This is a good time to convince your employer that the company should switch to Linux workstations.
What is the active directory replacement for Linux?
Is my antivirus supported?
How about that program that Bill Jenkins coded 30 years ago That's still integral to daily operations.
...
I could probably upgrade a third of my company to Linux, but then I would have to support multiple operating systems and employees who could barely understand where the start menu was in Windows.
What is the active directory replacement for Linux?
Client or server? Doesn't matter, since samba provides both.
Is my antivirus supported
In the same sense that airplane seats have life jackets, yes.
How about that program that Bill Jenkins coded 30 years ago That's still integral to daily operations.
Get better app maintenance and life-cycling and you'll know already.
If it's thirty years old and coded for windows 3.11, it probably won't run on windows11. If it's 30 years old and coded for sun4 or Linux 1.2.13, it can likely be ported.
Qemu.
Comically I did this at a job, porting an old app forward while my peer redeployed a 4-year-old perl web tool. My c;m;mi was done way before his perl dep hell caused him to just redo it all in c.
Unrealistic, especially for large and/or old companies that already typically have understaffed IT departments.
Investments like switching the entire OS vendor have to have a very, very good reason.
Recommending Samba is dangerous, it'll work okay until it doesn't. And when that happens you're better off rebuilding the entire domain then trying to figure out why the PDC stopped trusting itself or some other bullshit.
Also they're only up to 2016 functional level.
Lol
I really should update
To Linux of course
Definitely should
Gotta get my new laptop so I have a back up computer in case I fuck things up.
But I also should really update.
I've seen a some of ancient enterprise laptops upgraded to 11, so I thought a slightly newer gaming laptop should be just fine. Wrong! Having more powerful hardware wasn't enough, since that CPU isn't supported by W11. Seems like Microsoft is really trying to make sure perfectly functional hardware gets thrown away.
Hey, if you can't run their DRM, they don't want you upgrading. Buy and consume.
As long as you have a TPM.
It also takes 15 minutes to upgrade to Linux, with no such requirement.
Even on Linux, it's probably a good idea to set up SecureBoot with your TPM. Very few distros will automatically set this up for you, but I know for sure that Ubuntu and Fedora do this by default.
Can you explicate why I should want either SecureBoot or a TPM in a Linux environment?
As a normal person I don't think there's a good reason. It just makes it harder for someone to get into your system/recover your data if there's a problem with the machine (or if it's stolen but personally I think it's less likely for that to happen for the majority of people). If it's a company PC with sensitive info on it that's backed up elsewhere then yea you want to prevent people from getting into that thing as much as possible.
Per the arch wiki for Secure Boot:
Secure Boot is a security feature found in the UEFIstandard, designed to add a layer of protection to the pre-boot process: by maintaining a cryptographically signed list of binaries authorized or forbidden to run at boot, it helps in improving the confidence that the machine core boot components (boot manager, kernel, initramfs) have not been tampered with.
As such it can be seen as a continuation or complement to the efforts in securing one's computing environment, reducing the attack surface that other software security solutions such as system encryption cannot easily cover, while being totally distinct and not dependent on them. Secure Boot just stands on its own as a component of current security practices, with its own set of pros and cons.
Note: For a deeper overview about Secure Boot in Linux, see Rodsbooks' Secure Boot article and other online resources.
Per arch wiki for TPM:
Trusted Platform Module (TPM) is an international standard for a secure cryptoprocessor, which is a dedicated microprocessor designed to secure hardware by integrating cryptographic keys into devices.
In practice a TPM can be used for various different security applications such as secure boot, key storage and random number generation.
TPM is naturally supported only on devices that have TPM hardware support. If your hardware has TPM support but it is not showing up, it might need to be enabled in the BIOS settings.
Note: There are two very different TPM specifications: 2.0 and 1.2, which also use different software stacks.
All that to say this is still not as secure as it could be (since it lacks some decent remote attestation), but security is best in layers, so a Secure Boot setup can be a great way to protect your pre-boot process.
's probably a good idea to set up SecureBoot with your TPM.
How does this work?
Can you keep a dual boot while still accessing files from either?
Yes, my Fedora install is happy to pull files from NTFS with no adjustments, and there must be some Windows software that can read the LVM of Fedora.
That's assuming they are either not encrypted or you know the encryption keys.
What does that protect against other than physical attacks?
I have it switched on but I never had a second thought about it.
I started duel booting with Linux over the weekend so I can ease myself into outright switching. Unfortunately I'm stuck with Windows 11 for my work computer and it's honestly surprising how bad it is for productivity. All the bloatware, notifications, and unnecessary addictions/changes makes working with Windows 11 frustrating. I'm sure it's decent for gaming and general use, but when I have to use it for actual work it's a significant downgrade. Plus it's getting significantly harder to use the software that I need for my job. I've had to start going into the registry and download 3rd party software just to do my job. And don't even get me started on Microsoft 365.
Welcome, have a glass of wine🍷
Running Windows after experiencing Linux for a while is indeed quite frustrating, with constant distractions, poor customizations and an ever-present feeling that the system could run a bit faster.
