This is pretty sweet. I feel like the only thing is that Windows Hello, and other fingerprint/face scanning tech is pretty slow compared to typing in a password, so doubt i'll be using it anytime soon. This is still very interesting from a technical pov.
I know nothing of PAM, but could it be used with something like LDAP? or ActiveDirectory?
MrMorden 1141 days ago [-]
Both face and fingerprint authenticate in under a second on all the machines I use.
If the machine is joined to a domain you'd need to use Hello for Business. It's more involved to set up, but if you've got enough Windows computers to have an AD domain you should definitely do it.
I used Windows Hello for about a year with a Razer Stargazer (IR Camera) and was always impressed with how quickly it was able to auth me, no matter if I was wearing glasses or not. Less than a second for me too, and that camera does not have the fastest start time, from camera init to capturing from both RGB and IR cameras.
At first I was skeptical about the usefulness of such a feature given my password doesn't take long to type, but it turned it to be a feature I really enjoyed.
trissylegs 1141 days ago [-]
I have a IR camera built into my Dell Latitude. It's suprising at how quick it is.
The only catch is that I'm usually loocking at my monitor and have to turn to the laptop for it to pick up.
MetricMike 1141 days ago [-]
yep! PAM is "Pluggable Authentication Module" which sits between applications and the auth method, so you can put anything there. LDAP and ActiveDirectory are fairly common ones
bsenftner 1141 days ago [-]
Is there any library like PAM in the Windows ecosystem?
Not exactly. You can create custom authentication methods and prompts, but it's architected differently. (I think Local Security Authority (LSA) and Credential Providers are the keywords to search for details)
> This is pretty sweet. I feel like the only thing is that Windows Hello, and other fingerprint/face scanning tech is pretty slow compared to typing in a password
My Dell Vostro has pretty instantaneous fingerprint recognition, much faster than a password (my previous Acer has a less convenient location for the sensor, and was much slower, and was much less reliable.)
1141 days ago [-]
The_rationalist 1141 days ago [-]
On my gygabyte aero, the fingerprint is almost instantaneous
alexdumitru 1141 days ago [-]
This looks great. I hate Linux desktop and Windows server, so WSL has been a blessing for me.
kbumsik 1141 days ago [-]
Glad to see I am not the only one. Windows desktop also has a big plus: native RDP is unparalleled compared to VNC or any other Linux remote desktop.
e12e 1140 days ago [-]
Native rdp (server and client) has gotten pretty good in Linux of late, too.
And now windows comes with openssh server too, which is a little more sane than opening up access to network managing windows machines directly via WMI...
franga2000 1141 days ago [-]
It's true that VNC is a disaster, but RDP still feels miles behind thrid-party tech like TeamViewer. And doesn't MSFT stil cripple RDP on Home editions?
tester34 1141 days ago [-]
Is it actually miles behind?
I've used RDP to work remotely and also to play some games inside Hyper-V VM and I didn't felt big difference between native
franga2000 1140 days ago [-]
I haven't used it much lately, but a few years back I was working on a Windows Server system (whichever was the version that was basically Windows 8) and remember it being really janky (latency spikes, image artifacts, etc.) over my pathetic DSL Internet connection. Then I noticed some other admin installed TeamViewer on it so I gave it a try and it was way faster and smoother so I switched to it permanently, despite the constant annoyances because we were too cheap to pay for a license.
Admittedly, it's been almost a decade since Windows 8 (!?!), so this is a very dated experience.
Isthatablackgsd 1141 days ago [-]
Technically MSFT disabled the RDP server feature in Home edition, meaning you can't use Windows Home as RDP host (I am not sure the proper terminology for this). The software still in there, you only can use RDP client in Win Home, not the server aspect. It is just disabled without official way of enabling it (w/o upgrading to Pro). However there is way to get it enabled in Windows Home, it need rdpwrap by stascrop. Just download the file and run it. It will get the server aspect running.
Obviously it has far more restrictions than enabling RDP on Pro systems, but that's because it's clearly designed with Home users (average consumers) in mind.
lambda_dn 1141 days ago [-]
I would be on KDE if I didn't have to use Visual Studio for my day job (project is still not fully .NET core). But WSL is a good compromise I use it as my shell for all git, dotnet related stuff.
