All the comments about Linux gaming make me want to give my $0.02. I've been gaming on Linux, with no Windows installed anywhere, for around 6 years. In the first 3 years, it was a massive pain. Games like S.T.A.L.K.E.R. would consistently have issues with mouse input, weird acceleration, a lot of games wouldn't run at all. This is NO LONGER the case at all. Things run very well out of the box.
All games I want to play run very well and mostly the process is just "install -> play".
If a game has an aggressive anticheat, like Battlefield 6 or Valorant, it will not work and you can forget about it.
Controllers work fine, so do some wheels and other peripherals, but a good number of wheels, pedals, joysticks, VR headsets, and other wild and wacky input devices might not work that well or not at all. It mostly depends on whether the software for them runs on Linux, runs in Wine, or is needed at all. Not sure about VR, but I know it was a bit dire 1-2 years ago.
If you don't play hardcore simulator games, and don't play one of the competitive shooters with aggressive anticheat (e.g. CS2 and other competitive shooters run perfectly well), you can just install Linux, install Steam or one of the other launchers, and just hit play.
The old stalker games run on the X-Ray engine (the mods on a modified OSS version of it). In my experience they've always worked pretty well, though the games are quirky in general.
Well actually I've been technically playing all the games that are protected by these aggressive anticheats on linux since I've decided to switch.
My setup is a custom version of the linux kernel that 'backdoors' itself and exposes host information to the windows vm making all the anticheats happy enough to work out of the box. Have not gotten banned in any of the games either. Custom VMM and EDK builds are required to block blanket detections of virtualized hardware.
I repurposed lookingglass to instead stream all the wdm buffers as seperate applications that I can open directly in linux like they're native applications. The neat part is that I forward all the installed applications to KRunner which talks to the windows vm and launches the application there and spawns a looking glass instance for that applications assigned path.
The only downside that this is a two GPU solution and you have to run any GPU intensive applications in windows.
I've been messing with kernel-mode anticheats for 3 to 4 years so yah, not something a typical gamer can do. But I have been contempating on making this publically available for everyone to use wrapped in a neat little package!
It’s just the kernel and virtualization stack that are custom. Dual booting is annoying as you lose access to your entire desktop environment. Want to tab out of your game and check your email client? Well you can’t unless you maintain another email on the Windows partition that you only want to use for running a game anyway. If you spend any significant amount of time gaming you just end up getting dragged away from Linux where you want to be. I was dual booting for a while and it was fine for a focused Skyrim session here and there but when I started playing an mmo that I was in and out of constantly it was very inconvenient to not have access to my Linux desktop environment while I was idling in the city for hours.
With lookingglass nowadays it practically feels like just running a windows game on Linux. I used a vfio setup for years before Linux gaming support was good and I had to switch monitors inputs and toggle my kvm whenever I launched a game and it was still better than dual booting. There wasn’t kernel anticheat back then though so i didn’t have to muck with the kernel and uefi.
Not sure if it's still the case in the 2020's, but back in the 2010's I had no end of issues with Windows deciding to either fuck up the dualboot so nothing would load or overwrite it entirely and leave it as Windows only.
I think I probably switched off dual booting to vfio around 2015. Before that for dual boot I had just followed the arch wiki and used two separate drives, using grub for booting both windows and arch. I don’t remember having issues with dual boot but setting up vfio for gaming was still very fresh at the time and was not trivial for me.
EDIT: looks like it was 2016 i stopped dual booting and switched to vfio because I built a new computer for it a year later https://imgur.com/gallery/battlestation-4BuoZ Ironically reading that back I have just recently started getting into film photography.
I used vfio in the past, and it's not true that setups like vfio or custom kernel/virtualization "just" work. For starters, custom setups need management. There are even latest generation GPUs whose drivers are not fully VFIO compatible.
VFIO had a host of problems that are rarely mentioned, because VFIO "just" works: power management, card driver, compatibility, audio passthrough or maybe not, USB passthrough or maybe not, stuttering, and so on.
>It’s just the kernel and virtualization stack that are custom.
That "just" is doing a lot of heavy lifting. Maintaining a customized system is hardly zero effort. Speaking for myself, there's no way I'd ever consider something like this, because I know sooner or later a system update is going to do something weird that I'll have to figure out how to fix. I'd rather just buy a second computer just to run those specific games. The other person admits they need a second GPU to support this use case anyway, so it's not even like you're saving that much money.
>Want to tab out of your game and check your email client?
I have a phone, and a tablet, and a laptop (besides the desktop). I'm not exactly hurting for ways to check my messages or look something up quickly.
Because I would have to reboot into windows including any active applications I have? That also means I would have to maintain TWO operating systems instead of just one.
Now I have a form of WSL (LSW heh). There is a reason why everyone on windows uses WSL these days, same concept applies for LSW, but for games.
> Because I would have to reboot into windows including any active applications I have?
In a gaming-only setup, Windows requires virtually no maintenance. Plus gaming itself is a monotasking activity.
I actually find it positive having to reboot, so I start with a gaming session, and I only play, and when I'm done I'm done. I get the appeal of everything-in-Linux (it was my setup) but it's also a hassle.
With the Windows VM are you doing GPU pass through to get native performance? Is there still a relatively minimal overhead doing it that way? I would be interested in running applications in their own Windows VM(one at a time at least) but the VM is essentially invisible and only application window is available?
CS2 has first class linux support. I'm on cachyos specifically, and on my machine it has better performance than on Windows (I made the comparison a couple of months ago, so pretty recent)
That being said CS2 runs substantially worse than CSGO. It at least kicked my addiction when it released, since it no longer ran at acceptable framerates on my laptop ahaha
I thought it was fine, until a competitive player, friend of mine who has a machine comparable to mine saw the game running on mine and noticed a lot of stuttering and framerate loss.
I don't believe it is a machine performance issue (Threadripper Pro 3XXX with a 3080p), and I was running a pretty standard Gnome Fedora 43 with NVIDIA drivers.
So if you are into competitive gaming, I guess it is debatable.
Within the past month or so there was a fix for rtx cards that should unlock a massive performance increase for certain games. Only applies to rtx 30xx, 40xx, and 50xx. Search terms are "vulkan descriptor heap" if you would like to know more. It's very fresh so you'll need an up to date distro.
For me the biggest surprise was that old ps2 usb racing sim wheel+pedals just worked instantly with linux, and I could use it in dirt rally without any pains. It felt amazing. oculus quest 2 also works very well with alvr, even wirelessly.
I got a Quest 2 recently and Steam Link would not connect, ALVR would crash after a while, but WiVRn work perfectly on my Arch Linux with a AMD Radeon RX 6700 XT. It's nice that we have multiple options.
I assembled a PC last year from used parts specifically to try gaming on Linux after two decades with only the occasional FreeCiv or MineTest, and the experience with Steam is mostly painless. Impressive!
Playing Linux or Windows native games, because that is the whole issue, it is hardly any different than asserting there are Linux games when they are actually Amiga games running with UAE.
Those games running on Proton are still produced on a Windows factory.
I haven't tried out Lutris yet as I'm trying to avoid having too many layers of platform dependencies just to get games to run, but I'm sure I will at some point.
The trick I have is that I add the game and all related windows exes to steam in the same file system. When you run a game on proton through steam, it makes this virtual file system thats matches a game appid, or a uuid. So youll get a folder somewhere thats like 12345566778. You can add that file to an override for a different application, and have it run on that application file system. So if you add a patcher, mod tool etc, you can use it just like its in windows.
For example: Add Diablo 2 exe to Steam. Run Diablo 2 in proton. This creates a folder like 123455 /home/user/.local/share/Steam/steamapps/compatdata/123455/. Then Add LOD to Steam, add this to the system launch STEAM_COMPAT_DATA_PATH=/home/user/.local/share/Steam/steamapps/compatdata/123455/ and you can run the installer on the older file data. Do the same for a mod patcher, etc.
Who is accusing Linux as the cause of anticheat not working? I haven't ever seen that, I see people blaming the anticheat creators for not supporting Linux, they know Linux is not the one at fault yet they still want to play games therefore they use Windows instead.
They quote "If a game has an aggressive anticheat" and then state "The determination of the average Linux user to ignore the faults of Linux", which is accusing Linux of being at fault for the aggressive anticheat not working.
I did not read that to mean that Linux is at fault, I usually would use "X's faults" colloquially to mean drawbacks, not literally, X is at fault and therefore responsibility for this.
Ah well then we have a slightly different interpretation. I would read "the faults of <x>" as "the flaws of <x>", which would then imply a flaw of Linux is why aggressive anticheat doesn't work when it is just companies deciding it isn't worth their time.
When someone brings up issues related to Linux themselves, that’s clearly not “ignoring” them. It would be a true case of ignoring them if they simply kept quiet about them.
>> If a game has an aggressive anticheat
> the faults of Linux
And besides, as far as I know (well, maybe I'm missing something?), anti-cheat issues aren’t a fault of Linux itself.
There's Windows games that don't work on Windows 11 but do on Linux (e.g., Red Alert 2). There's wacky gaming peripherals that work on Linux but not on Windows 11 (Try an OG Xbox controller for example). Hell, MS has even removed support for a bunch of VR headsets when they nixed support for Windows Mixed Reality.
Why do Windows users ignore the faults of Windows?
Why do Windows users ignore the faults of Windows?
How many people care about support for Red Alert 2 and OG Xbox controllers on Windows 11 (assuming either of these truly don't work) versus people who care about the ability to play games like Fortnite?
So really the conversation should come down to how well Linux plays Fortnite then. And bringing up games that 'no one plays' is irrelevant.
You can't have it both ways. Either it's only relevant that Linux plays the big games that are on steam, or people can bring up edge cases where windows doesn't do so well.
Edge cases? There's a long history of brand new triple A games running poorly or not at all on Windows. Evstablished games have plenty of problems. There are millions on millions of support pages, forums, and the deep dark recesses of discord stacked with Windows gaming problems. Just because some folks don't have problems with Windows doesn't mean the problems don't exist. The windows user base is so vast it's easy to think there's no problem just because an individual doesn't see it in their little corner of the world.
I don't disagree but when the conversation is about red alert 2 and steering wheels and the response is nobody uses those, then it isn't valid to use the argument that Linux is useless when it runs everything.
The deterimination of some people to hate on Linux is also something to behold. It's not perfect (nothing is, not even Windows), but it's a lot better than most people (who I don't think have actually tried) seem to think it is.
The majority of people don't use fancy wheels that require custom software to work. Many people do use anti-cheat, but plenty of people don't need it.
> If a game has an aggressive anticheat, like Battlefield 6 or Valorant, it will not work and you can forget about it.
Yeah this is why I stick with Windows. Unlike it seems a lot of people on HN I don't really see any issues with it that would want to make me move away, especially as I already have WSL if I do need Linux, as WSL has GPU passthrough.
> I don't really see any issues with it that would want to make me move away
If you don't care about privacy issues or ads in your face, then yeah Windows is pretty good. I care a lot about that (and open source in general) so for me it's way worth it. But everyone is different and that's ok
I don't, no (otherwise I wouldn't use Google and their ecosystem either). I also don't see any ads people talk about either, I run ad blockers everywhere so maybe that's why.
Vague concerns about privacy are not strong enough reasons for me and most others, based on OS market share, to move away when the concrete reality is we can simply play more games on Windows. The only reason Linux gaming is getting good is because of Valve funding it heavily in the past few years for their own products like the Steam Deck, and to move away from an OS they have no control over in Windows, not because of privacy concerns which I guarantee you 99% of Steam Deck users don't give a shit about, they just want to play their games.
> not because of privacy concerns which I guarantee you 99% of Steam Deck users don't give a shit about, they just want to play their games.
I actually agree with everything you said except the above. Valve (and their employees) do actually care about privacy concerns, regardless whether their users do or not. I agree that's not the primary reason they did it (it was because of Windows control as you said), but it isn't a non-zero factor.
> the concrete reality is we can simply play more games on Windows
If you play older games, particularly DOS/Win95 era titles, the concrete reality is that DOSBox and Wine have better compatibility.
Even some recent games, eg. Elden Ring, have unfixed stuttering issues on Windows that were fixed on-release in Proton. I'm willing to give Windows it's due because I don't think it's a terrible gaming environment, but it's a direct downgrade for a lot of the games I enjoy playing.
I should've said games which came out this century, perhaps I thought that was implied when we're discussing modern anti-cheat. The number of games which work better on Linux over Windows is small.
I'll take your word for it. I haven't used Windows since Windows 10, maybe Win11 fixed Bethesda's alt-tab crashing errors and reduced memory consumption - I'd never know.
Yep, my casual Steam games run well out of the box. I don’t even use a gaming-focused distro like Bazzite, just EndeavourOS. Helldivers 2, No Rest For The Wicked, Slay The Spire 2, even modded Lethal Company with friends using r2modman (also worked OOTB). And of course Discord works, including streaming when friends want to watch
If I really want to play Apex or Battlefield I’ll fire up my dual drive dual boot Windows, and in the meantime, no more Microsoft spying on me, forced Windows updates and reboots at random times, ads in my Start menu, Xbox apps and other bloatware, etc
I did consider Fedora, just was intrigued by EndeavourOS, being Arch-based but with default settings that work totally fine for a casual like me, not having to fuss about setting up a DE or WM+addons, firewall, WiFi, Nvidia GPU worked out of the box, etc
These are often in the database as well. Indie games also have a very good chance of working without any changes in Proton, IME. They usually aren't very "high tech" and I suspect that at least some of their creators test them with Proton.
I have been running Steam on a Fedora Sway spin on a ThinkCentre M75q Gen 5 for nearly two years now, playing Hades or Hollow Knight. Before that, I ran Steam on Debian on a ThinkPad T14/P14s to play Cities Skylines. I usually use an Xbox or PlayStation 3 controller. It works great!
My concern has long been, what happens when I want to do something weird?
I have a projector that supports stereoscopic 3D. Sometimes I use things like HelixMod to add 3D to games. What would that look like on Linux?
Sometimes I use GPU driver settings to force games to use higher render resolutions (above my monitor's resolution), or better anisotropic filtering. What does that look like?
Yeah good on them, everyone needs to do this. It's nuts Windows is still the go-to for anything these days despite everyone knowing what a parasitic, buggy mess it is. "Easy" shouldn't be the excuse in this day and age. Big orgs and especially government entities should be hiring the people that know what they're doing and get off that crummy platform.
What Microsoftoffer is having only one contact / contract for a huge fraction of the IT needs of a company so I can understand it solves some headache vs building stuff from many bricks with as many contracts.
They offer a full ecosystem where everything integrates with everything else, especially the central pillar of identity. But you will pay for that in more ways than just money or lockin. If you work with their solutions, the more you dig into them with the help of MS people, the scarier it gets. So many "holy cow" moments.
Businesses choose it because it works with what they already have, the existing tools, processes, skills and because Microsoft was always a safe choice by virtue of being almost implicit. They choose Microsoft because they're already deep into Microsoft, it's the option carrying the lowest risk and lowest short term cost.
Switching to Linux is complex, expensive and risky. The transition is long and expensive, plagued with teething issues, your MS focused knowledge is redundant, the patience of your sponsor can run out before the move delivers anything of impact. Who wants to take such risks when they can just not rock the boat and call it a day?
Most of their revenue is tied to other stuff though
1. Productivity / Business (~43%)
Includes:
Microsoft 365 (Office, Teams) - these can be likely ported to Linux if they're not already since they also work on MacOS?
LinkedIn
Dynamics (ERP/CRM)
~$120.8B
2. Cloud (~38%)
Includes:
Azure (runs on mostly linux, and moving cloud provider as a big corp is expensive, I don't see massive companies stuck in azure infra moving from it)
Server products (Windows Server, SQL Server, etc.)
~$106.3B
I fully support the demise of Windows as an OS
But microsoft as a company has shifted away from Windows as their source of revenue, and will probably not be impacted too badly if it were to die completely.
The French move will hit the Productivity/ Business segment. Their motivation is to limit extra-European dependence so they will look elsewhere for this.
Similar to Germany with its DeutschlandStack and some migrations already ongoing.
Anticheat and support for joysticks, steering wheels, VR, etc. is one factor for sure. I would say almost all games people play, which dont fall in the above categories, run out of the box with no or very minor tweaks needed (no terminal).
1. total abandonment of desktop as a platform, and the massive hurdles to distribute desktop software
2. move to Cloud and use electron wrappers because not even MS can bother making native apps on their shitty platform
3. Make Windows so shit that even hardcore power users can’t debloat it.
The moat of Windows is gone. Games, office work, all the classic arguments, have basically vanished in the last 5-10 years. The only surprise is why more people don’t get in the life rafts, when the ship is listing at 45 degrees. Is it because there’s still an army of workers and institutional inertia trained in Active Directory?
Windows persists in the workplace where the cost to replace it is significantly higher than keeping it, and keeping it doesn't cost much to begin with. Part of that cost would be training, yes.
The other part is finding compliant equivalents for the rest of the software they use. If the MFA, VPN, chat, email, etc. are all already vetted and designed to be compatible, there's no way they'd want to switch. Many policies regarding proprietary information disclosure are also built off this ecosystem and the certifications Microsoft's cloud already has.
4. putting Mac users in charge of the UI who are genuinely incapable of understanding how they are breaking continuity.
That's like staffing a neurosurgery department with dentists. Or a dental clinic with neurosurgeons, it does not matter, you can have decades of experience working with a drill in the head area and still be the wrong person for the job.
Continuity with what exactly? IME Windows has been a mish mash of GUI frameworks to the point you teleport through time whenever you click around in control panel, since.. the XP era? I mean, I don’t disagree with you in principle, but the timing is like saying horse carriages aren’t keeping up with cars because they’re designed by car users. The Satya era can be good or bad depending on who you ask, but that’s for Microsoft as a company – windows as a product has had no coherence for a decade+, and that’s generous.
> Is it because there’s still an army of workers and institutional inertia trained in Active Directory?
Yes, that is a huge driver of inertia. I've had to battle that in so many different companies now, and it is absolutely aggravating. That on top of comments about how Linux sucks from someone who either has never used it, or has only used it on a server and thinks that is all Linux has to offer, are absolutely soul destroying.
Cyberpunks own benchmarking suite runs 30% faster (for whatever reason; my wintendo install is stock and nothing but nvidia drivers) on the ntfs windows partition on Arch.
Except today games all work and invariably markedly better on Linux. Even the games that stopped working on Windows for me work great, like https://www.protondb.com/app/2008510
Actually, it's the exact opposite. There is really no alternative to PowerPoint on Linux, unfortunately. I'm saying this as someone who's used Linux for 20 years now.
Huh? There's a ton of PowerPoint alternatives that work on Linux. LibreOffice, OnlyOffice, Collabora Office, Calligra Stage, Google Slides, the online version of PowerPoint, more techy things like LaTeX Beamer or Reveal.js. Maybe these don't have perfect PowerPoint compatibility, or some niche PowerPoint feature you need but there's plenty of slide deck making options that work on Linux.
Presentation has been a solved problem for more than 2 decades already.
Whenever we are talking migration out of the windows world, there is always a group of MS fanboys that pretend that you can't replace a software with another one if it doesn't even have the exact same set of features down to the smallest details while totally ignoring the interesting features the replacement can have.
The reality is there are never 1:1 replacement and Microsoft would have never had any sort of success in the office area to begin with that sort of nitpicking.
I'd think the only Office part difficult to replace is Excel. It has a lot of functionality, provides a lot of value and is the workhorse of most business processes I see. Now how do you replace THAT?
I tried LibreOffice (Impress) for something simple and it was not good - in fact it would just freeze. Although it did have a feature on MacOS that PowerPoint for Mac didn't, so I ended up using Impress for the first little bit and then PowerPoint for the rest.
Probably just a matter of time, it’s possible the friction will create opportunities. Something in the spirit of iaPresenter, md first would be awesome.
At the moment i have long html page with key event for next and previous, tiny script to check on specif markup for autoscroll.
I'm actually constantly surprised by the diversity of experiences I'm seeing here. It's very much not a small bubble, at least not in comparison to any other social network/activity in my life.
Are you just hanging around California startups? I work in big consulting and am inside hundreds of the largest companies in the US, everyone of which is fully Microsoft and only ever seen PowerPoint. I’m in dozens of teams meetings a week across as many organizations and have been in 2 Google meets meeting in the last decade, both of which were California fintech startups.
Yes, most people use MS where I live, too. But most of them only scratch the surface. To this thread's point, 99% of PowerPoint presentations I've seen are just walls of text on a bunch of slides, with the occasional illegible graph.
Now I'm not saying I actually know my way around PPT or that I'm some presentation whiz, but this can probably be done with the browser version. Just like the "new" Outlook is simply a new Edge skin.
I work for a company that has drunk the MS Kool-Aid and then went back for a refill, yet I've never had any issue using the web version of the suite ever since it came out. I don't even run Windows on my work laptop. Teams is the only app that seems marginally better in its heavy version (heh), since it supports separate windows for the calls.
I've been out of the powerpoint loop myself for almost 20 years too; does it actually have any valuable functionality that you can't get on the free alternatives?
I've worked in academia for years (in computer vision labs) and I can confidently say that PowerPoint is the best tool to prepare research presentations.
Could you go into details about why you think this?
I haven't used PowerPoint in years as I think my needs are pretty simple but I wonder what I'm missing.
I can see that the Microsoft ecosystem gives control on who can view files and provides collaboration and control. Both of which would be useful in the corporate world.
Is there's somethnig other than that or is it just ease of use?
For the most part I see people using MS Office tools because it's what they are familar with. They're familar with it because it's the only thing their IT department will allow them to use.
At least in my field, 90% of presentations are Beamer. PowerPoint is bad at equations just like Word. Besides easily integrating video/animations I can't think of why it would be better.
Convenience comes as a result of mass market adoption, for products for which convenience was not already the main selling factor. Look at cars; they were kind of difficult to drive and maintain 60 years ago, now they're super convenient to drive and maintain as you essentially just press buttons and look at screens to get all needed information about the car and drive it.
It's probably something like "inception -> adoption -> convenience". For Windows it was the same, was it not? It wasn't absolutely convenient to use, it was just better (in terms of usability and features for the average consumer), and convenience came after (Windows XP, Windows 7). Sadly the functionality degraded, and now all that is left is convenience.
Imagine what can happen if the French and other governments would start pouring all the money into developing that further in the open, rather than just giving it all to Microsoft instead?
Law is irrelevant under the power of the gun; it was the threat to invade Greenland and the threat to leave NATO which have triggered this.
(people keep saying things like "only Congress has the power to declare war"; that may be technically true, but a war declaration is a piece of paper, and practically the authorization of force is at the personal disposition of the President)
Not everything makes US news but the decision by Microsoft to shut down ICC accounts after a Trump EO on sanctions really spooked a lot of EU governments.
There were general and abstract privacy threats. The current US administration however has managed to alienate the EU population as well as EU politicians.
Trump has basically ended the alliance between the western world and the US and everybody has started to built around that fact. Just one example is that the EU has finalized multiple huge trade contracts, some were in the making for decades.
I don't think the next US administration - if the US remains a democracy - will be able to fix that. The US lately has been very vocal that they don't want to be the center of the western world anymore and the western world got the message.
Reorganizing the post-WWII world order will take some time, of course, but I feel like the world is proceeding quite fast.
It looks like the president - which was a businessman - will make a huge damage to American IT businesses. And IT stocks dominate the S&P 500, comprising roughly 1/3 of the index's total market capitalization... Good luck America!
Sorry I thought it was the president of the US that imposed tariffs, threatened to invade Canada and Greenland, wanted to remove all Gazans from Gaza, etc, etc. not some random Reddit poster. My mistake.
One eu country or another has been talking about this for at least a decade. Nothing will happen this time either, or we'll get another of those things like the weird owncloud knock off that is totally developed by the EU
On the other hand in 2018 Europe managed to sort out LNG etc pretty quick.
I'm kind of surprised it hasn't been louder and faster after the tariffs came in, but we've already had investigation after investigation into monopoly practices, the EU is working on domestic payment processing. So the political will is there. I assume they're just quietly getting on with sorting it out.
Is slightly disagree. Trump brought in the tariffs based on trade imbalances. Bringing services into the conversation would highlight that there isn't a trade imbalance. But then I'm not trying to guess what trump might do with any given input.
I have worked on things like PSD2, a well oiled government-led machine that just works. There are some dysfunctional things, then there are things working perfectly fine.
They'll start pulling Linux in a direction that suites them, which will potentially be at odds with the preferences of open source software enthusiasts.
They might have an effect in the development of an office suite, possibly of a desktop environment or one specialized Linux distribution. Nobody will be forced to use those specific ones if they don't like them. There are plenty of options in the Linux world.
Most of the cost (to the government) for Windows is "support" (in a very general sense) and that cost isn't disappearing with Linux.
Especially since it is easier to find badly underpaid (and not particularly competent) Windows sysadmins than it is to find badly underpaid Linux admins.
Ok but the license fees are, what, 50 quid? times say, 3k or 30k people? A 150k or 1.5m injection into the linux ecosystem to develop those would pay for a _lot_ of developers and a _lot_ of developer time.
From what I heard about NGI-zero, another government sponsorship project (1), the problem so far is primarily finding the projects that need sponsorship.
That doesn't seem correct. Almost all of the projects installed on a standard Linux distro need funding. I just stopped applying to NLnet after getting nothing but rejections.
Are you implying that need for support would go away?
If anything the demand would be artificially high at the start of a mass migration, and then presumably level out to something similar to what we see today with Windows.
Not a thing any longer, for the most part. People know how to open a browser on any operating system these days. Go to the menu, run it. Get bored and click the X on the top bar. Source: nearby kids. A few times I've said... "this is Cinnamon, or KDE, or... Windows."
The so called free market really did a bang up job didn't it? The proprietary buggy mess of Windows and the walled garden of MacOS which given its *nix underpinnings could have been really fantastically awesome but instead is a proprietary buggy mess.
Group Policy and Active Directory are dead, for all intents and purposes.
It's now Intune (via OMA-DM), and Entra. Both of those products are about as bad as you might imagine the "cloud" versions of GP & AD might be.
They are better, in ways -- no longer having to care and feed for domain controllers is nice, and there's no longer an overhead for additive policy processing, so endpoints only get a single set of policy and log on much quicker -- but for the most part, enterprise management of Windows devices is in a worse place than it was ten years ago.
Try to figure out how long it will take an online Intune device to discover a new policy: As far as I can tell the answer is "eventually". There are bandaids for this, because of how infuriating it is, of course, but all time guarantees are basically gone.
Ask me a decade ago what an enterprise should do, and my answer would be straightforward: AD, GPO, Exchange.
> Ask me a decade ago what an enterprise should do, and my answer would be straightforward: AD, GPO, Exchange.
That was also the answer two decades ago. But if AD and GPO are now dead, what killed them and what are the options? Is the problem mobile and BYOD?
I’ve been primarily on Macs since that time where endpoint management isn’t much, so there are fewer knobs to fiddle with. In some ways it’s nice in that admins can’t screw around too much with my system. In other ways, I’m sure Macs feel limiting for those in charge of enterprise security. However, most endpoint management feels like it’s written for Windows with Macs as an afterthought for checklist security. Knowing that, I’m happy there are fewer places for dodgy software to be able to interface with the OS.
No alternative, you can't realistically fully control everything everyone does on every device in their possession. It was job security for useless control freaks, the products never should have existed.
It was absolutely not the case two decades ago.
There were no other options for an enterprise fleet, 20 years ago, if the question was asked. If you weren't Google (who never asked the question anyway), the answer for managing 25,000 endpoints was to use Windows devices with Active Directory as the management plane. Anyone doing anything else was in for a world of hurt... and that's why every enterprise ended up on Windows, and why everyone targeting enterprise management targeted Windows -- because that's what the endpoints were already running.
What killed AD & GPO was Microsoft, in their bullheaded push toward Azure everything. Instead of listening to what it was that the enterprise customers actually wanted, they designed a system that made sense to them, but to no one else. The original UI was written in Silverlight. It was horrific.
No, I meant that Windows AD was still the answer two decades ago. I can see how that may not have been clear - I edited my post to include the quote I was replying to. (You said one decade and I was just extending that timeline back another 10 years.)
There was LDAP and Kerberos support for *nix management, but nothing you’d deploy over a thousand end devices.
And you’re right, it wasn’t a question that got asked, because there wasn’t ever a second choice - AD was the only option.
I remember it almost being a trope at the time that every Kerberos question thread eventually landed on some subtle / niche incompatibility or edge case.
> "if AD and GPO are now dead, what killed them and what are the options?"
The changing world. AD and GPO come from the mid 1990s before pervasive internet, before WiFi, before Cloud computing, before people had multiple computers, before iPhones, before AWS cloud infrastructure, before Kubernetes, before cheap fast hardware for virtualization, before cheap bulk storage, before BYOD and WFH and everything-as-web-app. Before that was the world of isolated 8-bit machines, expensive Solaris workstations and Unix mainframes with expensive admins, and after say 1998 the world was cheap Compaq/HP/IBM hardware running Windows server and Windows 9x desktop, and after about 2003 it was Windows Small Business Server (AD, GPO, SQL, Exchange, SharePoint) and XP Pro desktops.
Cracks started showing when people wanted to logon to a laptop away from the office when it couldn't refresh policies, run logon scripts, talk to domain controllers; when people wanted 'offline files' from a company file share while away from the office, but wanted their corporate email to work when their laptop was online but not pull down company settings over a dialup modem. More cracks when they got a Blackberry or iPhone, more when AppStores appeared and people expect to be able to install whatever they like, more with the rise of Apple Macbooks, with the growth of website based services people can use from anywhere, more with Amazon AWS where company infrastructure is on someone else's premises, more with BYOD and WFH, more with people expecting software to be cost-free, being trivially able to spin up Linux web and database servers because there was plenty of CPU/RAM/Disk and no worries about licensing costs.
> "it’s nice in that admins can’t screw around too much with my system"
If it's a company device, it isn't your system. The company has legal oblications and practical concerns that conflict with your desires as an individual. That might be pushing full-disk encryption or updates, or auto-locking, or restricting use of USB or websites to block potential customer information leak points, or trying to stop you saving work locally that might be lost if the device fails, or trying to stop your device being an entry point for malware or ransomware, or trying to stop you screwing around with their system which costs them employee time to fix and your downtime while it's broken.
I've never understood the management thing. People manage fleets of Linux machines all the time. What does group policy do that e.g. nix or ansible don't?
Group policy just sets registry keys. That's nothing you can't do any other way. The important bit is the inertia of 30 years of Windows subsystems and integration with Active Directory and 3rd party Windows ecosystem software all being written to expose internal config and look to registry keys for the settings.
For the first part, Group Policy (GPO) can set the screen to lock after 2 minutes of inactivity, say, which works because there are Windows subsystems built to look for a reg key for their config, and policy templates exposing that config in the GUI management tools. Or group policy configures which security group can "logon as a service" which works because Windows has system-wide and domain-wide pervasive Access Control Lists (ACLs). GPO configures that Background Intelligent Transfer Service (BITS) should limit its bandwidth use, which works because Windows Updates use BITS. Or sets the machine-wide SSL cipher order, because Windows software uses system-wide schannel not OpenSSL. Or GPO sets what your default printer will be and that's only useful because decades of 3rd party Windows software was written to use the standard Windows printer dialog, or User Documents path, or whatever.
For the second part, Active Directory is a tree-shaped organization tool; in screenshot[5] that I quickly Googled, the tree on the left has a folder named "Sydney" and below that "Sydney Users"; this lets sysadmins organise the company computer accounts, user accounts, and security groups by whatever hierarchy makes sense for that company - e.g. by country, office, team, department, building floor, etc. Then Group Policy overlays on that structure, and the policies are composable.
e.g. in this basic screenshot of the group policy manamement GUI[6] it's showing at the bottom a list of all group policy configurations that have been made in a domain such as "Block PowerShell", and higher up it shows the policy "PsExec Allow" has been linked inside the "ADPRO Computers" folder. So users and computers in that folder in AD, will get those policies applied. In screenshot[7] you can see a basic example showing corporate computers getting machine-wide settings, corporate users getting user-level MS Office config, and Executives get settings that nobody else gets. (This echoes the registry having separate HKEY_LOCAL_MACHINE and HKEY_CURRENT_USER subtrees). Screenshot[8] shows the relatively tidy GUI on the right for seeing which settings have been configured in a policy.
If you apply more than one GPO to a folder, the users/computers will get the all the policy settings combined. This is often what people complain about when logging on to a corporate Windows machine takes ages, btw. You can filter GPOs on a case-by-case basis to build patterns like "apply this machine-wide policy to all computers in the Sydney folder which are members of the WarehouseComputer security group" or "apply these logon-settings to employees in New York who are members of Finance and logging onto a laptop". So companies which have been around for years can have really (messy) big and intricate designs which would be a lot of work to migrate.
3rd party programs can release XML files which plug into the GPO management, and the programs were written to expect to be configured by registry keys so they can pick up those settings; there are templates for configuring FireFox[1], Chrome[2] Adobe Acrobat[3], Word, Excel, Office[4], VMWare Horizon, Lenovo Dock Manager, Zoom, RealVNC, LibreOffice, Citrix, FoxIT Reader, and so on. The more enterprisey a tool is, the more likely it will plug into that ecosystem. Then all kinds of 3rd party reporting and auditing tools look there to see if your company is compliant with this or that; the whole thing is integrated with Windows' domain-wide ACLs so you can give some admins permissions to view or edit just their regional subset of this.
As usual the lockin is not that they do something amazing that nothing else can do, the lockin is that Windows domains have been around in this format for 30 years since NT4 and Windows 2000, and it has huge inertia, familiarity, is deeply embedded in a lot of companies, you can easily and cheaply hire lots of people who know how to use and manage it, you can send screenshots of it to auditors and they understand it, if you don't know how but you have a bit of (oldschool) Windows experience then clicking around will get you the basics, you can buy 3rd party auditing software that will send you a management friendly report with green ticks saying almost everything is fine but you should change this setting for security...
[Yes of course you can build your own custom replacement for every single thing, just like you can build your own custom replacement for any software; it's "just" ldap and kerberos and dns and some scripts and site-to-site policy replication and management tools und und und].
> Linux still doesn't have anywhere near as nice and cohesive as Group Policy, Active Directory etc.
Isn't it about time someone developed one?
The foundations are there; you can imagine an organization deploying laptops with, say, Ansible, and not giving users root on them. LDAP sort of matches the old capabilities of AD, but not completely. There's even a "SAMBA as fake domain controller" mode.
Ironically what it needs is a product or service which organizations can pay to take the problem off their hands. But then people get stuck in never paying for anything in the open source world.
Honest question: Why? If you want a Windows-like environment, run Windows.
I get this all the time when people ask about a Linux equivalent for something, and aren't really satistied when it doesn't work or look the same. Linux isn't a clone of Windows. Linux comes from an older heritage, and has a unique culture. You are in for a hard time if you want to use Linux like you would use Windows. That's a suboptimal experience, at best.
That said, of course Linux should be easy to manage. But Windows is from a single corporate entity, of course their management tools will be different. It used to be unix admins that laughed about people using Windows as servers. The culture around Linux is one of scriptabiliy where even the user interface, the basic shell, is one where every command is inherently a script. That's why management on Linux looks like Ansible and OpenSSH, not like Remote Desktop and Group Policies.
You could write something like Group Policies for Linux of course, but it wouldn't be a complete solution so people would just continue using Ansible, OpenSSH, and the respective package managers.
I don't know. What's the Windows equivalent of dpkg (from 1993) and ssh (from 1995)?
Still nothing, three decades later. Not because Microsoft engineers couldn't do it, of course, but becasue they didn't want to. It doesn't fit the Windows model. They did recently adopt SSH, but that was because they want to use Windows in cloud-like environments, where expectations are set by Linux-style tools.
By the time Windows got to the point where it even could be centrally managed in any reasonable fashion, Linux environments was routinely run an order of magnitude larger still.
There is a reason why the whole cloud runs Linux. Anything else is a rounding error. That's because Linux is inherently so much less work to manage at scale.
If something like Group Policies would somehow be accepted by the Linux community, that could only be a step backwards. A well run Ansible or Puppet or similar environment works on a completely different scale.
Isn't WinRM/PowerShell/RDP equivalent of SSH, and dpdk/apt-get is basically .msi with group policies for installation? This has been there for decades probably?
Group Policies also allow you to enforce things like browser configuration (proxy, homepage, search engine etc.) wallpapers, screen locks etc.
Can this be done on Linux? Honestly, I have no idea - I think gnome with gsettings/dconf can do that, but can KDE?
That's the point I want to convey is that while there are tools like MSI on Windows, many years after Linux had dpkg, it's not the same thing. On Linux the package manager rules the filsystem and keeps a complete database of which package owns which file. There are no exceptions, not on the parts of the filesystem where the package manager rules. Even the operating system itself and all patches is handled by the package manager.
That's first and foremost a cultural difference, not a technical. Sure, there's nothing to prevent a Linux vendor to write "install scripts" that copy files willy-nilly across the file system, and many vendors have done this but always with disastrous results and since Linux people hate it, those products are either repackaged or stored in a separate directory far away from other files.
This means installing software at scale (any number of systems), or the question how to cleanly uninstall software it not a question you should ever ask in a Linux environment. The questions you should ask are different in a Linux environment. That is why the tools look different.
Tools like gsettings are culturally alien to the unix world. Instead, home directories are seeded with dotfiles. And dotfiles are kept in version control. Yes, that means that unix people can't answer the quesion how to lock the proxy settings so the user is unable to change them. Instead, should a sensitive system require it, they would instead manage by policy and disallow any traffic outside said proxy.
I mean, Linux package managers are so great that we have at least 2 different ways of delivering software (especially GUI software) to Linux distributions that depends on "app images". To me that shows that none of those approaches are solving 100% of problems that you encounter in the wild.
> This means installing software at scale (any number of systems), or the question how to cleanly uninstall software it not a question you should ever ask in a Linux environment.
And yet this is a problem that so many third-party vendors who try to support multiple Linux distributions have been struggling for years.
> Tools like gsettings are culturally alien to the unix world.
