After 4 years of using Fedora KDE as my main OS with 0 issues or drawbacks, my workplace is now requiring all computers to be on Windows 11. Any suggestions to make the transition back more bearable?
My dissapointment is immeasurable, and my day is ruined :(
You must log in or # to comment.
At workplace, use whatever OS and tools allowed by company policy.
At home, use whatever OS and tools you like.
At least that is how I’m managing it.
Yeah exactly. Although it’s also totally understandable that OP is unhappy with their decision. At the end of the day any reasonably large workplace just wants all their IT to be as manageable as possible, which means as uniform as possible in hardware and OS. But using windows for many jobs just kinda sucks.
Start doing a job search?
Do not, under any circumstances, conduct any private business on it. What isn’t being logged by Microsoft and shared with your employer, advertisers, various governments will be screenshot’d every n seconds. Additionally, I highly suggest, if you haven’t already, to setup a separate VLAN for this device if you ever bring it home and connect it to your home network. Defender absolutely does passive sniffing and active network scanning now. It will also be collecting and logging visible SSIDs as well. Enjoy!
Do not, under any circumstances, conduct any private business on it.
This is true of any work device regardless of the OS
My wife has had her dog shit work PC on the network all this time without any of my forethought about this. She has problems everyday with that stupid OS. Fuck.
I’d like to add that you can setup Adguard or Pihole in your network to use microsoft telemetry blacklists to limit their sniffing. My work laptop constantly reminds me that I’m not connected to the internet although everything works fine, because it can’t reach the captive portal 😄
Do you have links to those blacklists
I’m at work right now, but here is one I think I remember adding: https://github.com/pschneider1968/pihole-bl-msft-telemetry-bsi
My company PC (Windows 11 ) is set on the guest wi-fi when I work from home, is that enough?
It should but you can test that assumption by trying to ping any other device on the non-guest wifi. (and try ping in the other direction)
One could hope for a hardware kill-switch on WiFi, but those are increasingly rare. I don’t necessarily trust toggling the WiFi slider off actually stops the scanning.
At home I have my PC behind a DMVPN router (being a former network engineer has its perks) and that DMVPN router’s “external” link is further segmented on my home network.
WSL is reasonable bearable, you can install Fedora instead of the default Ubuntu/Debian too. My work PC started out on 10 and is now on 11. I think I changed the terminal program, but the one I use may be the default in Win11. Honestly, I think the only programs I run outside WSL are a browser, DaVinci Resolve and Reaper (replaced Kdenlive and Ardour, both of which I prefer).
I am able to use the same neovim config on both my home (fedora) and work laptops, which is pretty handy.
At the end of the day it is their computer, not yours.
Doesn’t having WSL under the hood negate Linux’s inherent security?
I’d much rather have Windows shit containerized within Linux.
It is a VM so fully sandboxed. All the sharing is smoke and mirrors (often in pretty cool ways).
Truth is that security is not OP’s problem. Someone else (likely well above their pay grade) is shouldering that responsibility and they have decreed Windows for everyone.
It depends what you mean by ‘security’. Obviously, by introducing more layers, you have more places where exploits can life. However, the biggest threat by orders of magnitude is being tricked into giving stuff up, and that risk will remain constant.
Tell them you can’t switch due to some incompatibility and then just don’t do it.
Depending on your computers specs & if it’s allowed or not by your company… You could always continue to use Fedora & run win-11 inside a VM with pass through enabled…
This is what I did. They get to manage a Windows machine and I get to continue being more efficient at the job they hired me to do.
https://github.com/ChrisTitusTech/winutil has some nice and simple buttons for reducing the bullshit.
Thanks for the info guys, good stuff!
Those of you who are telling me to look for a new workplace over an OS change are a bit crazy though lol. It’s not quite that bad.
Clearly I was not the first with that call to action.
But seriously, Windows is awful. I’ve had to use it lately, and it’s comically bad. Like the OS shows me ads! Wtf!? In Fahrenheit 451, it describes the billboards as longer so you can read them while driving fast on the highway, and I feel like the ads Windows shows are basically a similar type of dystopian. And like, now you can disable more with menus, but then the disable option is like buried somewhere hard to find.