29athrowaway 1141 days ago [-]
I hate the Windows desktop (and server). Right now I am using XFCE. Much faster than Windows, lower memory footprint and I got it to look similar to macOS to some extent.
Using Windows compared to using XFCE is like pulling a stubborn donkey. No, I don't want to update, I don't want a voice assistant, I don't want absurd UIs, I don't want telemetry, I just want a goddamn menu and desktop icons.
oblio 1141 days ago [-]
Well, what can I say, good for you :-)
>No, I don't want to update
Why don't you want to update? You really should.
> I don't want a voice assistant
It takes less than 5 minutes to disable and hide it.
> I don't want absurd UIs
How do you define absurd UIs? Do you think 1 billion people using Windows are all absurd? If so, that's highly arrogant of you.
> I don't want telemetry
It's a bit annoying and philosophically not a great thing, but you can disable 99% of their telemetry in about 15 minutes.
> I just want a goddamn menu and desktop icons
Windows offers this and more.
I've used Xfce for a long time, it's nice. But the whole "it's faster and lower memory footprint" doesn't matter much these days, especially since Windows is really well optimized now. How many people are using Xfce on systems with 1GB of RAM anymore? Plus Windows obviously offers much more than just Xfce and Xfce is also under-resourced, developer-wise, and on the brink of becoming abandonware. Linux desktops really are not in a good place today.
franga2000 1141 days ago [-]
> Why don't you want to update? You really should.
Yes, tomorrow evening when I have time, not literally right now in the middle of a 2-day 3D render that my computer has been running for a 24 hours now.
> It takes less than 5 minutes to disable and hide it.
Until an update re-enables it or pops an un-hidable fullscreen popup with misleading questions that tricks you into enabling it again.
> [absurd UIs]
You can't possibly be defending the shitshow that is the Win10 setting menu! Everyone hates it, from techies, developers, gamers, grandmas... I could probably write an essay just about the actual bugs and missing features, not even counting stupid design.
> [telemetry]
See the Cortana reply above
> [resources]
Few people are running <1GB of RAM, true, but very many are still running 4GB. That means you can basically open a Word document and two Chrome tabs before your system becomes unusable. This isn't an exaggeration - if the two tabs are heavy (like FB and Gmail, for example), the system will aready start swapping.
For another datapoint, I can no longer play certain games (heavily modded) on Win, because they actually need at least 6GB or RAM and that's enough to crash my 8GB system. On Linux, I can run the game, Spotify and like 3 Firefox tabs on the same machine, and I'm using a DE that notorious for high RAM usage (KDE Plasma).
wongarsu 1141 days ago [-]
Windows Update is quite accommodating if you configure it a bit in the Pro version. The Home version of Windows is a pain all around, the upgrade to Pro is definitely worth it (especially if you are actually doing serious work)
oblio 1141 days ago [-]
> You can't possibly be defending the shitshow that is the Win10 setting menu!
It's a humongous engineering project and I can see what they're doing. It's a super painful and long transition, but where they've finished the transition, I like it. Very nicely organized, searchable, it makes a lot of sense, it's consistent. It's a great UI, we're just in the middle of the construction site.
franga2000 1141 days ago [-]
Yes, I completely agree. But you wouldn't kick a bunch of people out of their apartments and force them to live in the construction site for 3 years because "once it's done, it'll be way nicer than where they were living".
oblio 1141 days ago [-]
I don't know what their thought process was when they decided it, but they for sure knew it was going to be painful for users.
I imagine they didn't have any other way to do it.
If they don't do it, everyone complains that the Control Panel is getting antiquated, if they do it, people complain why they're changing it like this.
We have to be realistic here.
franga2000 1141 days ago [-]
It's definitely a tough situation, but they did in the the dumbest way possible. By intentionally hiding old menus before the new ones are fixed, they have effectively broken the OS itself for the vast majority of users.
My favorite example of this is the sound output setting. Windows has two output "streams" - communication and media. The old menu used to have a "set default" button that set a device to default for both, but you could also set each default manually. The new menu doesn't make that distinction at all, but the new default device switcher only switches the playback default. This results in things like Skype, Zoom, Discord... seemingly not respecting the output device setting. The only way to fix this is through the old menu, but they have removed every trace of it, so you have to trick Windows by searching for "sounds" to get to the place where you change things like the error message sound, which pops up a window where you can then switch the tab to the old sound control panel.