Sure, Linux and UNIX are coming from different roots, but "cultural" means nothing in large organizations, where computers are basically tools not that far from printers, projectors, even hammers. A way to do someone's job. I may hate locked systems, but then I don't have to support users who cannot find their trash bin on the desktop anymore.
You can seed dotfiles for all users, but you can't really enforce that user cannot for example move his taskbar from bottom to the top of the screen without policy enforcement. gsettings/dconf may be culturally alien to this world, but it is (or at least was) solving an actual problem. A problem we may not care about, but some companies do.
Now, I think there is an interesting discussion here to be had - given this latest push from Windows to Linux, as a way of distancing Europe from US, would adding features that bridge this policy enforcement gap between Linux and Windows is desirable?
15-20 years ago I was going to say yes, but back then I cared so much more about Linux as Windows alternative for office use. Today I actually prefer Linux Wild West and how hard it is to lock it into any sort of MDM.
> To me that shows that none of those approaches are solving 100% of problems that you encounter in the wild.
The problem is a self-enforced one by developers. They chase the newest updates instead of focusing on stability. And bundling security and feature changes. And they want to push those updates instead of people pulling it in.
> And yet this is a problem that so many third-party vendors who try to support multiple Linux distributions have been struggling for years?
Are those complaints done in good faith? Most repos allow for custom repositories. And writing a build script are not that difficult. If Calibre, VLC, Firefox, and Blender can be everywhere, so can those applications.
> A problem we may not care about, but some companies do.
Firefox has /usr/lib/firefox/distribution/policies.json which lets the sysadmin lock down what users can do with the browser. Example: If you wanted to block all extensions except for a whitelist, you could control that via that file.
There's a bazillion tools that let you manage files like that across thousands of servers/desktops but the hot one right now in enterprises is Ansible (which would make it trivial to push out an update to such a configuration).
Chrome has a similar file: /etc/opt/chrome/policies/managed/lockdown.json
"Ah yes, but what stops the user from downloading the portable version of a browser and using that?"
You can mount all user directories with +noexec. Also, Apparmor lets you control which applications can make network connections if you want to get really fine-grained.
Other applications have similar policy files. For example, Visual Studio Code has /etc/code/policy.json which—for example—would let your company lock down which extensions are allowed to be used/installed.
> Group Policies also allow you to enforce things like browser configuration (proxy, homepage, search engine etc.) wallpapers, screen locks etc.
Unix has always be about treating users like adults. The administration tools are more about the whole system and the hardware. You can always provide default or sample config, or prevent anything in HOME for being executed, but enforcing wallpapers is silly. But you can still do it by patching the software.
They are not exactly equivalents, but that's not the point. I try to expand on this answer in the sibling comment.
What's important to notice however, is that the oldest of these are from 2009. At no time in the intervening 15 years (!) did someone say "Windows is unusable for desktops because it is not manageable".
The concept does not really exist it is a Windows thing. You could call Puppet or other config managements group policies, but Linux is not a monolith so it is more organic.
Lixnux version of AD is FreeIPA, with group policies translating to dconf - at least that was the way "enterprise" linux vendors (like RH or Canonical) were moving towards.
Now, how well is dconf integrated with all the software you want to run is another thing (it was done by GNOME, and ignored by KDE), and whether this is still the way they are all moving is yet another question but the infrastructure was being built.
AD is LDAP+Kerberos, which has existed in the Unix/Linux world long before Microsoft bastardized it. So pick any of half a dozen LDAP server implementations and any of 3 or 4 Kerberos implementations and use those. If you want point-and-click/drool interfaces, use FreeIPA. If you really want it to look like AD, use Samba 4. Even Windows boxes will hardly know the difference.
Group policies don't exist and won't ever exist on Linux. Group policies are LDAP entries that are copied on system boot and user login into their respective parts of the local registry. Software may then read, interpret and use those registry entries. On Linux that wouldn't work for numerous reasons. First, on a multiuser system rebooting to apply configuration changes is not viable. On windows that's apparently fine because its single-user anyways, and reboots are an accepted fact of life. Also, to apply a system policy that is intended to limit what a user could do, asking the user's software nicely via registry entries is stupid and insecure. Lots of software won't even read the registry and have group policies that it will obey. Want to get around an Internet Explorer Group policy? Use Chrome or Firefox!
So what you do instead on Linux is: If it's just configuration, just copy it over, using the usual text configuration formats that are common on Linux. There are lots of tools to do this, starting from simple hack jobs like using scp to full configuration management systems like ansible or puppet. The "group" part is handled by those systems as part of their function, you can easily group/subgroup/discover/inventory/parameterize. If it's policy, so you want to restrict what a user can do, you use the higher-privileged layers of the system to put in actual restrictions, not just "group policy" suggestions. You can configure the user's home directory to be mounted noexec, so software execution after an unauthorized installation is impossible. You can put them in containers, namespaces, limit their resources and system access using cgroups, filesystem permissions, and more fine-grained permission systems like SELinux. If you are so inclined, you can forbid the user from opening files starting with the letter 'f', using eBPF syscall filters (this will of course break everything, but I needed a stupid example ;). All those can also be configured with your configuration management system of choice.
Just as a comparison: Our windows team needs 3h just to re-image a laptop, just for windows. After that, all the software needs to be reinstalled, all the data copied over. Then, after 2 days and 10 reboots or something, it will have picked up all the policies, updates and things and maybe be usable. Our Linux installation takes 45 minutes. Including all the software that was previously assigned to this system, including all the settings. It will be fully updated, configured and usable after the first reboot.
On a Linux desktop you can lock down waaaaay TF more stuff than Group Policy allows. The only difference is you need a sysadmin that knows what they're doing. You can't just point and click a button that prevents users from connecting USB devices. Instead, you use a combination of groups, udev rules, and systemd-logind. There's also ways to do it with PAM if you want.
The most popular way to control user desktops that I've seen is to have your user login via LDAP (just like AD), optionally with Kerberos and then have their permissions to various things controlled via those groups. For example, if you were building a "desktop policy" for Linux users across your organization, you'd probably make a .deb or .rpm that installs some udev rules that grant or deny access to various things based on which groups the users are in.
Of course, you can also control things down at the user level. You could put a script in /etc/profile.d/ that does whatever you want when the user logs in. You can even make it dependent on how they login (detect remote SSH session or local login).
There's also dconf and KDE's Kiosk mode if you really want to lock shit down to annoy TF out of your users (haha).
Once you've got your Linux desktops setup the way you want (which is usually just a matter of making your_company_desktop.deb or .rpm) to customize things/permissions, you have so much power to do things you can't do on Windows. The fine-grain control in Linux is unreal: You can give a specific user access to run and do very, very specific things as root (Windows Administrator equivalent) without much effort at all.
Linux also lets you lock down the hardware in ways Windows doesn't support. For example, you can chattr +i to make certain devices/files immutable. You could compile a custom kernel that doesn't even have USB mass storage support. What's more secure than that? Haha.
BTW: You can also make all USB mass storage devices read-only with a simple udev rule. You can even add exceptions for special things!
> If you want a Windows-like environment, run Windows.
One of these questions where we, those doing the discourse, need to pick apart what the word "you" refers to here.
In this context, it is national governments, who have started to fear that there may come a day when they are not allowed to or able to or safe to run Windows. That gives rise to the question, "how can we get a system that minimizes the disruption of migrating away to Windows?"
Ultimately it's not about specifically wanting AD or GP as technologies, either, but the things they enable: seamless single-sign-on across an organization, and management of software security and updates across a fleet of desktops.
(possibly the thing that fills this hole is simply a fleet of consultants which go around explaining things to CIOs!)
Right, I see where you are coming from, I still want to make the stronger argument that we should not strive to re-work Linux in Windows' image. Most such initiatives, like gconf/dconf, have severely degraded the desktop experience.
I have some experience at places where Linux are run on desktops at scale, but they all have in common that these are engineers for whom Linux is the better experience to begin with. It's not like that for administrative staff and management. And as much as I'd like to tell people to use Prezi instead of Powerpoint, and Markdown instead of Word, sometimes Libre Office is the best answer.
We have to be practical. Still, I feel that too often it is engineering that has to use tools intended for administrative people. Once in a while, they other way around may not be that bad.
For a modern workplace, where smartphone and cloud based applications rule, the traditional Windows tools like AD and GP can only do so much. You also need MDM tools, and something like SAML. If you are looking for an out-of-the-box tool that can manage both Linux and Windows clients, Red Hat has FreeIPA. It's not AD, but it goes beyond that capability.
Because it works really well for a corporate environment where you require central management for your devices. Yes, the environments of Linux and Windows are different as you said, and unfortunately that means one will generally be better than the other within certain contexts. The corporate workstation use case is a gigantic one that Windows is currently dominating in, and this is terrible for Linux adoption because it means to get a job at a place that uses Windows you are incentivized to use it yourself so you can learn it. It also means that schools (which are often run like businesses internally) are way more likely to use it, so new students that are just learning how to use a computer are coming up on Windows.
Linux is indeed very different from Windows and that's fine, that isn't a problem at all and it has plenty of upsides. What should be clear is that this particular use case is a remarkable downside for Linux, and the mass adoption of Windows in the majority of businesses should make that self evident. Realistically Linux can and absolutely is used in business contexts in the same way as Windows (hence why France is going ahead with it), but it isn't as optimized for it as Windows is, when it totally could be. Macs have had some robust management platforms made for them that I've found pretty similar to AD for example. If someone developed a straight out AD clone for Linux that functioned more or less the same on the front-end it would be huge for Linux adoption in my opinion. Hopefully that answers your question.
I'm not up on my current windows security, but windows has been dominating for decades, much of which it's security was non existent, being originally a single user system. Linux being a nix is multi user from the ground up.
So you seem to be making a conclusion that isn't warranted.
That isn't to say any of this is wrong per se. Just that being the best does not necessarily lead to success.
Right but windows also aims to be backwards compatible which means it was trying to run things designed for a single user system undermining protections.
'vim' wasn't designed for multi-user use. Nor was emacs.
Applications don't need to somehow be "designed" for multi-user systems. It's up to the underlying system to enforce application isolation in various ways, which NT has and does.
Well AD is just a really opinionated LDAP/Kerberos setup, so you’d think that there would be something that Linux could do.
But when you’re talking about enterprise management of thousands of devices, you need some kind of consistent security policy management. That requires running OS software that accepts remote policy management, which is a very specialized configuration and not just “vanilla Linux”.
You can get really far with LDAP, but I’ve only used it for remote accounts, file shares, and sudoer config. I’m sure there are more policy configurations that would be possible with a more advanced tool.
I suspect the RHEL world has something to offer here, but I’d love to see a more general and commonly supported solution developed. It would make Linux more of an option for enterprise managed endpoints.
But, I agree with you - for an enterprise customer, this really needs to be some kind of paid/supported product. I wouldn’t want the French government to rely on some scripts that worked on my small cluster.
Windows uses Group Policy (which isn't particularly secure for many reasons) while Linux uses configuration files (e.g. udev, AppArmor, stuff in /etc like fstab) in conjunction with file permissions. However, you can go way farther by compiling your own kernel that has certain functionality removed (e.g. USB mass storage).
Managing lots of configuration files/scripts across many thousands of servers, desktops, devices, etc is a long-solved problem. Most enterprises use Ansible or similar.
In almost every way, managing many thousands of Linux desktops is much simpler and more straightforward than Windows. If you're using Ansible playbooks, you can keep everything nice and tidy in a single place and everything you'd ever want to customize is managed via a plaintext file you can modify with your editor of choice.
You can organize them however you want or even use a GUI to change stuff (if you pay for Ansible Enterprise or whatever it's called... Or use one of the FOSS alternatives).
Managing Linux desktops at scale really isn't much different than managing Linux servers at scale.
Putting it in the hands on the GNOME foundation will just result in a lot of new soon-to-be-mandatory APIs and numerous configuration variables with only one allowed value.
The primitives are there and they're solid, beyond that it's "just" architecture and integration work. Hopefully the French government will be rational with this (I believe the time and financial constraints will for it to be, we're broke and we lack time) and they won't fall into the trap of trying to internalize every bit of the platform.
A good example of that would be what happened with Docker. Off the top of my head cgroups, namespaces, seccomp, overlays and capabilities had been around for a while before it got rolled up in a nice utility in 2013 and opensourced in 2015. Hence the containerization movement.
Solaris zones and FreeBSD jails were nice but they always were let's say a bit too bearded.
> Linux still doesn't have anywhere near as nice and cohesive as Group Policy, Active Directory etc.
Enterprise environments use a number of tools like Powerbroker, UCS, Centrify/Delinea etc to bind linux machines to active directory and manage identity and access through active directory. This is for mixed environments with both Windows and Linux machines.
For pure linux environments, there are a number of tools like FreeIPA/IdM, Samba AD/DC (for A/D like management), and OpenText's eDirectory for the current version of Novell's eDirectory counterpart to A/D. They all provide centralized user/host/policy/access management.
Since Entra+Intune are the recent MS products, cloud-based equivalents are Jumpcloud+Fleet, Okta PAM, FreeIPA/IdM.
Personal computers were used in office environments long before the technologies to make them administer-able as if they were a mainframe. Before blindly jumping in and reproducing those technologies, better to ask why they emerged in the first place.
Most workplaces don't have strict bans on personal mobile devices, and some of the ones that do, don't have the kind of physical perimeter defense that can detect people getting lazy about whether or not they carry their personal mobile devices into the workplace. That makes perimeter defense into security theater anyway. We need a rethink about what we are guarding against and how we're doing it.
> Most workplaces don't have strict bans on personal mobile devices
If you're talking about select work apps on your mobile device, sure, but that's limited attack surface.
If you're talking about employers who let unmanaged mobile devices hop on their internal network... I've never seen that. Maybe at a hypothetically perfect zero-trust shop?
I've seen a lot of un-seriousness about security. One that's easy to spot is old unpatched IP phones that aren't segregated on the network. I've given demos at companies that are serious, where a device I accidentally left behind caused an urgent search of every room I had been in. Security didn't have to be told which rooms those were.
You likely know better than I, but I've always had a weird intuition that enterprise IT security is bifurcated into "Leaders who understand compliance+details" and "Leaders who confuse compliance for details" with very different results.
And I get it's extra work, but I've seen some weird "But if you'd just built this a bit differently, you would have gotten all these free security bonuses to your posture" gaps.
Imho, a huge part of the problem is invisibility. I'm firmly of the belief the US government should be running scans on entities in regulated industries (defense, healthcare, utility, telecom) with regulated redress of any findings.
It does, it's called FreeIPA (or RedHat IdM). The only GPO parts it doesn't do are those that are not related to policy in the IAM sense (i.e. configuring some application related thing). There's other systems for that, just like on Windows you practically never run GPO without anything else. On top of that, you can pay RedHat or Canonical to host it all for you on any cloud or non-cloud.
that's the catch with gp/ad. for a lot of orgs the hard part is intune/entra now. swapping the desktop is easy. replacing identity and device management is the real migration
Honestly as wide spread as it is, managing group policy sanely is still a challenge I've found - it's very resistant to configuration as code.
Linux has a lot of the pieces but is principally lacking a solid distribution system - in particular a big missing component is the network-based SELinux policy distribution system which you can see some hooks in for the concept of a "policy server" which never eventuated.
SELinux would be a lot more viable if it had a solid way to federate and distribute policy and has some nice features in that regard (i.e. the notion that networked systems can exchange policy tags to preserve tagging across network connections).
> managing group policy sanely is still a challenge I've found - it's very resistant to configuration as code
Imho, this was historically (and continues to be) Microsoft's Achilles heel.
Large parts of the company reflexively wrote features / tooling as manual-first, code-second (or never).
In hindsight, what was missing was a Gates-level memo circa 2000 similar to Amazon's API one: all teams are required to build their configurators to be programmatically exposed.
Unfortunately, I don't think Ballmer was enough of a technologist (and was likely too distracted) to intuit that path not taken.
This is actually a good time to disrupt that, as Microsoft’s attention is not on windows and Active Directory is slowly moving to Entra, although big enterprises are mostly hybrid.
Some places are using Okta for many of those functions too. Trump’s instinctive parasitic slumlord behavior may be enough for the sleepy Europeans to get their shit together.
No non-US government should host anything on azure, or any other US-owned cloud. Thats security and sovereignity 101, or more like 100. Reality with hostile US being as it is.
What you list are no showstoppers, and since its a well known topic I cant imagine why some EU-funded effort in say 2 billions over next 3-5 years shouldnt reaolve it once and for all, for entire world. Well invested money.
> Linux still doesn't have anywhere near as nice and cohesive as Group Policy, Active Directory etc.
I take your word for it (I know of Kerberos and LDAP and Netscape and Sun trying to make such palatable, but clearly haven't followed that in the last quarter-century).
That assumes however the server to be currently MS Windows. For government agencies, I'd rather expect some Mainframe to be (and remain) in place. Surely IBM (or here rather Groupe Bull) has user authentication/authorization figured out (more than half a century ago, methinks).
Problem is that people like having a similar interface for both work and non-work things, and Linux doesn’t have enough penetration into the consumer market to influence stakeholders. The first step is making Linux the default choice for hardware providers. Framework was one of those pioneering this but was underfunded imo
I don’t think a lot of people still go home and use their computer for stuff. Most of my family will either rely on a phone or tablet to get anything done at home.
I doubt they’d care about which OS they’re on. Corporate tightens their laptops beyond belief, so all they’re really running is Teams and Excel. This seems to be the case for a lot of friends I talk to, no one gives a damn about Windows anymore. Heck, my sister-in-law moved to Ubuntu of her own choices, despite having low tech literacy.
I am skeptical about there is such "people that know what they are doing", nor would I trust such a claims. But with little twist I think I could onboard the idea with, "people who aim for analytical and open approach and reports". Thus opening the decision making under post analysis and future improvements so research body of knowledge would eventually turn the tide.
I haven't installed or used windows much for last decade, but still I'm bit a shamed that each time I install Linux on some computer I live existing windows drive untouched and available for backup in case I need it for some reason.
The age of the Linux desktop might actually finally be coming
Personally I think we are at an interim period for a big player to emerge and take over this space. If enough governments in the EU start switching over to customized linux distros theres a big chance for someone like Nokia to come in and develop their own approved distro with proper MDM and GPO-like management functionality baked in .
On top of that it could be great to see SteamOS continue to gain share and become more than just something people run on gaming purpose hardware.
And thirdly would love to see a more simplistic but super lean and functional OS built on something like the BSD.
honestly since the browser has more or less become the real operating system the host OS doesn't matter so much anymore. most people do 90% of their work in the browser anyway
Hah, if you ever used the N800 media player you will have been exposed to a tiny bit of my code. Some of the UI polishes and usability tweaks were mine. (Well, someone else had figured out they needed to be done and the bug landed on my lap...)
"/* Here be dragons */" in a particularly hideous d-pointer punching chain must have been a surprise for whomever eventually picked it up.
> Personally I think we are at an interim period for a big player to emerge and take over this space...
And even without a big player, the number of people who are entirely operational with just a browser at work is huge.
Many SMEs already realized they can switch seamlessly between Windows and OS X / MacOS and I see people working on either one or the other. For example a desktop PC running Windows and a Mac laptop is not uncommon.
I switched an employee at my wife's SME to... Debian! And the transition has been more than fine: they live in the browser (Google Workspace, paid company subscription). Unattended-upgrades, a user account that cannot sudo, and that's it.
The number of desktop PC running Windows that are actually glorified browsers has to be through the roof.
Once people realize there's no need to pay the double-whammy Microsoft tax (pay for a new Windows / also pay for a new PC), suddenly installing Linux becomes an option.
Now I know: using Linux and Google is not "getting rid of US tech". But it's "getting of Microsoft" and that is fine with me. I'll never ever forgive the mediocrity this company has brought onto the world.
I've been using linux as a daily driver since the start of the year.
There's still a long ways to go before things "just work". It's about equivalent to windows right now in terms of frustrations, it's just that frustrations are more along the lines of "this is a bit wonky" instead of "this is malicious / was their intended behavior". It's gotten a LOT better, don't get me wrong, but it's still far off from what a typical user would need.
I'd love to see either Valve or Nvidia really put in effort into creating their own hardware/software integration on a level that Apple does. I think it'd go a long way to legitimizing it.
Yeah, for example a bunch of my system updates began showing scary error notes because somehow there is a header inconsistency between the amdgpu driver and the kernel.
I'm not regretting my choice, but it's also something where the average user can't just call Linux Support and get a "run X and it'll fix it" solution.
Do typical users care that much about a bit of jank, though? All the “typical users” I know are on spyware infested Windows laptops and just interpret the horrible shabbiness of the whole experience as being normal.
To add. It is jarring for me when I occasionally get to use someone's browser that does not have an ad blocker. It is indeed surprising what users have accepted as the norm.
Thank you for saying something I've been saying for awhile: Linux definitely has jank, but I'm not convinced it's more janky than Windows.
I think people are so used to Windows' awfulness that they kind of forget about how much bullshit is associated with it. Linux has bullshit too, though it's getting better, but when people talk about Linux jank they're always smuggling in an implication of Windows having less jank, which I don't concede at all.
I don’t think it’s a question that Linux has more jank. I recently installed a fedora spin on a laptop that came with regular Fedora installed originally and the WiFi didn’t work. That’s some janky stuff right there.
Installing the equivalent of OS "slop" isn't Linux's fault... For better or worse the choice that is afforded by OSS licenses means that many of those choices will be bad.
I've had wifi drivers not work with fresh installs of Windows as well, so that's hardly a unique Linux thing. I've also had to reboot Windows into special modes because apparently a driver from a Broadcom WiFi card was "unsigned", so I had to disable the check for that.
I've also had registry corruptions, and I've had unprompted updates brick my hard drive because Windows Update is a terrible piece of software, because as far as I can tell the Windows "repair tools" have never worked for any human in history, and neither has System Restore.
I've had updates in Linux break things but never so thoroughly as the time my mom got an automatic update where she literally could not boot in at all (because I think that the automatic update to Windows 11 that she did not want or ask for screwed up the boot keys).
As much as I am a nixOS user myself, I think regular users should be directed to use atomic, immutable distros (as is the case with most of the distros growing in popularity) because of the robust update system along with the ease of rollback should something go wrong.
Regular distros (really comes down to the package manager of choice) are much more brittle, perhaps even worse than Windows Update.
After I replaced my last windows install a few years ago... Checking windows 11 on a friend's PC a few weeks ago was a nightmare. I considered myself a power user back in the day and I really struggled. So now I do have perspective from the other end and it fits the picture - windows is also jank it is just familiar jank for most people.
There is another point too. The trend with Linux is up and improving slowly over decades. And for windows it seems to be the reverse and faster.
Ah the time old classic. Go into the registry and change these 3 keys that seeming have zero relation to the problem at hand and restart your machine TWICE then its fixed.
Out of the box most popular distros require less tweaking and hammering into shape than a windows 11 install and that is a very important "feature"
Me too, I was a 30 year Windows developer and Electronics Engineer so I went pretty conservative with Kubuntu LTS and it's been a pretty slick experience. Gemini has been great tech support for all the CLI stuff and getting all of my weirder hardware projects interfaced (100% success rate to date). Just considering whether to delete my windows partition to put my MP3's on, as realistically I'm not going to get any more Windows Programming gigs.
I've been using Linux on the desktop off-and-on for 20 years. I used OSX for awhile 2008-2015 when they clearly had the best hardware, and the OS was pretty nice. I've been using KDE since then, and I recently installed Bazzite (Fedora+KDE-based) on my sans-windows gaming PC. I also started a new job this year, where I have to use the company-provided MBP for compliance reasons, after having not used MacOS since 2015. So all this is pretty fresh in my mind, and I'll say that 2025+ KDE is by far the best out-of-box experience for power users. It mostly just works, and anything you want to tweak is easy to find in the settings. Setting up modern MacOS with things like more keyboard shortcuts for window management, focus-follows-mouse or even remembering where windows where after waking up from sleep requires you to buy an app or pay a subscription.
Linux may break more often, but you can almost always fix it with a quick google search. If it doesn't do what you want, there's certainly a setting or config or free app you can install that does.
MacOS may break less often, but when it does you're mostly out of luck. It may do what you want more often, but if it doesn't you have to buy an app, if its even possible at all.
Have also been using Bazzite since march on my home desktop and you are spot on. I think the main reason for average person linux being difficult these days are laptops with weird hardware configurations.
I use MacOS at work and although it is miles better than windows, if I had a choice, I would also use Linux for work.
> Linux may break more often, but you can almost always fix it with a quick google search.
And that’s where the problem is: a quick google search. Laughably trivial for technical users.
Non-trivial for the majority of the population.
I love Linux and it is completely viable as a desktop operating system, but it’s far from ready for mainstream without better support.
For a rough analogy, I’d compare it to an old car before electronics. An old car is easy to work on and reliable if you do the maintenance. But an old car wouldn’t be reliable for somebody who doesn’t do any work on a car and outsources the maintenance.
Linux excels when things go right. The failure modes are substantially worse and far more likely to occur. It doesn’t matter if they’re rare. They’re not rare enough. And there isn’t support when things go wrong.
For example: It’s difficult to make the macOS UI fail to start through configuration. You never need to directly touch configuration. (And you can’t modify or delete macOS system files.)
With Linux, some normal problems just have to be solved in the terminal. This allows you to put the system into a configuration where the GUI does not start.
big player + (standard) linux desktop may well be coming, but that means losing the semi-anarchist bazaar mentality. Will the standard be gnome or KDE or XFCE or ...? If gnome, version 2 or 3? Firefox or chrome as the default browser (or derivatives like waterfox or plain chromium ...)? AI integration?
The moment you're developing for people with no IT experience and no CS degree, you're going to have to make tradeoffs like Microsoft or Google or Apple have to make today, and somehow deal with the "curl ... |sh" problem.
> but that means losing the semi-anarchist bazaar mentality.
The places you mention are already receiving huge doses of industry funding funnelled through the Linux Foundation. Honestly, it looks like the standard is going to be KDE. Even microsoft is copying it for their next DE: https://www.webpronews.com/microsoft-windows-ripping-off-kde...
Why does there need to be a standard application for everything? Is there a default pencil vendor? A default printer vendor? Paper? Car manufacturer? Taxi company? Just let people buy/get whatever vendor/application they like. I rather see more interoperational standards.
I guarantee you, in a large enough organisation, there will be exactly one approved pencil supplier. That's how corporate purchasing works.
There's a lot of cases where this actually makes sense for compliance, support, and service level agreements between your org and the vendor's among many other cases. It just gets annoying when you absolutely cannot buy coffee beans from shop B on the team consumables budget because we have an exclusive contract with shop A.
In a governmental organisation, you might even need a public bidding process for any supplier contract big enough to cover printers and their ink/toner, as well as a support contract if something breaks.
Yeah, and this is fine. This is basically what I meant, a company can just select and potentially make a contract for a specific application. That's how it works for everything. My point was that there doesn't need to be the unique single global vendor/application a priori.
Personally i think there is a huge innovationspace for pipe connected agents doing work for the user.. a example:
A firefox agent downloading pictures of cats.. piping them to a graphics program drawing mustaches on them piping them to a moviemaker piping them to a firefox video uploading "the longest catswithmustaches" shorts compilation ever.. all clicked together in a "incredibble machine" like explorer by a user who doesent even know how to code..
Does SUSE normally come up in conversations about "easy to use" linux distros for "normal" users?
I'm not in that world, so this is a genuine question. The last time I looked at SUSE it seemed typically German in being uniquely complicated for no good reason, but that was years ago.
I am suse user for 20+ years with a big break in between. To me it fits the best. Ubuntu I gave up on a while ago and came back to find things so much nicer.
They have a slightly different take on immutable than redhat but it also works well (rollback and all). Also the tumbleweed rolling is quite stable for a bleeding edge rolling release distro. Using it on a few boxes for the last few years and also installing it for other PC noobs and they seem fine with it.
Yes. It was as easy to use as Windows was like 30 years ago. It's still easy to use.
The only difficult part about Linux is the fact that people can't learn, so absolutely anything being different from Windows is a roadblock to the average person (I still remember the societal meltdown when MS changed the interface in their Office apps, or Windows 8...)
I remember SUSE not being harder to use then any other desktop distribution. But it has a lot, and I mean a lot of knobs to turn if you want to. But you don't have to.
It was a pretty amusing comment to me. Not only has SUSE been around for over 30 years, it was the very first enterprise Linux and it already has MDM tooling in the multi-Linux manager, repository mirroring tool, open-build system, Kiwi, edge image builder. Everything to build out a full enterprise suite of servers, workstations, customized kiosk OSes, already there. I'm more of the "give me my terminal or give me death" crowd, but it even has YaST and JeOS for the GUI-driven installation and config management that is seemingly what the non-tech crowd wants. A world apart from what the "solo indie devs" of Hacker News are paying attention to, especially in the US, but if Euro governments don't know about this already, that's on them. France doesn't need to roll its own shit unless it just wants to for the hell of it.
Oh absolutely. I'm living in Switzerland, there was big discussion some years ago whether we should go with F-35 jets or European alternatives like the Rafale or Gripen. We went with the F-35, which, especially now, more and more looks like the wrong decision.
Yeah, I think if Windows 11 is going subscription based (plus all the copilot pushing garbage and even more baked in ads) that will be a strong incentive to switch to Linux or SteamOS. I barely even play games enough anymore to make a desktop worthwhile. Might just jump to Mac only.
A subscription-only OS would effectively kill Windows, but MS have made enough pretty weird decisions to cripple the product I wouldn't put it past them.
They also "can't" screengrab your credit card numbers or upload all your private data to their cloud for inspection, or steal your email password and download all your mail to a Microsoft server, or send fake emails about full OneDrive to trick you into subscribing.
"Can't" only applies when someone is willing to stop them, and nobody is. Microsoft can do pretty much anything they want and there's basically nothing you can do about it.
I'm pretty sure "can't" in this context is legally binding. Windows licenses up to this point have been sold without expiration dates. If Microsoft suddenly started charging a subscription to keep using the same copy of Windows, evey law firm on the planet would jump on that in an instant.
What GP proposed is the much more likely avenue they would take: New version of Windows with a new licensing model. It would probably kill their consumer business overnight, but at least it wouldn't get their lawyers laughed out of a courtroom.
"Can't" means it would be bad for business. I think consumers are a lot less turned off by the idea of a OneDrive subscription than a Windows subscription. Better to stitch little services like OneDrive and Copilot into every part of the system and cajole people into paying for those instead.
The title is very far from the actual public statement that is linked in the article.
The French government announced that its digital agency will switch to Linux during this year. This is about a few hundreds of computers owned by the agency.
The second statement is that this agency is expected to publish, by the end of the year, a plan to reduce the digital dependency on the US. It's not "France to ditch Windows", it should be "French government promises to plan soon for possible ways to decrease digital dependencies, but calendar unknown". Also note that the government (and president) will change next year, so even if the present drive was real, a political u-turn could come soon.
Overall, this statement could be the presage of a major upturn in a few years, but I think it far more probable that the policy change will be minor. There's already a small tendency toward Linux and Free Software in the public sector.
Many government orgs have spent the last decade and a half slowly transitioning old legacy applications and platforms to browser-based alternatives. That old ERP software that used to require a thick client? Now it runs in Chrome. Microsoft recognized this and smartly moved to keep these customers locked in via an ever growing Microsoft Office bundle - subscription based, with Teams for their chat and then building up additional capabilities to extend the dependency, like InTune.
Where we are at now is that the pain of moving away from Windows is acceptable for many larger organizations and governments, especially those with flat or decreasing budgets. You can just swap out the OS layer and keep other processes the same - keep using Office with just the browser versions if you want, or move to an alternative (like EU-based). Teams works on Linux. There is no moat on Windows anymore
And many of those tool providers could see for 10-20 years now that if they didn't provide a web based version sometime soon, they would go out of business sooner or later.
There are almost no applications that a government employee should be running natively on their machine anyway.
Yes, slower start, more memory/cpu use, likely worse UI as the transition broke desktop conventions and/or just lost some power features in the process
A bigger blocker I see in Belgium is all the corporate and government software written in Java or .NET-with-Angular and that has to be deployed via Azure because… compliance.
Interestingly, Microsoft has been trying to get ahead of this for a couple of years now with their National Partner Clouds program [0], which they describe as:
> designed for scenarios where full ownership and operational independence from Microsoft is required
In France's case, Capgemini and Orange have a joint venture to operate datacenters that Microsoft runs Azure and Office on top of [1]. Moving away from Windows and Teams would still reduce their dependence on Microsoft substantially. But if the core goal is to reduce dependence on non-European suppliers, I would be wary of the French government buying services from "Bleu" when it's mainly Microsoft and a couple of consultancies in a trenchcoat.
France has been making good moves to achieve software independence from the US. It would be an even better move to allow those in Europe or indeed the rest of the world to also benefit.
Still less, there is a lot of sovereignty-washing in EU, and specifically in France because this gives you access to grants and public markets.
Bpifrance, the Caisse des Dépôts, France 2030, Horizon Europe, etc.
To access that money, you need the right narrative. So companies learn to wrap their pitch in sovereignty language, get the grants, and then quietly build on top of AWS, Azure or GCP.
Not that it's dramatic, but there is a difference between hosted in France (where dependency still exists), and hosted + engineered in France.
Hopefully this transition to Linux is going to push France government to get rid of Crowdstrike, it's insane they let such backdoor run inside.
As a French citizen who's been building an open source Dropbox alternative for almost a decade [1], the sovereignty talk in France makes me cringe. Everyone has the word in their mouth, but nobody bothers to even search for alternatives, let alone give them a chance. France represents about 1% of my customer base with only a single customer: LVMH. I've had a whole bunch of French universities contacting me, nobody was willing to contribute toward the development because culturally we assume libre software must be free of charge so you'd better either beg for grants or have a rich uncle to sponsor your life. I've tried reaching out to the people who talk loud about sovereignty. Turns out it's just something they say at conferences to entertain each other as they have no power to actually make it happen, and don't even get me started on public markets.
Qwant is working on that. Together with Ecosia they're building their own index called the European Search Perspective:
"Today, Europe receives 99% of the answers to search queries from external infrastructures. We believe, however, that a higher level of digital sovereignty is essential for a functioning democracy and economy. With our new web index, we are creating a European perspective on politics, culture and values. This is a long overdue step towards more plurality in the digital world, which is also being called for by our society."
> a European perspective on politics, culture and values
To be honest this does not sound much better. 40 years ago maybe I would have preferred EU values over the US' puritan values. Nowadays I'd just expect a different flavor of poison.
The docs project is part of "La Suite"[1]. They choose Grist[2] as the spreadsheet which is made by an American company but open source and there is a significant contribution from the French it admin.
Interesting. By some luck i've been using Grist for two years and it just feels like the most no nonsense software. But it's a bit different to excel, i would say it's more like airtable. It's more columnar like gui over sqlite database which might be a bit more restricting BUT it greatly helps data integrity.
> It would be an even better move to allow those in Europe or indeed the rest of the world to also benefit.
Those initiatives are usually open source. It's just that many times, each country wants to make their own. But it's still better than staying with the TooBigTech monopolies.
> It's just that many times, each country wants to make their own
This hits hard. I'm a French citizen who made an open source alternative to Dropbox [1], I would have never thought my own government to attempt competing in my niche. I did contact the people at DINUM and it seems they are more interested in making their own than contributing to existing projects they don't fully control
On a side note. I want to take this opportunity to thank you for filestash, it is really a high quality software piece that solved a lot of pain points for me.
There's been some 'back and forth' or "progress and regress' about this.
Adoption of Free Software:
2012 Prime Minister circular — the most important formal turning point: Orientations pour l'usage des logiciels libres dans l'administration, signed on 19 September 2012. It explicitly gave guidance to public administrations on free software use.
2016 Digital Republic Law — reinforced the direction by encouraging public administrations to use free software and open formats.
2021 action plan for Free Software and Digital Commons — launched after the Prime Minister’s circular of 27 April 2021, with goals to increase awareness, use, publication of source code, and reuse across administrations.
2024–2026 LaSuite / Suite Numérique — current state-led open-source collaboration suite, presented by DINUM as a coherent set of open-source tools for public agents and positioned as part of the state’s sovereignty strategy
Rollbacks and proprietary deals
Microsoft “Open Bar” contract with the Ministry of Defence / Armed Forces — a major counterexample. The Senate records say the framework agreement started in 2009 and was renewed for 2013–2017 and 2017–2021, without publicity or competition, giving the ministry broad access to Microsoft’s catalog.
Criticism and replacement with UGAP purchasing — later reporting says the open-bar arrangement ended in February 2021 and was replaced by a convention via UGAP, but the ministry still relied on broad Microsoft licensing and associated services.
2025 education procurement for Microsoft — a public tender worth 74 million euros for the Ministry of Education and higher education services was attributed to Microsoft, showing that proprietary dependence continued alongside open-source policy.
2025–2026 public-private partnerships in sovereignty language — France and Germany announced a partnership with Mistral AI and SAP for sovereign AI in public administration, which is not a free-software rollback in the strict sense, but it is a clear example of the state pursuing sovereignty through private-sector partnerships rather than purely internal open-source development.
---
Conclusion:
Like anything in capitalism: it's a constant fight, permanent struggle. The big private companies will try to massively impact political life.
So, there IS in France this 'feeling', this consciousness, throughout the political landscape (mostly on the left and also a little bit on the right) that we need to have some sovereignty over our data, services, software, etc.
Every once in a while, a right-side political figure, who are basically ruling since 2000, (except from 2012-2017 where France had a social-democratic government and president) has a sparkle of dignity, decency, logic, and honesty towards the best interests of the country and leans towards Free Software adoption. But...the lobbies are always there to rollback each decision, or part of each decision, and gradually gain back their influence.
As a French citizen who spent almost a decade building an alternative to Dropbox that's libre software [1] I was very disappointed my own country decided to build a product competing with mine when French companies are about 1% of the existing customer base. I would have never thought my own government would be competing on my niche
It makes sense a government will want to take full charge of the strategically important software they will run on especially when they try to establish it as a new standard in a challenging transition. One day when it's fully established they could still spin it off and some other entity takes point.