And as soon as you get an update all their shit is turned back on, and re-enabled, and edge (🤮) is back on the taskbar… I hate microsoft so, so much.
There are programs that control your internet access and if you use one of those programs to say, block almost every windows service, a lot of problems go away.
I didn’t do it because windows sucks but it is a nice benefit. Edge auto opens? Cool, it fails because it’s barred from internet access. Ads? But no internet so no ads.
Also deals with auto updates from companies that need to fuck off. I guess that’s still windows.
Think about it the other way around; you could use Linux on your work pc for the time being and your workplace was fine with that? that’s awesome. it’s a bummer things changed, but… that’s corporate life, bro.
Get a separate device for work. You shouldn’t be working on your personal computer anyway.
It is a work device. I was just allowed to use fedora until now.
I’m sorry to hear that. Our company recently got acquired, and every 4-6 months the new IT team tries to say, “but do you guys really need Linux? What for?”. We answer them, in depth, every time, but then it just comes back up a few months later.
I’m scared one of these days they’re just going to force the change on us, all productivity will grind to an absolute halt, deliverables will be missed, and eventually they’ll backtrack but only after it’s too late to recover the programs that got hosed in the process.
Just ask them why they want to waste the money on licensing. Money is the language managers understand
Although compliance is also a concern.
For us, on our Linux machines, they pay Canonical or RedHat for workstations 🤷♂️
Why is this a requirement? Commercial support?
Yes. But more importantly, an external company to point to in case something goes wrong.
I think mech@feddit.org is right, but one other piece I’ve heard is that “unmanaged” desktops make things like randsomware insurance harder
I sometimes forget that I’m not the only kind of user who may run a Linux box. I’m not immune to compromise, but I’m not an “average” user like say… Peggy from accounting.
Quit
I think the problem with Linux in the workplace is that it’s hard (read harder than Windows and MacOS) to setup to be managed devices. Especially if the company is a Microsoft shop to begin with. The IT security teams just don’t know how to enforce the company policies on Linux machines. Enforce password policy, network credentials and managed apps. It easy with Intune for Windows and Mac. Much harder on Linux.
That’s the reason I was given by my work place, when I was “forced” to switch from Linux to Windows.
Especially if the company is a Microsoft shop to begin with.
Nonsense, MS has an Intune client for Linux.
The IT security teams just don’t know how to enforce the company policies on Linux machines
Too bad. Skill issue. They need to learn how to manage Linux just like any other new tech.
Not only a skill issue, but also a time issue. Our security team is plenty of skill and COULD learn how to manage Linux, but they do not have the time to do so. Everything has to be prioritised and they choose to support Win and Mac and move on to something else.
Nonsense, MS has an Intune client for Linux.
I know, I have used it. But it does not enforce any policies. Just tells you if you are compliant or not.
Too bad. Skill issue. They need to learn how to manage Linux just like any other new tech.
And that’s my point. They could do it. Some do. But most companies, in my country at least, pick the easy solution, which is to not support Linux.
I’m hearing similar complaints from our IT leadership as well regarding Linux PCs. However, Linux is accepted in R&D labs and the cloud because those are network-segmented spaces with additional perimeter controls.
If true zero-trust ever comes to my company, perhaps they’ll be a bit more receptive.
Pressing F to pay my respects.
Sorry to hear that OP.
When old employer was bought out they tried to move us on to windows. It was shit. After non stop issues they gave in and let us keep linux.
Switch workplace.
There are countless ways to bypass that (e.g. https://docs.linuxserver.io/images/docker-webtop/ running on a server) but honestly if a workplace does not value your expertise to hone your own tools, they don’t really value you as an employee.
How big is said workplace? Can you respectfully ask for an exemption? Don’t say Windows will make you miserable (it makes everyone miserable, apart from a few Microsoft bootlickers), talk about loss of productivity, reduced security and increased risk, and – if you can – challenge the grounds on which the change is being made.
Often, they are incapable of providing proper justification for the change. May not help, but you’ll have the minor satisfaction of knowing it is bullshit.