I don't think there's been a single month since this change was pushed out where I didn't have to help someone with this. It's clearly broken, clearly
neogodless 1141 days ago [-]
I'm on the latest release version (20H2). If you go to Settings > Sound, there's a Related Settings heading, under which you'll find Sound Control Panel. There's the list of output devices where you can Set Default, and there's a tab for Communications, though there's not a lot in there. Is that what you're talking about?
franga2000 1140 days ago [-]
Yes, that's the one. I've have that menu as well, but it's not always there. I think there were a couple of versions without it, but they probably realised this exact problem and put it back. Still not a very discoverable thing for someone who doesn't know exactly what they're looking for though.
29athrowaway 1140 days ago [-]
Pretty much everything you describe are poorly cherrypicked non issues that affect fictional people. Like the tormented fictional people from informercials.
Just use pavucontrol (Pulseaudio volume control) which comes included with most distros.
franga2000 1140 days ago [-]
Windows 10...pavucontrol... I have a feeling you really didn't read the thread leading up to this
oblio 1141 days ago [-]
Which version is this in? I'm on 1909 and there is still a link to the Sound Control Panel in the top right menu of the Sound Settings page.
franga2000 1140 days ago [-]
Yeah, it's usually there, but I've also seen it not be. I never bothered to figure out why, it was probably just a short-lived update and I guess many people got stuck on it for a bit. It's still definitely the kind of thing even a more capable user probably wouldn't think to even look for if they didn't know about the whole media vs comms stream thing and that exact menu.
pmontra 1141 days ago [-]
Those tiny non resizable windows and dialogs coming straight from Windows 95. Are they really getting rid of them?
oblio 1141 days ago [-]
Yup. I think they're binning everything and replacing it with the new UI. It's just literally taking a decade.
The new UI seems to be very forward facing, I suspect that they're targeting everything with it: desktop, mobile, even AR/VR.
csande17 1141 days ago [-]
> How do you define absurd UIs? Do you think 1 billion people using Windows are all absurd? If so, that's highly arrogant of you.
Most of those 1 billion people didn't choose Windows 10 because they looked at it and thought, "yeah, this user interface is so much better than Windows 7". Most of those people didn't look at the latest update to Windows 10 and think, "yeah, these changes to the UI are major improvements, my life will be so much easier than on the previous version of Windows 10".
For most of the non-programmers I know, it's more of a boiling-frog situation. Microsoft blackmails them into "upgrading" using security patches, and every "upgrade" makes the UI less intuitive, slower to use, or worse in some other way.
Just last month, for example, I got a call from my parents because the Photos app was no longer allowing them to save an edited copy of a photo to a different folder. Turns out, yeah, you just couldn't do that anymore. It's absurd, but my parents certainly aren't the absurd ones.
Hammershaft 1141 days ago [-]
> How do you define absurd UIs? Do you think 1 billion people using Windows are all absurd? If so, that's highly arrogant of you.
I think Windows is a probably the least worst desktop (not laptop!) OS right now but I would defend the parent commenter here. Windows has had the slowest and most painful UI transition I've seen in an OS, and it definitely hinders usability. Try to change certain innocuous settings in windows and you will unknowingly embark on a journey through time as you discover layers of settings still preserved in older and older UI frameworks still tucked away in deep corners of the OS.
1234throwaway 1141 days ago [-]
>Why don't you want to update? You really should.
sorry guys i cant export that report for this mornings meeting for another 45 minutes as the copy of that proprietary software we're required to use by regulations in this country is... on the windows computer that has decided to update
>How do you define absurd UIs?
have you ever tried using windows 10 control panel?
>It's a bit annoying and philosophically not a great thing, but you can disable 99% of their telemetry in about 15 minutes.
I grew up on windows and dont know how to program, and even I am dumping windows for ubuntu or osx (+ windows running in a vm for legacy software). windows is just trash. its pure trash. it has the worst user interface, the worst controls, lags, power issues, etc.