>a right-side political figure, who are basically ruling since 2000, (except from 2012-2017 where France had a social-democratic government and president)
There's still a great deal of Windows usage, but hopefully that will phase out with the passage of time. Canada's bureaucracy moves slowly, at the pace of generational attrition. It won't be until the last GenX retires that they could even meaningfully begin transitioning the average office worker away from Windows.
The Phoenix contract predates the more recent efforts to switch to FOSS.
But also, Canada loves to burn money on American suppliers. It's probably why the recent interest in _Buy Canadian_ has the American administration annoyed.
Phoenix was a literal trap laid by the Conservative government just before leaving knowing it would be a shit show for the Liberals in the coming years.
I work in government. Link 1 (2018) is essentially a dream. All of government got forced to use MS Dynamics CRM. Basically, anybody with a software requirement for case management, had to use MS Dynamics. I recommended we use Drupal in 2011. That was killed because everything had to be MS. I'm kind of surprised that it is in there given that nobody was allowed to use.
Link 0 and 2 are essentially from TBS and CDS. They coexist together. They are essentially working at the very top as entities that gather information from other departments. They can do whatever they want because they help write the rules.
I'm not trying to discredit your post, just saying that as someone who has brought OSS tools to development at the government and tried to use OSS tools for client (I failed at that), it is nearly impossible at the moment. We are married to Microsoft and its cloud.
I do agree, that it may take an entire generation because right now, 190+ departments are not exactly jumping to FOSS, and in many situations, they are down right told you are not allowed.
In addition, the current de facto document management system is from OpenText. Although many just use Sharepoint Online.
Ironically, as everything moves to the cloud, it would be easier to move to a solution that is FOSS based, and based in the cloud. Technology has matured enough that you don't need executables on a desktop, you just need a browser pointing to a website.
We use Microsoft Dynamics 365 (model-driven app) at work, it's rarely mentioned on HN and people don't know how insanely bad this P.O.S. software is.
From the botched implementations of AG Grid to their crippled version of CKEditor (with Copilot forced in of course), the daily bugs are an absolute nightmare.
And then most support tickets (if you can even open one after a forced chat session with Copilot), get handled by a third-party, most likely in India with different timezones than you and the support calls are a crapshoot.
I was part of a SaaS company of diehard GenX Windows fans.
Decades of abuse by Microsoft has definitely hurt them: they have lost hope and are cynical about the future of Windows. I reckon they would switch away if they could afford to.
Every year Microsoft does something to make you feel like you're being screwed over.
We only just missed taking a silverlight bullet. Windows phone wasted over a year of development. Internet Explorer doubled development costs. The OS version churn is expensive. However SQL server has been a good foundation.
Microsoft used to love developers. They just abuse them now. Even Apple is nicer to developers!
It seems like what Europe really needs to do this is a viable mobile OS. It's been true for a while that Linux + LibreOffice is plenty to handle most government workers' needs on the desktop, but that's only good for when they are at their desks. Are there any viable alternatives to iOS and Android that are totally free of "dépendances extra-européennes"? What's the plan?
Android Open Source is good enough. The tough part are device-specific drivers that never make it upstream and are eventually abandoned by the vendor, making upgrade past specific kernel versions very troublesome.
At the same time it is an open source product and can therefore be forked. Being controlled by Google presents not nearly such an issue as Microsoft products or the Apple ecosystem.
Why not? GrapheneOS and others show that it is possible to make viable operating systems on top of AOSP, which also have their own useful extensions.
It seems like a waste not to use an existing, well-developed, hardened, open source base, that at the same time provides great compatibility with most existing apps.
Since it is open source, it would always be possible to fork if AOSP goes off the rails.
I think the primary issue is that it is currently hard to get embargoed security patches, unless you have some partnership with an OEM.
The Finns, as always, continue to develop mobile phones, Jolla is back from the dead and supposedly starts shipping sometime in 2026 with a new iteration on the hardware and the OS, time will tell if it'll have any impact.
Might not be 100% Europe-made from the get go, but good ideas and executions often start with small steps and iterate rather than having something groundbreaking out of the gate.
> I'm not convinced that replacing one proprietary OS with another is the solution.
Someone correct me if I'm wrong, as I'm not super familiar with Jolla's/Sailfish's architecture, but isn't most of the OS actually FOSS, while there is a thin proprietary compatibility layer, and that's about it? Was some months ago I last read about it so could be misremembering, but seems like a good first step at the very least.
> Consumer don't care if the OS is proprietary, as long as it works
I agree entirely (and they also don't even care if there's a trustable party who they can trust, just look at how many people happily use Google).
And this is exactly the mentality that's gotten us where we are. Consumers don't care about these things, and then end up lock into vendor ecosystems like the one op is describing here.
Linux on Mobile has been progressing steadily in recent years, and is in a state suitable for very early adopters and tech enthusiasts. Definitely not for the general population IMHO.
FWIW, it's not just the EU that needs this urgently: most of humanity sorely needs a trustworthy mobile OS that's not designed against their interests.
Linux on the desktop has been progressing for many many years... and a lot of stuff still doesn't work out of the box
I've recently had some fun at the intersection of "moving windows between screens" vs "ui scaling" vs "ambient system is wayland but the snap uses x11 internally".
Multiple displays with different scales has worked fine since at least 2017 (which is when I stated using sway, and precisely for this reason).
OTOH, I know that recent versions of GNOME struggle with this. Just last year I saw plenty of situations where moving windows across displays triggered all kind of quirks. This is a GNOME-specific issue, and like most of its issues, doesn't affect all other compositors.
A big hurdle to this is hardware vendors locking bootloaders and making it impossible (or impractical) to write or use existing drivers.
Manufacturers maintain long running forks of Android (often very old Linux kernels) with their drivers hidden in their fork's source.
I'm a firm believer in the right to repair software - and the fact that it's illegal to reverse engineer binary blob drivers (or proprietary software at all) is a shame (not that you could even untangle a driver from a binary blob of a Linux fork). I'd go as far as feeling strongly that drivers should be open source, and if they aren't, documentation sufficient for the community to write drivers should be made available by manufacturers.
>the fact that it's illegal to reverse engineer binary blob drivers (or proprietary software at all) is a shame
Where? I don't think it's illegal in the US at least. The only things I'm aware of that may have legal issues are related to radios, specifically modem/baseband stuff, and maybe WLAN cards.
I used Linux 10 years ago, but then due to job or corp. and needing Teams and Outlook I was forced to uses Windows. Now with corp job over I was finally able to switch to Linux this week (Fedora + KDE). Loving improvements made in the last 10 years, KDE will always have its quirks, but it is fast and smooth with no crashes yet. I got Claude to make me a migration script which worked brilliantly, haven't needed to boot Windows yet. Browser sessions and everything worked like nothing had changed. All my various ssh / putty configs migrated to Konsole, Thunderbird carries on like nothing has changed. Ahhhh freedom!
Strange. I switched to Linux +25 years ago. My setup became quite minimal; right now I use IceWM for the most part. GNOME3 was always useless; KDE also changed since Nate "I need more moneys!" took over (see his donation daemon or the more recent "systemd-only" tied with wayland-only garbage that KDE succumbed to).
Linux is good in that you can combine things that work, so it is more flexible than windows. But desktop wise I don't see it becoming really dominant; GTK is now a GNOMEy-only toolkit. Qt is too busy focusing on their own business model. Desktop Linux is not useless, but it is really just sub-par compared to Windows. I also use Win10 on a second computer; I don't like it but I use it for testing. Linux lacks decision-making power focus (and corporations such as IBM/Red Hat are selfish, so these will never reach any "breakthrough" like the infamous Desktop of the Year, which I heard will come next year together with GNU Hurd ... I think).
> Desktop Linux is not useless, but it is really just sub-par compared to Windows.
Each to their own. My experience is the opposite (I use KDE). I have to use Windows at work and it's always such a pain. At least Windows 10/11 finally has multiple workspaces natively and some keyboard shortcuts for managing windows (ironic), but I would have preferred to stay in Windows 10.
Now Windows doesn't even support proper suspend anymore and it won't stay in the "modern standby" either. Constantly waking up and doing god knows what with fans screaming. When I take a look what it's doing, task manager claims that nothing resource intensive is going on. I'm guessing it's hiding some internal processes. It calms down when I put it to sleep again. Sorry for the rant, I better stop before I start.
yes the flaky sleep is what did it for me - laptop would randomly boot up at 2am, bright lights and whirring fans. Thought it was a virus! Seems like Fedora has cracked the hibernate/sleep issue, possibly due to good intel driver support for my Dell and finally Linux has better hibernate, sleep and wake than Windows 11 (ymmv!)
I actually have been lucky since even my laptop from 15 years ago already worked well with Linux and suspend while Windows didn't (wasn't OEM Windows anymore). I have also had multiple desktops that have _mostly_ had no issues with suspend either: only nvidia has given me grief on some setups when sometimes the screen would be blank when waking up, but I figured out workarounds for that.
I hope it succeeds and I hope they document the experience and invite interested parties to see how it was setup and how (well) it works in order to encourage as many governments and organisations as possible to do the same.
At this point I wouldn't be surprised if American companies started using it if the French get it right. The instability of the current administration is one thing, but Microsoft disregard for its user deserves an appropriate response that will actually hit them where they care.
I would love to self-host France's "La Suite" to keep myself out of Google and MS... but for many companies, it will not matter how much you tell them there are options that are both cheaper and better. They will believe that paying someone tons of money is better because others cannot afford it. That inherently makes it superior... for some reason... you see?
> I wouldn't be surprised if American companies started using it if the French get it right
As a French citizen who own a business [1] that is in direct competition with this incentive from my very own government, I'm happy to disclose more than 50% of my customer base is already in America and France represent about 1%.
I am saying this as a very long time Windows user, and it saddens me. Politics aside, from a pure technichal, functional, privacy and UX perspective, the case for changing over from Windows to Linux is getting stronger by the day.
If you picked XFCE as your front end you get WinXP functionality, with the nice things from win10/11 (start menu search that's actually local only, multiple desktop workspaces, and graphical settings/updates I've only needed to go to command line twice in four years).
I don't think all the same shortcuts exist out of the box, although win-drag/win-right-drag to move and resize windows (might be alt by default) is _so_ much more convenient than the usual border/title dragging that you might find you don't miss them.
KDE 6.6 is great to me, but there are some quirks I have found. Their "peek at desktop" feature is annoying, I want "minimize all" but you have to do some scripting to enable that.
I've noticed that clicking the network button to see wifi status shows traffic rate, and that seems to lag and I suspect it has an impact on throughput.
I'm interested in Cosmic when it matures some more.
Except when I recently put XFCE on my old macbook air laptop as a trial run, within the first day I found it nearly impossible to do something so simple as add an application to the taskbar/dock. Something about AppPkg's not showing up by default in the taskbar adder? I finally figured it out, but no icon - just an invisible square. And guess what? If I decide the update the app, the whole thing breaks again.
I have a degree in a tech-related field. I do things on the command line on purpose every week. It should not be this hard even for me to so something so simple. It is not even remotely ready for regular joe end users.
I am saying this as a very long time Linux user, and it saddens me. Politics aside, from a pure technical, functional, privacy and UX perspective, the case for changing over from Windows has been apparent for several decades.
I think France seem serious in actually switching to open source/EU software. I recently had a telecon on Visio (France's Teams/Zoom substitute) and it worked well in a browser with ~ 10 participants.
I find fascinating how so many people are moving away from Microsoft decades after they should have because of simply the inertia that large organizations have on adoption.
Above all, I'm also surprised on how those same organization are using Anthropic or OpenAI or other close source solutions for their agent harnesses instead of going for Open Source.
Malte just yesterday showed how powerful innovation with small teams can be achieved particularly in EU.
I hope they start looking for those alternatives too for their agentic systems, beyond using pi-mono.
> I find fascinating how so many people are moving away from Microsoft decades after they should have because of simply the inertia that large organizations have on adoption.
That should be a good lesson in anthropology : the delta between knowing something and acting upon it tends to be immediate necessity. We're still an immature species as we haven't learned to be lazy at scale, that is putting the right amount of work early on to do the least overall. But I'm optimistic we'll get there.
The Trump administration has shown how many US corporations are willing to bend the knee. Perhaps that was the slap in the face we needed in Europe. It’s shown us that “oh, but they’re just a service provider” wasn’t that truthful, and their neutrality should be questioned.
Like most Microsoft products, Windows is a tool that benefits mostly from aggressive early marketing and successfully convincing everyone that they need this product, and by the time everyone realizes how terrible the product is it's too late because everything already depends on it.
They have done this everywhere; Microsoft Office is everywhere and terrible. Sharepoint used to be everywhere and is terrible. I know they bought it, but LinkedIn is nearly required everywhere and terrible. Teams seems to be increasingly used everywhere and terrible. And of course Windows is everywhere and terrible.
As far as I can tell, there is not a single thing that Microsoft does not half-ass. They're not a software company, they're a marketing company that sells software.
Now they somehow got the management of large companies to also push to adopt Azure, with an aggressive "no capex" / "you pay for what you use" campaign when everyone knows their offering work terribly and are overpriced.
if Home Depot were to make an exam to pass a certification over their catalog, that would seem ridiculous.
But when Microsoft does this, management ppl are happy and feel like they manage when they sign up everyone for AZ900 "certification"
Microsoft saw that users, power users and admins who are from the jobs are not making purchases, so you no longer need to design products for them
It would be great, however the title is misleading: the only announcement regarding linux desktop is that the DINUM - a relatively small but perhaps influential government agency pledges to leave Windows.
I believe the largest Linux Desktop initiative in France is GendBuntu[1] for the National Gendarmerie
How is it misleading? While DINUM might be a smaller directorate, they're also asking all related ministries, including public operators, to put together a plan for how they'll migrate from Windows to Linux by autumn 2026. France has a relatively broad "digital sovereignty strategy" that this is a part of, but it's bigger than just DINUM moving to Linux.
Anyone here familiar with the details of GendBuntu[1], the Ubuntu distro used by the French Gendarmerie? I'd love to hear what is working and what isn't on the ground.
There should be a chapter in economic books on how entrenched monopoly companies become on the inside, like small states where little companies (called departments) play freemarket for promotion points, the outside forces completely suspended while the endoplasmic reticulum of the monopoly company lasts.
Side note but I had absolutely no idea that the USA sanctioned international justice court judges because they had put an arrest warrant on Benjamin Netanyahu.
Its not a surprise from Russia but the USA. I guess we’re right to cut all bridges as fast as possible with the USA.
It can be ported to React under a single prompt by now, don’t you know?
But certainly we are already at stage where Windows NT can be regenerated on the fly from a prompt anyway, aren’t we?
Otherwise, there is also ReactOS that could be leveraged on for that kind of scenario. I wonder where it would stand by now if all the money that governments around the world spent in Microsoft license would have been invested in it instead.
Ideology may actually be the best way to cut off legacy bullshit like this. There's passion-energy, which really gets the creative problem-solving juices flowing.
There were and are initiatives. Of course, they were and are ridiculed all the time. Who can't recall LiMuX or check out ZenDIS (Zentrum für Digitale Souveränität in der öffentlichen Verwaltung). Read up on the current migration away from MS Office in Schleswig-Holstein.
I would say that's kind of a conspiracy-y explanation. Big companies in Munich either have their campuses on the outskirts of the city so that people can commute and park without flooding the city or they have it in the heart of the city as that is seen as more prestigious.
Lots of companies have flip flopped based on this, and that's what happened in MS case.
Tbh not saying MS didn't play dirty in general, but not necessarily in this.
> but it seems to be rolled back to Windows again.
Apparently it was a decision by mayor Dieter Reiter after excessive lobbying by Microsoft. At roughly the same time, Microsoft moved their German headquarter back to Munich. What a coincidence...
> I hope our French friends can learn from this initiative during the adoption phase.
The apps are available now, so reasons to be optimistic.
When LiMux and similar efforts happened around 2004 most business applications were Windows only. Even the ones that purported to be web used windows only technology and required IE and Windows.
Now with years of business budget controlling types using their Macs and smart phones and wanting access to the their apps the majority - even MS's stuff - can be run well in a browser on almost any OS.
I think this has been attempted many times before by other nations including Brazil without success. It’s one thing to replace a few hundred workstations in a non critical governmental office, another to replace the entire infrastructure of a government which also collaborates with the private sector. Usually these projects start with a lot of passion then die off when can’t justify the investment.
I am actually a research engineer paid by the French government. They take digital sovereignty pretty serious over here, which is sometimes good, sometimes less so.
Definitely the right call on Windows, though. Even my parents (in their mid-seventies) moved to Linux this year.
I am a counter example of that take. As a French citizen, I have spent a decade building an open alternative Dropbox [1] that is I believe miles ahead of even Dropbox itself. In practice, France represents about 1% of the customer base. I've tried reaching out to the people who talk loud about sovereignty. Turns out it's just something they say at conferences to entertain each other as they have no power to actually make it happen.
Nations and individuals can't depend or be held hostages of a handful of companies on the other side of the Atlantic that have the will to do whatever they want with their customers data.
This is the right path to follow and wish that in upcoming years this initiative becomes a reality across the globe. Long success for Linux and all BSDs!
I puzzles me to no end why the typical office clerk should care about the OS at all. I understand that secretaries will be trained on MS Word and will then have a strong preference to use such (or at least something which very closely resembles it). Same for accountants with Excel. But clerks in e.g. Revenue Service? Those I expect to interact (perhaps these days via a Web interface) with custom software. Why would those ever see a 'Start' button or somesuch?
That hasn't been my experience working in Corporate America at all. Everyone gets a company laptop and they use it for whatever they want. Whether that's Excel, Google Sheets, or Netflix at home.
People think company hardware is their personal hardware and they have preferences.
I had a company phone once (terrible experience) and I'd routinely get txts from random services and people outside our company thinking it was the previous owner. The last employee who had used it mixed company use and personal use.
From the perspective of systems administration for large enterprise networks, it seems unlikely that Linux desktops could replace Windows PC's without a domain controller like Microsoft Active Directory. Am I missing something here? How is it possible to manage a large enterprise network with hundreds, or even thousands, of desktop workstations without a domain controller?
Europe in general have great software engineers. What it lacks is investment. To see the goverment serving its own country instead of foreign billionaire interests is good change of pace.
And Linux development and adoption helps everybody not just France. A win win.
I don't know why any state or large company would tie itself to Windows. All the applications that used to justify just getting whatever Microsoft produced next are web based now.
Why? We have plenty of well working Desktop Managers and WINE is doing better than ever. I'd argue there are bigger issues in Linux like default process isolation and access authorization per program being behind other OSes
Being dependent on US tech feels the same as when we were dependent on Russian energy: strategically unwise and avoidable. We have alternatives, they just need work.
No European made computers today doesn't preclude the possibility that there will be one tomorrow. RISC-V is the way out, and there are a number of European initiatives (though nothing serious just yet, I admit)
As a European dev, because I like RISC-V and because of the geopolitical situation I wouldn't bet on x86 in the long term.
I haven't mentioned America or any other continent. It is the Europeans who are shouting about sovereignty right now.
Well, no one has mentioned computer hardware until you did.
Surely you understand how "all the motherboards are made in Taiwan" is less of an immediate risk to sovereignty than "all of our business and personal data is stored on American servers and subject to US law"
It would be nice if Europe could produce its own computers, but right now no one can except China, so what is your point? That limited sovereignty efforts undertaken in the realm of reality are futile and that enables you to get some cheap shots in for whatever reason?
Computing is the software and the hardware. So you're right, I feel that it is futile.
Well, you can use the old hardware which you've already got if you get cut off from foreign suppliers. But the same is true for software. It's even more true for software.
If the French government and other Europeans were serious about reducing or eliminating dependency on American cloud services, they should switch to older versions of MS Office and MS Windows be done with it. No need to retrain your workers, and a realistic and speedy way to implement it.
There is one very serious issue with software: it needs updates for security issues that are uncovered. And it might be built requiring access to MS cloud services to work. To get rid of these problems is basically equivalent to adopting open source products.
Achieving redundancy from China is likely not possible in the near future. Meanwhile, the risk emanating from a rugpull or from deliberate sabotage by the USA is very concrete.
Interestingly, there are zero non-US powerful laptops.
The closest option is the Moore Threads MTT AI Book (12-core 2.65Ghz, 32GB DDR5, 1TB SSD, 14 inch). It cannot reach a modern Ryzen in performance though.
It's fascinating that only the US can make good computers. I'm not from/in the US so I'm not saying that from a patriotic point of view. How hard can it be to pop a good ARM chip in a laptop and compete with HP, Apple and the likes?
Which powerful computers are made in the USA? Design and assembly don't count, as these are the least robust to replication attempts. Apart from that, the manufacturing is all in East Asia; Intel is the exception, not the normal!
> It's fascinating that only the US can make good computers.
Seemingly, the US might be able to design good computers, but it cannot make them themselves. This should make it easier for others to do the same, design the computer in country X but actually make it somewhere else, just like the US. Yet we're not seeing this at all.
It’s all about risk management. No solution is ever perfect, and that works for the US as well.
Also, some partners are more reliable than others. If China becomes as volatile as the US, it would change the risk assessment and stimulate other parts of the industry.
Which are the US made computers? Start by excluding all the ones with Korean LCD panels, and Taiwanese motherboards, and Chinese parts.
If you mean assembled then there are lots of very small European companies that make custom build PCs.
Economies of scale in the US, a single language, and cheap transport, mean that the US companies grow very big internally, very easily. And then go international without much effort. The same is not true in Europe, so there's not a huge Dell, HP, or IBM equivalent.
In 2026, the only country on the entire planet that can likely make their own computer with 100% their parts and labour, and is actively trying, is China.
The same is not true in Europe, so there's not a huge Dell, HP, or IBM equivalent.
In the 90s and up until the early 00s we used to have quite a few pretty serious contenders, but they are all dead now: ICL, Siemens-Nixdorf, Tulip, Bull, Olivetti, etc.
This is so utterly urgent. The US is an increasingly-deranged, hostile actor, which is able to cripple our tech at will.
I think we've been far too complacent about the direction of travel across the Atlantic. Trump and his crew are the new normal, and the key players in Silicon Valley are on board.
Any European government not currently working towards independence from US tech is being almost criminally neglectful.
Steps are being taken. This week two big announcements in The Netherlands as well, one for a replacement to AWS and one for taking US tech out of state secrets, which weirdly enough wasn’t already a thing.
hmm. hoping that all the weird business requirements get confined to a specific distro with careful gating prior to upstreaming. it would be bad if they were allowed to pollute the ecosystem more generally (which one could argue is why windows is the way it is).
It's extremely difficult to compete with the US SW companies. Their products are so engaging and attractive that anyone till up to the leaders are tempted to use. It's not surprising that EU's attempt to de-USAisation happens with Linux/OSS and not with an in-house prop SW because it's unable to write one. Also it doesn't happen without cries and pain. We speak for an endeavour to bring a 90% share of a beloved product to 3% and vice versa for a nerdy "cold" one. I keep a long lasting pop corn bag to follow the numbers.
I’ve commented on this before but you’ll know France is serious when there are Linux ports of Solidworks and Catia.
France has a real edge over American companies by being the dominant player in the CAD world, it’s always surprised me that they nerfed that advantage by tying to an American operating system.
Autocad has 39% market share in CAD, Solidworks has 14% market share, and Fusion 360 has 9%.
None of this is a major national advantage for any side. It's bizarre to think that the US or France would treat this as some kind of mark of national influence, since if anything happens to these top three vendors, there are lots of other vendors waiting in the wings. It's not like a national oil reserve, where it's important that you have a reserve of CAD software available for your engineers.
But what kind of projects are people using these different pieces of software for?
Are people designing aircraft carriers in Fusion?
Don't get me wrong, I understand that AutoCAD is extremely important for architecture and the death grip that AutoDesk has over that industry needs to be broken for the benefit of all of us, but from my understanding Dessault Systems makes software that is used for totally different purposes and is of vital strategic importance for a nation that wants an independent MIC which France obviously does.
So it seems foolish to me for them to have their own CAD software that can and is used to design weapons but be dependent on an American operating system produced by a particularly unscrupulous company who is obsessed with tighter and tigher control and has definite ties to the US intelligence apparatus.
I doubt that the US military itself is using commercial CAD software, most likely they are using something in house. Again, CAD software is not Extreme Ultra Lithography, where it is a marvel of engineering and can only be produced by one firm. The netherlands can rightly be proud of ASML as a national achievement. But CAD software? Now that's just goofy.
But I would assume defense contractors -- the private firms like Lockheed -- are probably using commercial software. The US military is pretty bureaucratic and is filled with bespoke stuff, whereas the contractors are basically businesses and would use whatever is common in commercial business world.
I'm curious where those number come from. Within the mechanical CAD world where Solidworks is used, I suspect the AutoCAD market share is very close to 0%. I haven't seen any company from small tool shops to major US defense contractors and automotive companies using AutoCAD for any significant mechanical design work.
Great to see France purging itself of corruption. Why did they pay for an inferior product for so many decades when a superior free alternative was available? It was regulatory capture; corruption.
My main reasons not to be able to fully switch 100% to Linux are the following:
1. Graphic design software is subpar (expecially when compared to mac) and very often under supported. And GIMP has absolutely the worst UX of any program I've ever seen for such a widely recommended software.
2. Gamedev (i.e. Unity) is much less stable and annoying to work with (mac is much better but Windows still wins)
3. Older hardware support, most of the times you can use a super old software (say a printer) and it works. Linux much better than mac for this, from my experience
4. Lots of things on Win are plug and play, Linux is a pain of custom drivers from dead githubs. Mac slightly better or worse, it might either exist as a stupidly expensive application or have to jump hoops to get a driver in.
And I know people say "just use Wine" or "GIMP is actually great and free" but at the end of the day, I want my main driver to be stable and good to use. If anytime I save a project running via Wine has a non 0% chance of it crashing and bringing down my entire work, it's not going to happen.
I do use and recommend Linux quite extensively but that's why I always have 3 different systems at any given time:
1. Win: gamedev, hardware stuff or bigger games, some design, GPU heavy work.
2. Mac: design, light GPU work, browsing and portability (battery life and cooling is fantastic)
3. Linux: everything else
This hasn't changed in the past 10+ years, even though now I can see much more gaming happening on Linux, which is very nice.
It's ironic that a company that pretends to be for privacy is using the same think of the children argument as those pushing Chat Control, age verification, etc. Of course, their privacy is mostly a farce, since they have also been caught uploading data to OpenAI for text-to-speechi
I hope that more European governments will start supporting GrapheneOS, since it can compete with Apple on security and is better than Apple and GMS Android when it comes to privacy.
Prediction: If USA ends up attacking EU, EU will freeze all the US tech company money and compel them to open their platforms and move all the backend services to EU soil in exchange of unfreezing it and continue operating in a free but regulated market.
For example locked communication devices are huge national security risk, so Apple will have their money frozen and given two options:
1) Open up iOS etc, bring all the servers to EU. Continue business as usual, EU financial institutions may choose to use Apple services as Apple pay but they may choose to bypass it. EU developers may choose to use Apple App Store services and pay the Apple's fees or they may choose to bypass it. Apple may chose to make Xcode a paid software, developers may choose not to purchase Xcode and use other non-Apple tools and pay nothing to Apple.
2) Use credit against the frozen money to refund your users if they bring their devices to you. All the Apple devices will be locked out from EU mobile providers(technically very easy for iPhone, simply by blocking devices with Apple IMEI on EU networks) and any remaining devices of the users will be refunded with the Apple's money. After some grace period, any money remaining in Apple's account will be transferred to Apple and if Apple wants to do business in EU again will have to do the option 1.
I'm bit on the doomer side of things, so I think that if Trump keeps his current course and power, at the end of the term American software industry will shrink by %90 as it will be expelled from most of the world and will be serving to 350M people instead of 8B people. Its amazing how US is screwing up its dominant position in this incredibly lucrative industry that lets them serve a market of 8B people and accumulate huge wealth in the process.
How is that going to work? Apple will still be under the CLOUD Act, so Europe would still be vulnerable. The only solution would be for Apple to fork into two completely separate companies, which is unlikely to happen.
Most likely there will initially just be a lot of chaos, because nobody is prepared for this scenario. There will be huge supply issues, COVID will look like nothing (both in terms of groceries, etc. and getting replacement hardware). Then Europe will on the short term rebase to Chinese/Korean/Taiwanese hardware, with probably an AOSP fork on the mobile side and Linux on the desktop/server side.
But it will be terribly messy. Nobody seems to prepare, because everyone thinks this scenario is unthinkable or they just don't want to put in the effort. Even all the people that I know that are talking about digital sovereignty are still using their iPhones, MacBooks, or GMS Android phones.
I am trying to tell tech people that the time to start switching is to alternatives is now, since tech people are usually early adopters and can help other people. But most switch from GMail to Proton Mail and proclaim victory. January 2026 (remember the good ol' days when the US wanted to take Greenland with force if necessary?) was already forgotten after 4 weeks or so.
If Apple can't work out a legal structure that works, it will be forced to refund for the devices then so the consumer can use the money to buy compliant devices probably from Korea or China. EU can work out special deal with the Asian manufacturers as there will be hundreds of millions of people with cash in hand looking to buy a high end smartphone.
Being messy isn't a worse outcome than US invasion. Europeans aren't rooting to live like Americans or go to wars for America and the tech thingy will be a nuisance at most.
EU freezes/takes over all Apple assets in EU, users with Apple devices get the money in cash upon delivering their devices. If the money isn't enough for the refunds, a finance mechanism can be created that will be settle after the war.
The returned devices may be sold to 3rd party markets if Apple isn't cooperating.
Most value/assets are in the US, I don't see how Apple in the EU would have enough interesting assets to refund. If 30% of the 450M inhabitants in the EU have an iPhone and the purchase price was 1000 Euro on average, that would be 135B Euro. I would be surprised if they have a fraction of that in the EU as assets. The primary useful asset I could think of is if the iOS source code was also stored somewhere in the EU. I guess in war it would be fair game to fork it. Wouldn't help with the existing iPhones, since the EU doesn't have the signing keys, but you could bootstrap a new phone ecosystem (and even revert Liquid Glass :p).
If the money isn't enough for the refunds, a finance mechanism can be created that will be settle after the war.
There are huge assumptions in this, like the EU wins the war, the war doesn't end in a sort-of cold war, Apple cannot get away from liability because it was not their decision, etc.
The returned devices may be sold to 3rd party markets if Apple isn't cooperating.
Flooding a 3rd-party market with over 100M second hand iPhones would drive down the prices by an extreme amount.
Well how convenient that Apple has about $135B in European accounts(that peaked at 200B)! To avoid taxes US companies tend to keep a lot of money in the markets they sell their products.
You don’t go to war with the association of losing it, obviously the risk will ve priced and I don’t think that the risk will be that big considering that US hasn’t won any wars since WW2. Even if doesn’t cover all the costs, national security and independence doesn’t have to come for free.
They likely don't. It's a purely political move not a technical move. With the average length of the French work week, this will take a while to implement anyway.
Don't get me wrong, I think it's a great thought but I don't think it's more than a short-sighted reaction. Munich unfortunately faltered after a few years.
The french Gendarmerie already migrated to GendBunto, their own distribution. It took a while but it's now running on 97% of all workstations.
I wouldn't call this just political fluff.
This comment is completely out of touch with how typical office workers use their computers. "Package manager" is your feldspars. But it's even worse than that, because you don't train for the typical employee, you train for the least-technical employee lest they become completely useless overnight.
Fedora pisses me off more than Ubuntu does, and Ubuntu pisses me off least of all distros, except for Alpine which pisses me off in totally different directions for different reasons to all of the "proper desktop" distros.
For people with a level of technical literacy that has them interested in posting on HN, sure. But for typical government workers? I imagine the differences are going to be pretty significant. They're not programmers or "devops" people.
We're talking about users who are going to do almost everything through the GUI, and who will associate the "distro" with the default choice of DE/WM/etc. stack in whichever flavour of whichever distro it is. Understanding what a "package manager" even is, will be the responsibility of "IT" specialists. Assuming they don't decide that only, say, Flatpak-installable software can be approved.
We're talking about massively bureaucratic institutions that have been steeped in Windows orthodoxy for decades. That's the administration policy they know, so it's what they will forcibly adapt to Linux.
You're going to need user retraining because the GUI has its own file manager program and no matter which one you choose (and they will choose exactly one) it is not Explorer. Because LibreOffice is not the Microsoft Office suite, and neither is any of its FOSS competitors. And so on and so forth. There's no telling what idiosyncrasies people depend on. In organizations like this I really doubt you can count on everyone being generically computer literate. I really doubt that generic computer literacy (as opposed to demonstrated competence with specific applications) was ever part of the hiring requirements.
I get the sense you haven't worked with many non-technical people in government or enterprise contexts. I've seen people struggle with their workflows after upgrading to a newer version of Windows, to the point where company wide training sessions have had to be held.
I don't think so. Having worked on a similar thing in my country, and the effort is monumental.
When doing this in a company, making technical people appreciate free software and making lasting changes is hard enough. When doing this with non-technical people, everything becomes exponentially harder.
Sometimes yeah, but clearly not in this case, if you took the time to actually read the article.
You don't ask entire ministries and public operators to formulate a migration plan from Windows to Linux with a relatively short deadline just for negotiation purposes or just for the fun of it, you do that once you're committed to actually migrating.
This is not just a pilot project or some local administration doing an experiment, it's new country-wide policy enforced from the top, hardly a "negotiation strategy".
Efforts like this are good for people to realise there is a lot of talent in Europe that just gets overshadowed by USA's dominance.
USAians tend think everything is less popular in Europe simply because it is inferior and fails purely on its technical merits. I know nothing will ever change their minds, but at least non-European non-USAians might recognise the efforts a bit more.
We are also willing to accept 'good but not perfect' and understand tradeoffs.
The word you're looking for is Americans, despite whatever preconceived notion you think the word "Americans" actually should mean in English. I know nothing will ever change European minds, but at least understand what the correct form is.
>everything is less popular in Europe simply because it is inferior and fails purely on its technical merits
So everything is less popular in Europe because it fails on many other points? Big applause to you, I guess. Are you looking for a participation award?
As an Englishman, I don't need lectures on my language.
English isn't controlled by a central authority. If a new word takes hold, it takes hold, that's it.
The way the USA thinks it has an absolute right to decimate central and South America disgusts me to the core and I'm tired of those poor people being lumped in with the term "Americans". It's offensive to them. The USA does not own the continent as much as the CIA tries.
Just as we received lectures on our declining power, it's time for the USA to suffer the same.
I've been on a contract for a multinational European company that's in partnership with ESA for the past 18 months, and I've seen a lot of money and effort spent to move out of the US cloud to OVH. After the US decided to go rogue, this project became even more urgent.
My job is basically recreating a small part of the infrastructure that was designed for AWS, while patching some shortcomings of the OVH offerings which are not as featureful.
Honestly the only thing keeping me from bringing up the idea of moving to linux is that Windows has active directory and domain wide group policies - if linux had something similar that was easy to manage I'm sure a lot more corporations would move to linux. The ease at which I can adjust system settings throughout the company or within each department such as disabling/enabling features, mapping drives or printers. I haven't found a better alternative than active directory
Any closed source, centralized system is going to be higher risk than an open source distributed system that can be independently verified and audited by multiple parties.
You just have to be willing to put in the investment to verify/review with parties that meet your needs.
Unless you need some windows-only software, using windows at this point is masochism.
I was never a fan of Linux, but the Microsoft driven enshitification is so strong that Linux is now a better option. To win, all Linux had to do is stand still, and that's exactly what it did! Ubuntu in 2026 is pretty much the same as Ubuntu from 2006.
Personally, the last holdover is Ableton. Last time this came up, bunch of people pointed me to https://github.com/BEEFY-JOE/AbletonLiveOnLinux which has since then been marked as archived, and I'm still unable to run Ableton 12 properly on Linux via WINE, even though I've probably spent too many man-hours on getting it to work...
I'm still eagerly awaiting the day though, any day now surely.
MacOS is the same sort of walled garden as Windows though. It has plenty of dark patterns in stuff like iCloud too, I imagine with some more years of enshittification it will be in a similar state to Windows today.
And corporate customers like the French government will want their users to be within strictly controlled environments - walled gardens. That's why they've used Microsoft for so long. MacOS isn't as good for this scenario from what I understand, but is Linux?
In many cases even if you do though, its possible to run it on WINE pretty well these days. It's insane how good it's become in the last few years (partly thanks to proton and Valves investment in it all really)
"Pretty well" is doing a lot of work. I have no horse in the race. I just run native on MacOS or Linux. Haven't run any Windows in a number of years. (I don't really game much and would just use my Xbox if I really wanted to--though that mostly functions as a DVD player these days.)
But if "pretty well" causes the random administrative person to have issues with doing their job or increases IT support costs, it will be off the menu pretty quickly. We'll see. A lot of things are different from the last round of we're going to Linux in Europe.
As I say no dog in hunt and don't actually have a Linux laptop any longer since I had to send it back to my company--from whence I'm sure it went straight to recycling. Maybe I'll buy an older refurb Thinkpad at some point.
> See Windows games running faster on Linux through Wine.
Let’s not leave out all the ones that don’t. Which is in fact, the majority of them. Strange how that’s always left out, we wouldn’t want to mislead people now would we?
I’ve done the testing myself, and the testing has been done by others. The vast majority of titles, especially modern titles still work better on windows. Linux only users got excited and make the claim otherwise based off a handful of cherry picked and poorly performed benchmarks and now repeat this claim endlessly despite in every sense of the word it being entirely false.
Is the situation improved? Vastly. Viable for many? Completely. I’m not saying more games dont run better on today on Linux than they used too, but this idea the majority now run better on Linux is a complete fallacy and that’s before getting into things like perhaps daring to want to use the ray tracing features you may enjoy or you in fact may not want to deal with compatibility issues which in fact very much still exist outside of kernel level anti cheat and denuvo.
From your very own link:
> There are different degrees of compatibility gamers must consider when checking if their favorite Windows games work on Linux distros like Mint, Zorin, Bazzite, or even SteamOS.
This != The majority of games now run better on Linux, it only equals that they will run in some capacity.
We've come a long way in the last 2 years. We're at a point where MOST Windows software works flawlessly. I said "pretty well" as theres no doubt a few that don't and it'd be a bit disingenuous for me to suggest otherwise.