Hope you'll be able to move more of your workloads to Linux. Make sure to familiarize yourself with capabilities of Wine (a compatibility layer allowing to run Windows apps on Linux), as well as full-on virtualization and WinApps for programs that refuse to run on Linux under other circumstances. Also, Linux has native apps for just about everything, for when you don't need a very specific Windows-only program!
Team Penguin all the way!
En garde!
Just curious, what do you do for work where you need special stuff like that? Also why are you allowed to edit the registry and download third party apps on your work computer? What previously built in features/apps does Win 11 lack so that you need third party apps?
I'm a CAD tech for a land surveying company. We do a lot of things like 3D scanning and hydrographic surveying as well. A lot of the software that we use for hydrographic surveying and 3D scanning is relatively old and cryptic. Still updated to this day but definitely not what some would consider "modern." Some of the software just doesn't work or has huge performance issues in Windows 11 without changing the way Windows works with the software. And the compatibility mode that Windows 11 offers isn't robust enough to get some of them to work so I have to download third party software as a work around. And with every update there's always a new and exciting way it fucks with the something I need to get my job done.
I'm sure there are more, but off the top of my head the new right click menu doesn't even have half the shit I need. So I had to go into the registry to get the old one back because I was tired of clicking the "more options" button every time I needed to run a program as administrator for example. Add onto that the constant notifications for features that our company doesn't use get shoved in my face is constantly annoying. I've had to uninstall so much bloatware just to get it to shut up.
It's not like it's the worst OS I've ever used. It's just all the little things that add up over time that generally makes things more difficult or frustrating. I've had to troubleshoot more issues with using Windows 11 than I can even count and with each update the list only grows.
Just so you know, if you hold down shift and right-click on something, run as admin is there.
also if its on your taskbar you can right click on the icon>properties>Advanced and check the box to run as administrator every time.
Ctrl+Shift+Click or Ctrl+Shift+Enter will launch most things as elevated. Works in Start, taskbar, run dialog, explorer, etc.
I highly recommend ExplorerPatcher to anyone I know coming to win 11 from win 10, its a quick way to get the win 10 right click menu back along with a lot of other useful things. Can switch between the previous UIs of windows explorer and it has some cool start menu options too.
Ah, I have heard that CAD stuff can be weird. I hate when software isn't supported properly by the seller.
It's pretty bad that the program can't be run without admin, that could possibly be fixed by IT. But a tip is to hold down shift and ctrl when clicking on a program. It will run the program as an admin.
Not the other user but I support a whole load of apps that run everything you can think of: printers, x-ray machines, radio frequency modelling, surveying equipment, forensic software/hardware, etc... it's a lot. The Windows 10 upgrade hit us hard enough but this one has been on another level, now that Microsoft is also consistently a source of issues. Updates get forced through sometimes, Microsoft turns on random experimental features in our environment, and some shit just cannot reliably be blocked or controlled at all.
Windows was sometimes annoying or difficult, but now it is hostile. This is unacceptable.
Sounds like ESET is happy to blame people for not having enough money to buy new computers or enough time and experience to switch to Linux.
Makes me wonder what necessitates this "security disaster". Surely, there is no other reasonable course of action that anyone aside from the consumer could take. I'm sure that ESET is only interested in avoiding security issues in writing that it would be the consumer's fault for not replacing their OS on, say, a two year old appliance to an entirely different, worse version that has different and unnecessary hardware requirements.
I mean their job is cybersecurity. Warning people that their OS is about to no longer receive security updates from the vendor seems pretty reasonable. They have no control over Microsoft's business decisions. The fact ESET even points out that people could move to Linux and get out of the Microsoft ecosystem is at least something.
Also, obligatory, "Fuck Microsoft."
I don't disagree, and also I think it would be better if this were framed as a failing of Microsoft instead of being on the consumer.
No. 😀
Sounds like a threat
Man, the Windows XP computer I have up in the attic is currently feeling unusually tense.
Look, I think MS should not discontinue support...
...but the weird amplification of the panic around it seems to me like it actively ignore the user patterns (and security outcomes) we've seen from Windows users for the last three decades. If this was less panicky and more targeted to business users I would take it more seriously. Getting some Y2K vibes from this whole thing.
Please bro, update to windows 11.
Linux isn't just a 5 minutes upgrade either.
Windows, what a joke OS.
I think that blurb is referencing the Doomsday Clock:
the Clock is a metaphor, not a prediction, for threats to humanity from unchecked scientific and technological advances. That is, the time on the Clock is not to be interpreted as actual time. A hypothetical global catastrophe is represented by midnight on the Clock, with the Bulletin's opinion on how close the world is to one represented by a certain number of minutes or seconds to midnight, which is then assessed in January of each year.
Ooh absolutely read that too fast as 5-12 minutes linux install. My bad!
No doubt. Same, but your comment made me double check. It was good reading anyway!
When they allow me to put the damn taskbar where I want I will consider it.
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
Community Rules
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world