I would rather run a windows AWS instance accessed via a 4g ipad pro than continue using my pc workstation. its not good when people that dropped out of business degrees and cant program say that!
oblio 1141 days ago [-]
Well, is your PC workstation from your company? For various (many of them obsolete) reasons, companies load a ton of management crap on Windows systems. That software is not as available on MacOS, let alone Linux desktop, so they don't because they can't.
29athrowaway 1140 days ago [-]
The billion people you mentioned use Windows because it was preinstalled on their computer. They also have not, in their majority, heard of Linux. There is almost no company doing marketing for Linux desktops.
Many people use computers for entertainment and Windows has more compatibility with games because game developers target Windows. Even though many of the game engines they use support Linux.
With Wine, Proton, Dxvk, etc... the game compatibility gap is closing rapidly, though.
Now, many occupations require software that won't run on Linux (software from Autodesk, Adobe, etc), but the use case for the vast majority of people is well covered.
If they were given the chance to acquire their computer for cheaper without an OS they would have done so.
zeusk 1141 days ago [-]
What do you mean I have to use iwconfig to fix my network? No, I just want to connect to a network. I don't want to write scripts for every device to suspend and resume.
kiwijamo 1141 days ago [-]
It's been years since that was necessary. All major distros do this sort of thing automatically now with GUI configuration tools as a first class option. Even on bare bones distros like Debian.
petepete 1141 days ago [-]
Setting up my laptop with Fedora is a more straightforward job than doing the same task with Windows 10. Everything worked, including the fingerprint reader - no manual install of anything required.
1141 days ago [-]
franga2000 1141 days ago [-]
I've only had to touch iwconfig once (on a desktop OS) and it was when my network card wasn't even supported on Windows, so it was still a win for Linux. But yes, if something breaks, no shit you have to pull out the command line - it's the same on Windows, only a lot of the time, you can't actually fix it because they don't give you the necessary tools.
As for suspend/resume scripts, I've never had to do that and I use Arch (yes, hahah, but you know what I mean).
zeusk 1141 days ago [-]
funny you say that, because Arch is what had me learn about those monstrosities (suspend/resume scripts). Granted, it was back around 2011 though so I'm sure things have changed quite a bit since.
Windows has a certification process for most hardware and drivers, things still break but any major or wide breaks are caught quite early. I just have less time to tinker with stuff when random flakiness pops up which happened a lot when I used Arch and Ubuntu.
29athrowaway 1141 days ago [-]
You don't need iwconfig to fix your network. You can just use the network settings UI. Next.
rhplus 1141 days ago [-]
What kind of prompt is this? It looks like Windows Terminal running Bash, but are the icons PNGs (windows + home), or a specific type-face rendering emoji?
To me developing with WSL2 is now even better than on native Linux - works exceptionally well. I use it with VS Code + WSL plugin and Docker for Windows.
anhner 1141 days ago [-]
How do you deal with performance issues with files not on the linux machine?
arcatek 1141 days ago [-]
I had this problem at first (I kept my source codes in a separate drive to be able to edit them from my Windows IDE), but nowadays I just keep all my code files in WSL and I don't notice the problem at all anymore. VSCode makes interacting with the box completely transparent.
neogodless 1141 days ago [-]
For me, this hasn't been an issue. I think number one is just that I don't have to do this often. Perhaps sometimes I download a file with my Windows browser and save it locally, and then want to get to it in WSL2. Maybe I'll copy it somewhere locally, or since it's just a one-off, grab it. And performance doesn't seem like a problem. All drives are NVMe SSD. Perhaps if you have use cases where you're managing/editing a lot of files between file systems, it could add up to some frustration.
jjjeii3 1141 days ago [-]
There is no performance issues with WSL2. It was only the case with the first version of WSL.
quietbritishjim 1141 days ago [-]
WSL2 has better performance for accessing files in the WSL filesystem than WSL1 does (partly because the WSL files are stored differently).
But it has worse performance for accessing native Windows files than WSL1 does.
In any case I think an assertion that WSL2 has no performance issues needs a serious citation (as opposed to no citation which you gave) - you're making a claim about all possible situations. As always, a statement that "no x exists" requires seriously more proof than "at least one x does exist".
timvrakas 1141 days ago [-]
That's not the full story. WSL2 has serious regressions in cross-OS performance, and many users have switched back to WSL1, which supposedly isn't going away any time soon.
kungito 1141 days ago [-]
I prefer remoting through vscode into a remote dev machine so that I can work on my laptop from wherever with amazing build times
> The biometric data used to support Windows Hello is stored on the local device only. It doesn't roam and is never sent to external devices or servers. This separation helps to stop potential attackers by providing no single collection point that an attacker could potentially compromise to steal biometric data.
