war it would be fair game to fork it. Wouldn't help with the existing iPhones, since the EU doesn't have the signing keys, but you could bootstrap a new phone ecosystem (and even revert Liquid Glass :p).
If the money isn't enough for the refunds, a finance mechanism can be created that will be settle after the war.
There are huge assumptions in this, like the EU wins the war, the war doesn't end in a sort-of cold war, Apple cannot get away from liability because it was not their decision, etc.
The returned devices may be sold to 3rd party markets if Apple isn't cooperating.
Flooding a 3rd-party market with over 100M second hand iPhones would drive down the prices by an extreme amount.
You don’t go to war with the association of losing it, obviously the risk will ve priced and I don’t think that the risk will be that big considering that US hasn’t won any wars since WW2. Even if doesn’t cover all the costs, national security and independence doesn’t have to come for free.
You don't ask entire ministries and public operators to formulate a migration plan from Windows to Linux with a relatively short deadline just for negotiation purposes or just for the fun of it, you do that once you're committed to actually migrating.
This is not just a pilot project or some local administration doing an experiment, it's new country-wide policy enforced from the top, hardly a "negotiation strategy".
When doing this in a company, making technical people appreciate free software and making lasting changes is hard enough. When doing this with non-technical people, everything becomes exponentially harder.
USAians tend think everything is less popular in Europe simply because it is inferior and fails purely on its technical merits. I know nothing will ever change their minds, but at least non-European non-USAians might recognise the efforts a bit more.
We are also willing to accept 'good but not perfect' and understand tradeoffs.
The word you're looking for is Americans, despite whatever preconceived notion you think the word "Americans" actually should mean in English. I know nothing will ever change European minds, but at least understand what the correct form is.
>everything is less popular in Europe simply because it is inferior and fails purely on its technical merits
So everything is less popular in Europe because it fails on many other points? Big applause to you, I guess. Are you looking for a participation award?
English isn't controlled by a central authority. If a new word takes hold, it takes hold, that's it.
The way the USA thinks it has an absolute right to decimate central and South America disgusts me to the core and I'm tired of those poor people being lumped in with the term "Americans". It's offensive to them. The USA does not own the continent as much as the CIA tries.
Just as we received lectures on our declining power, it's time for the USA to suffer the same.
An Englishman? You mean Englandian. English is a language, you can't lump everyone who speaks it into one category.
>English isn't controlled by a central authority
Exactly. And the Englandian usage has no superiority over any other.
>The USA does not own the continent as much as the CIA tries.
Maybe not, but we do own the UK (:
My job is basically recreating a small part of the infrastructure that was designed for AWS, while patching some shortcomings of the OVH offerings which are not as featureful.
But well, I can always switch to FreeBSD I guess. And that's my plan B.
But seriously, how long before MS offers them a deal they would rather not refuse?
This should have happened already, is the general theme. I still have my Shrike CDs around and the modern-day Fedora (I think 44 is about to launch next week?) is more than sufficient for many, many use cases within the government, regardless of which distro they end up with.
My hope is that the backing of EU software development teams to open source will lift all boats and in addition to Linux, BSD may get some fruits of labor out of it.
9front as always is to be strictly forbidden without a security clearance.
I've been dual booting the first couple of years, then dumped Windows completely in 2016.
Since then I am on Linux only. Private and corporate.
Yes, sometimes I need to access a Windows machine or do work in one (I am my own boss), but then the client pays a "pain tax" as I call it.
There are some games I can't play I would've played in the past. Mostly competitive online games.
Technically that's annoying, but for me personally it's not a problem as I am not in my teens of twenties anymore and I have other hobbies and obligations.
With another 3 or so years with the Orange Dildo in charge, there's a decent chance the momentum will turn into something tangible.
I don't know why you believe Ubuntu stood still. Looking at the history that does not seem to be the case: https://en.wikipedia.org/wiki/Ubuntu_version_history
I'm still eagerly awaiting the day though, any day now surely.
It is moving? Red Hat has been investing in containised apps and image based distros for years, Valve single handedly made Linux gaming viable. HDR development is mostly driven by Valve and Red Hat customers.
And no Linux isn't good enough yet. UX is all over the place.
Of course you'd think the UX is messy if you only look at the kernel ;)
It's up to the distributions and desktop/window managers to handle the UX, and the experience varies as much as there are desktop/window managers. Some of them are fairly internally consistent, like KDE and Gnome, and at least they're currently more internally consistent than Windows and macOS. I use macOS, Windows and Gnome daily, and the only one that doesn't give me daily grief in some manner, is Gnome.
Sure, the UX for Linux desktop is all over the place, and a lot of software is messy and untidy. But Windows isn't any better in that sense. It doesn't have a clear, cohesive design style either. Its selling point used to be that users were familiar with the UI, but it seems to change so much that users can't really leverage that much either.
