Microsoft wants to move Windows fully to the cloud

submitted by [deleted] from (theverge.com)

sorted by:
top
newinsightfulfun
you are viewing a single comment's thread.

view the rest of the comments →

[–]BobOki 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (19 children)

I can give you a TON of reasons that people would want to use windows in a company and enterprise environment, many of which linux has not and likely will never have equivalent functionality. Additionally, on the security concern, I can say without reservation that our govt has backdoors into the hardware of all systems in use, so your operating systems matters little to not at all.

All that said, an online only Windows could be really useful in niche situations, especially for those wanting to save tons of $$ running mini-pcs (intel nuc) or stuff like Wyze terminals, but that is niche use cases. For the average normal user, this is a HARD nope.

[–]chadwickofwv 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 1 fun -  (12 children)

I can give you a TON of reasons...

Proceeds to not give any reasons. I know why too. It's because those reasons are all bullshit.

[–]BobOki 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (11 children)

I still can, it was not asked of me. Here is a few: Enterprise architecture, AD, Azure integration, HCI Stack, Integrated Exchange, Intune, Terminal Server/RDS, SCCM to name a few. None of that is even including SSO integration or o365 integration, so plenty of reasons. We won't even get into specialty apps only for winderz.

So let me know which of those linux has again?

[–]binaryblob 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (9 children)

When you specify a capability in terms of a product name, you seem to communicate that you are too stupid to answer a question.

For example, SSO integration might be a valid argument, except Linux already has those.

[–]BobOki 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (8 children)

Let me clarify on SSO then, Windows has SSO with azure baked in to it and can be used by the OS at any time for any app, 3rd party or not. Further it can even modify fields in AD when you use it, which is not just standard SAML.

Linux has none of the others I stated, though MS is working on more Azure integration with linux, including patching, which is cool. I like to tell anyone so close minded as to think a single OS is superior. Use the right tool for the right job. There are plenty of things Windows does better, and plenty that Linux does better, full stop, bar none, not debatable. So only a FOOL would limit themselves to NOT having an option, and a far inferior product just because they have fooled themselves into a us vs them mentality. I am not going to host my website using IIS, I will use apache, but I am also not going to think Debian is going to be a robust AD infra.

[–]binaryblob 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (7 children)

I don't see any features that other authentication providers do not offer.

The reason Linux is superior is because I can support Linux without having to call anyone, without having to pay for a "support contract". That's a feature Windows will never be able to offer, because it doesn't ship with source code or relevant tooling.

[–]BobOki 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (6 children)

Linux does not have OS level SSO with AD integration, and just having LDAP requires 3rd party tools. As for support, any Enterprise linux has paid for support, just like Windows. Just like windows, you can google your issues and even post community. In this respect they are completely the same, with the exception that most linux options are open source and you can fix issues in the code yourself, which for 99.99999% of home users will be mute, and probably 95% of businesses.

There is no SUPERIOR OS, there is just ones that are better at some things and worse at others. Pick the right OS for the right job.

[–]binaryblob 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (5 children)

I think OS level SSO doesn't really mean anything or you really bad at explaining it.

some_information_from_account = <something here>;print(some_information_from_account)

is a valid Python program in C:\foo.py

Now, let's say the same program also exists on Linux in /usr/bin/foo.py.

How do you imagine <something here> would look like on Windows vs e.g. using Okta on Linux? Ultimately, they will have a similar flow and the application regardless of platform needs to be designed to work with SSO standards, which almost no open-source programs are.

[–]BobOki 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (4 children)

I think you are missing the 3rd party portion I said. You are, of course, correct that SSO exists for Linux, but it is hardly at a OS level and available to inject auth to anything that allows passthrough without SAML. Yes, that gap is shortening, but I am sorry Linux just is NOT an enterprise application yet for daily usage. It is a superior server in many ways, but it's desktop environment from both usage and remote/automated management is just years behind. And don't fool yourself, it is enough behind that anyone wanting to use linux apps use MacOS instead and sideload those apps there. And don't forget, Apple gave up trying to make their OS enterprise too when they killed their server.

[–]binaryblob 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (3 children)

Automated management on Linux is about 20 years ahead of Windows, which is why the heart of every tech company is Linux. Perhaps the HR-droids use Windows or Mac, but anyone doing anything important runs Linux.

I still have no idea what you mean by "at a OS level".

[–]binaryblob 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (5 children)

Great, tell me those tons of reasons. I can imagine the surveillance tech is somewhat better developed, but I can't think of any feature that one wouldn't be able to implement on Linux and even then end point security is not really the way security is going anyway.

If those hardware backdoors exist, then why does the NSA need to intercept routers in the mail to modify them? If you say it's just in the CPU, then why not just run an FPGA with a softcore? If you are saying the government has super technology capable of recognizing a custom instruction set on such an FPGA, then you don't understand the fundamental limitations of technology.

Even ignoring all that, one could certainly build a router that terminates when a single packet is received that is unexpected.

Now, I do think that access to some random Windows system is probably quite easy, but getting access remotely just doesn't seem to be possible (hardware vendors such as Intel also claim there are no designed backdoors, btw, which means that they could be sued if it turned out to be otherwise). (Having said that, the design of any high performance chip is insecure since SPECTRE). Take the attack on Iran, which required a USB-key to get access to some maintenance laptop, not Internet.

All the old chips that have been reverse-engineered do not contain a government backdoor.

Imaging technologies are so good these days that it should be possible to X-ray every transistor, especially on larger nodes and produce a secure device. I'd expect that Intel, AMD, Apple devices are all compromised in some way, but I just don't see some mass produced microcontroller to have such backdoors, similarly for risc-v devices produced in e.g. China.

[–]BobOki 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (4 children)

I gave reasons already in this thread, just from a different reply. No, you are wrong about how FBI/NSA works. That's all I can say.

[–]binaryblob 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (3 children)

So, you are saying that the FBI/NSA simply tells a chip company that if they want to continue to produce chips they need to add a backdoor or otherwise they don't get to do business/receive a missile on their heads?

You didn't account for companies outside of the US, but perhaps you are claiming that the supply chain then will be cut. I am pretty sure that China can produce simple chips without Western technology, so how does that work?

[–]BobOki 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (2 children)

Again, I am not allowed to say shit on it, so stop asking, but I will say you are wrong, and I promise you they can get into any device we have in the states, and that includes your home routers and IoT.

[–]binaryblob 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (1 child)

So, are you saying the hardware is compromised or is it just using physics to get in (I'd imagine that to be the case, because it's a method which doesn't require cooperation from a vendor)? I think it would theoretically be possible to read the RAM from any device from space, although a shielded device would make it require technology like antennas in space costing trillions of dollars. I would expect that such large devices or swarms (like StarLink) would have been picked up by others by now. StarLink would be an ideal place to hide such antennas in plain sight.

[–]BobOki 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Let's say a little of both.