Windows Hello is opt-in and also has many other providers other than facial recognition
perryizgr8 1141 days ago [-]
This looks easier to setup and use than using fingerprint for sudo on native Macos.
1141 days ago [-]
throwaway8581 1141 days ago [-]
I’m going to repost this from the Mac thread:
What exactly is the point of sudo/UAC these days of single-user machines? I think https://xkcd.com/1200 put it well. Anything running as an unelevated user account can access my browser sessions where it can steal my passwords, emails, other other private info. It can turn on my microphone and camera. It can read all of my documents. Those are the things I care about protecting, not whatever special things root can do like install drivers and create virtual network interfaces.
The best configuration for WSL sudo is probably to just allow all commands without any authentication.
kiwijamo 1141 days ago [-]
Have you forgotten what life was like before windows got UAC? Just because a machine is single user doesn't mean it's a good idea for all processes to run as root/Admin.
fock 1141 days ago [-]
back then I remember that people generally had a single computer, used by the whole family! It's definitely not good for kids to trivially install a banking trojan when downloading stuff. Nowadays: all my data belongs to a single user, I am the only user on 5 machines. The only thing for which root is good, is to secure fw updating and deleting ZFS/BTRFS-snapshots. Unfortunately there's still setuid-binaried weakening this security model.
jeroenhd 1141 days ago [-]
On Windows, it's a malware thing. Windows XP applications were designed with horrible security issues disguised as features because of it, partially causing the massive pain everybody felt when migrating to Windows Vista. Your favourite text editor could be the reason your graphics card would randomly make the screen go green, or that your flash drive didn't work, or that your system bluescreened and you'd have no idea of knowing because *anything* could be causing those problems.
Modern Windows has permission levels and capabilities that segregate background processes and system services. If your browser, running in low integrity mode, gets exploited, there's a whole layer of security that needs to be bypassed to read the keys you type or to install tasks at startup.
On Linux, I think it's mostly an anti-fuckup-thing. You can't accidentally delete system files if you're not root, you can't accidentally restart the wrong service, you can't accidentally edit the system config when you want to edit the user config. Badly-written tools can't mutate something when I ask them to just read. It also works for the same reasons as UAC does for Windows, though the Linux permission model is much simpler than the Windows one for most use cases.
If you run everything as root, the first compromise rootkits your computer. If you use proper user segregation additional steps need to be executed in order to trick you into getting the malware hooked deep into your system.
For WSL, the problem is similar to Linux, because WSL is just a well-integrated Linux VM. Dev tools such as npm download and execute random code from the internet, which can be infected somewhere six levels down the dependency chain. If you run those as root, you're giving that malware full access to your system whereas your local user account can only modify some of the files outside of WSL.
It doesn't protect you from theft of your unlocked laptop. It does protect you from bad software, at least partially.
throwaway8581 1141 days ago [-]
It’s true that the pre-UAC situation in Windows was bad, but the function of UAC was to encourage app developers to do the right thing. Raymond Chen agrees:
On a single user machine, it does nothing for user security, because all of the things worth protecting, like your data, don’t require elevation anyway.
As for preventing fuckups, it prevents the wrong fuckups. Deleting my user files is a bad fuckup. A program trashing my files and emptying my bank account is a bad fuckup. Trashing my OS install, the only thing root can do that my user account can’t, is an inconvenience.
kyriakos 1141 days ago [-]
Even a single user machine is really not single user because your applications are also users on your machine and being Internet connected/updated you better have control over what they can do.
eneville 1141 days ago [-]
Hello, author of please (https://gitlab.com/edneville/please) here, where I've taken a different approach to make permitting grnular things simple.
Permiting everything is no different really to browsing the web as root.
Permitting granular things in sudo and doas isn't easy.