I certainly wouldn't come into this with knowledge on wine older than 2 years and make a snap decision though as its a totally different landscape - no weird quirkiness and tweaking needed for the vast majority of applications anymore.
> To win, all Linux had to do is stand still, and that's exactly what it did!
It is moving? Red Hat has been investing in containised apps and image based distros for years, Valve single handedly made Linux gaming viable. HDR development is mostly driven by Valve and Red Hat customers.
And no Linux isn't good enough yet. UX is all over the place.
> And no Linux isn't good enough yet. UX is all over the place.
Of course you'd think the UX is messy if you only look at the kernel ;)
It's up to the distributions and desktop/window managers to handle the UX, and the experience varies as much as there are desktop/window managers. Some of them are fairly internally consistent, like KDE and Gnome, and at least they're currently more internally consistent than Windows and macOS. I use macOS, Windows and Gnome daily, and the only one that doesn't give me daily grief in some manner, is Gnome.
> And no Linux isn't good enough yet. UX is all over the place.
Sure, the UX for Linux desktop is all over the place, and a lot of software is messy and untidy. But Windows isn't any better in that sense. It doesn't have a clear, cohesive design style either. Its selling point used to be that users were familiar with the UI, but it seems to change so much that users can't really leverage that much either.
I think the commentary here is mostly in agreement, we are just debating the finer points.
This should have happened already, is the general theme. I still have my Shrike CDs around and the modern-day Fedora (I think 44 is about to launch next week?) is more than sufficient for many, many use cases within the government, regardless of which distro they end up with.
My hope is that the backing of EU software development teams to open source will lift all boats and in addition to Linux, BSD may get some fruits of labor out of it.
9front as always is to be strictly forbidden without a security clearance.
Will the French government view open source software as software which should be well-funded and well structured, ie Blender level quality and organization, or are they going to underfund it and thus have it succumb to the shenanigans of Redhat, aka IBM, the infamous pushers of Gnome and Wayland?
I've been dual booting the first couple of years, then dumped Windows completely in 2016.
Since then I am on Linux only. Private and corporate.
Yes, sometimes I need to access a Windows machine or do work in one (I am my own boss), but then the client pays a "pain tax" as I call it.
There are some games I can't play I would've played in the past.
Mostly competitive online games.
Technically that's annoying, but for me personally it's not a problem as I am not in my teens of twenties anymore and I have other hobbies and obligations.
This, I've officially been off Windows for a few months and will not be looking back. Microsoft has put a bad taste in my mouth as a developer.
By luck and happenstance, I tuned into the Omacon conference this morning and my perspective on personal computing very much aligns with theirs. Would encourage a least watch the kickoff keynote if the VODs drop.
It's kind of good news, but it's also bad news -- with Linux popularity, crapware will be more popular. I kind of liked times when Linux was used only by power users. Today it's slightly different, and with more popularity... we get things like age verification in systemd.
But well, I can always switch to FreeBSD I guess. And that's my plan B.
It's different this time. It's a geopolitical safety move. You know why it happened and who is responsible for this. Never would have happened otherwise.
At the least the french government has a plan. Now please have a look at Germany - the current leading guy is absolutely clueless as to what he wants to do. From appeasing Trump to ... actually doing what else? Germany with regards to its politicians is a problem for the EU. Yes, we also have Hungary etc... but it's a small country that is over-hyped by the media due to its intrinsic corruption in the leadership; the real problem really is Germany. In the past it always was "too much bureaucracy" - the problem goes much deeper. The THINKING process in Germany is broken. France, Sweden, Denmark, Netherlands, Finland, Norway (not EU but clever nonetheless) and so forth, are much better at THINKING. Something is broken in Germany and Merz is the showcase of cluenessness here.
As far as I know it was successful for the gendarmerie and assemblée nationale for exemple. There are many public entities and apparently each migration is news worthy
It's... an admirable goal, but it pretty much remains to be seen if "France"[1] follows through.
Previous attempts to "ditch Windows" have not ended that well. Munich in 2003, the entire Federal German government in 2009, Munich again in 2013, Munich again in 2021, and so on. Most common end-result: back to Windows.
Breaking points are typically the lack of an "Office 2016" compatible suite, lack of "Adobe PDF" tooling, and a mishmash of legacy apps. The latter seems trivially addressable by a "Remote Desktop/RemoteApps" environment, but there are definitely issues, mostly surrounding printing and clipboard handling.
All of that can be solved, but definitely requires more funding and, crucially, coordination, beyond "Open Source Cures All."
[1] Oh, I just love it when an entire culturally-diverse region gets lumped in together, or, when, as in this case, ~6M French government employees are treated as a homogeneous group.
I'm... not so sure? The French government has, widely seen, 6M employees. Given retail pricing of EUR200/seat/year (and they definitely have a better arrangement), that's 1.2B, and I'm not sure that's enough to provide an identity management plus office apps plus file storage solution? And at 10% of that? Absolutely forget it...
All of that came about without them spending anything. So the extra is just to fix bugs and do integration work. StarOffice (LibreOffice ancestor) existed in the 90s—I used it and it was fine for government work.
It's really cheap to run FOSS on commodity PCs in the twenty first century. Hetzner is very reasonable in the cloud more recently.
It's not a binary switch either, you build the platform bit by bit every year and roll it out to more and more workers. Four dimensional thinking, that could have succeeded already, a decade plus ago.
Sure a few components would have to be written in the meantime. Just a few million a year would be a huge boost to gaps in FOSS.
You posted this text in 5 separate places. Worse, you edited 7 previous comments by gutting their original text and replacing them with this same tantrum. That's abusive.
I'm not going to ban you for this because everyone goes on tilt sometimes, but please don't pull a trick like that on HN again.
I've restored the text of the 7 edited comments to what it was before you vandalized them. I've also canceled the downvotes on those posts because I agree with you that the downvotes were unfair. (At least I think I do - I didn't read them closely and don't know the context.) I hope the latter feels at least a little bit like a good faith gesture, because that's how I'm intending it.
(The 5 comments that only ever said "[Yeah, if I'm just gonna be down-voted to oblivion regardless of my participation in the comments, good luck with your 'meaningful discussion'}" remain downvoted and flagged since obviously they were against the site guidelines.)
You’re saying a government couldn’t take open source building blocks and run.. office apps with basic security and.. file storage? For $100M a year? This could be done with a 30 person team
Yes, that's exactly what I'm saying, If your mythical 30-person teams were achievable, a lot of major US 'cyber'security firms would be in major trouble. Pop-quiz, hotshot: what does Citrix (market valuation: USD 16.5B), technically, have over your team (market valuation: USD 0B)?
30 people managing the hardware? Sure, if you get good deals on the hardware itself, the employees stay healthy, and you have everything so centralised you don't need multiple people on call.
Centralising things to that level and supporting the users of the entire government structure of a country the size of France -- one of the countries the sun _never_ sets on -- while it's transitioning from decades of Microsoft dependency to an open source ecosystem? Heh, no.
The claim above of 30 is not particularly important, the point is to lean on the community. Millions a year would get you incredibly far. Many are already helping for free.
24/7 linux webservers existed already by the late nineties.
"Helping for free" doesn't cut it when dealing with governments. Even if everyone had gone the Linux route 20 years ago we'd still have an entire ecosystem of commercial businesses selling and operating it; imagine what Red Hat would look like with Microsoft actually out of the picture.
We'd have just as many consultancy firms and layers of beuraucracy without Microsoft, and France wouldn't be operating their entire government IT stack, all the way down to individual workstations, that much cheaper than it is now.
The difference is that because of open-source there would be competition in those services. And they could take any of it in house at a discount with reasonably priced govt workers. IOW, they'd have choices instead of handcuffs.
They'd be in better situation on all counts. It pays to think ahead to the future and remove dependencies. Where do you want to be in five years? Still in an abusive relationship?
Earlier attempts were mostly about money and ideology. Now its a question of security, thanks to one 'clever' 'businessman'.
So thanks to his _great_ efforts, it might actually work out this time.
Munich is a bad example - they were effectively „bought out“ by Microsoft by investing hugely into the local economy in the form of offices and employees. It was also two parties that kept flip flopping with different priorities.
Linux itself had some hiccups but was fine from what I recall.
Yeah, let me dispute that. They were, at least on three occasions, forced to roll back due to "citizen sent me X and can't open it" and/or "sent Y to citizen and they can't open it" concerns.
Mind you: these issues still persist in a fully Microsoft/Adobe "solution environment", but less so than in the "disregard all and move to Linux" situation.
And to be perfectly clear: that's all unacceptable. But it adds another, say, EUR 2B to the equation.
Munich led to "all of Schleswig-Holstein" in Germany. 44,000 Exchange mailboxes replaced with Open-Xchange. 25,000 Windows+Office desktops replaced with Linux+OpenOffice.
Desktop Linux's security and antimalware solutions are not ready for government usage. This is a cyber attack waiting to happen if they go through with this. They should at least switch to ChromeOS if they want to use Linux.
You mean switch Windows by Microsoft for ChromeOS by Google? Weird suggestion.
As for "security" and "antimalware" solutions being ready, I don't think there is much difference between the OSs there. Windows is no candyland either.
As always, they will need competent people in the right places to pull this through. Tech is just an enabler.
We're talking about a country that is daily threatening to invade. You'd feel it was clever to run your entire infrastructure on an Iranian OS? It's the same for EU since USA is threatening to invade.
There is no security when the US government can legally compel Google to do whatever they want. This is why foreign governments want to move away from big tech.
Turns out the imperial boomerang impacts many things, especially when previous orders are easily destroyed (because only one country was benefiting).
Some might be tempted to brush aside that Server Linux threat model is very different from Desktop Linux (to snarkily reply "we'll it's powering a vast majority of GDP via all of AWS, Azure, etc.").
However comparing apples to apples, what makes you say this isn't ready for government usage, when it's ready for trillion dollar big tech companies' majority of their workforce? (Aside from Microsoft, Apple obviously). Large employers like IBM etc also must be using red hat or some other distro
Google for example uses a fork of Ubuntu. When someone decided to compromise Google employees machines via a fake npm package they were able to do so successfully. When they reported this to Google they said it was okay for employee machines to be compromised and that it was part of Google's threat model. While this may be true for large companies I don't think the French government is ready to handle such a security model.
The fact that open source is a national security concern should have been something that a crazy orange man should have triggered.
Thus was obvious decades ago. And open source is the key model for collective development in a secure manner for disparate countries to secure their software base.
Alas, I fear they will only concentrate on the server side. The securing of the desktop should be a parallel concern as well, to help prevent your citizenry from becoming DDOS slaves.
I know this might be a controversial take but nevertheless I will state my opinion: I do not think "the year of the Linux desktop" is the good idea that most people seem to think. Everything that gets the eye of Sauron on it proceeds to become a complete mess.
Resources always win. All that is needed to ruin an open project is dump money into heavy development up to the point where it becomes impossible to do without it. Plenty such cases already.
This also ruins the development of the project akin to feeding wild life, you get them dependent on you, and if you stop feeding them they lose the ability to feed themselves in the wild. Such is the Linux ecosystem, based on a type of work that so far made a great project for people who have a bit of technical skills. Making it more accessible to the masses only brings that kind of bullshit into it. Inevitably. There is no way something of such importance, to the masses, won't get corrupted in one way or another. That never happens, if there is too much interest there will be funds dumped into corrupting it, one way or another.
The best path forward for Linux was as before, to fly just under the radar, to bee a bit too complicated for most people. This is what protects it. Most, if anyone, don't seem to understand this very simple fact. No older Linux user gets anything worthwhile out of this deal, nothing relevant, just inevitable enshitification of it. Historically proven over and over again. I find "the year of the Linux desktop" to be a childish take in a world that functions on completely different principles.
edit: To add a bit more context, Windows is not the mess that it is today because of evil Microsoft, it is a reflection of its user-base. Same with Linux.
They did that to Windows, with their behavior, with accepting all that nonsense.
You want to bring the very same type of people, with that kind of attitude, in Linux, what exactly do you thing is going to happen? They will adapt to Linux mentality or they'll proceed to ruin Linux with their behavior? I can take a good guess on what will happen. People will people, and corpos will corpo to milk them.
Linux is already integral to the tech and enterprise worlds, which have a lot more money to throw around the consumer desktop space. I'm having trouble seeing how Linux becoming a more popular consumer OS would lead to the types of problems you're talking about, if being a leader in the server space hasn't already led to them.
Also, Linux has a built-in mechanism against enshittification, which is its open source and multiple flavors. Ubuntu becomes enshittified? Move to Fedora. You can have a dumbed down consumer-friendly distro without affecting Arch.
> The best path forward for Linux was as before, to fly just under the radar, to bee a bit too complicated for most people.
Obviously with people like you, Linux would never be popular. Personally I’m fine with that, Linux is just too damn buggy and inconsistent for my usage, but I’m pretty sure that it could benefits people. Think of students or people in low income countries.
And then, what prevents you from having a mainstream friendly distribution that just work, and another for the nerd who want to spend their day in the terminal ?
Linux isn’t just one distribution, one doesn’t prevent the other but currently it sure isn’t for mainstream usage.
Government is the perfect place to do this. It doesn't matter if it craters productivity because the organization's budget is not conditioned on delivering impact.
Why not go the full mile and put up cardboard panels with printed screenshots of MS Word glued on, which government workers can sit in front of to collect their salary?
There are four ̶s̶i̶x̶ ̶(s̶e̶v̶e̶n̶ five counting the web version) maintained Outlook variants on Windows 11, last I checked and I have issues with each one. Search especially, but then that has remained an unsolved problem for 30 years. I am sure "AI" will finally solve this.
Edit: Have checked and found that two I thought were still maintained (16 and 19) were EOLd in October.
I feel like this is perfect being the enemy of good. So lets say only 80% of their staff can get off Windows and the remaining 20% need to remain on it. That's a great start!
And a recipe for failure. All 100% of their staff needs to be moved off of Windows at the same time.
A few years ago, IBM tried to move everyone to LibreOffice from M/S Office. It failed, the reason why was top level execs and some others were allowed to stay on M/S Office. As time went on, M/S Windows became a Status Symbol. So people went begging and as time went on exceptions were granted. A few even went so far as to buy their own copy, which was allowed.
After 8 months IBM gave up. If you want things like this to succeed, you must be 100% in.
I'm a power user and I've used linux for over 25 years. My corporate windows machine is total trash and completely unsuitable for any power users, either because its windows or because corporate locks it down so much it's barely more functional than a chromebook, I don't really care.
Nobody in their right mind prefer the web apps over the native apps if they sit all day doing e.g spreadsheets. I tried the M365 web app for Word the other day and it's sluggish.
Respectfully, so what? There have always be specific use cases and user bases requiring a specific OS. No one ever considered OpenBSD interchangeable with Windows, few see Linux distros as a 100% drop in replacement for someone relying on Logic Pro.
Thing is, I really don't get this knee jerk "but what about INSERT_RARE_EDGECASE". It isn't helpful and argues something no one actually working on these projects ever proposed. Even if MSFT software remains in use, any gained alternative is a win, license costs and strategic autonomy both being valuable.
And yes, as you hinted, a large contingent of clerical work may already happen in a browser, with any found exceptions potentially addressable in the coming years, especially as older implementation may be updated anyways.
Let's be honest, we all underestimate how much we (can) do solely inside the browser anyways and even more so severely misgauge how few people are reliant on any native (none Electron) software at all outside gaming.
Power user is such a nebulous term anyway. To me, someone spending hours on end in Confluence can be a power user, having never left the browser. The same for a designer using Figma. Course, if one truly requires native only software, they may more likely fall under the umbrella power user, but again, few are seriously discussing just forcing those over since, reasonably, one must presume they have a reason for doing what they are doing.
What is a power user in this context? Someone deeply familiar with Windows and has tons of Windows related setup/applications?
That doesn't sound like a government worker... They rely on Microsoft Office, but the actual operating system could be anything. The only non-portable application is video games really. While LibreOffice may not have complete excel functionality, the vast majority of functionality can be replicated in web apps/libreoffice. And frankly most of this work can be migrated to AI.
You can even skin Linux to look exactly like Windows if you want, or use Mint or something. But really all people need is to be able to open up Chrome and Excel.
In fairness, the transition away from MSFT 365 Copilot (as we all of course call Office now) might include more friction. Mountainous VBasic monstrosities are sometimes the way things get done in orgs I am personally familiar with and that can be hard to switch away from. In general though, I consider this focusing on edge cases as just not helpful, especially as one must start a transition to fully uncover them and get to addressing them too. I also don't think that ancient Excel scripts are an unsolvable problem, but one that needs to be very carefully handled.
Outlook has never been a requirement for work, you can very easily use any email client or outlook.com web app. Outlook is arguably the easiest to replace.
Excel is the only thing holding Office 365 together.
Word, Outlook, OneDrive, Teams, SharePoint are all very easy to replace
I consider myself a Power User, use of Windows is not friction free :)
Over the years I've come to believe that there is only one thing important: What you are used to. The friction is in the change process. Not in the destination.
As an independent, I have several customers on MS365, you know what my super power is? FireFox cookie containers. One for each org, and I switch with 0 effort between the orgs. No need for Windows in that workflow at all. In fact, using Windows and the native apps would probably give me a lot more friction.
Yes, sometimes I have issues. I.e. yesterday Word kept deleting my last 1-2 sentences for some reason, even though hitting ctrl-s tells everytime: "I should not worry". but in general it's fine.
My business is on Proton, and I love that MS365 AND Google workspace calender invites go right into my agenda with no effort. There is nice stuff out there. Especially now we have Proton Meet, I can take some ownership over videocalls in Teams and Google Meet finally.
Absolutely. I've given using a tablet (with keyboard) as an alternative to a laptop when traveling and it sort of frustrates me for a lot of things. But talking to people I know who have largely switched over, my conclusion is that, in general, I probably mostly just haven't put the effort and commitment to make it worth it for me. And I'm not sure, not spending nearly as much time on planes as I used to, it's worth it relative to getting a laptop that is even lighter than the combination.
As part of the human species, which has conquered our planet's poles, its deserts and its jungles, I believe we are in a unique position to adapt to many -if not most- circumstances thrown our way, and flourish.
You hopefully can adapt to what you need to. That's not the same things as switching to something you find awkward and you don't find to have a particular, if any advantage.
There's a negligible amount of "power users" among government employees; I think the majority of them are trained in reading and applying laws, and given the strong scientific/literary divide in the French culture, they usually think of themselves as inapt with computers (and the erratic behavior of MS products didn't help, if you ask me).
But knowing France, what to really worry about is execution, in particular for administrations. Probably people working there who read the TFA already think "oh, big mess incoming" even though they don't know what this "Linux" thing is.
I think standard IT/sysadmin training focuses mainly on Windows server etc., Linux being a second class citizen (because that's what the vast majority of small/mid sized businesses use). So recruiting good Linux sysadmins could be an issue, especially since the wages in government agencies are not exactly attractive.
Who do they think writes Linux? The European Commission? They’re on the US tech stack whether they want to be or not, and nobody in Europe has the will or resources to pull a China and make their own alternative. More’s the pity.
Linux was created by an European. And there are many European distros. Even Canonical is European.
But that's besides the point. The point is no company owns linux so you're not tied to big tech even if they are the biggest contributors to the kernel.
We may see Canonical or other commercial Linux vendors come forward with a government or enterprise-flavored solution for all this. But the important thing to keep in mind is that they're not selling Linux per-se. As the GPL prohibits this, these companies sell support for their Linux distro instead. That revenue goes into improving Linux and maintaining their distro (e.g. Ubuntu). But even with all that money changing hands, that they do not own Linux, the Linux kernel, or any other shred of GPL licensed stuff.
2/3 major commercial Linux vendors are European, the author and BDFL of the Kernel is European and a ton of contributors of many projects are European (Qt and KDE come to mind). Yes IBM Hat has a lot of influence but they're not the only ones developing Linux.
I understand what they mean, linux offers freedom, enough that it divorces your tech stack from any one company.
But isn't linux US tech? The blueprint, UNIX was a US project, torvolds works from the US. the original userland GNU was a US based project. The new userland systemd is a US based project.
All the comments about Linux gaming make me want to give my $0.02. I've been gaming on Linux, with no Windows installed anywhere, for around 6 years. In the first 3 years, it was a massive pain. Games like S.T.A.L.K.E.R. would consistently have issues with mouse input, weird acceleration, a lot of games wouldn't run at all. This is NO LONGER the case at all. Things run very well out of the box.
All games I want to play run very well and mostly the process is just "install -> play".
If a game has an aggressive anticheat, like Battlefield 6 or Valorant, it will not work and you can forget about it.
Controllers work fine, so do some wheels and other peripherals, but a good number of wheels, pedals, joysticks, VR headsets, and other wild and wacky input devices might not work that well or not at all. It mostly depends on whether the software for them runs on Linux, runs in Wine, or is needed at all. Not sure about VR, but I know it was a bit dire 1-2 years ago.
If you don't play hardcore simulator games, and don't play one of the competitive shooters with aggressive anticheat (e.g. CS2 and other competitive shooters run perfectly well), you can just install Linux, install Steam or one of the other launchers, and just hit play.
If you're not sure, you can check the status on https://protondb.com.
> Games like S.T.A.L.K.E.R.
The old stalker games run on the X-Ray engine (the mods on a modified OSS version of it). In my experience they've always worked pretty well, though the games are quirky in general.
Good hunting stalker.
Time is money, get talking!
Yes, last time (recently) I tried, the original games ran very well, with no (Linux specific) issues!
No wonder it's classified informally as "eurojank".
Well, modded Stalker is ways better than most of the USAjank that typicall can't offer something other yet another blockbuster.
Even vanilla STALKER is still a timeless classic.
We still can't compete with Bethesda on that front, though...
VR works quite well these days.
I have been a happy user of the Bazzite distro (which used proton) for several years at this point. Very happy as well.
And importantly, older games now tend to work better in Linux than they do in Windows.
Related: Wine 11 rewrites how Linux runs Windows games at kernel with massive speed gains https://news.ycombinator.com/item?id=47507150
Well actually I've been technically playing all the games that are protected by these aggressive anticheats on linux since I've decided to switch.
My setup is a custom version of the linux kernel that 'backdoors' itself and exposes host information to the windows vm making all the anticheats happy enough to work out of the box. Have not gotten banned in any of the games either. Custom VMM and EDK builds are required to block blanket detections of virtualized hardware.
I repurposed lookingglass to instead stream all the wdm buffers as seperate applications that I can open directly in linux like they're native applications. The neat part is that I forward all the installed applications to KRunner which talks to the windows vm and launches the application there and spawns a looking glass instance for that applications assigned path.
The only downside that this is a two GPU solution and you have to run any GPU intensive applications in windows.
That is honestly amazing and impressive. Probably a bit too much tweaking for the common gamer though, but glad it is possible!
I've been messing with kernel-mode anticheats for 3 to 4 years so yah, not something a typical gamer can do. But I have been contempating on making this publically available for everyone to use wrapped in a neat little package!
You definitely should! Even just a blog post about it would be great. I won't be doing it myself, but my son would for sure.
Out of curiosity do you run the backdoored kernel in your day to day computing or only when gaming? Any concerns about incidental security issues?
It's only backdoored within the virtual machines and require kernelmode within the virtual machine.
Any untrusted virtual machines don't run on my machine to begin with so it's alright.
Care to write it up somewhere? Would be a fascinating read!
Unfortunately doing something like that will simply make anticheats respond as they have in the past and make it increasingly difficult to do so.
I did contemplate playing this cat and mouse game and making anticheats accept that it's easier to just support linux instead of fighting it.
If you have to run a Windows VM anyway, why not just reboot into Windows?
I guess installing windows is more work than running a VM
... and more invasive
More work than using custom builds of everything on the Linux host?
It’s just the kernel and virtualization stack that are custom. Dual booting is annoying as you lose access to your entire desktop environment. Want to tab out of your game and check your email client? Well you can’t unless you maintain another email on the Windows partition that you only want to use for running a game anyway. If you spend any significant amount of time gaming you just end up getting dragged away from Linux where you want to be. I was dual booting for a while and it was fine for a focused Skyrim session here and there but when I started playing an mmo that I was in and out of constantly it was very inconvenient to not have access to my Linux desktop environment while I was idling in the city for hours.
With lookingglass nowadays it practically feels like just running a windows game on Linux. I used a vfio setup for years before Linux gaming support was good and I had to switch monitors inputs and toggle my kvm whenever I launched a game and it was still better than dual booting. There wasn’t kernel anticheat back then though so i didn’t have to muck with the kernel and uefi.
Not sure if it's still the case in the 2020's, but back in the 2010's I had no end of issues with Windows deciding to either fuck up the dualboot so nothing would load or overwrite it entirely and leave it as Windows only.
I think I probably switched off dual booting to vfio around 2015. Before that for dual boot I had just followed the arch wiki and used two separate drives, using grub for booting both windows and arch. I don’t remember having issues with dual boot but setting up vfio for gaming was still very fresh at the time and was not trivial for me.
EDIT: looks like it was 2016 i stopped dual booting and switched to vfio because I built a new computer for it a year later https://imgur.com/gallery/battlestation-4BuoZ Ironically reading that back I have just recently started getting into film photography.
I used vfio in the past, and it's not true that setups like vfio or custom kernel/virtualization "just" work. For starters, custom setups need management. There are even latest generation GPUs whose drivers are not fully VFIO compatible.
VFIO had a host of problems that are rarely mentioned, because VFIO "just" works: power management, card driver, compatibility, audio passthrough or maybe not, USB passthrough or maybe not, stuttering, and so on.
>It’s just the kernel and virtualization stack that are custom.
That "just" is doing a lot of heavy lifting. Maintaining a customized system is hardly zero effort. Speaking for myself, there's no way I'd ever consider something like this, because I know sooner or later a system update is going to do something weird that I'll have to figure out how to fix. I'd rather just buy a second computer just to run those specific games. The other person admits they need a second GPU to support this use case anyway, so it's not even like you're saving that much money.
>Want to tab out of your game and check your email client?
I have a phone, and a tablet, and a laptop (besides the desktop). I'm not exactly hurting for ways to check my messages or look something up quickly.
So you dont need to run Windows all the time, I guess?
If you reboot you don't need to run Windows all the time, either.
Because I would have to reboot into windows including any active applications I have? That also means I would have to maintain TWO operating systems instead of just one.
Now I have a form of WSL (LSW heh). There is a reason why everyone on windows uses WSL these days, same concept applies for LSW, but for games.
Do you have anything on your LSW because i have a handful of software that i do not want to miss on Linux.
> Because I would have to reboot into windows including any active applications I have?
In a gaming-only setup, Windows requires virtually no maintenance. Plus gaming itself is a monotasking activity.
I actually find it positive having to reboot, so I start with a gaming session, and I only play, and when I'm done I'm done. I get the appeal of everything-in-Linux (it was my setup) but it's also a hassle.
With the Windows VM are you doing GPU pass through to get native performance? Is there still a relatively minimal overhead doing it that way? I would be interested in running applications in their own Windows VM(one at a time at least) but the VM is essentially invisible and only application window is available?
Is there a performance hit for cs 2 compared to windows with an rtx card? That‘s pretty much the only thing holding me back.
CS2 has first class linux support. I'm on cachyos specifically, and on my machine it has better performance than on Windows (I made the comparison a couple of months ago, so pretty recent)
It works better lol.
That being said CS2 runs substantially worse than CSGO. It at least kicked my addiction when it released, since it no longer ran at acceptable framerates on my laptop ahaha
It depends what are your expectations.
I thought it was fine, until a competitive player, friend of mine who has a machine comparable to mine saw the game running on mine and noticed a lot of stuttering and framerate loss. I don't believe it is a machine performance issue (Threadripper Pro 3XXX with a 3080p), and I was running a pretty standard Gnome Fedora 43 with NVIDIA drivers.
So if you are into competitive gaming, I guess it is debatable.
This is a pretty interesting topic.
For GO, switching to Linux (with an AMD card) was a free performance boost. I gained like 30fps.
For early CS2, the performance on Linux was terrible.
Now, the peak fps is slightly worse, but the frame pacing is much more stable. Eg: you get less fps, but also less fps drops.
Within the past month or so there was a fix for rtx cards that should unlock a massive performance increase for certain games. Only applies to rtx 30xx, 40xx, and 50xx. Search terms are "vulkan descriptor heap" if you would like to know more. It's very fresh so you'll need an up to date distro.
For me the biggest surprise was that old ps2 usb racing sim wheel+pedals just worked instantly with linux, and I could use it in dirt rally without any pains. It felt amazing. oculus quest 2 also works very well with alvr, even wirelessly.
I got a Quest 2 recently and Steam Link would not connect, ALVR would crash after a while, but WiVRn work perfectly on my Arch Linux with a AMD Radeon RX 6700 XT. It's nice that we have multiple options.
I assembled a PC last year from used parts specifically to try gaming on Linux after two decades with only the occasional FreeCiv or MineTest, and the experience with Steam is mostly painless. Impressive!
Playing Linux or Windows native games, because that is the whole issue, it is hardly any different than asserting there are Linux games when they are actually Amiga games running with UAE.
Those games running on Proton are still produced on a Windows factory.
I wonder if there actually are any native modern Linux games, I don't recall any.
Loki Entertainment in the good old days, anything Android NDK, which uses OpenGL ES/Vulkan/OpenSL/Open MAX.
Slay the Spire 1 (Java) and 2 (Godot). Ironically, StS1 ran better under wine than natively.
Anyhow, there are plenty of native games, we just don't notice, because running them tends to not be any harder than running Windows games these days.
All games I want to play run very well and mostly the process is just "install -> play".
This is largely true for games running directly through Steam, it can get pretty annoying for games that exist outside Steam.
Especially when you have to do things like apply an ".msi" style patch to a game .
It's doable, but the number of steps and tools you may have to pull in (such as protontricks) does get to be a bit of a pain at times.
Lutris recipes often work out of the box as well. It's as simple as hitting "install" on the Lutris app.
Agreed, but people should definitely try Lutris. It's nearly as painless as Steam now for GOG and many other stores.
I haven't tried out Lutris yet as I'm trying to avoid having too many layers of platform dependencies just to get games to run, but I'm sure I will at some point.
I recently switched to Lutris, so my son can install games without me. It just works. Great stuff.
The trick I have is that I add the game and all related windows exes to steam in the same file system. When you run a game on proton through steam, it makes this virtual file system thats matches a game appid, or a uuid. So youll get a folder somewhere thats like 12345566778. You can add that file to an override for a different application, and have it run on that application file system. So if you add a patcher, mod tool etc, you can use it just like its in windows.
For example: Add Diablo 2 exe to Steam. Run Diablo 2 in proton. This creates a folder like 123455 /home/user/.local/share/Steam/steamapps/compatdata/123455/. Then Add LOD to Steam, add this to the system launch STEAM_COMPAT_DATA_PATH=/home/user/.local/share/Steam/steamapps/compatdata/123455/ and you can run the installer on the older file data. Do the same for a mod patcher, etc.
No issues with other stores. Gog, Epic, etc
> Things run very well out of the box.
> a good number of wheels, pedals, joysticks, VR headsets, and other wild and wacky input devices might not work that well or not at all
> If a game has an aggressive anticheat, like Battlefield 6 or Valorant, it will not work and you can forget about it
> Not sure about VR, but I know it was a bit dire 1-2 years ago
The determination of the average Linux user to ignore the faults of Linux is something to behold
Aggressive anticheat not supporting Linux is not a fault of Linux. It is a fault of the aggressive anticheat and the games that decide to use it.
It doesn't matter whose fault it is, I go where the games actually work and are playable, which is still Windows today for many games.
It doesn't matter to you, but other people care about false accusations.
Who is accusing Linux as the cause of anticheat not working? I haven't ever seen that, I see people blaming the anticheat creators for not supporting Linux, they know Linux is not the one at fault yet they still want to play games therefore they use Windows instead.
You didn't read the thread? It's the comment I was replying to: https://news.ycombinator.com/item?id=47718255
They quote "If a game has an aggressive anticheat" and then state "The determination of the average Linux user to ignore the faults of Linux", which is accusing Linux of being at fault for the aggressive anticheat not working.
I did not read that to mean that Linux is at fault, I usually would use "X's faults" colloquially to mean drawbacks, not literally, X is at fault and therefore responsibility for this.
Ah well then we have a slightly different interpretation. I would read "the faults of <x>" as "the flaws of <x>", which would then imply a flaw of Linux is why aggressive anticheat doesn't work when it is just companies deciding it isn't worth their time.
FWIW, I am not alone in that interpretation since this commenter reached the same conclusion: https://news.ycombinator.com/item?id=47718389
But I don't think we can conclusively say either one of our interpretations is correct.
> to ignore the faults of Linux
When someone brings up issues related to Linux themselves, that’s clearly not “ignoring” them. It would be a true case of ignoring them if they simply kept quiet about them.
>> If a game has an aggressive anticheat
> the faults of Linux
And besides, as far as I know (well, maybe I'm missing something?), anti-cheat issues aren’t a fault of Linux itself.
And besides, as far as I know (well, maybe I'm missing something?), anti-cheat issues aren’t a fault of Linux itself.
Issues with anti-cheat aren't Linux's fault (the one to blame), but they are a fault (undesired attribute) of Linux.
There's Windows games that don't work on Windows 11 but do on Linux (e.g., Red Alert 2). There's wacky gaming peripherals that work on Linux but not on Windows 11 (Try an OG Xbox controller for example). Hell, MS has even removed support for a bunch of VR headsets when they nixed support for Windows Mixed Reality.
Why do Windows users ignore the faults of Windows?
Why do Windows users ignore the faults of Windows?
How many people care about support for Red Alert 2 and OG Xbox controllers on Windows 11 (assuming either of these truly don't work) versus people who care about the ability to play games like Fortnite?
So really the conversation should come down to how well Linux plays Fortnite then. And bringing up games that 'no one plays' is irrelevant.
You can't have it both ways. Either it's only relevant that Linux plays the big games that are on steam, or people can bring up edge cases where windows doesn't do so well.
Edge cases? There's a long history of brand new triple A games running poorly or not at all on Windows. Evstablished games have plenty of problems. There are millions on millions of support pages, forums, and the deep dark recesses of discord stacked with Windows gaming problems. Just because some folks don't have problems with Windows doesn't mean the problems don't exist. The windows user base is so vast it's easy to think there's no problem just because an individual doesn't see it in their little corner of the world.
I don't disagree but when the conversation is about red alert 2 and steering wheels and the response is nobody uses those, then it isn't valid to use the argument that Linux is useless when it runs everything.
The deterimination of some people to hate on Linux is also something to behold. It's not perfect (nothing is, not even Windows), but it's a lot better than most people (who I don't think have actually tried) seem to think it is.
The majority of people don't use fancy wheels that require custom software to work. Many people do use anti-cheat, but plenty of people don't need it.
How is Linux fault that some strange peripherals/input devices don't work?
I assume the use of the word "fault" in this context was referring to the "downside" meaning instead of "assign blame" meaning.
> If a game has an aggressive anticheat, like Battlefield 6 or Valorant, it will not work and you can forget about it.
Yeah this is why I stick with Windows. Unlike it seems a lot of people on HN I don't really see any issues with it that would want to make me move away, especially as I already have WSL if I do need Linux, as WSL has GPU passthrough.
> I don't really see any issues with it that would want to make me move away
If you don't care about privacy issues or ads in your face, then yeah Windows is pretty good. I care a lot about that (and open source in general) so for me it's way worth it. But everyone is different and that's ok
I don't, no (otherwise I wouldn't use Google and their ecosystem either). I also don't see any ads people talk about either, I run ad blockers everywhere so maybe that's why.
Vague concerns about privacy are not strong enough reasons for me and most others, based on OS market share, to move away when the concrete reality is we can simply play more games on Windows. The only reason Linux gaming is getting good is because of Valve funding it heavily in the past few years for their own products like the Steam Deck, and to move away from an OS they have no control over in Windows, not because of privacy concerns which I guarantee you 99% of Steam Deck users don't give a shit about, they just want to play their games.
> not because of privacy concerns which I guarantee you 99% of Steam Deck users don't give a shit about, they just want to play their games.
I actually agree with everything you said except the above. Valve (and their employees) do actually care about privacy concerns, regardless whether their users do or not. I agree that's not the primary reason they did it (it was because of Windows control as you said), but it isn't a non-zero factor.
> the concrete reality is we can simply play more games on Windows
If you play older games, particularly DOS/Win95 era titles, the concrete reality is that DOSBox and Wine have better compatibility.
Even some recent games, eg. Elden Ring, have unfixed stuttering issues on Windows that were fixed on-release in Proton. I'm willing to give Windows it's due because I don't think it's a terrible gaming environment, but it's a direct downgrade for a lot of the games I enjoy playing.
I should've said games which came out this century, perhaps I thought that was implied when we're discussing modern anti-cheat. The number of games which work better on Linux over Windows is small.
I'll take your word for it. I haven't used Windows since Windows 10, maybe Win11 fixed Bethesda's alt-tab crashing errors and reduced memory consumption - I'd never know.
Yep, my casual Steam games run well out of the box. I don’t even use a gaming-focused distro like Bazzite, just EndeavourOS. Helldivers 2, No Rest For The Wicked, Slay The Spire 2, even modded Lethal Company with friends using r2modman (also worked OOTB). And of course Discord works, including streaming when friends want to watch
If I really want to play Apex or Battlefield I’ll fire up my dual drive dual boot Windows, and in the meantime, no more Microsoft spying on me, forced Windows updates and reboots at random times, ads in my Start menu, Xbox apps and other bloatware, etc
why even use custom ones like Endeavor? steam works fine on basic fedora and arch -- have tried on both.
I did consider Fedora, just was intrigued by EndeavourOS, being Arch-based but with default settings that work totally fine for a casual like me, not having to fuss about setting up a DE or WM+addons, firewall, WiFi, Nvidia GPU worked out of the box, etc
I have 3 4k monitors. Windows drives them without a problem. Linux still can't. I tried for a whole day and eventually gave up.
The DB lists popular games, what about indie games coming out every day?