In many cases even if you do though, its possible to run it on WINE pretty well these days. It's insane how good it's become in the last few years (partly thanks to proton and Valves investment in it all really)
But if "pretty well" causes the random administrative person to have issues with doing their job or increases IT support costs, it will be off the menu pretty quickly. We'll see. A lot of things are different from the last round of we're going to Linux in Europe.
Let’s not leave out all the ones that don’t. Which is in fact, the majority of them. Strange how that’s always left out, we wouldn’t want to mislead people now would we?
https://www.tomshardware.com/software/linux/nearly-90-percen...
The 10% that has issues is normally down to kernel level anti-cheat and denuvo.
Go back 5 years and you'd be right. But it's a totally different situation now.
I certainly wouldn't come into this with knowledge on wine older than 2 years and make a snap decision though as its a totally different landscape - no weird quirkiness and tweaking needed for the vast majority of applications anymore.
Well, Ubuntu MATE perhaps :)
Windows LTSC I find comes pretty close to the less intrusive Windows I remember from the XP/7 era.
Over the years I've come to believe that there is only one thing important: What you are used to. The friction is in the change process. Not in the destination.
As an independent, I have several customers on MS365, you know what my super power is? FireFox cookie containers. One for each org, and I switch with 0 effort between the orgs. No need for Windows in that workflow at all. In fact, using Windows and the native apps would probably give me a lot more friction.
Yes, sometimes I have issues. I.e. yesterday Word kept deleting my last 1-2 sentences for some reason, even though hitting ctrl-s tells everytime: "I should not worry". but in general it's fine.
My business is on Proton, and I love that MS365 AND Google workspace calender invites go right into my agenda with no effort. There is nice stuff out there. Especially now we have Proton Meet, I can take some ownership over videocalls in Teams and Google Meet finally.
Absolutely. I've given using a tablet (with keyboard) as an alternative to a laptop when traveling and it sort of frustrates me for a lot of things. But talking to people I know who have largely switched over, my conclusion is that, in general, I probably mostly just haven't put the effort and commitment to make it worth it for me. And I'm not sure, not spending nearly as much time on planes as I used to, it's worth it relative to getting a laptop that is even lighter than the combination.
Edit: Have checked and found that two I thought were still maintained (16 and 19) were EOLd in October.
It's a strategic decision and of course it's not financially optimal.
And if in 20 years thered still a few windows computers around in their org that doesn't matter
A few years ago, IBM tried to move everyone to LibreOffice from M/S Office. It failed, the reason why was top level execs and some others were allowed to stay on M/S Office. As time went on, M/S Windows became a Status Symbol. So people went begging and as time went on exceptions were granted. A few even went so far as to buy their own copy, which was allowed.
After 8 months IBM gave up. If you want things like this to succeed, you must be 100% in.
But knowing France, what to really worry about is execution, in particular for administrations. Probably people working there who read the TFA already think "oh, big mess incoming" even though they don't know what this "Linux" thing is.
I think standard IT/sysadmin training focuses mainly on Windows server etc., Linux being a second class citizen (because that's what the vast majority of small/mid sized businesses use). So recruiting good Linux sysadmins could be an issue, especially since the wages in government agencies are not exactly attractive.
Basic users just want a web browser and need instructions for anything else anyway.
Hardcore geeks have tried everything going and have no problems with Cisco IOS.
It's the folk in the middle who struggle.
Just kidding about Cisco: it sucks.
Thing is, I really don't get this knee jerk "but what about INSERT_RARE_EDGECASE". It isn't helpful and argues something no one actually working on these projects ever proposed. Even if MSFT software remains in use, any gained alternative is a win, license costs and strategic autonomy both being valuable.
And yes, as you hinted, a large contingent of clerical work may already happen in a browser, with any found exceptions potentially addressable in the coming years, especially as older implementation may be updated anyways.
Let's be honest, we all underestimate how much we (can) do solely inside the browser anyways and even more so severely misgauge how few people are reliant on any native (none Electron) software at all outside gaming.
Power user is such a nebulous term anyway. To me, someone spending hours on end in Confluence can be a power user, having never left the browser. The same for a designer using Figma. Course, if one truly requires native only software, they may more likely fall under the umbrella power user, but again, few are seriously discussing just forcing those over since, reasonably, one must presume they have a reason for doing what they are doing.
That doesn't sound like a government worker... They rely on Microsoft Office, but the actual operating system could be anything. The only non-portable application is video games really. While LibreOffice may not have complete excel functionality, the vast majority of functionality can be replicated in web apps/libreoffice. And frankly most of this work can be migrated to AI.
You can even skin Linux to look exactly like Windows if you want, or use Mint or something. But really all people need is to be able to open up Chrome and Excel.
“No, it never does. I mean, these people somehow delude themselves into thinking it might, but……
…But it might work for us!”