For what it is worth, many of the systems I work on on have many more than just one user and I am sure that other people work on bigger environments too. When you have multiple users, you run the risk of delegating more access than you should and thus compromise content, hence why I think access should simple!
e12e 1140 days ago [-]
Clearly the better use case is with sshd, rather than sudo. Accept logins via ssh only when you are in front of the computer! ;)
throwoutttt 1141 days ago [-]
Wish I had this much time to waste
Orochikaku 1141 days ago [-]
It’s really discouraging to see such a negative sentiment to the the namesake of this website here.
Hacking around at systems you’re interested in is hardly a waste of time, it’s through projects driven by self interest that we learn the most imo.
jvilalta 1141 days ago [-]
Have to agree with you. Guess the original meaning of the hacker term has been forgotten/hijacked.
cglong 1141 days ago [-]
Agreed, I learned a lot about sudo just from this README :)
swiley 1141 days ago [-]
EDIT: oops, this wasn't from MS.
setr 1141 days ago [-]
AFAICT this isn’t by Microsoft, and anyways by this definition it would mean that Microsoft cannot do anything without being declared EEE revival except strictly implementing the baseline standard.
Extending standards is normal and expected. It’s the extinguishing part that we get in trouble, but a natural risk of any large player “contributing” to OS (their weight is what opens the possibility; but their weight is also what you want to enable larger/comprehensive OS codebases).
That is, you want Microsoft contributing to Linux. The thing to avoid is only Microsoft contributing to Linux.
powersnail 1141 days ago [-]
That's grossly unfair to the author of this project. This is not from Microsoft, but an individual developer.
slondr 1141 days ago [-]
The "individual developer" you're talking about is a former Microsoft employee
JoBrad 1141 days ago [-]
So Microsoft’s plan to extend Linux includes getting former employees to do it?
eneville 1141 days ago [-]
Wouldn't anyone with a pension or shares in a company want it to succeed?
zeusk 1141 days ago [-]
but that's the employees sole intent, and not the "firm".
People really get riled up with some brands, but I think brands are really just people who operate the brand collectively, often with an emphasis on the leadership that gets to guide the sail. Gates and Ballmer are past.
eneville 1137 days ago [-]
How is Gates past? Doesn't he still own the majority share but just someone else is the face of the company? I would assume, as a majority share holder, your interests and ethics would remain the same.
Rendered at 05:54:03 GMT+0000 (Coordinated Universal Time) with Vercel.
I know nothing of PAM, but could it be used with something like LDAP? or ActiveDirectory?
If the machine is joined to a domain you'd need to use Hello for Business. It's more involved to set up, but if you've got enough Windows computers to have an AD domain you should definitely do it.
https://docs.microsoft.com/en-us/windows/security/identity-p...
At first I was skeptical about the usefulness of such a feature given my password doesn't take long to type, but it turned it to be a feature I really enjoyed.
My Dell Vostro has pretty instantaneous fingerprint recognition, much faster than a password (my previous Acer has a less convenient location for the sensor, and was much slower, and was much less reliable.)
And now windows comes with openssh server too, which is a little more sane than opening up access to network managing windows machines directly via WMI...
I've used RDP to work remotely and also to play some games inside Hyper-V VM and I didn't felt big difference between native
Admittedly, it's been almost a decade since Windows 8 (!?!), so this is a very dated experience.
Rdpwrap by stascrop (GitHub) https://github.com/stascorp/rdpwrap/releases
Obviously it has far more restrictions than enabling RDP on Pro systems, but that's because it's clearly designed with Home users (average consumers) in mind.
Using Windows compared to using XFCE is like pulling a stubborn donkey. No, I don't want to update, I don't want a voice assistant, I don't want absurd UIs, I don't want telemetry, I just want a goddamn menu and desktop icons.
>No, I don't want to update
Why don't you want to update? You really should.
> I don't want a voice assistant
It takes less than 5 minutes to disable and hide it.
> I don't want absurd UIs
How do you define absurd UIs? Do you think 1 billion people using Windows are all absurd? If so, that's highly arrogant of you.
> I don't want telemetry
It's a bit annoying and philosophically not a great thing, but you can disable 99% of their telemetry in about 15 minutes.
> I just want a goddamn menu and desktop icons
Windows offers this and more.
I've used Xfce for a long time, it's nice. But the whole "it's faster and lower memory footprint" doesn't matter much these days, especially since Windows is really well optimized now. How many people are using Xfce on systems with 1GB of RAM anymore? Plus Windows obviously offers much more than just Xfce and Xfce is also under-resourced, developer-wise, and on the brink of becoming abandonware. Linux desktops really are not in a good place today.