These are often in the database as well. Indie games also have a very good chance of working without any changes in Proton, IME. They usually aren't very "high tech" and I suspect that at least some of their creators test them with Proton.
I have been running Steam on a Fedora Sway spin on a ThinkCentre M75q Gen 5 for nearly two years now, playing Hades or Hollow Knight. Before that, I ran Steam on Debian on a ThinkPad T14/P14s to play Cities Skylines. I usually use an Xbox or PlayStation 3 controller. It works great!
My concern has long been, what happens when I want to do something weird?
I have a projector that supports stereoscopic 3D. Sometimes I use things like HelixMod to add 3D to games. What would that look like on Linux?
Sometimes I use GPU driver settings to force games to use higher render resolutions (above my monitor's resolution), or better anisotropic filtering. What does that look like?
I think Marvel Rivals works fine so its not all Competitive Shooters ä.
Yeah good on them, everyone needs to do this. It's nuts Windows is still the go-to for anything these days despite everyone knowing what a parasitic, buggy mess it is. "Easy" shouldn't be the excuse in this day and age. Big orgs and especially government entities should be hiring the people that know what they're doing and get off that crummy platform.
It makes sense that everyone uses Windows for gaming, because you can't run games in your browser.
It makes zero sense for businesses to use Windows if they're only doing PowerPoint and video conferences.
It's almost like Microsoft might be offering something on top of businesses using Windows, that isn't as commonly available for other platforms.
Or businesses are just clueless face-less entities who have no idea what they're doing. Probably the truth is a little bit of both.
Microsoft offers ease of integration, in exchange for your company to be locked in forever in their domain.
What Microsoftoffer is having only one contact / contract for a huge fraction of the IT needs of a company so I can understand it solves some headache vs building stuff from many bricks with as many contracts.
They offer a full ecosystem where everything integrates with everything else, especially the central pillar of identity. But you will pay for that in more ways than just money or lockin. If you work with their solutions, the more you dig into them with the help of MS people, the scarier it gets. So many "holy cow" moments.
Businesses choose it because it works with what they already have, the existing tools, processes, skills and because Microsoft was always a safe choice by virtue of being almost implicit. They choose Microsoft because they're already deep into Microsoft, it's the option carrying the lowest risk and lowest short term cost.
Switching to Linux is complex, expensive and risky. The transition is long and expensive, plagued with teething issues, your MS focused knowledge is redundant, the patience of your sponsor can run out before the move delivers anything of impact. Who wants to take such risks when they can just not rock the boat and call it a day?
No it makes no sense at all. I do my gaming on Arch.
Windows sucks and I hope to see the demise of Microsoft during my lifetime(crosses fingers).
Most of their revenue is tied to other stuff though
1. Productivity / Business (~43%)
Includes:
Microsoft 365 (Office, Teams) - these can be likely ported to Linux if they're not already since they also work on MacOS? LinkedIn Dynamics (ERP/CRM)
~$120.8B
2. Cloud (~38%)
Includes:
Azure (runs on mostly linux, and moving cloud provider as a big corp is expensive, I don't see massive companies stuck in azure infra moving from it) Server products (Windows Server, SQL Server, etc.)
~$106.3B
I fully support the demise of Windows as an OS
But microsoft as a company has shifted away from Windows as their source of revenue, and will probably not be impacted too badly if it were to die completely.
The French move will hit the Productivity/ Business segment. Their motivation is to limit extra-European dependence so they will look elsewhere for this.
Similar to Germany with its DeutschlandStack and some migrations already ongoing.
> Microsoft 365 (Office, Teams) - these can be likely ported to Linux if they're not already since they also work on MacOS?
I thought the Mac versions were not a full fledged port and were missing features present in Windows.
You’re correct.
Azure services mostly run on Windows via Hyper-V, sans core networking.
I was under the impression anticheat is the only thing stopping linux gaming from taking over
Yes it's true
Anticheat and support for joysticks, steering wheels, VR, etc. is one factor for sure. I would say almost all games people play, which dont fall in the above categories, run out of the box with no or very minor tweaks needed (no terminal).
1. total abandonment of desktop as a platform, and the massive hurdles to distribute desktop software
2. move to Cloud and use electron wrappers because not even MS can bother making native apps on their shitty platform
3. Make Windows so shit that even hardcore power users can’t debloat it.
The moat of Windows is gone. Games, office work, all the classic arguments, have basically vanished in the last 5-10 years. The only surprise is why more people don’t get in the life rafts, when the ship is listing at 45 degrees. Is it because there’s still an army of workers and institutional inertia trained in Active Directory?
Most consumers are primarily on mobile devices.
Windows persists in the workplace where the cost to replace it is significantly higher than keeping it, and keeping it doesn't cost much to begin with. Part of that cost would be training, yes.
The other part is finding compliant equivalents for the rest of the software they use. If the MFA, VPN, chat, email, etc. are all already vetted and designed to be compatible, there's no way they'd want to switch. Many policies regarding proprietary information disclosure are also built off this ecosystem and the certifications Microsoft's cloud already has.
4. putting Mac users in charge of the UI who are genuinely incapable of understanding how they are breaking continuity.
That's like staffing a neurosurgery department with dentists. Or a dental clinic with neurosurgeons, it does not matter, you can have decades of experience working with a drill in the head area and still be the wrong person for the job.
Continuity with what exactly? IME Windows has been a mish mash of GUI frameworks to the point you teleport through time whenever you click around in control panel, since.. the XP era? I mean, I don’t disagree with you in principle, but the timing is like saying horse carriages aren’t keeping up with cars because they’re designed by car users. The Satya era can be good or bad depending on who you ask, but that’s for Microsoft as a company – windows as a product has had no coherence for a decade+, and that’s generous.
> Is it because there’s still an army of workers and institutional inertia trained in Active Directory?
Yes, that is a huge driver of inertia. I've had to battle that in so many different companies now, and it is absolutely aggravating. That on top of comments about how Linux sucks from someone who either has never used it, or has only used it on a server and thinks that is all Linux has to offer, are absolutely soul destroying.
This comment was wildly invalid even years ago.
See proton, heroic launcher, etc, etc.
Cyberpunks own benchmarking suite runs 30% faster (for whatever reason; my wintendo install is stock and nothing but nvidia drivers) on the ntfs windows partition on Arch.
Except today games all work and invariably markedly better on Linux. Even the games that stopped working on Windows for me work great, like https://www.protondb.com/app/2008510
Actually, it's the exact opposite. There is really no alternative to PowerPoint on Linux, unfortunately. I'm saying this as someone who's used Linux for 20 years now.
If there’s no alternative to PowerPoint, that should be treated as a plus, not as a problem.
Huh? There's a ton of PowerPoint alternatives that work on Linux. LibreOffice, OnlyOffice, Collabora Office, Calligra Stage, Google Slides, the online version of PowerPoint, more techy things like LaTeX Beamer or Reveal.js. Maybe these don't have perfect PowerPoint compatibility, or some niche PowerPoint feature you need but there's plenty of slide deck making options that work on Linux.
And then Canva, Prezi, etc. I can't understand the idea that there's no alternative to PowerPoint on Linux either.
Presentation has been a solved problem for more than 2 decades already.
Whenever we are talking migration out of the windows world, there is always a group of MS fanboys that pretend that you can't replace a software with another one if it doesn't even have the exact same set of features down to the smallest details while totally ignoring the interesting features the replacement can have.
The reality is there are never 1:1 replacement and Microsoft would have never had any sort of success in the office area to begin with that sort of nitpicking.
I'd think the only Office part difficult to replace is Excel. It has a lot of functionality, provides a lot of value and is the workhorse of most business processes I see. Now how do you replace THAT?
I tried LibreOffice (Impress) for something simple and it was not good - in fact it would just freeze. Although it did have a feature on MacOS that PowerPoint for Mac didn't, so I ended up using Impress for the first little bit and then PowerPoint for the rest.
Probably just a matter of time, it’s possible the friction will create opportunities. Something in the spirit of iaPresenter, md first would be awesome.
At the moment i have long html page with key event for next and previous, tiny script to check on specif markup for autoscroll.
I haven’t seen power point used professionally for over a decade. All google (though I’ve made the odd prezi)
I continue to be impressed as to how much of a bubble HN people reside in. A very small bubble.
Perhaps! I’m not in the US for what it’s worth
I'm actually constantly surprised by the diversity of experiences I'm seeing here. It's very much not a small bubble, at least not in comparison to any other social network/activity in my life.
Are you just hanging around California startups? I work in big consulting and am inside hundreds of the largest companies in the US, everyone of which is fully Microsoft and only ever seen PowerPoint. I’m in dozens of teams meetings a week across as many organizations and have been in 2 Google meets meeting in the last decade, both of which were California fintech startups.
European startups mostly.
Yes, most people use MS where I live, too. But most of them only scratch the surface. To this thread's point, 99% of PowerPoint presentations I've seen are just walls of text on a bunch of slides, with the occasional illegible graph.
Now I'm not saying I actually know my way around PPT or that I'm some presentation whiz, but this can probably be done with the browser version. Just like the "new" Outlook is simply a new Edge skin.
I work for a company that has drunk the MS Kool-Aid and then went back for a refill, yet I've never had any issue using the web version of the suite ever since it came out. I don't even run Windows on my work laptop. Teams is the only app that seems marginally better in its heavy version (heh), since it supports separate windows for the calls.
I've been out of the powerpoint loop myself for almost 20 years too; does it actually have any valuable functionality that you can't get on the free alternatives?
Every single morning on the train to work, I watch people put finishing touches on PowerPoint presentations.
I've worked in academia for years (in computer vision labs) and I can confidently say that PowerPoint is the best tool to prepare research presentations.
Could you go into details about why you think this?
I haven't used PowerPoint in years as I think my needs are pretty simple but I wonder what I'm missing.
I can see that the Microsoft ecosystem gives control on who can view files and provides collaboration and control. Both of which would be useful in the corporate world.
Is there's somethnig other than that or is it just ease of use?
For the most part I see people using MS Office tools because it's what they are familar with. They're familar with it because it's the only thing their IT department will allow them to use.
At least in my field, 90% of presentations are Beamer. PowerPoint is bad at equations just like Word. Besides easily integrating video/animations I can't think of why it would be better.
There are decent alternatives on all operating systems, including Linux.
Libre Office Impress does all the things that PowerPoint is used for at my workplace.
I'm guessing it's not compatible with Teams and that MS make sure it doesn't work properly with LO produced PPT files.
My Linux computer now is my main gaming machine. I purged my Windows partition a couple of years ago and haven't had the need to look back yet.
The vast majority of my Steam library runs on Mint without issues (and some older games run actually smoother on Linux than they did on Windows).
Not to mention my very large emulation library.
I have no idea what you are talking about.
Run your Windows games on Linux: https://www.tomshardware.com/software/linux/nearly-90-percen...
> It's nuts Windows is still the go-to for anything these days despite everyone knowing what a parasitic
Linux still doesn't have anywhere near as nice and cohesive as Group Policy, Active Directory etc.
Plus you can pay Microsoft to host it all for you on Azure.
Yes, liberty comes at a cost. It seems that convenience is no longer the main motivator for many people.
Convenience comes as a result of mass market adoption, for products for which convenience was not already the main selling factor. Look at cars; they were kind of difficult to drive and maintain 60 years ago, now they're super convenient to drive and maintain as you essentially just press buttons and look at screens to get all needed information about the car and drive it.
It's probably something like "inception -> adoption -> convenience". For Windows it was the same, was it not? It wasn't absolutely convenient to use, it was just better (in terms of usability and features for the average consumer), and convenience came after (Windows XP, Windows 7). Sadly the functionality degraded, and now all that is left is convenience.
lol "liberty" as if you are fighting to free slaves or something.
Europe doesn't want to depend on US infrastructure, that's the only reason to do this.
Nobody cares about Linux "freedom" or open source.
Freedom from suddenly being cut off is potentially important.
If you don’t depend on someone that’s freedom.
If your email was forcefully terminated would you call that an infringement on your freedoms.
Imagine what can happen if the French and other governments would start pouring all the money into developing that further in the open, rather than just giving it all to Microsoft instead?
Why haven’t they done it yet? I just think they’re incentivized enough for it.
Because until literally a year ago, the country that hosted Microsoft was one of France's most trusted allies.
It takes time to find a suitable replacement to a global monopoly.
Not really. I mean Trump has amped the rhetoric, but there have been no new laws passed.
The privacy threats were always there.
Law is irrelevant under the power of the gun; it was the threat to invade Greenland and the threat to leave NATO which have triggered this.
(people keep saying things like "only Congress has the power to declare war"; that may be technically true, but a war declaration is a piece of paper, and practically the authorization of force is at the personal disposition of the President)
Not everything makes US news but the decision by Microsoft to shut down ICC accounts after a Trump EO on sanctions really spooked a lot of EU governments.
There were general and abstract privacy threats. The current US administration however has managed to alienate the EU population as well as EU politicians.
Trump has basically ended the alliance between the western world and the US and everybody has started to built around that fact. Just one example is that the EU has finalized multiple huge trade contracts, some were in the making for decades.
I don't think the next US administration - if the US remains a democracy - will be able to fix that. The US lately has been very vocal that they don't want to be the center of the western world anymore and the western world got the message.
Reorganizing the post-WWII world order will take some time, of course, but I feel like the world is proceeding quite fast.
It looks like the president - which was a businessman - will make a huge damage to American IT businesses. And IT stocks dominate the S&P 500, comprising roughly 1/3 of the index's total market capitalization... Good luck America!
Gotta love anti America Reddit tier fear mongering
You know about Europe from Reddit subs. I know about Europe because that's where I live. We are not the same.
Sorry I thought it was the president of the US that imposed tariffs, threatened to invade Canada and Greenland, wanted to remove all Gazans from Gaza, etc, etc. not some random Reddit poster. My mistake.
One eu country or another has been talking about this for at least a decade. Nothing will happen this time either, or we'll get another of those things like the weird owncloud knock off that is totally developed by the EU
On the other hand in 2018 Europe managed to sort out LNG etc pretty quick.
I'm kind of surprised it hasn't been louder and faster after the tariffs came in, but we've already had investigation after investigation into monopoly practices, the EU is working on domestic payment processing. So the political will is there. I assume they're just quietly getting on with sorting it out.
Exactly. They know there's nothing to win by being vocal about it. But it's obvious that there has been a general shift within all of EU.
Is slightly disagree. Trump brought in the tariffs based on trade imbalances. Bringing services into the conversation would highlight that there isn't a trade imbalance. But then I'm not trying to guess what trump might do with any given input.
> yet
Best time to start doing it was yesterday. Second best time to start doing it now. They are at "now" step.
> Imagine what can happen if the French and other governments would start pouring all the money into developing that further in the open
You'd get a clusterfuck of a consensus spec, then they'd all get pissed off and develop their own incompatible versions anyway?
Have you seen international projects without strong, centralized leadership?
I have worked on things like PSD2, a well oiled government-led machine that just works. There are some dysfunctional things, then there are things working perfectly fine.
You need to update your notes its not 90s.
Credit where credit is due, I think the strong centralization of the EU administration has made for better pan-European requirements and software.
Sometimes the perfectness of the product is less important than the fact that there was one opinionated decider.
They'll start pulling Linux in a direction that suites them, which will potentially be at odds with the preferences of open source software enthusiasts.
They might have an effect in the development of an office suite, possibly of a desktop environment or one specialized Linux distribution. Nobody will be forced to use those specific ones if they don't like them. There are plenty of options in the Linux world.
Most of the cost (to the government) for Windows is "support" (in a very general sense) and that cost isn't disappearing with Linux.
Especially since it is easier to find badly underpaid (and not particularly competent) Windows sysadmins than it is to find badly underpaid Linux admins.
Ok but the license fees are, what, 50 quid? times say, 3k or 30k people? A 150k or 1.5m injection into the linux ecosystem to develop those would pay for a _lot_ of developers and a _lot_ of developer time.
doesn’t really feel like that much tbh
From what I heard about NGI-zero, another government sponsorship project (1), the problem so far is primarily finding the projects that need sponsorship.
(1) https://nlnet.nl/NGI0/
That doesn't seem correct. Almost all of the projects installed on a standard Linux distro need funding. I just stopped applying to NLnet after getting nothing but rejections.
I don't think that cost is what is mostly driving the move from Windows nowadays.
Are you implying that need for support would go away?
If anything the demand would be artificially high at the start of a mass migration, and then presumably level out to something similar to what we see today with Windows.
This is basically RHEL's entire business model.
Not a thing any longer, for the most part. People know how to open a browser on any operating system these days. Go to the menu, run it. Get bored and click the X on the top bar. Source: nearby kids. A few times I've said... "this is Cinnamon, or KDE, or... Windows."
"Ok, whatever," (old man) is the response I get.
And, you don't have to move 100% of their workflow in a single day: https://news.ycombinator.com/item?id=47730137
If governments, especially France, get involved in software development the likely outcome is that people will soon regret the days of Microsoft...
The so called free market really did a bang up job didn't it? The proprietary buggy mess of Windows and the walled garden of MacOS which given its *nix underpinnings could have been really fantastically awesome but instead is a proprietary buggy mess.
Group Policy and Active Directory are dead, for all intents and purposes.
It's now Intune (via OMA-DM), and Entra. Both of those products are about as bad as you might imagine the "cloud" versions of GP & AD might be.
They are better, in ways -- no longer having to care and feed for domain controllers is nice, and there's no longer an overhead for additive policy processing, so endpoints only get a single set of policy and log on much quicker -- but for the most part, enterprise management of Windows devices is in a worse place than it was ten years ago.
Try to figure out how long it will take an online Intune device to discover a new policy: As far as I can tell the answer is "eventually". There are bandaids for this, because of how infuriating it is, of course, but all time guarantees are basically gone.
Ask me a decade ago what an enterprise should do, and my answer would be straightforward: AD, GPO, Exchange.
The answer now is not simple.
> Ask me a decade ago what an enterprise should do, and my answer would be straightforward: AD, GPO, Exchange.
That was also the answer two decades ago. But if AD and GPO are now dead, what killed them and what are the options? Is the problem mobile and BYOD?
I’ve been primarily on Macs since that time where endpoint management isn’t much, so there are fewer knobs to fiddle with. In some ways it’s nice in that admins can’t screw around too much with my system. In other ways, I’m sure Macs feel limiting for those in charge of enterprise security. However, most endpoint management feels like it’s written for Windows with Macs as an afterthought for checklist security. Knowing that, I’m happy there are fewer places for dodgy software to be able to interface with the OS.
(Edit: added quote to top)
No alternative, you can't realistically fully control everything everyone does on every device in their possession. It was job security for useless control freaks, the products never should have existed.
Spoken like someone who has never provided computers to non-technical, minimum-wage users.
It was absolutely not the case two decades ago. There were no other options for an enterprise fleet, 20 years ago, if the question was asked. If you weren't Google (who never asked the question anyway), the answer for managing 25,000 endpoints was to use Windows devices with Active Directory as the management plane. Anyone doing anything else was in for a world of hurt... and that's why every enterprise ended up on Windows, and why everyone targeting enterprise management targeted Windows -- because that's what the endpoints were already running.
What killed AD & GPO was Microsoft, in their bullheaded push toward Azure everything. Instead of listening to what it was that the enterprise customers actually wanted, they designed a system that made sense to them, but to no one else. The original UI was written in Silverlight. It was horrific.
No, I meant that Windows AD was still the answer two decades ago. I can see how that may not have been clear - I edited my post to include the quote I was replying to. (You said one decade and I was just extending that timeline back another 10 years.)
There was LDAP and Kerberos support for *nix management, but nothing you’d deploy over a thousand end devices.
And you’re right, it wasn’t a question that got asked, because there wasn’t ever a second choice - AD was the only option.
> Kerberos
I remember it almost being a trope at the time that every Kerberos question thread eventually landed on some subtle / niche incompatibility or edge case.
> "if AD and GPO are now dead, what killed them and what are the options?"
The changing world. AD and GPO come from the mid 1990s before pervasive internet, before WiFi, before Cloud computing, before people had multiple computers, before iPhones, before AWS cloud infrastructure, before Kubernetes, before cheap fast hardware for virtualization, before cheap bulk storage, before BYOD and WFH and everything-as-web-app. Before that was the world of isolated 8-bit machines, expensive Solaris workstations and Unix mainframes with expensive admins, and after say 1998 the world was cheap Compaq/HP/IBM hardware running Windows server and Windows 9x desktop, and after about 2003 it was Windows Small Business Server (AD, GPO, SQL, Exchange, SharePoint) and XP Pro desktops.
Cracks started showing when people wanted to logon to a laptop away from the office when it couldn't refresh policies, run logon scripts, talk to domain controllers; when people wanted 'offline files' from a company file share while away from the office, but wanted their corporate email to work when their laptop was online but not pull down company settings over a dialup modem. More cracks when they got a Blackberry or iPhone, more when AppStores appeared and people expect to be able to install whatever they like, more with the rise of Apple Macbooks, with the growth of website based services people can use from anywhere, more with Amazon AWS where company infrastructure is on someone else's premises, more with BYOD and WFH, more with people expecting software to be cost-free, being trivially able to spin up Linux web and database servers because there was plenty of CPU/RAM/Disk and no worries about licensing costs.
> "it’s nice in that admins can’t screw around too much with my system"
If it's a company device, it isn't your system. The company has legal oblications and practical concerns that conflict with your desires as an individual. That might be pushing full-disk encryption or updates, or auto-locking, or restricting use of USB or websites to block potential customer information leak points, or trying to stop you saving work locally that might be lost if the device fails, or trying to stop your device being an entry point for malware or ransomware, or trying to stop you screwing around with their system which costs them employee time to fix and your downtime while it's broken.
What about offline, to my knowledge Entra and Intune do not work without actual internet connection?
I've never understood the management thing. People manage fleets of Linux machines all the time. What does group policy do that e.g. nix or ansible don't?
Fuse membership and inheritance-based object (in the sense of 'any computing thing or person') ontology with configurability?
The insight in AD+GPO wasn't in either thing, but in the +. Each would be far less useful without the other.
Group policy just sets registry keys. That's nothing you can't do any other way. The important bit is the inertia of 30 years of Windows subsystems and integration with Active Directory and 3rd party Windows ecosystem software all being written to expose internal config and look to registry keys for the settings.
For the first part, Group Policy (GPO) can set the screen to lock after 2 minutes of inactivity, say, which works because there are Windows subsystems built to look for a reg key for their config, and policy templates exposing that config in the GUI management tools. Or group policy configures which security group can "logon as a service" which works because Windows has system-wide and domain-wide pervasive Access Control Lists (ACLs). GPO configures that Background Intelligent Transfer Service (BITS) should limit its bandwidth use, which works because Windows Updates use BITS. Or sets the machine-wide SSL cipher order, because Windows software uses system-wide schannel not OpenSSL. Or GPO sets what your default printer will be and that's only useful because decades of 3rd party Windows software was written to use the standard Windows printer dialog, or User Documents path, or whatever.
For the second part, Active Directory is a tree-shaped organization tool; in screenshot[5] that I quickly Googled, the tree on the left has a folder named "Sydney" and below that "Sydney Users"; this lets sysadmins organise the company computer accounts, user accounts, and security groups by whatever hierarchy makes sense for that company - e.g. by country, office, team, department, building floor, etc. Then Group Policy overlays on that structure, and the policies are composable.
e.g. in this basic screenshot of the group policy manamement GUI[6] it's showing at the bottom a list of all group policy configurations that have been made in a domain such as "Block PowerShell", and higher up it shows the policy "PsExec Allow" has been linked inside the "ADPRO Computers" folder. So users and computers in that folder in AD, will get those policies applied. In screenshot[7] you can see a basic example showing corporate computers getting machine-wide settings, corporate users getting user-level MS Office config, and Executives get settings that nobody else gets. (This echoes the registry having separate HKEY_LOCAL_MACHINE and HKEY_CURRENT_USER subtrees). Screenshot[8] shows the relatively tidy GUI on the right for seeing which settings have been configured in a policy.
If you apply more than one GPO to a folder, the users/computers will get the all the policy settings combined. This is often what people complain about when logging on to a corporate Windows machine takes ages, btw. You can filter GPOs on a case-by-case basis to build patterns like "apply this machine-wide policy to all computers in the Sydney folder which are members of the WarehouseComputer security group" or "apply these logon-settings to employees in New York who are members of Finance and logging onto a laptop". So companies which have been around for years can have really (messy) big and intricate designs which would be a lot of work to migrate.
3rd party programs can release XML files which plug into the GPO management, and the programs were written to expect to be configured by registry keys so they can pick up those settings; there are templates for configuring FireFox[1], Chrome[2] Adobe Acrobat[3], Word, Excel, Office[4], VMWare Horizon, Lenovo Dock Manager, Zoom, RealVNC, LibreOffice, Citrix, FoxIT Reader, and so on. The more enterprisey a tool is, the more likely it will plug into that ecosystem. Then all kinds of 3rd party reporting and auditing tools look there to see if your company is compliant with this or that; the whole thing is integrated with Windows' domain-wide ACLs so you can give some admins permissions to view or edit just their regional subset of this.
As usual the lockin is not that they do something amazing that nothing else can do, the lockin is that Windows domains have been around in this format for 30 years since NT4 and Windows 2000, and it has huge inertia, familiarity, is deeply embedded in a lot of companies, you can easily and cheaply hire lots of people who know how to use and manage it, you can send screenshots of it to auditors and they understand it, if you don't know how but you have a bit of (oldschool) Windows experience then clicking around will get you the basics, you can buy 3rd party auditing software that will send you a management friendly report with green ticks saying almost everything is fine but you should change this setting for security...
[Yes of course you can build your own custom replacement for every single thing, just like you can build your own custom replacement for any software; it's "just" ldap and kerberos and dns and some scripts and site-to-site policy replication and management tools und und und].
[1] https://support.mozilla.org/en-US/kb/customizing-firefox-usi...
[2] https://support.google.com/chrome/a/answer/187202?hl=en
[3] https://www.adobe.com/devnet-docs/acrobatetk/tools/DesktopDe...
[4] https://www.microsoft.com/en-us/download/details.aspx?id=490...
[5] https://www.windows-active-directory.com/wp-content/uploads/...
[6] https://activedirectorypro.com/wp-content/uploads/2022/09/gp...
[7] https://www.varonis.com/hs-fs/hubfs/blog%20posts/Group%20Pol...
[8] https://redmondmag.com/articles/2016/01/12/~/media/ecg/redmo...
> Linux still doesn't have anywhere near as nice and cohesive as Group Policy, Active Directory etc.
Isn't it about time someone developed one?
The foundations are there; you can imagine an organization deploying laptops with, say, Ansible, and not giving users root on them. LDAP sort of matches the old capabilities of AD, but not completely. There's even a "SAMBA as fake domain controller" mode.
Ironically what it needs is a product or service which organizations can pay to take the problem off their hands. But then people get stuck in never paying for anything in the open source world.
> Isn't it about time someone developed one?
Honest question: Why? If you want a Windows-like environment, run Windows.
I get this all the time when people ask about a Linux equivalent for something, and aren't really satistied when it doesn't work or look the same. Linux isn't a clone of Windows. Linux comes from an older heritage, and has a unique culture. You are in for a hard time if you want to use Linux like you would use Windows. That's a suboptimal experience, at best.
That said, of course Linux should be easy to manage. But Windows is from a single corporate entity, of course their management tools will be different. It used to be unix admins that laughed about people using Windows as servers. The culture around Linux is one of scriptabiliy where even the user interface, the basic shell, is one where every command is inherently a script. That's why management on Linux looks like Ansible and OpenSSH, not like Remote Desktop and Group Policies.
You could write something like Group Policies for Linux of course, but it wouldn't be a complete solution so people would just continue using Ansible, OpenSSH, and the respective package managers.
What's the Linux version of AD and group policies? (honestly curious; linux sysadmin at scale not my day job)
I don't know. What's the Windows equivalent of dpkg (from 1993) and ssh (from 1995)?
Still nothing, three decades later. Not because Microsoft engineers couldn't do it, of course, but becasue they didn't want to. It doesn't fit the Windows model. They did recently adopt SSH, but that was because they want to use Windows in cloud-like environments, where expectations are set by Linux-style tools.
By the time Windows got to the point where it even could be centrally managed in any reasonable fashion, Linux environments was routinely run an order of magnitude larger still.
There is a reason why the whole cloud runs Linux. Anything else is a rounding error. That's because Linux is inherently so much less work to manage at scale.
If something like Group Policies would somehow be accepted by the Linux community, that could only be a step backwards. A well run Ansible or Puppet or similar environment works on a completely different scale.
Isn't WinRM/PowerShell/RDP equivalent of SSH, and dpdk/apt-get is basically .msi with group policies for installation? This has been there for decades probably?
Group Policies also allow you to enforce things like browser configuration (proxy, homepage, search engine etc.) wallpapers, screen locks etc.
Can this be done on Linux? Honestly, I have no idea - I think gnome with gsettings/dconf can do that, but can KDE?
That's the point I want to convey is that while there are tools like MSI on Windows, many years after Linux had dpkg, it's not the same thing. On Linux the package manager rules the filsystem and keeps a complete database of which package owns which file. There are no exceptions, not on the parts of the filesystem where the package manager rules. Even the operating system itself and all patches is handled by the package manager.
That's first and foremost a cultural difference, not a technical. Sure, there's nothing to prevent a Linux vendor to write "install scripts" that copy files willy-nilly across the file system, and many vendors have done this but always with disastrous results and since Linux people hate it, those products are either repackaged or stored in a separate directory far away from other files.
This means installing software at scale (any number of systems), or the question how to cleanly uninstall software it not a question you should ever ask in a Linux environment. The questions you should ask are different in a Linux environment. That is why the tools look different.
Tools like gsettings are culturally alien to the unix world. Instead, home directories are seeded with dotfiles. And dotfiles are kept in version control. Yes, that means that unix people can't answer the quesion how to lock the proxy settings so the user is unable to change them. Instead, should a sensitive system require it, they would instead manage by policy and disallow any traffic outside said proxy.
I mean, Linux package managers are so great that we have at least 2 different ways of delivering software (especially GUI software) to Linux distributions that depends on "app images". To me that shows that none of those approaches are solving 100% of problems that you encounter in the wild.
> This means installing software at scale (any number of systems), or the question how to cleanly uninstall software it not a question you should ever ask in a Linux environment.
And yet this is a problem that so many third-party vendors who try to support multiple Linux distributions have been struggling for years.
> Tools like gsettings are culturally alien to the unix world.
Sure, Linux and UNIX are coming from different roots, but "cultural" means nothing in large organizations, where computers are basically tools not that far from printers, projectors, even hammers. A way to do someone's job. I may hate locked systems, but then I don't have to support users who cannot find their trash bin on the desktop anymore.
You can seed dotfiles for all users, but you can't really enforce that user cannot for example move his taskbar from bottom to the top of the screen without policy enforcement. gsettings/dconf may be culturally alien to this world, but it is (or at least was) solving an actual problem. A problem we may not care about, but some companies do.
Now, I think there is an interesting discussion here to be had - given this latest push from Windows to Linux, as a way of distancing Europe from US, would adding features that bridge this policy enforcement gap between Linux and Windows is desirable?
15-20 years ago I was going to say yes, but back then I cared so much more about Linux as Windows alternative for office use. Today I actually prefer Linux Wild West and how hard it is to lock it into any sort of MDM.
> To me that shows that none of those approaches are solving 100% of problems that you encounter in the wild.
The problem is a self-enforced one by developers. They chase the newest updates instead of focusing on stability. And bundling security and feature changes. And they want to push those updates instead of people pulling it in.
> And yet this is a problem that so many third-party vendors who try to support multiple Linux distributions have been struggling for years?
Are those complaints done in good faith? Most repos allow for custom repositories. And writing a build script are not that difficult. If Calibre, VLC, Firefox, and Blender can be everywhere, so can those applications.
> A problem we may not care about, but some companies do.
Do they? Or is just IT playing with the knobs?
Firefox has /usr/lib/firefox/distribution/policies.json which lets the sysadmin lock down what users can do with the browser. Example: If you wanted to block all extensions except for a whitelist, you could control that via that file.
There's a bazillion tools that let you manage files like that across thousands of servers/desktops but the hot one right now in enterprises is Ansible (which would make it trivial to push out an update to such a configuration).
Chrome has a similar file: /etc/opt/chrome/policies/managed/lockdown.json
"Ah yes, but what stops the user from downloading the portable version of a browser and using that?"
You can mount all user directories with +noexec. Also, Apparmor lets you control which applications can make network connections if you want to get really fine-grained.
Other applications have similar policy files. For example, Visual Studio Code has /etc/code/policy.json which—for example—would let your company lock down which extensions are allowed to be used/installed.
> Group Policies also allow you to enforce things like browser configuration (proxy, homepage, search engine etc.) wallpapers, screen locks etc.
Unix has always be about treating users like adults. The administration tools are more about the whole system and the hardware. You can always provide default or sample config, or prevent anything in HOME for being executed, but enforcing wallpapers is silly. But you can still do it by patching the software.
> What's the Windows equivalent of dpkg (from 1993) and ssh (from 1995)?
PowerShell PackageManagement [1] and Remoting [2]
[1] https://learn.microsoft.com/en-us/powershell/module/microsof...
[2] https://learn.microsoft.com/en-us/powershell/module/microsof...
They are not exactly equivalents, but that's not the point. I try to expand on this answer in the sibling comment.
What's important to notice however, is that the oldest of these are from 2009. At no time in the intervening 15 years (!) did someone say "Windows is unusable for desktops because it is not manageable".
I wasn't curious about those things. I was asking about AD+GPO, because I was interested.
GP dates back to Win95/NT4.
The concept does not really exist it is a Windows thing. You could call Puppet or other config managements group policies, but Linux is not a monolith so it is more organic.
Lixnux version of AD is FreeIPA, with group policies translating to dconf - at least that was the way "enterprise" linux vendors (like RH or Canonical) were moving towards.
Now, how well is dconf integrated with all the software you want to run is another thing (it was done by GNOME, and ignored by KDE), and whether this is still the way they are all moving is yet another question but the infrastructure was being built.
AD is LDAP+Kerberos, which has existed in the Unix/Linux world long before Microsoft bastardized it. So pick any of half a dozen LDAP server implementations and any of 3 or 4 Kerberos implementations and use those. If you want point-and-click/drool interfaces, use FreeIPA. If you really want it to look like AD, use Samba 4. Even Windows boxes will hardly know the difference.
Group policies don't exist and won't ever exist on Linux. Group policies are LDAP entries that are copied on system boot and user login into their respective parts of the local registry. Software may then read, interpret and use those registry entries. On Linux that wouldn't work for numerous reasons. First, on a multiuser system rebooting to apply configuration changes is not viable. On windows that's apparently fine because its single-user anyways, and reboots are an accepted fact of life. Also, to apply a system policy that is intended to limit what a user could do, asking the user's software nicely via registry entries is stupid and insecure. Lots of software won't even read the registry and have group policies that it will obey. Want to get around an Internet Explorer Group policy? Use Chrome or Firefox!
So what you do instead on Linux is: If it's just configuration, just copy it over, using the usual text configuration formats that are common on Linux. There are lots of tools to do this, starting from simple hack jobs like using scp to full configuration management systems like ansible or puppet. The "group" part is handled by those systems as part of their function, you can easily group/subgroup/discover/inventory/parameterize. If it's policy, so you want to restrict what a user can do, you use the higher-privileged layers of the system to put in actual restrictions, not just "group policy" suggestions. You can configure the user's home directory to be mounted noexec, so software execution after an unauthorized installation is impossible. You can put them in containers, namespaces, limit their resources and system access using cgroups, filesystem permissions, and more fine-grained permission systems like SELinux. If you are so inclined, you can forbid the user from opening files starting with the letter 'f', using eBPF syscall filters (this will of course break everything, but I needed a stupid example ;). All those can also be configured with your configuration management system of choice.
Just as a comparison: Our windows team needs 3h just to re-image a laptop, just for windows. After that, all the software needs to be reinstalled, all the data copied over. Then, after 2 days and 10 reboots or something, it will have picked up all the policies, updates and things and maybe be usable. Our Linux installation takes 45 minutes. Including all the software that was previously assigned to this system, including all the settings. It will be fully updated, configured and usable after the first reboot.
On a Linux desktop you can lock down waaaaay TF more stuff than Group Policy allows. The only difference is you need a sysadmin that knows what they're doing. You can't just point and click a button that prevents users from connecting USB devices. Instead, you use a combination of groups, udev rules, and systemd-logind. There's also ways to do it with PAM if you want.
The most popular way to control user desktops that I've seen is to have your user login via LDAP (just like AD), optionally with Kerberos and then have their permissions to various things controlled via those groups. For example, if you were building a "desktop policy" for Linux users across your organization, you'd probably make a .deb or .rpm that installs some udev rules that grant or deny access to various things based on which groups the users are in.
Of course, you can also control things down at the user level. You could put a script in /etc/profile.d/ that does whatever you want when the user logs in. You can even make it dependent on how they login (detect remote SSH session or local login).
There's also dconf and KDE's Kiosk mode if you really want to lock shit down to annoy TF out of your users (haha).
Once you've got your Linux desktops setup the way you want (which is usually just a matter of making your_company_desktop.deb or .rpm) to customize things/permissions, you have so much power to do things you can't do on Windows. The fine-grain control in Linux is unreal: You can give a specific user access to run and do very, very specific things as root (Windows Administrator equivalent) without much effort at all.
Linux also lets you lock down the hardware in ways Windows doesn't support. For example, you can chattr +i to make certain devices/files immutable. You could compile a custom kernel that doesn't even have USB mass storage support. What's more secure than that? Haha.
BTW: You can also make all USB mass storage devices read-only with a simple udev rule. You can even add exceptions for special things!
> If you want a Windows-like environment, run Windows.
One of these questions where we, those doing the discourse, need to pick apart what the word "you" refers to here.
In this context, it is national governments, who have started to fear that there may come a day when they are not allowed to or able to or safe to run Windows. That gives rise to the question, "how can we get a system that minimizes the disruption of migrating away to Windows?"
Ultimately it's not about specifically wanting AD or GP as technologies, either, but the things they enable: seamless single-sign-on across an organization, and management of software security and updates across a fleet of desktops.
