• 1 Post
  • 32 Comments
Joined 9 months ago
cake
Cake day: March 6th, 2024

help-circle
  • That’s probably a fair point. I can’t say too much as I haven’t touched Windows desktop or server too much.

    Could be apples vs oranges here though as we’re talking about getting started versus well established setup, but my current employer is looking at adopting Ansible + Packer for imaging and partially Ansible-managing Windows servers where it makes sense because of limitations in SCCM and GPO. As far as I can see across the divide Windows Server isn’t all smooth sailing.


  • I can’t say I’ve managed Linux desktops at scale (so technically I should leave it there) but I do manage several hundred Linux VMs with Ansible, and I manage all of my PCs with Ansible. Desktops are a different ballgame to servers, dealing with end users and all, but I still don’t think it would be that hard once it’s been set up.


  • That sucks :( I’m pretty much in the same boat. I get to use a Linux desktop at work on the proviso that I don’t raise support requests. We use Microsoft for nearly everything so naturally it’s an uphill battle. The web UI is quite buggy and “not recommended” by my org. Teams doesn’t support Firefox so I have to run a separate browser especially for it.

    But aside from interfacing with Microsoft everything just works, and really nicely.






  • OpenZFS is under a completely FOSS license but it’s incompatible with the GPL and can’t really ever be merged into the Linux kernel. The workaroundids to provide it as source code which gets compiled as a module every time there’s a new kernel via dkms.

    More controversially, Canonical ship OpenZFS pre-compiled in Ubuntu which some lawyers believe to be infringing on ZFS’ codebase.

    Honestly the OpenZFS situation on Linux is probably the biggest single reason for the growing interest in btrfs and bcachefs, the former slowly becoming default on more Linux distros over time and lots of investment from SUSE and Facebook AFAIK.







  • The main reason I’ve steered clear of OpenSUSE is its commercial backing as opposed to being a true non-profit community distro like Debian or Arch.

    Red Hat have influenced Fedora decisions before and obviously blew up CentOS as a RHEL clone when they had the chance. Canonical constantly make bad decisions with Ubuntu.

    I will add that I’ve heard nothing but good things about SUSE and OpenSUSE. SLES sounds like a decent alternative to RHEL and the OpenSUSE community distros sound pretty solid.


  • Windows Vista. I absolutely decked it out with free/open source software (LibreOffice, Firefox, Thunderbird, KDE for Windows) before I dual booted Windows and eventually made a more permanent switch. Never looked back.

    I did have to use Windows for my old job (Win10 from memory?) but now I have a job where I can use Linux.

    Next step is to switch my partner over from Windows 11 (she’s already on board with the idea).


  • Windows Vista. I absolutely decked it out with free/open source software (LibreOffice, Firefox, Thunderbird, KDE for Windows) before I dual booted Windows and eventually made a more permanent switch. Never looked back.

    I did have to use Windows for my old job (Win10 from memory?) but now I have a job where I can use Linux.

    Next step is to switch my partner over from Windows 11 (she’s already on board with the idea).





  • The biggest issue I’ve had with I2P so far has been lack of content.

    postman.i2p only permits torrents which includes its tracker in the torrent file, which means popular torrents from 1337x, TPB et al can’t be uploaded there (at least not without changing the infohash). Torrent clients like qBittorrent and BiglyBT can cross-seed on I2P and clearnet networks which is a recent development since libtorrent 2.0 came out (software packages take a while to bump to.the latest library), but from what I’ve tested nearly all of the infohashes I put into my client from “clearnet” torrent sites have stalled, probably because I2P is a little too bespoke at the moment.

    The potential is definitely there IMO, but unless you’re just watching mainstream movies and TV it’s not a replacement for clearnet/VPN.

    If I’m missing something I’d like to know :)


  • You can absolutely download apps from F-Droid on GrapheneOS, what makes you think you can’t, and how did you conclude that LineageOS is more private and secure?

    I never said that GrapheneOS couldn’t download apps from F-Droid. I didn’t mention GrapheneOS being able to use F-Droid in my dot points but that was just an oversight, not intenttional.

    GrapheneOS doesn’t ship with any Google services by default. We do provide an easy and safe way to install the Google Play components if desired, they are run under the same sandbox and constraints as any other ordinary app you install.

    The problem with this is that so many apps use Google Play Services. If I didn’t want a phone that used Google, I wouldn’t use an OS that bent backwards to make it work.

    The sandbox model is OK in theory, except when your bank app asks for permissions for microphone, camera, contacts and files, and refuses to start without them.

    The app model is a bit broken IMO and GrapheneOS both enables and perpetuates it.

    LineageOS is pretty commonly behind on updates. As an example, it seems that LineageOS 21 (based on Android 14 QPR1) came out in February of this year. You cannot ship the full security patches without being on the latest version of Android, which is Android 14 QPR3 now.

    I might be being a bit naïve here, but Android 14 came out in October, 4 months prior to LOS 21, which is not particularly long. Android 13 is still supported by upstream. This sounds a bit like running RHEL or Debian vs bleeding edge Arch, no? It’s a common debate whether RHEL systems are constantly out of date, the counterargument being that vulnerabilities are often found in new software versions. Without real statistics about security vulnerabilities over time it’s difficult to make an informed decision about software version policies.

    LineageOS does make connections to Google by default, as does AOSP. GrapheneOS changes those connections while LineageOS doesn’t.

    That is excellent, I’m glad to hear GrapheneOS is changing some of the defaults to be a bit better.