Yes, tomorrow evening when I have time, not literally right now in the middle of a 2-day 3D render that my computer has been running for a 24 hours now.
> It takes less than 5 minutes to disable and hide it.
Until an update re-enables it or pops an un-hidable fullscreen popup with misleading questions that tricks you into enabling it again.
> [absurd UIs]
You can't possibly be defending the shitshow that is the Win10 setting menu! Everyone hates it, from techies, developers, gamers, grandmas... I could probably write an essay just about the actual bugs and missing features, not even counting stupid design.
> [telemetry]
See the Cortana reply above
> [resources]
Few people are running <1GB of RAM, true, but very many are still running 4GB. That means you can basically open a Word document and two Chrome tabs before your system becomes unusable. This isn't an exaggeration - if the two tabs are heavy (like FB and Gmail, for example), the system will aready start swapping.
For another datapoint, I can no longer play certain games (heavily modded) on Win, because they actually need at least 6GB or RAM and that's enough to crash my 8GB system. On Linux, I can run the game, Spotify and like 3 Firefox tabs on the same machine, and I'm using a DE that notorious for high RAM usage (KDE Plasma).
It's a humongous engineering project and I can see what they're doing. It's a super painful and long transition, but where they've finished the transition, I like it. Very nicely organized, searchable, it makes a lot of sense, it's consistent. It's a great UI, we're just in the middle of the construction site.
I imagine they didn't have any other way to do it.
If they don't do it, everyone complains that the Control Panel is getting antiquated, if they do it, people complain why they're changing it like this.
We have to be realistic here.
My favorite example of this is the sound output setting. Windows has two output "streams" - communication and media. The old menu used to have a "set default" button that set a device to default for both, but you could also set each default manually. The new menu doesn't make that distinction at all, but the new default device switcher only switches the playback default. This results in things like Skype, Zoom, Discord... seemingly not respecting the output device setting. The only way to fix this is through the old menu, but they have removed every trace of it, so you have to trick Windows by searching for "sounds" to get to the place where you change things like the error message sound, which pops up a window where you can then switch the tab to the old sound control panel.
I don't think there's been a single month since this change was pushed out where I didn't have to help someone with this. It's clearly broken, clearly
Just use pavucontrol (Pulseaudio volume control) which comes included with most distros.
The new UI seems to be very forward facing, I suspect that they're targeting everything with it: desktop, mobile, even AR/VR.
Most of those 1 billion people didn't choose Windows 10 because they looked at it and thought, "yeah, this user interface is so much better than Windows 7". Most of those people didn't look at the latest update to Windows 10 and think, "yeah, these changes to the UI are major improvements, my life will be so much easier than on the previous version of Windows 10".
For most of the non-programmers I know, it's more of a boiling-frog situation. Microsoft blackmails them into "upgrading" using security patches, and every "upgrade" makes the UI less intuitive, slower to use, or worse in some other way.
Just last month, for example, I got a call from my parents because the Photos app was no longer allowing them to save an edited copy of a photo to a different folder. Turns out, yeah, you just couldn't do that anymore. It's absurd, but my parents certainly aren't the absurd ones.
I think Windows is a probably the least worst desktop (not laptop!) OS right now but I would defend the parent commenter here. Windows has had the slowest and most painful UI transition I've seen in an OS, and it definitely hinders usability. Try to change certain innocuous settings in windows and you will unknowingly embark on a journey through time as you discover layers of settings still preserved in older and older UI frameworks still tucked away in deep corners of the OS.
>How do you define absurd UIs? have you ever tried using windows 10 control panel?
>It's a bit annoying and philosophically not a great thing, but you can disable 99% of their telemetry in about 15 minutes.
https://www.youtube.com/watch?v=PxwEwwlDM8Q CIA/NSA leader "We kill people based on metadata"
I grew up on windows and dont know how to program, and even I am dumping windows for ubuntu or osx (+ windows running in a vm for legacy software). windows is just trash. its pure trash. it has the worst user interface, the worst controls, lags, power issues, etc.