(possibly the thing that fills this hole is simply a fleet of consultants which go around explaining things to CIOs!)
Right, I see where you are coming from, I still want to make the stronger argument that we should not strive to re-work Linux in Windows' image. Most such initiatives, like gconf/dconf, have severely degraded the desktop experience.
I have some experience at places where Linux are run on desktops at scale, but they all have in common that these are engineers for whom Linux is the better experience to begin with. It's not like that for administrative staff and management. And as much as I'd like to tell people to use Prezi instead of Powerpoint, and Markdown instead of Word, sometimes Libre Office is the best answer.
We have to be practical. Still, I feel that too often it is engineering that has to use tools intended for administrative people. Once in a while, they other way around may not be that bad.
For a modern workplace, where smartphone and cloud based applications rule, the traditional Windows tools like AD and GP can only do so much. You also need MDM tools, and something like SAML. If you are looking for an out-of-the-box tool that can manage both Linux and Windows clients, Red Hat has FreeIPA. It's not AD, but it goes beyond that capability.
> Honest question: Why?
Because it works really well for a corporate environment where you require central management for your devices. Yes, the environments of Linux and Windows are different as you said, and unfortunately that means one will generally be better than the other within certain contexts. The corporate workstation use case is a gigantic one that Windows is currently dominating in, and this is terrible for Linux adoption because it means to get a job at a place that uses Windows you are incentivized to use it yourself so you can learn it. It also means that schools (which are often run like businesses internally) are way more likely to use it, so new students that are just learning how to use a computer are coming up on Windows.
Linux is indeed very different from Windows and that's fine, that isn't a problem at all and it has plenty of upsides. What should be clear is that this particular use case is a remarkable downside for Linux, and the mass adoption of Windows in the majority of businesses should make that self evident. Realistically Linux can and absolutely is used in business contexts in the same way as Windows (hence why France is going ahead with it), but it isn't as optimized for it as Windows is, when it totally could be. Macs have had some robust management platforms made for them that I've found pretty similar to AD for example. If someone developed a straight out AD clone for Linux that functioned more or less the same on the front-end it would be huge for Linux adoption in my opinion. Hopefully that answers your question.
I'm not up on my current windows security, but windows has been dominating for decades, much of which it's security was non existent, being originally a single user system. Linux being a nix is multi user from the ground up.
So you seem to be making a conclusion that isn't warranted.
That isn't to say any of this is wrong per se. Just that being the best does not necessarily lead to success.
NT was designed as a multi-user system from the ground up.
Right but windows also aims to be backwards compatible which means it was trying to run things designed for a single user system undermining protections.
That makes absolutely no sense.
'vim' wasn't designed for multi-user use. Nor was emacs.
Applications don't need to somehow be "designed" for multi-user systems. It's up to the underlying system to enforce application isolation in various ways, which NT has and does.
Well AD is just a really opinionated LDAP/Kerberos setup, so you’d think that there would be something that Linux could do.
But when you’re talking about enterprise management of thousands of devices, you need some kind of consistent security policy management. That requires running OS software that accepts remote policy management, which is a very specialized configuration and not just “vanilla Linux”.
You can get really far with LDAP, but I’ve only used it for remote accounts, file shares, and sudoer config. I’m sure there are more policy configurations that would be possible with a more advanced tool.
I suspect the RHEL world has something to offer here, but I’d love to see a more general and commonly supported solution developed. It would make Linux more of an option for enterprise managed endpoints.
But, I agree with you - for an enterprise customer, this really needs to be some kind of paid/supported product. I wouldn’t want the French government to rely on some scripts that worked on my small cluster.
> That requires running OS software that accepts remote policy management
Every Linux system that supports SSH potentially "accepts" remote management! The challenge is just putting it into a framework.
The gaps: Pull VS Push, Imperative vs Declarative and Discovery being hard.
Windows uses Group Policy (which isn't particularly secure for many reasons) while Linux uses configuration files (e.g. udev, AppArmor, stuff in /etc like fstab) in conjunction with file permissions. However, you can go way farther by compiling your own kernel that has certain functionality removed (e.g. USB mass storage).
Managing lots of configuration files/scripts across many thousands of servers, desktops, devices, etc is a long-solved problem. Most enterprises use Ansible or similar.
In almost every way, managing many thousands of Linux desktops is much simpler and more straightforward than Windows. If you're using Ansible playbooks, you can keep everything nice and tidy in a single place and everything you'd ever want to customize is managed via a plaintext file you can modify with your editor of choice.
You can organize them however you want or even use a GUI to change stuff (if you pay for Ansible Enterprise or whatever it's called... Or use one of the FOSS alternatives).
Managing Linux desktops at scale really isn't much different than managing Linux servers at scale.
Group policy is an annoying pain. Yes, there aren't many better options out there, but it's not as if group policy is _good_.
> Linux still doesn't have anywhere near as nice and cohesive as Group Policy, Active Directory etc.
I am sure that's something the Gnome Foundation could figure out if they had a grant to do so.
Putting it in the hands on the GNOME foundation will just result in a lot of new soon-to-be-mandatory APIs and numerous configuration variables with only one allowed value.
Even the old companies have moved away from that nonsense. Huge waste of resources.
The primitives are there and they're solid, beyond that it's "just" architecture and integration work. Hopefully the French government will be rational with this (I believe the time and financial constraints will for it to be, we're broke and we lack time) and they won't fall into the trap of trying to internalize every bit of the platform.
A good example of that would be what happened with Docker. Off the top of my head cgroups, namespaces, seccomp, overlays and capabilities had been around for a while before it got rolled up in a nice utility in 2013 and opensourced in 2015. Hence the containerization movement. Solaris zones and FreeBSD jails were nice but they always were let's say a bit too bearded.
> Linux still doesn't have anywhere near as nice and cohesive as Group Policy, Active Directory etc.
Enterprise environments use a number of tools like Powerbroker, UCS, Centrify/Delinea etc to bind linux machines to active directory and manage identity and access through active directory. This is for mixed environments with both Windows and Linux machines.
For pure linux environments, there are a number of tools like FreeIPA/IdM, Samba AD/DC (for A/D like management), and OpenText's eDirectory for the current version of Novell's eDirectory counterpart to A/D. They all provide centralized user/host/policy/access management.
Since Entra+Intune are the recent MS products, cloud-based equivalents are Jumpcloud+Fleet, Okta PAM, FreeIPA/IdM.
I don't know any of these tools but I believe your comment answers most questions in this thread.
I really hope some of these answers are ergonomic enough for windows sysadmins to accomodate this transition.
Personal computers were used in office environments long before the technologies to make them administer-able as if they were a mainframe. Before blindly jumping in and reproducing those technologies, better to ask why they emerged in the first place.
Most workplaces don't have strict bans on personal mobile devices, and some of the ones that do, don't have the kind of physical perimeter defense that can detect people getting lazy about whether or not they carry their personal mobile devices into the workplace. That makes perimeter defense into security theater anyway. We need a rethink about what we are guarding against and how we're doing it.
> Most workplaces don't have strict bans on personal mobile devices
If you're talking about select work apps on your mobile device, sure, but that's limited attack surface.
If you're talking about employers who let unmanaged mobile devices hop on their internal network... I've never seen that. Maybe at a hypothetically perfect zero-trust shop?
I've seen a lot of un-seriousness about security. One that's easy to spot is old unpatched IP phones that aren't segregated on the network. I've given demos at companies that are serious, where a device I accidentally left behind caused an urgent search of every room I had been in. Security didn't have to be told which rooms those were.
You likely know better than I, but I've always had a weird intuition that enterprise IT security is bifurcated into "Leaders who understand compliance+details" and "Leaders who confuse compliance for details" with very different results.
And I get it's extra work, but I've seen some weird "But if you'd just built this a bit differently, you would have gotten all these free security bonuses to your posture" gaps.
Imho, a huge part of the problem is invisibility. I'm firmly of the belief the US government should be running scans on entities in regulated industries (defense, healthcare, utility, telecom) with regulated redress of any findings.
Trusting private industry isn't working.
It does, it's called FreeIPA (or RedHat IdM). The only GPO parts it doesn't do are those that are not related to policy in the IAM sense (i.e. configuring some application related thing). There's other systems for that, just like on Windows you practically never run GPO without anything else. On top of that, you can pay RedHat or Canonical to host it all for you on any cloud or non-cloud.
that's the catch with gp/ad. for a lot of orgs the hard part is intune/entra now. swapping the desktop is easy. replacing identity and device management is the real migration
Doesn't the Azure team own Intune/Entra now? Read: less inclined to give a fuck about artificially protecting Windows desktop.
I've no idea what current internal Microsoft org divisions are.
Honestly as wide spread as it is, managing group policy sanely is still a challenge I've found - it's very resistant to configuration as code.
Linux has a lot of the pieces but is principally lacking a solid distribution system - in particular a big missing component is the network-based SELinux policy distribution system which you can see some hooks in for the concept of a "policy server" which never eventuated.
SELinux would be a lot more viable if it had a solid way to federate and distribute policy and has some nice features in that regard (i.e. the notion that networked systems can exchange policy tags to preserve tagging across network connections).
> managing group policy sanely is still a challenge I've found - it's very resistant to configuration as code
Imho, this was historically (and continues to be) Microsoft's Achilles heel.
Large parts of the company reflexively wrote features / tooling as manual-first, code-second (or never).
In hindsight, what was missing was a Gates-level memo circa 2000 similar to Amazon's API one: all teams are required to build their configurators to be programmatically exposed.
Unfortunately, I don't think Ballmer was enough of a technologist (and was likely too distracted) to intuit that path not taken.
Must be the only nice and cohesive parts left. Perhaps they have not figured out how to put ads on AI on it because it doesn't have many users.
This is actually a good time to disrupt that, as Microsoft’s attention is not on windows and Active Directory is slowly moving to Entra, although big enterprises are mostly hybrid.
Some places are using Okta for many of those functions too. Trump’s instinctive parasitic slumlord behavior may be enough for the sleepy Europeans to get their shit together.
No non-US government should host anything on azure, or any other US-owned cloud. Thats security and sovereignity 101, or more like 100. Reality with hostile US being as it is.
What you list are no showstoppers, and since its a well known topic I cant imagine why some EU-funded effort in say 2 billions over next 3-5 years shouldnt reaolve it once and for all, for entire world. Well invested money.
> Linux still doesn't have anywhere near as nice and cohesive as Group Policy, Active Directory etc.
I take your word for it (I know of Kerberos and LDAP and Netscape and Sun trying to make such palatable, but clearly haven't followed that in the last quarter-century).
That assumes however the server to be currently MS Windows. For government agencies, I'd rather expect some Mainframe to be (and remain) in place. Surely IBM (or here rather Groupe Bull) has user authentication/authorization figured out (more than half a century ago, methinks).
I'm sorry, but how hard is that? Seriously.
The money governments sink into Microsoft could have funded a sovereign OSS ecosystem many times over.
"Easy" shouldn't be the excuse in this day and age.
I think "Easy" has been the excuse for everything humans do in every day and age.
Problem is that people like having a similar interface for both work and non-work things, and Linux doesn’t have enough penetration into the consumer market to influence stakeholders. The first step is making Linux the default choice for hardware providers. Framework was one of those pioneering this but was underfunded imo
I don’t think a lot of people still go home and use their computer for stuff. Most of my family will either rely on a phone or tablet to get anything done at home.
I doubt they’d care about which OS they’re on. Corporate tightens their laptops beyond belief, so all they’re really running is Teams and Excel. This seems to be the case for a lot of friends I talk to, no one gives a damn about Windows anymore. Heck, my sister-in-law moved to Ubuntu of her own choices, despite having low tech literacy.
The first step is making Linux the default choice for schools, the rest will take care of itself in 10-20 years
I am skeptical about there is such "people that know what they are doing", nor would I trust such a claims. But with little twist I think I could onboard the idea with, "people who aim for analytical and open approach and reports". Thus opening the decision making under post analysis and future improvements so research body of knowledge would eventually turn the tide.
I haven't installed or used windows much for last decade, but still I'm bit a shamed that each time I install Linux on some computer I live existing windows drive untouched and available for backup in case I need it for some reason.
The age of the Linux desktop might actually finally be coming
Personally I think we are at an interim period for a big player to emerge and take over this space. If enough governments in the EU start switching over to customized linux distros theres a big chance for someone like Nokia to come in and develop their own approved distro with proper MDM and GPO-like management functionality baked in .
On top of that it could be great to see SteamOS continue to gain share and become more than just something people run on gaming purpose hardware.
And thirdly would love to see a more simplistic but super lean and functional OS built on something like the BSD.
honestly since the browser has more or less become the real operating system the host OS doesn't matter so much anymore. most people do 90% of their work in the browser anyway
There's an xkcd for that ;) https://xkcd.com/934/
> "theres a big chance for someone like Nokia to come in and develop their own approved distro"
Microsoft bought Nokia's devices and services division for Windows Mobile in 2014. https://en.wikipedia.org/wiki/Microsoft_Mobile
They killed any Linux device development at Nokia in 2011. Still salty about Elop shooting down a project we had spent 5 years working towards.
The holistic platform security for a combined phone/tablet base system would have been really interesting.
I'm not sure if I would have started using Linux but for buying an n800, so thanks for that.
We never did get around to our funeral for Nokia, sadly.
I'll make sure I toast Nokia at Elop's funeral.
Hah, if you ever used the N800 media player you will have been exposed to a tiny bit of my code. Some of the UI polishes and usability tweaks were mine. (Well, someone else had figured out they needed to be done and the bug landed on my lap...)
"/* Here be dragons */" in a particularly hideous d-pointer punching chain must have been a surprise for whomever eventually picked it up.
> Personally I think we are at an interim period for a big player to emerge and take over this space...
And even without a big player, the number of people who are entirely operational with just a browser at work is huge.
Many SMEs already realized they can switch seamlessly between Windows and OS X / MacOS and I see people working on either one or the other. For example a desktop PC running Windows and a Mac laptop is not uncommon.
I switched an employee at my wife's SME to... Debian! And the transition has been more than fine: they live in the browser (Google Workspace, paid company subscription). Unattended-upgrades, a user account that cannot sudo, and that's it.
The number of desktop PC running Windows that are actually glorified browsers has to be through the roof.
Once people realize there's no need to pay the double-whammy Microsoft tax (pay for a new Windows / also pay for a new PC), suddenly installing Linux becomes an option.
Now I know: using Linux and Google is not "getting rid of US tech". But it's "getting of Microsoft" and that is fine with me. I'll never ever forgive the mediocrity this company has brought onto the world.
I've been using linux as a daily driver since the start of the year.
There's still a long ways to go before things "just work". It's about equivalent to windows right now in terms of frustrations, it's just that frustrations are more along the lines of "this is a bit wonky" instead of "this is malicious / was their intended behavior". It's gotten a LOT better, don't get me wrong, but it's still far off from what a typical user would need.
I'd love to see either Valve or Nvidia really put in effort into creating their own hardware/software integration on a level that Apple does. I think it'd go a long way to legitimizing it.
Yeah, for example a bunch of my system updates began showing scary error notes because somehow there is a header inconsistency between the amdgpu driver and the kernel.
I'm not regretting my choice, but it's also something where the average user can't just call Linux Support and get a "run X and it'll fix it" solution.
One can call Windows support? And get help?
Arguably there are more support options for Windows because it's got fewer derivatives than Linux, and was historically more common on desktop.
Do typical users care that much about a bit of jank, though? All the “typical users” I know are on spyware infested Windows laptops and just interpret the horrible shabbiness of the whole experience as being normal.
This is the saddest part - they actually think computers suck that much and don't know their lives could be a lot easier.
To add. It is jarring for me when I occasionally get to use someone's browser that does not have an ad blocker. It is indeed surprising what users have accepted as the norm.
Thank you for saying something I've been saying for awhile: Linux definitely has jank, but I'm not convinced it's more janky than Windows.
I think people are so used to Windows' awfulness that they kind of forget about how much bullshit is associated with it. Linux has bullshit too, though it's getting better, but when people talk about Linux jank they're always smuggling in an implication of Windows having less jank, which I don't concede at all.
I don’t think it’s a question that Linux has more jank. I recently installed a fedora spin on a laptop that came with regular Fedora installed originally and the WiFi didn’t work. That’s some janky stuff right there.
> fedora spin
Installing the equivalent of OS "slop" isn't Linux's fault... For better or worse the choice that is afforded by OSS licenses means that many of those choices will be bad.
Meanwhile I haven’t had a wireless issue on Linux since 2010 or so.
I've had wifi drivers not work with fresh installs of Windows as well, so that's hardly a unique Linux thing. I've also had to reboot Windows into special modes because apparently a driver from a Broadcom WiFi card was "unsigned", so I had to disable the check for that.
I've also had registry corruptions, and I've had unprompted updates brick my hard drive because Windows Update is a terrible piece of software, because as far as I can tell the Windows "repair tools" have never worked for any human in history, and neither has System Restore.
I've had updates in Linux break things but never so thoroughly as the time my mom got an automatic update where she literally could not boot in at all (because I think that the automatic update to Windows 11 that she did not want or ask for screwed up the boot keys).
I haven't had a Widows driver not work in decades.
On the other hand, Linux doesn't try to copy my home directory to RedHat's cloud, or force some AI assistant that I don't want onto me.
As much as I am a nixOS user myself, I think regular users should be directed to use atomic, immutable distros (as is the case with most of the distros growing in popularity) because of the robust update system along with the ease of rollback should something go wrong. Regular distros (really comes down to the package manager of choice) are much more brittle, perhaps even worse than Windows Update.
After I replaced my last windows install a few years ago... Checking windows 11 on a friend's PC a few weeks ago was a nightmare. I considered myself a power user back in the day and I really struggled. So now I do have perspective from the other end and it fits the picture - windows is also jank it is just familiar jank for most people.
There is another point too. The trend with Linux is up and improving slowly over decades. And for windows it seems to be the reverse and faster.
Ah the time old classic. Go into the registry and change these 3 keys that seeming have zero relation to the problem at hand and restart your machine TWICE then its fixed.
Out of the box most popular distros require less tweaking and hammering into shape than a windows 11 install and that is a very important "feature"
Me too, I was a 30 year Windows developer and Electronics Engineer so I went pretty conservative with Kubuntu LTS and it's been a pretty slick experience. Gemini has been great tech support for all the CLI stuff and getting all of my weirder hardware projects interfaced (100% success rate to date). Just considering whether to delete my windows partition to put my MP3's on, as realistically I'm not going to get any more Windows Programming gigs.
I've been using Linux on the desktop off-and-on for 20 years. I used OSX for awhile 2008-2015 when they clearly had the best hardware, and the OS was pretty nice. I've been using KDE since then, and I recently installed Bazzite (Fedora+KDE-based) on my sans-windows gaming PC. I also started a new job this year, where I have to use the company-provided MBP for compliance reasons, after having not used MacOS since 2015. So all this is pretty fresh in my mind, and I'll say that 2025+ KDE is by far the best out-of-box experience for power users. It mostly just works, and anything you want to tweak is easy to find in the settings. Setting up modern MacOS with things like more keyboard shortcuts for window management, focus-follows-mouse or even remembering where windows where after waking up from sleep requires you to buy an app or pay a subscription.
Linux may break more often, but you can almost always fix it with a quick google search. If it doesn't do what you want, there's certainly a setting or config or free app you can install that does.
MacOS may break less often, but when it does you're mostly out of luck. It may do what you want more often, but if it doesn't you have to buy an app, if its even possible at all.
Have also been using Bazzite since march on my home desktop and you are spot on. I think the main reason for average person linux being difficult these days are laptops with weird hardware configurations.
I use MacOS at work and although it is miles better than windows, if I had a choice, I would also use Linux for work.
> Linux may break more often, but you can almost always fix it with a quick google search.
And that’s where the problem is: a quick google search. Laughably trivial for technical users. Non-trivial for the majority of the population.
I love Linux and it is completely viable as a desktop operating system, but it’s far from ready for mainstream without better support.
For a rough analogy, I’d compare it to an old car before electronics. An old car is easy to work on and reliable if you do the maintenance. But an old car wouldn’t be reliable for somebody who doesn’t do any work on a car and outsources the maintenance.
Linux excels when things go right. The failure modes are substantially worse and far more likely to occur. It doesn’t matter if they’re rare. They’re not rare enough. And there isn’t support when things go wrong.
For example: It’s difficult to make the macOS UI fail to start through configuration. You never need to directly touch configuration. (And you can’t modify or delete macOS system files.)
With Linux, some normal problems just have to be solved in the terminal. This allows you to put the system into a configuration where the GUI does not start.
If you’re using Fedora or Ubuntu, there may be some bumps.
Use Debian or AlmaLinux and the ride is smoother.
big player + (standard) linux desktop may well be coming, but that means losing the semi-anarchist bazaar mentality. Will the standard be gnome or KDE or XFCE or ...? If gnome, version 2 or 3? Firefox or chrome as the default browser (or derivatives like waterfox or plain chromium ...)? AI integration?
The moment you're developing for people with no IT experience and no CS degree, you're going to have to make tradeoffs like Microsoft or Google or Apple have to make today, and somehow deal with the "curl ... |sh" problem.
> but that means losing the semi-anarchist bazaar mentality.
The places you mention are already receiving huge doses of industry funding funnelled through the Linux Foundation. Honestly, it looks like the standard is going to be KDE. Even microsoft is copying it for their next DE: https://www.webpronews.com/microsoft-windows-ripping-off-kde...
Why does there need to be a standard application for everything? Is there a default pencil vendor? A default printer vendor? Paper? Car manufacturer? Taxi company? Just let people buy/get whatever vendor/application they like. I rather see more interoperational standards.
I guarantee you, in a large enough organisation, there will be exactly one approved pencil supplier. That's how corporate purchasing works.
There's a lot of cases where this actually makes sense for compliance, support, and service level agreements between your org and the vendor's among many other cases. It just gets annoying when you absolutely cannot buy coffee beans from shop B on the team consumables budget because we have an exclusive contract with shop A.
In a governmental organisation, you might even need a public bidding process for any supplier contract big enough to cover printers and their ink/toner, as well as a support contract if something breaks.
Yeah, and this is fine. This is basically what I meant, a company can just select and potentially make a contract for a specific application. That's how it works for everything. My point was that there doesn't need to be the unique single global vendor/application a priori.
Personally i think there is a huge innovationspace for pipe connected agents doing work for the user.. a example:
A firefox agent downloading pictures of cats.. piping them to a graphics program drawing mustaches on them piping them to a moviemaker piping them to a firefox video uploading "the longest catswithmustaches" shorts compilation ever.. all clicked together in a "incredibble machine" like explorer by a user who doesent even know how to code..
But you can do that already with bash pipes. Doing it through the GUI just adds mega complexity
You can. I can. But with ai writing the glue code from a visible editor everyone can.
> "theres a big chance for someone like Nokia to come in and develop their own approved distro"
SUSE is a German company, so probably nothing to even develop.
Does SUSE normally come up in conversations about "easy to use" linux distros for "normal" users?
I'm not in that world, so this is a genuine question. The last time I looked at SUSE it seemed typically German in being uniquely complicated for no good reason, but that was years ago.
Suse is easy to use, just not mainstream.
I am suse user for 20+ years with a big break in between. To me it fits the best. Ubuntu I gave up on a while ago and came back to find things so much nicer.
They have a slightly different take on immutable than redhat but it also works well (rollback and all). Also the tumbleweed rolling is quite stable for a bleeding edge rolling release distro. Using it on a few boxes for the last few years and also installing it for other PC noobs and they seem fine with it.
Yes. It was as easy to use as Windows was like 30 years ago. It's still easy to use.
The only difficult part about Linux is the fact that people can't learn, so absolutely anything being different from Windows is a roadblock to the average person (I still remember the societal meltdown when MS changed the interface in their Office apps, or Windows 8...)
I remember SUSE not being harder to use then any other desktop distribution. But it has a lot, and I mean a lot of knobs to turn if you want to. But you don't have to.
It was a pretty amusing comment to me. Not only has SUSE been around for over 30 years, it was the very first enterprise Linux and it already has MDM tooling in the multi-Linux manager, repository mirroring tool, open-build system, Kiwi, edge image builder. Everything to build out a full enterprise suite of servers, workstations, customized kiosk OSes, already there. I'm more of the "give me my terminal or give me death" crowd, but it even has YaST and JeOS for the GUI-driven installation and config management that is seemingly what the non-tech crowd wants. A world apart from what the "solo indie devs" of Hacker News are paying attention to, especially in the US, but if Euro governments don't know about this already, that's on them. France doesn't need to roll its own shit unless it just wants to for the hell of it.
> France doesn't need to roll its own shit unless it just wants to for the hell of it.
Which, knowing France, is not unlikely.
Rightfully so, I would say? Given that strategic independence is the starting point for this discussion.
Personally happy that my country has some measure of military autonomy from the U.S.
Though I am in favor of European integration, too.
Oh absolutely. I'm living in Switzerland, there was big discussion some years ago whether we should go with F-35 jets or European alternatives like the Rafale or Gripen. We went with the F-35, which, especially now, more and more looks like the wrong decision.
Yeah, I think if Windows 11 is going subscription based (plus all the copilot pushing garbage and even more baked in ads) that will be a strong incentive to switch to Linux or SteamOS. I barely even play games enough anymore to make a desktop worthwhile. Might just jump to Mac only.
They can't do that, when they've already sold you lifetime licenses.
They could however introduce a subscription-only windows 12 and have harsh cut-off requirements like they did with windows 11.
A subscription-only OS would effectively kill Windows, but MS have made enough pretty weird decisions to cripple the product I wouldn't put it past them.
They also "can't" screengrab your credit card numbers or upload all your private data to their cloud for inspection, or steal your email password and download all your mail to a Microsoft server, or send fake emails about full OneDrive to trick you into subscribing.
"Can't" only applies when someone is willing to stop them, and nobody is. Microsoft can do pretty much anything they want and there's basically nothing you can do about it.
I'm pretty sure "can't" in this context is legally binding. Windows licenses up to this point have been sold without expiration dates. If Microsoft suddenly started charging a subscription to keep using the same copy of Windows, evey law firm on the planet would jump on that in an instant.
What GP proposed is the much more likely avenue they would take: New version of Windows with a new licensing model. It would probably kill their consumer business overnight, but at least it wouldn't get their lawyers laughed out of a courtroom.
"Can't" means it would be bad for business. I think consumers are a lot less turned off by the idea of a OneDrive subscription than a Windows subscription. Better to stitch little services like OneDrive and Copilot into every part of the system and cajole people into paying for those instead.
The title is very far from the actual public statement that is linked in the article.
The French government announced that its digital agency will switch to Linux during this year. This is about a few hundreds of computers owned by the agency.
The second statement is that this agency is expected to publish, by the end of the year, a plan to reduce the digital dependency on the US. It's not "France to ditch Windows", it should be "French government promises to plan soon for possible ways to decrease digital dependencies, but calendar unknown". Also note that the government (and president) will change next year, so even if the present drive was real, a political u-turn could come soon.
Overall, this statement could be the presage of a major upturn in a few years, but I think it far more probable that the policy change will be minor. There's already a small tendency toward Linux and Free Software in the public sector.
Uh, TIL the DINUM still used Windows. I wonder what held them, it's certainly not a lack of familiarity with Linux.
I feel you're underselling the second statement a bit:
> Each ministry (including operators) will be required to finalize its own [migration] plan by fall
This sounds like there's actual pressure to start moving soon, especially for adopting existing DINUM solutions.
(I agree the title is clickbait.)
Many government orgs have spent the last decade and a half slowly transitioning old legacy applications and platforms to browser-based alternatives. That old ERP software that used to require a thick client? Now it runs in Chrome. Microsoft recognized this and smartly moved to keep these customers locked in via an ever growing Microsoft Office bundle - subscription based, with Teams for their chat and then building up additional capabilities to extend the dependency, like InTune.
Where we are at now is that the pain of moving away from Windows is acceptable for many larger organizations and governments, especially those with flat or decreasing budgets. You can just swap out the OS layer and keep other processes the same - keep using Office with just the browser versions if you want, or move to an alternative (like EU-based). Teams works on Linux. There is no moat on Windows anymore
> to browser-based alternatives
And many of those tool providers could see for 10-20 years now that if they didn't provide a web based version sometime soon, they would go out of business sooner or later.
There are almost no applications that a government employee should be running natively on their machine anyway.
Except for any application you want a government employee to use efficiently
Are web apps much less efficient to use?
Yes, slower start, more memory/cpu use, likely worse UI as the transition broke desktop conventions and/or just lost some power features in the process
A bigger blocker I see in Belgium is all the corporate and government software written in Java or .NET-with-Angular and that has to be deployed via Azure because… compliance.
Interestingly, Microsoft has been trying to get ahead of this for a couple of years now with their National Partner Clouds program [0], which they describe as:
> designed for scenarios where full ownership and operational independence from Microsoft is required
In France's case, Capgemini and Orange have a joint venture to operate datacenters that Microsoft runs Azure and Office on top of [1]. Moving away from Windows and Teams would still reduce their dependence on Microsoft substantially. But if the core goal is to reduce dependence on non-European suppliers, I would be wary of the French government buying services from "Bleu" when it's mainly Microsoft and a couple of consultancies in a trenchcoat.
[0] https://learn.microsoft.com/en-us/azure/azure-sovereign-clou...
[1] https://www.capgemini.com/news/press-releases/capgemini-and-...
France has been making good moves to achieve software independence from the US. It would be an even better move to allow those in Europe or indeed the rest of the world to also benefit.
It's good to differentiate truly independent tech from the unfortunately common government-pushed French-tech that are US-tech rewrapped.
e.g. Qwant is a re-skin of Microsoft Bing
It's a great move overall.
Ok? You could make the same argument about Chinese tech, German tech, or American tech.
Still less, there is a lot of sovereignty-washing in EU, and specifically in France because this gives you access to grants and public markets.
Bpifrance, the Caisse des Dépôts, France 2030, Horizon Europe, etc.
To access that money, you need the right narrative. So companies learn to wrap their pitch in sovereignty language, get the grants, and then quietly build on top of AWS, Azure or GCP.
Not that it's dramatic, but there is a difference between hosted in France (where dependency still exists), and hosted + engineered in France.
Hopefully this transition to Linux is going to push France government to get rid of Crowdstrike, it's insane they let such backdoor run inside.
As a French citizen who's been building an open source Dropbox alternative for almost a decade [1], the sovereignty talk in France makes me cringe. Everyone has the word in their mouth, but nobody bothers to even search for alternatives, let alone give them a chance. France represents about 1% of my customer base with only a single customer: LVMH. I've had a whole bunch of French universities contacting me, nobody was willing to contribute toward the development because culturally we assume libre software must be free of charge so you'd better either beg for grants or have a rich uncle to sponsor your life. I've tried reaching out to the people who talk loud about sovereignty. Turns out it's just something they say at conferences to entertain each other as they have no power to actually make it happen, and don't even get me started on public markets.
[1] https://github.com/mickael-kerjean/filestash
As far as I know, Qwant indexes itself and substitute with existing crawler results, which seems a reasonable compromise.
Qwant is working on that. Together with Ecosia they're building their own index called the European Search Perspective:
"Today, Europe receives 99% of the answers to search queries from external infrastructures. We believe, however, that a higher level of digital sovereignty is essential for a functioning democracy and economy. With our new web index, we are creating a European perspective on politics, culture and values. This is a long overdue step towards more plurality in the digital world, which is also being called for by our society."
https://www.eu-searchperspective.com
> a European perspective on politics, culture and values
To be honest this does not sound much better. 40 years ago maybe I would have preferred EU values over the US' puritan values. Nowadays I'd just expect a different flavor of poison.
If they were a monopolist, sure. But as an alternative, I'll take it.
At least when you have a few different values you can pick and compare but yeah.
They do: https://github.com/suitenumerique It's used by, among others, the Dutch government: https://github.com/MinBZK/mijn-bureau
France and Germany are actually cooperating on most of these, like the word processor: https://www.techspot.com/news/107225-france-germany-unveil-d...
Plus, it's all open source, so the rest of the world is free to use it as well!
This is great! Any plans to add spreadsheets to the suite?
The docs project is part of "La Suite"[1]. They choose Grist[2] as the spreadsheet which is made by an American company but open source and there is a significant contribution from the French it admin.
[1]https://lasuite.numerique.gouv.fr/
[2]https://www.getgrist.com/
Interesting. By some luck i've been using Grist for two years and it just feels like the most no nonsense software. But it's a bit different to excel, i would say it's more like airtable. It's more columnar like gui over sqlite database which might be a bit more restricting BUT it greatly helps data integrity.
> It would be an even better move to allow those in Europe or indeed the rest of the world to also benefit.
Those initiatives are usually open source. It's just that many times, each country wants to make their own. But it's still better than staying with the TooBigTech monopolies.
> It's just that many times, each country wants to make their own
This hits hard. I'm a French citizen who made an open source alternative to Dropbox [1], I would have never thought my own government to attempt competing in my niche. I did contact the people at DINUM and it seems they are more interested in making their own than contributing to existing projects they don't fully control
[1] https://github.com/mickael-kerjean/filestash
On a side note. I want to take this opportunity to thank you for filestash, it is really a high quality software piece that solved a lot of pain points for me.
That's not always true. Tchap is a fork of Matrix.
I didn't know Filestash, but it looks great!
France is funding a lot of open source projects. They may not be very sexy or trendy, but they are there.
There's been some 'back and forth' or "progress and regress' about this.
Adoption of Free Software:
2012 Prime Minister circular — the most important formal turning point: Orientations pour l'usage des logiciels libres dans l'administration, signed on 19 September 2012. It explicitly gave guidance to public administrations on free software use.
2016 Digital Republic Law — reinforced the direction by encouraging public administrations to use free software and open formats.
2021 action plan for Free Software and Digital Commons — launched after the Prime Minister’s circular of 27 April 2021, with goals to increase awareness, use, publication of source code, and reuse across administrations.
2024–2026 LaSuite / Suite Numérique — current state-led open-source collaboration suite, presented by DINUM as a coherent set of open-source tools for public agents and positioned as part of the state’s sovereignty strategy
Rollbacks and proprietary deals
Microsoft “Open Bar” contract with the Ministry of Defence / Armed Forces — a major counterexample. The Senate records say the framework agreement started in 2009 and was renewed for 2013–2017 and 2017–2021, without publicity or competition, giving the ministry broad access to Microsoft’s catalog.
Criticism and replacement with UGAP purchasing — later reporting says the open-bar arrangement ended in February 2021 and was replaced by a convention via UGAP, but the ministry still relied on broad Microsoft licensing and associated services.
2025 education procurement for Microsoft — a public tender worth 74 million euros for the Ministry of Education and higher education services was attributed to Microsoft, showing that proprietary dependence continued alongside open-source policy.
2025–2026 public-private partnerships in sovereignty language — France and Germany announced a partnership with Mistral AI and SAP for sovereign AI in public administration, which is not a free-software rollback in the strict sense, but it is a clear example of the state pursuing sovereignty through private-sector partnerships rather than purely internal open-source development.
---
Conclusion:
Like anything in capitalism: it's a constant fight, permanent struggle. The big private companies will try to massively impact political life.
So, there IS in France this 'feeling', this consciousness, throughout the political landscape (mostly on the left and also a little bit on the right) that we need to have some sovereignty over our data, services, software, etc.
Every once in a while, a right-side political figure, who are basically ruling since 2000, (except from 2012-2017 where France had a social-democratic government and president) has a sparkle of dignity, decency, logic, and honesty towards the best interests of the country and leans towards Free Software adoption. But...the lobbies are always there to rollback each decision, or part of each decision, and gradually gain back their influence.
This permanent struggle is so tiresome. Makes me feel powerless and depressed.
As a French citizen who spent almost a decade building an alternative to Dropbox that's libre software [1] I was very disappointed my own country decided to build a product competing with mine when French companies are about 1% of the existing customer base. I would have never thought my own government would be competing on my niche
[1] https://github.com/mickael-kerjean/filestash
It makes sense a government will want to take full charge of the strategically important software they will run on especially when they try to establish it as a new standard in a challenging transition. One day when it's fully established they could still spin it off and some other entity takes point.
>a right-side political figure, who are basically ruling since 2000, (except from 2012-2017 where France had a social-democratic government and president)
This is not really true, since 2017 we have a centrist president. For the legal power, see https://en.wikipedia.org/wiki/National_Assembly_(France)#Fif....
You know it's not because someone calls themselves a "centrist", or a "humanist", or a "communist" that they actually are
Macron's actions and decisions speak for themselves
* https://en.wikipedia.org/wiki/2024_New_Caledonia_unrest
* https://en.wikipedia.org/wiki/Yellow_vests_protests#Fataliti...
* https://fr.wikipedia.org/wiki/Uber_Files
* https://www.lemonde.fr/en/international/article/2023/10/24/i...
Canada has been using and developing FOSS for a while now.
0: https://www.canada.ca/en/government/system/digital-governmen...
1: https://events19.linuxfoundation.org/wp-content/uploads/2017...
2: https://github.com/canada-ca/
There's still a great deal of Windows usage, but hopefully that will phase out with the passage of time. Canada's bureaucracy moves slowly, at the pace of generational attrition. It won't be until the last GenX retires that they could even meaningfully begin transitioning the average office worker away from Windows.
Apparently not everyone got the memo...
https://www.cbc.ca/news/canada/ottawa/federal-phoenix-pay-sy...
The Phoenix contract predates the more recent efforts to switch to FOSS.
But also, Canada loves to burn money on American suppliers. It's probably why the recent interest in _Buy Canadian_ has the American administration annoyed.
Phoenix was a literal trap laid by the Conservative government just before leaving knowing it would be a shit show for the Liberals in the coming years.
I work in government. Link 1 (2018) is essentially a dream. All of government got forced to use MS Dynamics CRM. Basically, anybody with a software requirement for case management, had to use MS Dynamics. I recommended we use Drupal in 2011. That was killed because everything had to be MS. I'm kind of surprised that it is in there given that nobody was allowed to use.
Link 0 and 2 are essentially from TBS and CDS. They coexist together. They are essentially working at the very top as entities that gather information from other departments. They can do whatever they want because they help write the rules.
I'm not trying to discredit your post, just saying that as someone who has brought OSS tools to development at the government and tried to use OSS tools for client (I failed at that), it is nearly impossible at the moment. We are married to Microsoft and its cloud.
I do agree, that it may take an entire generation because right now, 190+ departments are not exactly jumping to FOSS, and in many situations, they are down right told you are not allowed.
In addition, the current de facto document management system is from OpenText. Although many just use Sharepoint Online.
Ironically, as everything moves to the cloud, it would be easier to move to a solution that is FOSS based, and based in the cloud. Technology has matured enough that you don't need executables on a desktop, you just need a browser pointing to a website.
We use Microsoft Dynamics 365 (model-driven app) at work, it's rarely mentioned on HN and people don't know how insanely bad this P.O.S. software is.
From the botched implementations of AG Grid to their crippled version of CKEditor (with Copilot forced in of course), the daily bugs are an absolute nightmare.
And then most support tickets (if you can even open one after a forced chat session with Copilot), get handled by a third-party, most likely in India with different timezones than you and the support calls are a crapshoot.
> won't be until the last GenX retires
I was part of a SaaS company of diehard GenX Windows fans.
Decades of abuse by Microsoft has definitely hurt them: they have lost hope and are cynical about the future of Windows. I reckon they would switch away if they could afford to.
Every year Microsoft does something to make you feel like you're being screwed over.
We only just missed taking a silverlight bullet. Windows phone wasted over a year of development. Internet Explorer doubled development costs. The OS version churn is expensive. However SQL server has been a good foundation.
Microsoft used to love developers. They just abuse them now. Even Apple is nicer to developers!
It seems like what Europe really needs to do this is a viable mobile OS. It's been true for a while that Linux + LibreOffice is plenty to handle most government workers' needs on the desktop, but that's only good for when they are at their desks. Are there any viable alternatives to iOS and Android that are totally free of "dépendances extra-européennes"? What's the plan?
Android Open Source is good enough. The tough part are device-specific drivers that never make it upstream and are eventually abandoned by the vendor, making upgrade past specific kernel versions very troublesome.
It is controlled by Google so it not. As long as Google is setting the roadmap for android it is not a viable option.
At the same time it is an open source product and can therefore be forked. Being controlled by Google presents not nearly such an issue as Microsoft products or the Apple ecosystem.
Why not? GrapheneOS and others show that it is possible to make viable operating systems on top of AOSP, which also have their own useful extensions.
It seems like a waste not to use an existing, well-developed, hardened, open source base, that at the same time provides great compatibility with most existing apps.
Since it is open source, it would always be possible to fork if AOSP goes off the rails.
I think the primary issue is that it is currently hard to get embargoed security patches, unless you have some partnership with an OEM.
AOSP is NOT "open source" by any definition.
It's "some sources available"
AOSP = Android Open Source (Partially)
The Finns, as always, continue to develop mobile phones, Jolla is back from the dead and supposedly starts shipping sometime in 2026 with a new iteration on the hardware and the OS, time will tell if it'll have any impact.
Might not be 100% Europe-made from the get go, but good ideas and executions often start with small steps and iterate rather than having something groundbreaking out of the gate.
I'm not convinced that replacing one proprietary OS with another is the solution.
That said, I won't deny that Jolla is much more trustworthy than Google or Apple.
> I'm not convinced that replacing one proprietary OS with another is the solution.
Someone correct me if I'm wrong, as I'm not super familiar with Jolla's/Sailfish's architecture, but isn't most of the OS actually FOSS, while there is a thin proprietary compatibility layer, and that's about it? Was some months ago I last read about it so could be misremembering, but seems like a good first step at the very least.
I think it is a lot more, as far as I understand, most of the UI is proprietary:
https://forum.sailfishos.org/t/sailfish-os-clarifying-claims...
https://forum.sailfishos.org/t/sailfish-os-clarifying-claims...
> I'm not convinced that replacing one proprietary OS with another is the solution.
Consumer don't care if the OS is proprietary, as long as it works and there is a responsible party they can trust to serve them the offering.
> Consumer don't care if the OS is proprietary, as long as it works
I agree entirely (and they also don't even care if there's a trustable party who they can trust, just look at how many people happily use Google).
And this is exactly the mentality that's gotten us where we are. Consumers don't care about these things, and then end up lock into vendor ecosystems like the one op is describing here.
Jolla had ties with Russian state companies, I wouldn't be surprised if they planted backdoors all over the place.
And in any case if you use Jolla without the Android emulation layer (so Google again), the app ecosystem is as barren as the Siberian wasteland.
Linux on Mobile has been progressing steadily in recent years, and is in a state suitable for very early adopters and tech enthusiasts. Definitely not for the general population IMHO.
See: https://postmarketos.org/
FWIW, it's not just the EU that needs this urgently: most of humanity sorely needs a trustworthy mobile OS that's not designed against their interests.
Linux on the desktop has been progressing for many many years... and a lot of stuff still doesn't work out of the box
I've recently had some fun at the intersection of "moving windows between screens" vs "ui scaling" vs "ambient system is wayland but the snap uses x11 internally".
Multiple displays with different scales has worked fine since at least 2017 (which is when I stated using sway, and precisely for this reason).
OTOH, I know that recent versions of GNOME struggle with this. Just last year I saw plenty of situations where moving windows across displays triggered all kind of quirks. This is a GNOME-specific issue, and like most of its issues, doesn't affect all other compositors.
remind me of firefox os https://support.mozilla.org/en-US/products/firefox-os
A big hurdle to this is hardware vendors locking bootloaders and making it impossible (or impractical) to write or use existing drivers.
Manufacturers maintain long running forks of Android (often very old Linux kernels) with their drivers hidden in their fork's source.
I'm a firm believer in the right to repair software - and the fact that it's illegal to reverse engineer binary blob drivers (or proprietary software at all) is a shame (not that you could even untangle a driver from a binary blob of a Linux fork). I'd go as far as feeling strongly that drivers should be open source, and if they aren't, documentation sufficient for the community to write drivers should be made available by manufacturers.
Linux on M5? Should be easy
Linux on an X Elite Surface Book? Should be easy
Ubuntu Touch on my Pixel 9? Should be easy
Android TV on my TV? Should be easy
Proxmox on my 5g mobile router? Should be easy
No drivers / locked bootloaders = not possible
>the fact that it's illegal to reverse engineer binary blob drivers (or proprietary software at all) is a shame
Where? I don't think it's illegal in the US at least. The only things I'm aware of that may have legal issues are related to radios, specifically modem/baseband stuff, and maybe WLAN cards.
Sorry, I meant that decompilation is practically illegal.
You can look at a circuit board and figure things out and there are clean room techniques for decompilation - but neither of these are practical
Might be more google dependent than you're looking for, but I've been using Murena's /e/os (based in France) and it's working great for me.
I used Linux 10 years ago, but then due to job or corp. and needing Teams and Outlook I was forced to uses Windows. Now with corp job over I was finally able to switch to Linux this week (Fedora + KDE). Loving improvements made in the last 10 years, KDE will always have its quirks, but it is fast and smooth with no crashes yet. I got Claude to make me a migration script which worked brilliantly, haven't needed to boot Windows yet. Browser sessions and everything worked like nothing had changed. All my various ssh / putty configs migrated to Konsole, Thunderbird carries on like nothing has changed. Ahhhh freedom!
Strange. I switched to Linux +25 years ago. My setup became quite minimal; right now I use IceWM for the most part. GNOME3 was always useless; KDE also changed since Nate "I need more moneys!" took over (see his donation daemon or the more recent "systemd-only" tied with wayland-only garbage that KDE succumbed to).
Linux is good in that you can combine things that work, so it is more flexible than windows. But desktop wise I don't see it becoming really dominant; GTK is now a GNOMEy-only toolkit. Qt is too busy focusing on their own business model. Desktop Linux is not useless, but it is really just sub-par compared to Windows. I also use Win10 on a second computer; I don't like it but I use it for testing. Linux lacks decision-making power focus (and corporations such as IBM/Red Hat are selfish, so these will never reach any "breakthrough" like the infamous Desktop of the Year, which I heard will come next year together with GNU Hurd ... I think).
> Desktop Linux is not useless, but it is really just sub-par compared to Windows.
Each to their own. My experience is the opposite (I use KDE). I have to use Windows at work and it's always such a pain. At least Windows 10/11 finally has multiple workspaces natively and some keyboard shortcuts for managing windows (ironic), but I would have preferred to stay in Windows 10.
Now Windows doesn't even support proper suspend anymore and it won't stay in the "modern standby" either. Constantly waking up and doing god knows what with fans screaming. When I take a look what it's doing, task manager claims that nothing resource intensive is going on. I'm guessing it's hiding some internal processes. It calms down when I put it to sleep again. Sorry for the rant, I better stop before I start.
yes the flaky sleep is what did it for me - laptop would randomly boot up at 2am, bright lights and whirring fans. Thought it was a virus! Seems like Fedora has cracked the hibernate/sleep issue, possibly due to good intel driver support for my Dell and finally Linux has better hibernate, sleep and wake than Windows 11 (ymmv!)
I actually have been lucky since even my laptop from 15 years ago already worked well with Linux and suspend while Windows didn't (wasn't OEM Windows anymore). I have also had multiple desktops that have _mostly_ had no issues with suspend either: only nvidia has given me grief on some setups when sometimes the screen would be blank when waking up, but I figured out workarounds for that.
I hope it succeeds and I hope they document the experience and invite interested parties to see how it was setup and how (well) it works in order to encourage as many governments and organisations as possible to do the same.
For sure, I would love for this approach to spill over to the US and cause them to sever any contracts they have with the EU member nations
At this point I wouldn't be surprised if American companies started using it if the French get it right. The instability of the current administration is one thing, but Microsoft disregard for its user deserves an appropriate response that will actually hit them where they care.
I would love to self-host France's "La Suite" to keep myself out of Google and MS... but for many companies, it will not matter how much you tell them there are options that are both cheaper and better. They will believe that paying someone tons of money is better because others cannot afford it. That inherently makes it superior... for some reason... you see?
> I wouldn't be surprised if American companies started using it if the French get it right
As a French citizen who own a business [1] that is in direct competition with this incentive from my very own government, I'm happy to disclose more than 50% of my customer base is already in America and France represent about 1%.
[1] https://github.com/mickael-kerjean/filestash
I am saying this as a very long time Windows user, and it saddens me. Politics aside, from a pure technichal, functional, privacy and UX perspective, the case for changing over from Windows to Linux is getting stronger by the day.
If you picked XFCE as your front end you get WinXP functionality, with the nice things from win10/11 (start menu search that's actually local only, multiple desktop workspaces, and graphical settings/updates I've only needed to go to command line twice in four years).
How does XFCE compare to KDE and GNOME? Also, does it has all the nice window snapping features that I'm used to fron Windows?
My personal PCs have enough screens that I haven't tried. Though I do really like Windows snapping features on my work laptop (can't change OS there).
I haven't played with other windowing systems to judge too much. And just picked right from screen shots/gifs to not need to try.
I don't think all the same shortcuts exist out of the box, although win-drag/win-right-drag to move and resize windows (might be alt by default) is _so_ much more convenient than the usual border/title dragging that you might find you don't miss them.
As a long time Linux user, this comment makes me sad since many of those features were copied from Linux (many from Unity) :)
I think most of its features predate unity (compiz was integrated but existed before)
Unity really was a great project.
KDE 6.6 is great to me, but there are some quirks I have found. Their "peek at desktop" feature is annoying, I want "minimize all" but you have to do some scripting to enable that.
I've noticed that clicking the network button to see wifi status shows traffic rate, and that seems to lag and I suspect it has an impact on throughput.
I'm interested in Cosmic when it matures some more.
Except when I recently put XFCE on my old macbook air laptop as a trial run, within the first day I found it nearly impossible to do something so simple as add an application to the taskbar/dock. Something about AppPkg's not showing up by default in the taskbar adder? I finally figured it out, but no icon - just an invisible square. And guess what? If I decide the update the app, the whole thing breaks again.
I have a degree in a tech-related field. I do things on the command line on purpose every week. It should not be this hard even for me to so something so simple. It is not even remotely ready for regular joe end users.
I am saying this as a very long time Linux user, and it saddens me. Politics aside, from a pure technical, functional, privacy and UX perspective, the case for changing over from Windows has been apparent for several decades.
I think France seem serious in actually switching to open source/EU software. I recently had a telecon on Visio (France's Teams/Zoom substitute) and it worked well in a browser with ~ 10 participants.
I find fascinating how so many people are moving away from Microsoft decades after they should have because of simply the inertia that large organizations have on adoption.
Above all, I'm also surprised on how those same organization are using Anthropic or OpenAI or other close source solutions for their agent harnesses instead of going for Open Source.
Malte just yesterday showed how powerful innovation with small teams can be achieved particularly in EU.
I hope they start looking for those alternatives too for their agentic systems, beyond using pi-mono.
> I find fascinating how so many people are moving away from Microsoft decades after they should have because of simply the inertia that large organizations have on adoption.
That should be a good lesson in anthropology : the delta between knowing something and acting upon it tends to be immediate necessity. We're still an immature species as we haven't learned to be lazy at scale, that is putting the right amount of work early on to do the least overall. But I'm optimistic we'll get there.
The Trump administration has shown how many US corporations are willing to bend the knee. Perhaps that was the slap in the face we needed in Europe. It’s shown us that “oh, but they’re just a service provider” wasn’t that truthful, and their neutrality should be questioned.
I applaud France for this decision. Windows is basically legal spyware and adware at this point
Like most Microsoft products, Windows is a tool that benefits mostly from aggressive early marketing and successfully convincing everyone that they need this product, and by the time everyone realizes how terrible the product is it's too late because everything already depends on it.
They have done this everywhere; Microsoft Office is everywhere and terrible. Sharepoint used to be everywhere and is terrible. I know they bought it, but LinkedIn is nearly required everywhere and terrible. Teams seems to be increasingly used everywhere and terrible. And of course Windows is everywhere and terrible.
As far as I can tell, there is not a single thing that Microsoft does not half-ass. They're not a software company, they're a marketing company that sells software.
Now they somehow got the management of large companies to also push to adopt Azure, with an aggressive "no capex" / "you pay for what you use" campaign when everyone knows their offering work terribly and are overpriced.
if Home Depot were to make an exam to pass a certification over their catalog, that would seem ridiculous. But when Microsoft does this, management ppl are happy and feel like they manage when they sign up everyone for AZ900 "certification"
Microsoft saw that users, power users and admins who are from the jobs are not making purchases, so you no longer need to design products for them
It would be great, however the title is misleading: the only announcement regarding linux desktop is that the DINUM - a relatively small but perhaps influential government agency pledges to leave Windows.
I believe the largest Linux Desktop initiative in France is GendBuntu[1] for the National Gendarmerie
[1]https://en.wikipedia.org/wiki/GendBuntu
How is it misleading? While DINUM might be a smaller directorate, they're also asking all related ministries, including public operators, to put together a plan for how they'll migrate from Windows to Linux by autumn 2026. France has a relatively broad "digital sovereignty strategy" that this is a part of, but it's bigger than just DINUM moving to Linux.
Anyone here familiar with the details of GendBuntu[1], the Ubuntu distro used by the French Gendarmerie? I'd love to hear what is working and what isn't on the ground.
[1] - https://en.wikipedia.org/wiki/GendBuntu?useskin=vector
There should be a chapter in economic books on how entrenched monopoly companies become on the inside, like small states where little companies (called departments) play freemarket for promotion points, the outside forces completely suspended while the endoplasmic reticulum of the monopoly company lasts.
Side note but I had absolutely no idea that the USA sanctioned international justice court judges because they had put an arrest warrant on Benjamin Netanyahu.
Its not a surprise from Russia but the USA. I guess we’re right to cut all bridges as fast as possible with the USA.
I'm sure there's a barely functioning business critical app that runs exclusively on Windows NT in their administration that would beg to differ
It can be ported to React under a single prompt by now, don’t you know?
But certainly we are already at stage where Windows NT can be regenerated on the fly from a prompt anyway, aren’t we?
Otherwise, there is also ReactOS that could be leveraged on for that kind of scenario. I wonder where it would stand by now if all the money that governments around the world spent in Microsoft license would have been invested in it instead.
Sure. But if they can successfully convert 99% of their computers to non-Windows and non-Mac, that'd still be a massive win.
Ideology may actually be the best way to cut off legacy bullshit like this. There's passion-energy, which really gets the creative problem-solving juices flowing.
If it only runs on NT, it'll work better under WINE than on Win10/11.
Legacy app compat is actually an argument for moving to Linux.
Hope we’ll do the same in germany.
There were and are initiatives. Of course, they were and are ridiculed all the time. Who can't recall LiMuX or check out ZenDIS (Zentrum für Digitale Souveränität in der öffentlichen Verwaltung). Read up on the current migration away from MS Office in Schleswig-Holstein.
They tried it a long time ago, but it seems to be rolled back to Windows again. https://en.wikipedia.org/wiki/LiMux
I hope our French friends can learn from this initiative during the adoption phase.
I seem to remember many people saying it was done by the mayor because Microsoft moved their German headquarters
> Reiter denied that he had initiated the reversal in gratitude for Microsoft moving its German headquarters from Unterschleißheim back to Munich
https://en.wikipedia.org/wiki/LiMux
I would say that's kind of a conspiracy-y explanation. Big companies in Munich either have their campuses on the outskirts of the city so that people can commute and park without flooding the city or they have it in the heart of the city as that is seen as more prestigious.
Lots of companies have flip flopped based on this, and that's what happened in MS case.
Tbh not saying MS didn't play dirty in general, but not necessarily in this.
> but it seems to be rolled back to Windows again.
Apparently it was a decision by mayor Dieter Reiter after excessive lobbying by Microsoft. At roughly the same time, Microsoft moved their German headquarter back to Munich. What a coincidence...
> I hope our French friends can learn from this initiative during the adoption phase.
The apps are available now, so reasons to be optimistic.
When LiMux and similar efforts happened around 2004 most business applications were Windows only. Even the ones that purported to be web used windows only technology and required IE and Windows.
Now with years of business budget controlling types using their Macs and smart phones and wanting access to the their apps the majority - even MS's stuff - can be run well in a browser on almost any OS.
"they" is a German city, not Germany
You did, and you'll do again. Just like quitting smoking.
I think this has been attempted many times before by other nations including Brazil without success. It’s one thing to replace a few hundred workstations in a non critical governmental office, another to replace the entire infrastructure of a government which also collaborates with the private sector. Usually these projects start with a lot of passion then die off when can’t justify the investment.
This time there are serious national security and sovereignty issues driving the change though, which are much more powerful motivations to succeed.
I am actually a research engineer paid by the French government. They take digital sovereignty pretty serious over here, which is sometimes good, sometimes less so.
Definitely the right call on Windows, though. Even my parents (in their mid-seventies) moved to Linux this year.
I am a counter example of that take. As a French citizen, I have spent a decade building an open alternative Dropbox [1] that is I believe miles ahead of even Dropbox itself. In practice, France represents about 1% of the customer base. I've tried reaching out to the people who talk loud about sovereignty. Turns out it's just something they say at conferences to entertain each other as they have no power to actually make it happen.
[1] https://github.com/mickael-kerjean/filestash
All countries should follow suit.
Nations and individuals can't depend or be held hostages of a handful of companies on the other side of the Atlantic that have the will to do whatever they want with their customers data.
This is the right path to follow and wish that in upcoming years this initiative becomes a reality across the globe. Long success for Linux and all BSDs!
I puzzles me to no end why the typical office clerk should care about the OS at all. I understand that secretaries will be trained on MS Word and will then have a strong preference to use such (or at least something which very closely resembles it). Same for accountants with Excel. But clerks in e.g. Revenue Service? Those I expect to interact (perhaps these days via a Web interface) with custom software. Why would those ever see a 'Start' button or somesuch?
That hasn't been my experience working in Corporate America at all. Everyone gets a company laptop and they use it for whatever they want. Whether that's Excel, Google Sheets, or Netflix at home.
People think company hardware is their personal hardware and they have preferences.
I had a company phone once (terrible experience) and I'd routinely get txts from random services and people outside our company thinking it was the previous owner. The last employee who had used it mixed company use and personal use.
People just hate imposed changes.
Wish it would succeed, other day was reading about stuff and figure out, how much European Tech is actually controlled by American/Israeli Hegemony.
Rust + Linux. It is brewing, and that is what Government around the world wants.
But not FreeBSD, C, Go, or others.
Basically Government doesn't want MIT / BSD, they want GPL and AGPL.
It’s quite remarkable what the current administration have “achieved” in a year or so
From the perspective of systems administration for large enterprise networks, it seems unlikely that Linux desktops could replace Windows PC's without a domain controller like Microsoft Active Directory. Am I missing something here? How is it possible to manage a large enterprise network with hundreds, or even thousands, of desktop workstations without a domain controller?
Hopefully the rest of the world can benefit from their efforts. I hope the whole EU starts moving to Linux.
One cautionary tale will be enough. No need to sacrifice the whole EU.
Europe in general have great software engineers. What it lacks is investment. To see the goverment serving its own country instead of foreign billionaire interests is good change of pace.
And Linux development and adoption helps everybody not just France. A win win.
I don't know why any state or large company would tie itself to Windows. All the applications that used to justify just getting whatever Microsoft produced next are web based now.
Hopefully this results in investment in desktop environments and Wine!
Why? We have plenty of well working Desktop Managers and WINE is doing better than ever. I'd argue there are bigger issues in Linux like default process isolation and access authorization per program being behind other OSes
Got my full support, go go go!!!
Being dependent on US tech feels the same as when we were dependent on Russian energy: strategically unwise and avoidable. We have alternatives, they just need work.
Like last time, I ask again: Which are the European made computers?
No European made computers today doesn't preclude the possibility that there will be one tomorrow. RISC-V is the way out, and there are a number of European initiatives (though nothing serious just yet, I admit)
As a European dev, because I like RISC-V and because of the geopolitical situation I wouldn't bet on x86 in the long term.
I've been not betting on x86 in the long term since the PowerPC was announced ;)
What are the American-made computers? The Apple macbook assembled in China with Korean displays and Taiwanese chips?
I haven't mentioned America or any other continent. It is the Europeans who are shouting about sovereignty right now.
Americans for their part would probably be very happy to use made-in-Europe software on their computers whenever applicable.
I haven't mentioned America or any other continent. It is the Europeans who are shouting about sovereignty right now.
Well, no one has mentioned computer hardware until you did.
Surely you understand how "all the motherboards are made in Taiwan" is less of an immediate risk to sovereignty than "all of our business and personal data is stored on American servers and subject to US law"
It would be nice if Europe could produce its own computers, but right now no one can except China, so what is your point? That limited sovereignty efforts undertaken in the realm of reality are futile and that enables you to get some cheap shots in for whatever reason?
Computing is the software and the hardware. So you're right, I feel that it is futile.
Well, you can use the old hardware which you've already got if you get cut off from foreign suppliers. But the same is true for software. It's even more true for software.
If the French government and other Europeans were serious about reducing or eliminating dependency on American cloud services, they should switch to older versions of MS Office and MS Windows be done with it. No need to retrain your workers, and a realistic and speedy way to implement it.
Unfortunately that’s an unacceptable security risk, especially for a government.
they should switch to older versions of MS Office and MS Windows be done with it
That does not make any sense at all. These are full of known security vulnerabilities.
There is one very serious issue with software: it needs updates for security issues that are uncovered. And it might be built requiring access to MS cloud services to work. To get rid of these problems is basically equivalent to adopting open source products.
At the same time, TFA is about software, not about the computers themselves.
Being independent of Chinese manufacturing is a tougher challenge for anybody.
Though at least the Chinese are predictable, unlike dealing with the USA.
Achieving redundancy from China is likely not possible in the near future. Meanwhile, the risk emanating from a rugpull or from deliberate sabotage by the USA is very concrete.
> "Like last time"
I am perplexed by people who use condescending phrases like this. You think we track what you said before?
Or that he tracks me, which would be creepy
Interestingly, there are zero non-US powerful laptops. The closest option is the Moore Threads MTT AI Book (12-core 2.65Ghz, 32GB DDR5, 1TB SSD, 14 inch). It cannot reach a modern Ryzen in performance though. It's fascinating that only the US can make good computers. I'm not from/in the US so I'm not saying that from a patriotic point of view. How hard can it be to pop a good ARM chip in a laptop and compete with HP, Apple and the likes?
Which powerful computers are made in the USA? Design and assembly don't count, as these are the least robust to replication attempts. Apart from that, the manufacturing is all in East Asia; Intel is the exception, not the normal!
And Intel cannot exist without foreign talent.
It’s almost like globalism is not so bad as long as your companies pay their taxes.
> It's fascinating that only the US can make good computers.
Lenovo is Chinese, right? Xiaomi, Samsung... can you really not name one non-US company making computers?
I'm typing on Acer right now. And there's Asus, MSI, Fujitsu...
> It's fascinating that only the US can make good computers.
Seemingly, the US might be able to design good computers, but it cannot make them themselves. This should make it easier for others to do the same, design the computer in country X but actually make it somewhere else, just like the US. Yet we're not seeing this at all.
> Which are the European made computers?
Recently, not so many I suppose. But many of the earliest computers were European, so surely we could get there again at one point, hardly impossible.
Given that most chips use photolithography machines by ASML: nearly all of them
I use an European made computer from Schenker (their XMG subbrand actually).
Of course the components are not European made. But Dell's components are not US made either.
I can also buy a Japanese or Korean (or Chinese) computer. There is no dependency on a single country.
It’s all about risk management. No solution is ever perfect, and that works for the US as well.
Also, some partners are more reliable than others. If China becomes as volatile as the US, it would change the risk assessment and stimulate other parts of the industry.
I'm more concerned about the fact that only ASML can make machines producing advanced chips (EUV).
This is a way way more concerning topic. The irony is that China might be the one fixing that dependency + bring prices down.
One bomb on the Netherlands and it is over for nearly all the worldwide supply-chain, 10 or 15 years of regression.
Even worse, they can remotely kill the machines for political reasons.
Which are the US made computers? Start by excluding all the ones with Korean LCD panels, and Taiwanese motherboards, and Chinese parts.
If you mean assembled then there are lots of very small European companies that make custom build PCs.
Economies of scale in the US, a single language, and cheap transport, mean that the US companies grow very big internally, very easily. And then go international without much effort. The same is not true in Europe, so there's not a huge Dell, HP, or IBM equivalent.
In 2026, the only country on the entire planet that can likely make their own computer with 100% their parts and labour, and is actively trying, is China.
The same is not true in Europe, so there's not a huge Dell, HP, or IBM equivalent.
In the 90s and up until the early 00s we used to have quite a few pretty serious contenders, but they are all dead now: ICL, Siemens-Nixdorf, Tulip, Bull, Olivetti, etc.
The goal isnt to become independent of China / Taiwan / the rest of Asia. The goal is to become independent of America.
the license was never the real bill. the control plane was
This is so utterly urgent. The US is an increasingly-deranged, hostile actor, which is able to cripple our tech at will.
I think we've been far too complacent about the direction of travel across the Atlantic. Trump and his crew are the new normal, and the key players in Silicon Valley are on board.
Any European government not currently working towards independence from US tech is being almost criminally neglectful.
Steps are being taken. This week two big announcements in The Netherlands as well, one for a replacement to AWS and one for taking US tech out of state secrets, which weirdly enough wasn’t already a thing.
From the article.
The French government did not provide a specific timeline for the switchover, or which distributions it was considering.
Got to be Mandrake right?
Wish the Bangladeshi government did this instead of relying on pirated copies of Windows 7
At least they know enough to have stuck with the outright best version of Windows.
This should have been done years ago. This will certainly drive bad actors to harm Linux too unfortunately
France and Germany have endemic malware. Reacting defensively to it might be easier with Claude on the OS source code.
It's a good move. Hopefully, they stick with it. I remember some cases in Germany where they switched and then later switched back.
It's a shame that we have no equivalent to Google or AWS in Europe and now that it seems LLMs might eat search, we don't have any of those either.
hmm. hoping that all the weird business requirements get confined to a specific distro with careful gating prior to upstreaming. it would be bad if they were allowed to pollute the ecosystem more generally (which one could argue is why windows is the way it is).
It's extremely difficult to compete with the US SW companies. Their products are so engaging and attractive that anyone till up to the leaders are tempted to use. It's not surprising that EU's attempt to de-USAisation happens with Linux/OSS and not with an in-house prop SW because it's unable to write one. Also it doesn't happen without cries and pain. We speak for an endeavour to bring a 90% share of a beloved product to 3% and vice versa for a nerdy "cold" one. I keep a long lasting pop corn bag to follow the numbers.
It's not the products, it's the army threatening you if you don't use them. But France has nukes so if anyone can pull it off in Europe it's them.
I’ve commented on this before but you’ll know France is serious when there are Linux ports of Solidworks and Catia.
France has a real edge over American companies by being the dominant player in the CAD world, it’s always surprised me that they nerfed that advantage by tying to an American operating system.
Autocad has 39% market share in CAD, Solidworks has 14% market share, and Fusion 360 has 9%.
None of this is a major national advantage for any side. It's bizarre to think that the US or France would treat this as some kind of mark of national influence, since if anything happens to these top three vendors, there are lots of other vendors waiting in the wings. It's not like a national oil reserve, where it's important that you have a reserve of CAD software available for your engineers.
But what kind of projects are people using these different pieces of software for?
Are people designing aircraft carriers in Fusion?
Don't get me wrong, I understand that AutoCAD is extremely important for architecture and the death grip that AutoDesk has over that industry needs to be broken for the benefit of all of us, but from my understanding Dessault Systems makes software that is used for totally different purposes and is of vital strategic importance for a nation that wants an independent MIC which France obviously does.
So it seems foolish to me for them to have their own CAD software that can and is used to design weapons but be dependent on an American operating system produced by a particularly unscrupulous company who is obsessed with tighter and tigher control and has definite ties to the US intelligence apparatus.
I doubt that the US military itself is using commercial CAD software, most likely they are using something in house. Again, CAD software is not Extreme Ultra Lithography, where it is a marvel of engineering and can only be produced by one firm. The netherlands can rightly be proud of ASML as a national achievement. But CAD software? Now that's just goofy.
Check out: https://www.army.mil/article/249241/armys_powerful_open_sour...
But I would assume defense contractors -- the private firms like Lockheed -- are probably using commercial software. The US military is pretty bureaucratic and is filled with bespoke stuff, whereas the contractors are basically businesses and would use whatever is common in commercial business world.
>Are people designing aircraft carriers in Fusion?
I don't know, but I have watched people designing high-speed trains in CATIA.
Big players use CATIA and Siemens NX almost exclusively. I don’t know many using Autocad, maybe architectural firms.
The idea that autocad has a "death grip" on the industry is laughable to me.
Fusion360 -> PTC Onshape
AutoCAD -> BricsCAD
Inventor -> Easily outclassed by NX/SolidEdge, Solidworks/CATIA and Creo
I'm curious where those number come from. Within the mechanical CAD world where Solidworks is used, I suspect the AutoCAD market share is very close to 0%. I haven't seen any company from small tool shops to major US defense contractors and automotive companies using AutoCAD for any significant mechanical design work.
Wasn't CATIA running on unix even before it ran on Windows?
Yes, all the way up to Version 5.
Great to see France purging itself of corruption. Why did they pay for an inferior product for so many decades when a superior free alternative was available? It was regulatory capture; corruption.
My main reasons not to be able to fully switch 100% to Linux are the following:
1. Graphic design software is subpar (expecially when compared to mac) and very often under supported. And GIMP has absolutely the worst UX of any program I've ever seen for such a widely recommended software. 2. Gamedev (i.e. Unity) is much less stable and annoying to work with (mac is much better but Windows still wins) 3. Older hardware support, most of the times you can use a super old software (say a printer) and it works. Linux much better than mac for this, from my experience 4. Lots of things on Win are plug and play, Linux is a pain of custom drivers from dead githubs. Mac slightly better or worse, it might either exist as a stupidly expensive application or have to jump hoops to get a driver in.
And I know people say "just use Wine" or "GIMP is actually great and free" but at the end of the day, I want my main driver to be stable and good to use. If anytime I save a project running via Wine has a non 0% chance of it crashing and bringing down my entire work, it's not going to happen.
I do use and recommend Linux quite extensively but that's why I always have 3 different systems at any given time:
1. Win: gamedev, hardware stuff or bigger games, some design, GPU heavy work. 2. Mac: design, light GPU work, browsing and portability (battery life and cooling is fantastic) 3. Linux: everything else
This hasn't changed in the past 10+ years, even though now I can see much more gaming happening on Linux, which is very nice.
French administration is about to become even more inefficient it was!
It’s getting downvoted, but I agree it’ll become a bureaucratic mess.
Every nations should avoid US based products and services. USA, China and Russia are rogue states. they pose a great risk to every other nation
What are my options if I want an independent phone OS ? Can I go into a store in Paris and buy an independent phone ?
What they should launch is an abuse of dominant position on the desktop/laptop market, with appropriate remedies such as fines.
Ditch iOS and Android for a Blackberry OS / Nokia ? Really, are there any alternatives?
SailfishOS, Ubuntu touch, and postmarketOS to name a few from the top of my dome.
Nokia isn't really an alternative at all since M$ bought it.
Motorola and grapheneos? If only the French government weren't attacking Graphene.
As for desktop, I suppose the only major European options are Ubuntu and SUSE with corporate backing.
The French government and Murena (makers of /e/OS). They are spouting nonsense that security hardening is only for pedophiles and spies:
https://mastodon.social/@GrapheneOS@grapheneos.social/116353...
https://www.clubic.com/actualite-604786-murena-e-os-intervie...
It's ironic that a company that pretends to be for privacy is using the same think of the children argument as those pushing Chat Control, age verification, etc. Of course, their privacy is mostly a farce, since they have also been caught uploading data to OpenAI for text-to-speechi
I hope that more European governments will start supporting GrapheneOS, since it can compete with Apple on security and is better than Apple and GMS Android when it comes to privacy.
Switched to Nobara after getting fed up with one too many Windows bugs. Been a really pleasant experience to be honest
I wish the US Government would do the same
I wonder if anyone in trumpland has thought of a T-branded distro.
Considering that most distros are basically just a new set of desktop backgrounds, this seems like a sure thing!
Prediction: If USA ends up attacking EU, EU will freeze all the US tech company money and compel them to open their platforms and move all the backend services to EU soil in exchange of unfreezing it and continue operating in a free but regulated market.
For example locked communication devices are huge national security risk, so Apple will have their money frozen and given two options:
1) Open up iOS etc, bring all the servers to EU. Continue business as usual, EU financial institutions may choose to use Apple services as Apple pay but they may choose to bypass it. EU developers may choose to use Apple App Store services and pay the Apple's fees or they may choose to bypass it. Apple may chose to make Xcode a paid software, developers may choose not to purchase Xcode and use other non-Apple tools and pay nothing to Apple.
2) Use credit against the frozen money to refund your users if they bring their devices to you. All the Apple devices will be locked out from EU mobile providers(technically very easy for iPhone, simply by blocking devices with Apple IMEI on EU networks) and any remaining devices of the users will be refunded with the Apple's money. After some grace period, any money remaining in Apple's account will be transferred to Apple and if Apple wants to do business in EU again will have to do the option 1.
I'm bit on the doomer side of things, so I think that if Trump keeps his current course and power, at the end of the term American software industry will shrink by %90 as it will be expelled from most of the world and will be serving to 350M people instead of 8B people. Its amazing how US is screwing up its dominant position in this incredibly lucrative industry that lets them serve a market of 8B people and accumulate huge wealth in the process.
Open up iOS etc, bring all the servers to EU.
How is that going to work? Apple will still be under the CLOUD Act, so Europe would still be vulnerable. The only solution would be for Apple to fork into two completely separate companies, which is unlikely to happen.
Most likely there will initially just be a lot of chaos, because nobody is prepared for this scenario. There will be huge supply issues, COVID will look like nothing (both in terms of groceries, etc. and getting replacement hardware). Then Europe will on the short term rebase to Chinese/Korean/Taiwanese hardware, with probably an AOSP fork on the mobile side and Linux on the desktop/server side.
But it will be terribly messy. Nobody seems to prepare, because everyone thinks this scenario is unthinkable or they just don't want to put in the effort. Even all the people that I know that are talking about digital sovereignty are still using their iPhones, MacBooks, or GMS Android phones.
I am trying to tell tech people that the time to start switching is to alternatives is now, since tech people are usually early adopters and can help other people. But most switch from GMail to Proton Mail and proclaim victory. January 2026 (remember the good ol' days when the US wanted to take Greenland with force if necessary?) was already forgotten after 4 weeks or so.
If Apple can't work out a legal structure that works, it will be forced to refund for the devices then so the consumer can use the money to buy compliant devices probably from Korea or China. EU can work out special deal with the Asian manufacturers as there will be hundreds of millions of people with cash in hand looking to buy a high end smartphone.
Being messy isn't a worse outcome than US invasion. Europeans aren't rooting to live like Americans or go to wars for America and the tech thingy will be a nuisance at most.
If Apple can't work out a legal structure that work, it will be forced to refund for the devices
How is that going to happen if the US attacked Europe?
EU freezes/takes over all Apple assets in EU, users with Apple devices get the money in cash upon delivering their devices. If the money isn't enough for the refunds, a finance mechanism can be created that will be settle after the war.
The returned devices may be sold to 3rd party markets if Apple isn't cooperating.
EU freezes/takes over all Apple assets in EU
Most value/assets are in the US, I don't see how Apple in the EU would have enough interesting assets to refund. If 30% of the 450M inhabitants in the EU have an iPhone and the purchase price was 1000 Euro on average, that would be 135B Euro. I would be surprised if they have a fraction of that in the EU as assets. The primary useful asset I could think of is if the iOS source code was also stored somewhere in the EU. I guess in war it would be fair game to fork it. Wouldn't help with the existing iPhones, since the EU doesn't have the signing keys, but you could bootstrap a new phone ecosystem (and even revert Liquid Glass :p).
If the money isn't enough for the refunds, a finance mechanism can be created that will be settle after the war.