I would rather run a windows AWS instance accessed via a 4g ipad pro than continue using my pc workstation. its not good when people that dropped out of business degrees and cant program say that!
Many people use computers for entertainment and Windows has more compatibility with games because game developers target Windows. Even though many of the game engines they use support Linux.
With Wine, Proton, Dxvk, etc... the game compatibility gap is closing rapidly, though.
Now, many occupations require software that won't run on Linux (software from Autodesk, Adobe, etc), but the use case for the vast majority of people is well covered.
If they were given the chance to acquire their computer for cheaper without an OS they would have done so.
As for suspend/resume scripts, I've never had to do that and I use Arch (yes, hahah, but you know what I mean).
Windows has a certification process for most hardware and drivers, things still break but any major or wide breaks are caught quite early. I just have less time to tinker with stuff when random flakiness pops up which happened a lot when I used Arch and Ubuntu.
https://github.com/nullpo-head/WSL-Hello-sudo/blob/master/de...
But it has worse performance for accessing native Windows files than WSL1 does.
In any case I think an assertion that WSL2 has no performance issues needs a serious citation (as opposed to no citation which you gave) - you're making a claim about all possible situations. As always, a statement that "no x exists" requires seriously more proof than "at least one x does exist".
https://docs.microsoft.com/en-us/windows/security/identity-p....
What exactly is the point of sudo/UAC these days of single-user machines? I think https://xkcd.com/1200 put it well. Anything running as an unelevated user account can access my browser sessions where it can steal my passwords, emails, other other private info. It can turn on my microphone and camera. It can read all of my documents. Those are the things I care about protecting, not whatever special things root can do like install drivers and create virtual network interfaces.
The best configuration for WSL sudo is probably to just allow all commands without any authentication.
Modern Windows has permission levels and capabilities that segregate background processes and system services. If your browser, running in low integrity mode, gets exploited, there's a whole layer of security that needs to be bypassed to read the keys you type or to install tasks at startup.
On Linux, I think it's mostly an anti-fuckup-thing. You can't accidentally delete system files if you're not root, you can't accidentally restart the wrong service, you can't accidentally edit the system config when you want to edit the user config. Badly-written tools can't mutate something when I ask them to just read. It also works for the same reasons as UAC does for Windows, though the Linux permission model is much simpler than the Windows one for most use cases.
If you run everything as root, the first compromise rootkits your computer. If you use proper user segregation additional steps need to be executed in order to trick you into getting the malware hooked deep into your system.
For WSL, the problem is similar to Linux, because WSL is just a well-integrated Linux VM. Dev tools such as npm download and execute random code from the internet, which can be infected somewhere six levels down the dependency chain. If you run those as root, you're giving that malware full access to your system whereas your local user account can only modify some of the files outside of WSL.
It doesn't protect you from theft of your unlocked laptop. It does protect you from bad software, at least partially.
”UAC is not a security feature. It’s a convenience feature that acts as a forcing function to get software developers to get their act together.” https://devblogs.microsoft.com/oldnewthing/20160816-00/?p=94...
On a single user machine, it does nothing for user security, because all of the things worth protecting, like your data, don’t require elevation anyway.
As for preventing fuckups, it prevents the wrong fuckups. Deleting my user files is a bad fuckup. A program trashing my files and emptying my bank account is a bad fuckup. Trashing my OS install, the only thing root can do that my user account can’t, is an inconvenience.
Permiting everything is no different really to browsing the web as root.
Permitting granular things in sudo and doas isn't easy.
For what it is worth, many of the systems I work on on have many more than just one user and I am sure that other people work on bigger environments too. When you have multiple users, you run the risk of delegating more access than you should and thus compromise content, hence why I think access should simple!
Hacking around at systems you’re interested in is hardly a waste of time, it’s through projects driven by self interest that we learn the most imo.
Extending standards is normal and expected. It’s the extinguishing part that we get in trouble, but a natural risk of any large player “contributing” to OS (their weight is what opens the possibility; but their weight is also what you want to enable larger/comprehensive OS codebases).
That is, you want Microsoft contributing to Linux. The thing to avoid is only Microsoft contributing to Linux.
People really get riled up with some brands, but I think brands are really just people who operate the brand collectively, often with an emphasis on the leadership that gets to guide the sail. Gates and Ballmer are past.