There are huge assumptions in this, like the EU wins the war, the war doesn't end in a sort-of cold war, Apple cannot get away from liability because it was not their decision, etc.
The returned devices may be sold to 3rd party markets if Apple isn't cooperating.
Flooding a 3rd-party market with over 100M second hand iPhones would drive down the prices by an extreme amount.
Well how convenient that Apple has about $135B in European accounts(that peaked at 200B)! To avoid taxes US companies tend to keep a lot of money in the markets they sell their products.
You don’t go to war with the association of losing it, obviously the risk will ve priced and I don’t think that the risk will be that big considering that US hasn’t won any wars since WW2. Even if doesn’t cover all the costs, national security and independence doesn’t have to come for free.
>The French government did not provide a specific timeline for the switchover, or which distributions it was considering.
Do they realize they need to pick a LTS distro now? You can't mix and match distros without having a massive IT and user retraining budgets.
They likely don't. It's a purely political move not a technical move. With the average length of the French work week, this will take a while to implement anyway. Don't get me wrong, I think it's a great thought but I don't think it's more than a short-sighted reaction. Munich unfortunately faltered after a few years.
The french Gendarmerie already migrated to GendBunto, their own distribution. It took a while but it's now running on 97% of all workstations. I wouldn't call this just political fluff.
https://en.wikipedia.org/wiki/GendBuntu
> With the average length of the French work week, this will take a while to implement anyway.
35 instead of 40? I don't think an extra 5 hours a week is really going to move the needle in a meaningful way.
microsoft bribed them to come back
Why would you need any user retraining?
All distros are basically identical. The only real difference is whether you spell "package manager" as apt, yum, or dnf.
This comment is completely out of touch with how typical office workers use their computers. "Package manager" is your feldspars. But it's even worse than that, because you don't train for the typical employee, you train for the least-technical employee lest they become completely useless overnight.
> "Package manager" is your feldspars.
I hate that I understood this.
> because you don't train for the typical employee, you train for the least-technical employee lest they become completely useless overnight.
"Click on the blue and orange spinny fox thingy" is easy for even the thickest user.
>All distros are basically identical.
Have you ever used the Linux OS??
Yes, since it came on two 1.44MB floppies.
Let me guess, you're impressed by desktop decorations and which file-browser is the default.
Ubuntu differs from Fedora only in newbie stuff, for instance.
Fedora pisses me off more than Ubuntu does, and Ubuntu pisses me off least of all distros, except for Alpine which pisses me off in totally different directions for different reasons to all of the "proper desktop" distros.
All OSes are shit.
Even the ones you like.
Even the ones I like.
Especially the ones I like, I guess.
For people with a level of technical literacy that has them interested in posting on HN, sure. But for typical government workers? I imagine the differences are going to be pretty significant. They're not programmers or "devops" people.
We're talking about users who are going to do almost everything through the GUI, and who will associate the "distro" with the default choice of DE/WM/etc. stack in whichever flavour of whichever distro it is. Understanding what a "package manager" even is, will be the responsibility of "IT" specialists. Assuming they don't decide that only, say, Flatpak-installable software can be approved.
We're talking about massively bureaucratic institutions that have been steeped in Windows orthodoxy for decades. That's the administration policy they know, so it's what they will forcibly adapt to Linux.
You're going to need user retraining because the GUI has its own file manager program and no matter which one you choose (and they will choose exactly one) it is not Explorer. Because LibreOffice is not the Microsoft Office suite, and neither is any of its FOSS competitors. And so on and so forth. There's no telling what idiosyncrasies people depend on. In organizations like this I really doubt you can count on everyone being generically computer literate. I really doubt that generic computer literacy (as opposed to demonstrated competence with specific applications) was ever part of the hiring requirements.
> But for typical government workers? I imagine the differences are going to be pretty significant. They're not programmers or "devops" people.
How much retraining do you need for "click on the orange and blue spinny fox thingy and wait for your email to come up"?
> because the GUI has its own file manager program and no matter which one you choose (and they will choose exactly one) it is not Explorer
Nobody is ever going to use it. They're going to use a web browser.
> There's no telling what idiosyncrasies people depend on.
Funny way of spelling "Firefox bugs", but whatever.
> In organizations like this I really doubt you can count on everyone being generically computer literate
Basic adult literacy is computer literacy. If you can read you can use a computer.
I get the sense you haven't worked with many non-technical people in government or enterprise contexts. I've seen people struggle with their workflows after upgrading to a newer version of Windows, to the point where company wide training sessions have had to be held.
Yes. Noting that yum and dnf are basically the same.
dnf replaced yum, didn't it? I had it in my head that they were like apt and dpkg, but apparently not.
I need to get get into Redhat^W Fedora^W Rocky again some time soon.
Just pick nixOS and provide base nixosConfiguration. tada.
These are almost always negation strategies rather than serious initiatives.
I don't think so. Having worked on a similar thing in my country, and the effort is monumental.
When doing this in a company, making technical people appreciate free software and making lasting changes is hard enough. When doing this with non-technical people, everything becomes exponentially harder.
Sometimes yeah, but clearly not in this case, if you took the time to actually read the article.
You don't ask entire ministries and public operators to formulate a migration plan from Windows to Linux with a relatively short deadline just for negotiation purposes or just for the fun of it, you do that once you're committed to actually migrating.
This is not just a pilot project or some local administration doing an experiment, it's new country-wide policy enforced from the top, hardly a "negotiation strategy".
Efforts like this are good for people to realise there is a lot of talent in Europe that just gets overshadowed by USA's dominance.
USAians tend think everything is less popular in Europe simply because it is inferior and fails purely on its technical merits. I know nothing will ever change their minds, but at least non-European non-USAians might recognise the efforts a bit more.
We are also willing to accept 'good but not perfect' and understand tradeoffs.
>USAians
The word you're looking for is Americans, despite whatever preconceived notion you think the word "Americans" actually should mean in English. I know nothing will ever change European minds, but at least understand what the correct form is.
>everything is less popular in Europe simply because it is inferior and fails purely on its technical merits
So everything is less popular in Europe because it fails on many other points? Big applause to you, I guess. Are you looking for a participation award?
As an Englishman, I don't need lectures on my language.
English isn't controlled by a central authority. If a new word takes hold, it takes hold, that's it.
The way the USA thinks it has an absolute right to decimate central and South America disgusts me to the core and I'm tired of those poor people being lumped in with the term "Americans". It's offensive to them. The USA does not own the continent as much as the CIA tries.
Just as we received lectures on our declining power, it's time for the USA to suffer the same.
>As an Englishman, I don't need lectures on my language.
An Englishman? You mean Englandian. English is a language, you can't lump everyone who speaks it into one category.
>English isn't controlled by a central authority
Exactly. And the Englandian usage has no superiority over any other.
>The USA does not own the continent as much as the CIA tries.
Maybe not, but we do own the UK (:
Oh man you yanks are so bad at insults haha
> You mean Englandian
Sounds fine lol
> English is a language
Yup, ours. The one thing you couldn't buy :)
Ah Windows. The Temu wine.
been a long time coming for windows. wonder who else will follow suit
About f'ing time.
Now nextcloud and libreoffice should give up the stupid drama and focus on beating microsoft.
man, that's great - but can you imagine some bureaucrat lifer having to adapt to this?
we need more tech literacy overall, so this might help with that also
There are few things in life more satisfying than forcing bureaucrat lifers to expand their minds.
Good. The US is gone.
But will they use azure?
I've been on a contract for a multinational European company that's in partnership with ESA for the past 18 months, and I've seen a lot of money and effort spent to move out of the US cloud to OVH. After the US decided to go rogue, this project became even more urgent.
My job is basically recreating a small part of the infrastructure that was designed for AWS, while patching some shortcomings of the OVH offerings which are not as featureful.
Honestly the only thing keeping me from bringing up the idea of moving to linux is that Windows has active directory and domain wide group policies - if linux had something similar that was easy to manage I'm sure a lot more corporations would move to linux. The ease at which I can adjust system settings throughout the company or within each department such as disabling/enabling features, mapping drives or printers. I haven't found a better alternative than active directory
Political posturing that will never actually occur.
Vive la France !
Fantastic news
Any closed source, centralized system is going to be higher risk than an open source distributed system that can be independently verified and audited by multiple parties.
You just have to be willing to put in the investment to verify/review with parties that meet your needs.
[dupe] Discussion on source: https://news.ycombinator.com/item?id=47716043
Unless you need some windows-only software, using windows at this point is masochism. I was never a fan of Linux, but the Microsoft driven enshitification is so strong that Linux is now a better option. To win, all Linux had to do is stand still, and that's exactly what it did! Ubuntu in 2026 is pretty much the same as Ubuntu from 2006.
WINE has come a long way. Most Windows software now just works on Linux.
I don't know why you believe Ubuntu stood still. Looking at the history that does not seem to be the case: https://en.wikipedia.org/wiki/Ubuntu_version_history
Personally, the last holdover is Ableton. Last time this came up, bunch of people pointed me to https://github.com/BEEFY-JOE/AbletonLiveOnLinux which has since then been marked as archived, and I'm still unable to run Ableton 12 properly on Linux via WINE, even though I've probably spent too many man-hours on getting it to work...
I'm still eagerly awaiting the day though, any day now surely.
You forget about MacOS. And Apple are making some very aggressive moves as of lately to capture users.
MacOS is the same sort of walled garden as Windows though. It has plenty of dark patterns in stuff like iCloud too, I imagine with some more years of enshittification it will be in a similar state to Windows today.
And corporate customers like the French government will want their users to be within strictly controlled environments - walled gardens. That's why they've used Microsoft for so long. MacOS isn't as good for this scenario from what I understand, but is Linux?
IMO the walled garden doesn't have to be the employee's computer but centralized servers holding the data, intranet services, etc.
> Unless you need some windows-only software
In many cases even if you do though, its possible to run it on WINE pretty well these days. It's insane how good it's become in the last few years (partly thanks to proton and Valves investment in it all really)
"Pretty well" is doing a lot of work. I have no horse in the race. I just run native on MacOS or Linux. Haven't run any Windows in a number of years. (I don't really game much and would just use my Xbox if I really wanted to--though that mostly functions as a DVD player these days.)
But if "pretty well" causes the random administrative person to have issues with doing their job or increases IT support costs, it will be off the menu pretty quickly. We'll see. A lot of things are different from the last round of we're going to Linux in Europe.
Nowadays, pretty well a lot of times means really well, maybe even better than on Windows. See Windows games running faster on Linux through Wine.
As I say no dog in hunt and don't actually have a Linux laptop any longer since I had to send it back to my company--from whence I'm sure it went straight to recycling. Maybe I'll buy an older refurb Thinkpad at some point.
> See Windows games running faster on Linux through Wine.
Let’s not leave out all the ones that don’t. Which is in fact, the majority of them. Strange how that’s always left out, we wouldn’t want to mislead people now would we?
It's not a majority of them. Hasn't been for some time now.
https://www.tomshardware.com/software/linux/nearly-90-percen...
The 10% that has issues is normally down to kernel level anti-cheat and denuvo.
Go back 5 years and you'd be right. But it's a totally different situation now.
> It's not a majority of them.
It in fact is.
> Go back 5 years and you'd be right.
I’m right now.
I’ve done the testing myself, and the testing has been done by others. The vast majority of titles, especially modern titles still work better on windows. Linux only users got excited and make the claim otherwise based off a handful of cherry picked and poorly performed benchmarks and now repeat this claim endlessly despite in every sense of the word it being entirely false.
Is the situation improved? Vastly. Viable for many? Completely. I’m not saying more games dont run better on today on Linux than they used too, but this idea the majority now run better on Linux is a complete fallacy and that’s before getting into things like perhaps daring to want to use the ray tracing features you may enjoy or you in fact may not want to deal with compatibility issues which in fact very much still exist outside of kernel level anti cheat and denuvo.
From your very own link:
> There are different degrees of compatibility gamers must consider when checking if their favorite Windows games work on Linux distros like Mint, Zorin, Bazzite, or even SteamOS.
This != The majority of games now run better on Linux, it only equals that they will run in some capacity.
We've come a long way in the last 2 years. We're at a point where MOST Windows software works flawlessly. I said "pretty well" as theres no doubt a few that don't and it'd be a bit disingenuous for me to suggest otherwise.
I certainly wouldn't come into this with knowledge on wine older than 2 years and make a snap decision though as its a totally different landscape - no weird quirkiness and tweaking needed for the vast majority of applications anymore.
> Ubuntu in 2026 is pretty much the same as Ubuntu from 2006.
Well, Ubuntu MATE perhaps :)
Windows LTSC I find comes pretty close to the less intrusive Windows I remember from the XP/7 era.
> To win, all Linux had to do is stand still, and that's exactly what it did!
It is moving? Red Hat has been investing in containised apps and image based distros for years, Valve single handedly made Linux gaming viable. HDR development is mostly driven by Valve and Red Hat customers.
And no Linux isn't good enough yet. UX is all over the place.
> And no Linux isn't good enough yet. UX is all over the place.
Of course you'd think the UX is messy if you only look at the kernel ;)
It's up to the distributions and desktop/window managers to handle the UX, and the experience varies as much as there are desktop/window managers. Some of them are fairly internally consistent, like KDE and Gnome, and at least they're currently more internally consistent than Windows and macOS. I use macOS, Windows and Gnome daily, and the only one that doesn't give me daily grief in some manner, is Gnome.
> And no Linux isn't good enough yet. UX is all over the place.
Sure, the UX for Linux desktop is all over the place, and a lot of software is messy and untidy. But Windows isn't any better in that sense. It doesn't have a clear, cohesive design style either. Its selling point used to be that users were familiar with the UI, but it seems to change so much that users can't really leverage that much either.
a Windows license is only cheap if your time has negative value
I think the commentary here is mostly in agreement, we are just debating the finer points.
This should have happened already, is the general theme. I still have my Shrike CDs around and the modern-day Fedora (I think 44 is about to launch next week?) is more than sufficient for many, many use cases within the government, regardless of which distro they end up with.
My hope is that the backing of EU software development teams to open source will lift all boats and in addition to Linux, BSD may get some fruits of labor out of it.
9front as always is to be strictly forbidden without a security clearance.
Will the French government view open source software as software which should be well-funded and well structured, ie Blender level quality and organization, or are they going to underfund it and thus have it succumb to the shenanigans of Redhat, aka IBM, the infamous pushers of Gnome and Wayland?
I hope they also help in improving battery management on Linux notebooks, even pressing vendors via regulations.
Please tell me this also means that they are redirecting the expenses currently going to Microsoft into funding open source development?
I've been on Linux (I use Arch btw) since 2011.
I've been dual booting the first couple of years, then dumped Windows completely in 2016.
Since then I am on Linux only. Private and corporate.
Yes, sometimes I need to access a Windows machine or do work in one (I am my own boss), but then the client pays a "pain tax" as I call it.
There are some games I can't play I would've played in the past. Mostly competitive online games.
Technically that's annoying, but for me personally it's not a problem as I am not in my teens of twenties anymore and I have other hobbies and obligations.
France is doing many thinks way better than Germany.
This is one of them.
Excellent move. Hopefully these moves continue the trend spreading through Europe.
With another 3 or so years with the Orange Dildo in charge, there's a decent chance the momentum will turn into something tangible.
Vive la France !
de Gaule v2.0 :)
We're going to keep seeing this due to destabilization and political changes in the US. It drives nationalization elsewhere, even among allies.
It doesn't help that Microsoft seems to be doing everything in its power to alienate Windows users.
This, I've officially been off Windows for a few months and will not be looking back. Microsoft has put a bad taste in my mouth as a developer.
By luck and happenstance, I tuned into the Omacon conference this morning and my perspective on personal computing very much aligns with theirs. Would encourage a least watch the kickoff keynote if the VODs drop.
this has been happening on and off for ~10+ yrs. MS cost are too high and you need more expensive computers to have the MS sub-par experience.
the main thing that keeps people locked in is (a) "Im use to windows" and (b) MS gives them some special contract to keep them.
This is exactly what I'm seeing in working with companies in Belgium, Germany and France.
It's not just about costs- managers are actively seeking to distance themselves from everything US.
We've stopped treating them like allies. Who's to blame them?
Holy based
It's kind of good news, but it's also bad news -- with Linux popularity, crapware will be more popular. I kind of liked times when Linux was used only by power users. Today it's slightly different, and with more popularity... we get things like age verification in systemd.
But well, I can always switch to FreeBSD I guess. And that's my plan B.
I am very happy that Linux is becoming main stream but I share your sentiment. FreeBSD is a nice alternative if you want to stay on the edge.
This is traditionally how you renegotiate with MS.
But seriously, how long before MS offers them a deal they would rather not refuse?
It's different this time. It's a geopolitical safety move. You know why it happened and who is responsible for this. Never would have happened otherwise.
At the least the french government has a plan. Now please have a look at Germany - the current leading guy is absolutely clueless as to what he wants to do. From appeasing Trump to ... actually doing what else? Germany with regards to its politicians is a problem for the EU. Yes, we also have Hungary etc... but it's a small country that is over-hyped by the media due to its intrinsic corruption in the leadership; the real problem really is Germany. In the past it always was "too much bureaucracy" - the problem goes much deeper. The THINKING process in Germany is broken. France, Sweden, Denmark, Netherlands, Finland, Norway (not EU but clever nonetheless) and so forth, are much better at THINKING. Something is broken in Germany and Merz is the showcase of cluenessness here.
What? Again?
I lost count, it's how many attempts again? Fill me in.
The gendarmerie already switched.
Only place I know that went back to MS is Munich city council. After MS put a big research office in the town.
As far as I know it was successful for the gendarmerie and assemblée nationale for exemple. There are many public entities and apparently each migration is news worthy
It needs just 1 successful attemp.
Next up: governments rejecting use of AWS.
Previous discussion: https://news.ycombinator.com/item?id=47716043 (764 points 5 hours ago, 384 comments)
It's... an admirable goal, but it pretty much remains to be seen if "France"[1] follows through.
Previous attempts to "ditch Windows" have not ended that well. Munich in 2003, the entire Federal German government in 2009, Munich again in 2013, Munich again in 2021, and so on. Most common end-result: back to Windows.
Breaking points are typically the lack of an "Office 2016" compatible suite, lack of "Adobe PDF" tooling, and a mishmash of legacy apps. The latter seems trivially addressable by a "Remote Desktop/RemoteApps" environment, but there are definitely issues, mostly surrounding printing and clipboard handling.
All of that can be solved, but definitely requires more funding and, crucially, coordination, beyond "Open Source Cures All."
[1] Oh, I just love it when an entire culturally-diverse region gets lumped in together, or, when, as in this case, ~6M French government employees are treated as a homogeneous group.
If they only diverted 10% of the budget from MS to solving issues they’d have had a solution a decade or two ago.
I'm... not so sure? The French government has, widely seen, 6M employees. Given retail pricing of EUR200/seat/year (and they definitely have a better arrangement), that's 1.2B, and I'm not sure that's enough to provide an identity management plus office apps plus file storage solution? And at 10% of that? Absolutely forget it...
All of that came about without them spending anything. So the extra is just to fix bugs and do integration work. StarOffice (LibreOffice ancestor) existed in the 90s—I used it and it was fine for government work.
File storage? Cheap by Y2K as well.
[flagged]
It's really cheap to run FOSS on commodity PCs in the twenty first century. Hetzner is very reasonable in the cloud more recently.
It's not a binary switch either, you build the platform bit by bit every year and roll it out to more and more workers. Four dimensional thinking, that could have succeeded already, a decade plus ago.
Sure a few components would have to be written in the meantime. Just a few million a year would be a huge boost to gaps in FOSS.
You posted this text in 5 separate places. Worse, you edited 7 previous comments by gutting their original text and replacing them with this same tantrum. That's abusive.
I'm not going to ban you for this because everyone goes on tilt sometimes, but please don't pull a trick like that on HN again.
I've restored the text of the 7 edited comments to what it was before you vandalized them. I've also canceled the downvotes on those posts because I agree with you that the downvotes were unfair. (At least I think I do - I didn't read them closely and don't know the context.) I hope the latter feels at least a little bit like a good faith gesture, because that's how I'm intending it.
(The 5 comments that only ever said "[Yeah, if I'm just gonna be down-voted to oblivion regardless of my participation in the comments, good luck with your 'meaningful discussion'}" remain downvoted and flagged since obviously they were against the site guidelines.)
You’re saying a government couldn’t take open source building blocks and run.. office apps with basic security and.. file storage? For $100M a year? This could be done with a 30 person team
Yes, that's exactly what I'm saying, If your mythical 30-person teams were achievable, a lot of major US 'cyber'security firms would be in major trouble. Pop-quiz, hotshot: what does Citrix (market valuation: USD 16.5B), technically, have over your team (market valuation: USD 0B)?
30 people managing the hardware? Sure, if you get good deals on the hardware itself, the employees stay healthy, and you have everything so centralised you don't need multiple people on call.
Centralising things to that level and supporting the users of the entire government structure of a country the size of France -- one of the countries the sun _never_ sets on -- while it's transitioning from decades of Microsoft dependency to an open source ecosystem? Heh, no.
Hetzner exists.
The claim above of 30 is not particularly important, the point is to lean on the community. Millions a year would get you incredibly far. Many are already helping for free.
24/7 linux webservers existed already by the late nineties.
"Helping for free" doesn't cut it when dealing with governments. Even if everyone had gone the Linux route 20 years ago we'd still have an entire ecosystem of commercial businesses selling and operating it; imagine what Red Hat would look like with Microsoft actually out of the picture.
We'd have just as many consultancy firms and layers of beuraucracy without Microsoft, and France wouldn't be operating their entire government IT stack, all the way down to individual workstations, that much cheaper than it is now.
The difference is that because of open-source there would be competition in those services. And they could take any of it in house at a discount with reasonably priced govt workers. IOW, they'd have choices instead of handcuffs.
They'd be in better situation on all counts. It pays to think ahead to the future and remove dependencies. Where do you want to be in five years? Still in an abusive relationship?
Werent the munich government employees quite happy with linux, but microsofts lobbying with their headquarters got them to switch back?
I'm not aware of Microsoft's economic footprint in the Munich region, but I doubt it's significant.
The complaints that lead to the several-reversions-to-Windows at the time, as I recall, were all around "citizen sent me X, can't open X"
And those are all addressable issues, but not without significant know-how and funding.
> I'm not aware of Microsoft's economic footprint in the Munich region, but I doubt it's significant.
Perhaps be aware before explaining everyone how things really are?
Were they? Sounded like they stuck with some terrible old version of OpenOffice ("brokenoffice"). Users don't really care about the OS, its the apps.
Motivation matters.
Earlier attempts were mostly about money and ideology. Now its a question of security, thanks to one 'clever' 'businessman'. So thanks to his _great_ efforts, it might actually work out this time.
Munich is a bad example - they were effectively „bought out“ by Microsoft by investing hugely into the local economy in the form of offices and employees. It was also two parties that kept flip flopping with different priorities. Linux itself had some hiccups but was fine from what I recall.
> they were effectively "bought out" by Microsoft
Yeah, let me dispute that. They were, at least on three occasions, forced to roll back due to "citizen sent me X and can't open it" and/or "sent Y to citizen and they can't open it" concerns.
Mind you: these issues still persist in a fully Microsoft/Adobe "solution environment", but less so than in the "disregard all and move to Linux" situation.
And to be perfectly clear: that's all unacceptable. But it adds another, say, EUR 2B to the equation.
https://itsfoss.com/munich-linux-failure/
It doesn't matter if this or that doesn't work. Or if Microslop pressures to continue using Winslop.
Now the reasons are geopolitical.
Munich led to "all of Schleswig-Holstein" in Germany. 44,000 Exchange mailboxes replaced with Open-Xchange. 25,000 Windows+Office desktops replaced with Linux+OpenOffice.
Nope. That was rolled back: https://www.zdnet.com/article/linux-not-windows-why-munich-i...
And, again, I'd very much like Microsoft to lose here, but, there are real issues here
Munich was rolled back but inspired SH to do it instead of them.
You must be German — the French state is a lot more top down than Germany with its regions, so generally these kinds of mandates get applied broadly
> You must be German
Oof, that's just offensive!
Anyway, most German Linux 'mandates' were indeed regional, and (for good reasons!) failed to migrate 'upstream'.
Whether the French mandate takes hold remains to be seen. "We're not Germany" is not the end-all argument it might seem to be to you.
Sorry I didn't see your reply, what was it about?
Desktop Linux's security and antimalware solutions are not ready for government usage. This is a cyber attack waiting to happen if they go through with this. They should at least switch to ChromeOS if they want to use Linux.
You mean switch Windows by Microsoft for ChromeOS by Google? Weird suggestion.
As for "security" and "antimalware" solutions being ready, I don't think there is much difference between the OSs there. Windows is no candyland either.
As always, they will need competent people in the right places to pull this through. Tech is just an enabler.
Yes I do mean that. Google is one of the only companies in the Linux space who takes security seriously.
And switching to Google achieves the aim of getting away from American tech giants?
I don't think it's a wise thing to do at this point in time. There is more risk by not depending on America.
If that really is the case, why not stay on Windows?
We're talking about a country that is daily threatening to invade. You'd feel it was clever to run your entire infrastructure on an Iranian OS? It's the same for EU since USA is threatening to invade.
There is no security when the US government can legally compel Google to do whatever they want. This is why foreign governments want to move away from big tech.
Turns out the imperial boomerang impacts many things, especially when previous orders are easily destroyed (because only one country was benefiting).
Some might be tempted to brush aside that Server Linux threat model is very different from Desktop Linux (to snarkily reply "we'll it's powering a vast majority of GDP via all of AWS, Azure, etc.").
However comparing apples to apples, what makes you say this isn't ready for government usage, when it's ready for trillion dollar big tech companies' majority of their workforce? (Aside from Microsoft, Apple obviously). Large employers like IBM etc also must be using red hat or some other distro
Google for example uses a fork of Ubuntu. When someone decided to compromise Google employees machines via a fake npm package they were able to do so successfully. When they reported this to Google they said it was okay for employee machines to be compromised and that it was part of Google's threat model. While this may be true for large companies I don't think the French government is ready to handle such a security model.
> that it was part of Google's threat model
That's just PR to avoid stocks going down.
So did the Great Country of North Korea.
The fact that open source is a national security concern should have been something that a crazy orange man should have triggered.
Thus was obvious decades ago. And open source is the key model for collective development in a secure manner for disparate countries to secure their software base.
Alas, I fear they will only concentrate on the server side. The securing of the desktop should be a parallel concern as well, to help prevent your citizenry from becoming DDOS slaves.
I know this might be a controversial take but nevertheless I will state my opinion: I do not think "the year of the Linux desktop" is the good idea that most people seem to think. Everything that gets the eye of Sauron on it proceeds to become a complete mess.
Resources always win. All that is needed to ruin an open project is dump money into heavy development up to the point where it becomes impossible to do without it. Plenty such cases already.
This also ruins the development of the project akin to feeding wild life, you get them dependent on you, and if you stop feeding them they lose the ability to feed themselves in the wild. Such is the Linux ecosystem, based on a type of work that so far made a great project for people who have a bit of technical skills. Making it more accessible to the masses only brings that kind of bullshit into it. Inevitably. There is no way something of such importance, to the masses, won't get corrupted in one way or another. That never happens, if there is too much interest there will be funds dumped into corrupting it, one way or another.
The best path forward for Linux was as before, to fly just under the radar, to bee a bit too complicated for most people. This is what protects it. Most, if anyone, don't seem to understand this very simple fact. No older Linux user gets anything worthwhile out of this deal, nothing relevant, just inevitable enshitification of it. Historically proven over and over again. I find "the year of the Linux desktop" to be a childish take in a world that functions on completely different principles.
edit: To add a bit more context, Windows is not the mess that it is today because of evil Microsoft, it is a reflection of its user-base. Same with Linux. They did that to Windows, with their behavior, with accepting all that nonsense.
You want to bring the very same type of people, with that kind of attitude, in Linux, what exactly do you thing is going to happen? They will adapt to Linux mentality or they'll proceed to ruin Linux with their behavior? I can take a good guess on what will happen. People will people, and corpos will corpo to milk them.
Linux is already integral to the tech and enterprise worlds, which have a lot more money to throw around the consumer desktop space. I'm having trouble seeing how Linux becoming a more popular consumer OS would lead to the types of problems you're talking about, if being a leader in the server space hasn't already led to them.
Also, Linux has a built-in mechanism against enshittification, which is its open source and multiple flavors. Ubuntu becomes enshittified? Move to Fedora. You can have a dumbed down consumer-friendly distro without affecting Arch.
> The best path forward for Linux was as before, to fly just under the radar, to bee a bit too complicated for most people.
Obviously with people like you, Linux would never be popular. Personally I’m fine with that, Linux is just too damn buggy and inconsistent for my usage, but I’m pretty sure that it could benefits people. Think of students or people in low income countries.
And then, what prevents you from having a mainstream friendly distribution that just work, and another for the nerd who want to spend their day in the terminal ?
Linux isn’t just one distribution, one doesn’t prevent the other but currently it sure isn’t for mainstream usage.
Government is the perfect place to do this. It doesn't matter if it craters productivity because the organization's budget is not conditioned on delivering impact.
Why not go the full mile and put up cardboard panels with printed screenshots of MS Word glued on, which government workers can sit in front of to collect their salary?
That might work for government employees using webapps all day. But for power users it is unlikely to be friction free.
It doesn't have to be friction-free. The rough edges can be sanded down with government investment that addresses the needs of citizen-users.
“Well, did it work for those people?”
“No, it never does. I mean, these people somehow delude themselves into thinking it might, but……
…But it might work for us!”
Unlike modern Windows, known for its lack of friction.
"We have two versions of Outlook and none of them are working"
There are four ̶s̶i̶x̶ ̶(s̶e̶v̶e̶n̶ five counting the web version) maintained Outlook variants on Windows 11, last I checked and I have issues with each one. Search especially, but then that has remained an unsolved problem for 30 years. I am sure "AI" will finally solve this.
Edit: Have checked and found that two I thought were still maintained (16 and 19) were EOLd in October.
I feel like this is perfect being the enemy of good. So lets say only 80% of their staff can get off Windows and the remaining 20% need to remain on it. That's a great start!
And you can require new custom software to be compatible and guarantee an initial market.
It's a strategic decision and of course it's not financially optimal.
And if in 20 years thered still a few windows computers around in their org that doesn't matter
And a recipe for failure. All 100% of their staff needs to be moved off of Windows at the same time.
A few years ago, IBM tried to move everyone to LibreOffice from M/S Office. It failed, the reason why was top level execs and some others were allowed to stay on M/S Office. As time went on, M/S Windows became a Status Symbol. So people went begging and as time went on exceptions were granted. A few even went so far as to buy their own copy, which was allowed.
After 8 months IBM gave up. If you want things like this to succeed, you must be 100% in.
I'm a power user and I've used linux for over 25 years. My corporate windows machine is total trash and completely unsuitable for any power users, either because its windows or because corporate locks it down so much it's barely more functional than a chromebook, I don't really care.
That's also what Microsoft 365 is, a webapp, even the latest Outlook is a webapp.
Nobody in their right mind prefer the web apps over the native apps if they sit all day doing e.g spreadsheets. I tried the M365 web app for Word the other day and it's sluggish.
Respectfully, so what? There have always be specific use cases and user bases requiring a specific OS. No one ever considered OpenBSD interchangeable with Windows, few see Linux distros as a 100% drop in replacement for someone relying on Logic Pro.
Thing is, I really don't get this knee jerk "but what about INSERT_RARE_EDGECASE". It isn't helpful and argues something no one actually working on these projects ever proposed. Even if MSFT software remains in use, any gained alternative is a win, license costs and strategic autonomy both being valuable.
And yes, as you hinted, a large contingent of clerical work may already happen in a browser, with any found exceptions potentially addressable in the coming years, especially as older implementation may be updated anyways.
Let's be honest, we all underestimate how much we (can) do solely inside the browser anyways and even more so severely misgauge how few people are reliant on any native (none Electron) software at all outside gaming.
Power user is such a nebulous term anyway. To me, someone spending hours on end in Confluence can be a power user, having never left the browser. The same for a designer using Figma. Course, if one truly requires native only software, they may more likely fall under the umbrella power user, but again, few are seriously discussing just forcing those over since, reasonably, one must presume they have a reason for doing what they are doing.
What is a power user in this context? Someone deeply familiar with Windows and has tons of Windows related setup/applications?
That doesn't sound like a government worker... They rely on Microsoft Office, but the actual operating system could be anything. The only non-portable application is video games really. While LibreOffice may not have complete excel functionality, the vast majority of functionality can be replicated in web apps/libreoffice. And frankly most of this work can be migrated to AI.
You can even skin Linux to look exactly like Windows if you want, or use Mint or something. But really all people need is to be able to open up Chrome and Excel.
In fairness, the transition away from MSFT 365 Copilot (as we all of course call Office now) might include more friction. Mountainous VBasic monstrosities are sometimes the way things get done in orgs I am personally familiar with and that can be hard to switch away from. In general though, I consider this focusing on edge cases as just not helpful, especially as one must start a transition to fully uncover them and get to addressing them too. I also don't think that ancient Excel scripts are an unsolvable problem, but one that needs to be very carefully handled.
I imagine the biggest thing they need to open up is Outlook.
And if the decision away from Windows is an indicator, they will likely be moving email clients as well
Outlook has never been a requirement for work, you can very easily use any email client or outlook.com web app. Outlook is arguably the easiest to replace.
Excel is the only thing holding Office 365 together.
Word, Outlook, OneDrive, Teams, SharePoint are all very easy to replace
Sometimes organizations need to undertake work that is not friction free to achieve longer term goals.
I consider myself a Power User, use of Windows is not friction free :)
Over the years I've come to believe that there is only one thing important: What you are used to. The friction is in the change process. Not in the destination.
As an independent, I have several customers on MS365, you know what my super power is? FireFox cookie containers. One for each org, and I switch with 0 effort between the orgs. No need for Windows in that workflow at all. In fact, using Windows and the native apps would probably give me a lot more friction.
Yes, sometimes I have issues. I.e. yesterday Word kept deleting my last 1-2 sentences for some reason, even though hitting ctrl-s tells everytime: "I should not worry". but in general it's fine.
My business is on Proton, and I love that MS365 AND Google workspace calender invites go right into my agenda with no effort. There is nice stuff out there. Especially now we have Proton Meet, I can take some ownership over videocalls in Teams and Google Meet finally.
>What you are used to.
Absolutely. I've given using a tablet (with keyboard) as an alternative to a laptop when traveling and it sort of frustrates me for a lot of things. But talking to people I know who have largely switched over, my conclusion is that, in general, I probably mostly just haven't put the effort and commitment to make it worth it for me. And I'm not sure, not spending nearly as much time on planes as I used to, it's worth it relative to getting a laptop that is even lighter than the combination.
As part of the human species, which has conquered our planet's poles, its deserts and its jungles, I believe we are in a unique position to adapt to many -if not most- circumstances thrown our way, and flourish.
You hopefully can adapt to what you need to. That's not the same things as switching to something you find awkward and you don't find to have a particular, if any advantage.
Power Users faced the same problems when Office changed to ribbon menus. It doesn't has to be friction free.
Can you call yourself "power user" when your point is that switching away from Windows is too hard for you?
Windows power users are the ones who have the greatest difficulty switching.
Basic users just want a web browser and need instructions for anything else anyway.
Hardcore geeks have tried everything going and have no problems with Cisco IOS.
It's the folk in the middle who struggle.
Just kidding about Cisco: it sucks.
There's a negligible amount of "power users" among government employees; I think the majority of them are trained in reading and applying laws, and given the strong scientific/literary divide in the French culture, they usually think of themselves as inapt with computers (and the erratic behavior of MS products didn't help, if you ask me).
But knowing France, what to really worry about is execution, in particular for administrations. Probably people working there who read the TFA already think "oh, big mess incoming" even though they don't know what this "Linux" thing is.
I think standard IT/sysadmin training focuses mainly on Windows server etc., Linux being a second class citizen (because that's what the vast majority of small/mid sized businesses use). So recruiting good Linux sysadmins could be an issue, especially since the wages in government agencies are not exactly attractive.
85% of cloud servers are Linux. It's not a niche product for people who work with servers.
Who do they think writes Linux? The European Commission? They’re on the US tech stack whether they want to be or not, and nobody in Europe has the will or resources to pull a China and make their own alternative. More’s the pity.
Linux was created by an European. And there are many European distros. Even Canonical is European.
But that's besides the point. The point is no company owns linux so you're not tied to big tech even if they are the biggest contributors to the kernel.
Moreover for the folks in the back row...
We may see Canonical or other commercial Linux vendors come forward with a government or enterprise-flavored solution for all this. But the important thing to keep in mind is that they're not selling Linux per-se. As the GPL prohibits this, these companies sell support for their Linux distro instead. That revenue goes into improving Linux and maintaining their distro (e.g. Ubuntu). But even with all that money changing hands, that they do not own Linux, the Linux kernel, or any other shred of GPL licensed stuff.
2/3 major commercial Linux vendors are European, the author and BDFL of the Kernel is European and a ton of contributors of many projects are European (Qt and KDE come to mind). Yes IBM Hat has a lot of influence but they're not the only ones developing Linux.
I understand what they mean, linux offers freedom, enough that it divorces your tech stack from any one company.
But isn't linux US tech? The blueprint, UNIX was a US project, torvolds works from the US. the original userland GNU was a US based project. The new userland systemd is a US based project.
> But isn't linux US tech?
If you want to discuss it on that level, it if Finnish tech imported to the USA, inspired by a Dutch implementation of a research OS.
On a more serious note, Linux has been developed by many individuals all over the world, you can't put a nationality stamp on it.
Linux is a global project, and open source more broadly is also of course global.
Linux Mint (the distro I use) was started and is led by French developer Clement Lefebvre.
QEMU and FFmpeg are among the notable projects started by French developer Fabrice Bellard.
VLC was started by students of École Centrale Paris.
These are just the things that I know about as an American, so I'm sure there are more.
The difference, of course, is that they can inspect the source, and should the US try to use it as leverage they can just fork and continue on.
GNU was never anything but a flag-of-convenience. The number of people who take RMS seriously was and is small.