France Launches Government Linux Desktop Plan as Windows Exit Begins
numerique.gouv.fr762 points by embedding-shape 5 hours ago
762 points by embedding-shape 5 hours ago
All the comments about Linux gaming make me want to give my $0.02. I've been gaming on Linux, with no Windows installed anywhere, for around 6 years. In the first 3 years, it was a massive pain. Games like S.T.A.L.K.E.R. would consistently have issues with mouse input, weird acceleration, a lot of games wouldn't run at all. This is NO LONGER the case at all. Things run very well out of the box.
All games I want to play run very well and mostly the process is just "install -> play".
If a game has an aggressive anticheat, like Battlefield 6 or Valorant, it will not work and you can forget about it.
Controllers work fine, so do some wheels and other peripherals, but a good number of wheels, pedals, joysticks, VR headsets, and other wild and wacky input devices might not work that well or not at all. It mostly depends on whether the software for them runs on Linux, runs in Wine, or is needed at all. Not sure about VR, but I know it was a bit dire 1-2 years ago.
If you don't play hardcore simulator games, and don't play one of the competitive shooters with aggressive anticheat (e.g. CS2 and other competitive shooters run perfectly well), you can just install Linux, install Steam or one of the other launchers, and just hit play.
If you're not sure, you can check the status on https://protondb.com.
Well actually I've been technically playing all the games that are protected by these aggressive anticheats on linux since I've decided to switch.
My setup is a custom version of the linux kernel that 'backdoors' itself and exposes host information to the windows vm making all the anticheats happy enough to work out of the box. Have not gotten banned in any of the games either. Custom VMM and EDK builds are required to block blanket detections of virtualized hardware.
I repurposed lookingglass to instead stream all the wdm buffers as seperate applications that I can open directly in linux like they're native applications. The neat part is that I forward all the installed applications to KRunner which talks to the windows vm and launches the application there and spawns a looking glass instance for that applications assigned path.
The only downside that this is a two GPU solution and you have to run any GPU intensive applications in windows.
Care to write it up somewhere? Would be a fascinating read!
Unfortunately doing something like that will simply make anticheats respond as they have in the past and make it increasingly difficult to do so.
I did contemplate playing this cat and mouse game and making anticheats accept that it's easier to just support linux instead of fighting it.
That is honestly amazing and impressive. Probably a bit too much tweaking for the common gamer though, but glad it is possible!
I've been messing with kernel-mode anticheats for 3 to 4 years so yah, not something a typical gamer can do. But I have been contempating on making this publically available for everyone to use wrapped in a neat little package!
Out of curiosity do you run the backdoored kernel in your day to day computing or only when gaming? Any concerns about incidental security issues?
It's only backdoored within the virtual machines and require kernelmode within the virtual machine.
Any untrusted virtual machines don't run on my machine to begin with so it's alright.
You definitely should! Even just a blog post about it would be great. I won't be doing it myself, but my son would for sure.
All games I want to play run very well and mostly the process is just "install -> play".
This is largely true for games running directly through Steam, it can get pretty annoying for games that exist outside Steam.
Especially when you have to do things like apply an ".msi" style patch to a game .
It's doable, but the number of steps and tools you may have to pull in (such as protontricks) does get to be a bit of a pain at times.
The trick I have is that I add the game and all related windows exes to steam in the same file system. When you run a game on proton through steam, it makes this virtual file system thats matches a game appid, or a uuid. So youll get a folder somewhere thats like 12345566778. You can add that file to an override for a different application, and have it run on that application file system. So if you add a patcher, mod tool etc, you can use it just like its in windows.
For example: Add Diablo 2 exe to Steam. Run Diablo 2 in proton. This creates a folder like 123455 /home/user/.local/share/Steam/steamapps/compatdata/123455/. Then Add LOD to Steam, add this to the system launch STEAM_COMPAT_DATA_PATH=/home/user/.local/share/Steam/steamapps/compatdata/123455/ and you can run the installer on the older file data. Do the same for a mod patcher, etc.
Agreed, but people should definitely try Lutris. It's nearly as painless as Steam now for GOG and many other stores.
I haven't tried out Lutris yet as I'm trying to avoid having too many layers of platform dependencies just to get games to run, but I'm sure I will at some point.
Lutris recipes often work out of the box as well. It's as simple as hitting "install" on the Lutris app.
Yep, my casual Steam games run well out of the box. I don’t even use a gaming-focused distro like Bazzite, just EndeavourOS. Helldivers 2, No Rest For The Wicked, Slay The Spire 2, even modded Lethal Company with friends using r2modman (also worked OOTB). And of course Discord works, including streaming when friends want to watch
If I really want to play Apex or Battlefield I’ll fire up my dual drive dual boot Windows, and in the meantime, no more Microsoft spying on me, forced Windows updates and reboots at random times, ads in my Start menu, Xbox apps and other bloatware, etc
why even use custom ones like Endeavor? steam works fine on basic fedora and arch -- have tried on both.
Related: Wine 11 rewrites how Linux runs Windows games at kernel with massive speed gains https://news.ycombinator.com/item?id=47507150
> Games like S.T.A.L.K.E.R.
The old stalker games run on the X-Ray engine (the mods on a modified OSS version of it). In my experience they've always worked pretty well, though the games are quirky in general.
Good hunting stalker.
Time is money, get talking!
Yes, last time (recently) I tried, the original games ran very well, with no (Linux specific) issues!
No wonder it's classified informally as "eurojank".
Well, modded Stalker is ways better than most of the USAjank that typicall can't offer something other yet another blockbuster.
Playing Linux or Windows native games, because that is the whole issue, it is hardly any different than asserting there are Linux games when they are actually Amiga games running with UAE.
Those games running on Proton are still produced on a Windows factory.
I wonder if there actually are any native modern Linux games, I don't recall any.
Loki Entertainment in the good old days, anything Android NDK, which uses OpenGL ES/Vulkan/OpenSL/Open MAX.
For me the biggest surprise was that old ps2 usb racing sim wheel+pedals just worked instantly with linux, and I could use it in dirt rally without any pains. It felt amazing. oculus quest 2 also works very well with alvr, even wirelessly.
I got a Quest 2 recently and Steam Link would not connect, ALVR would crash after a while, but WiVRn work perfectly on my Arch Linux with a AMD Radeon RX 6700 XT. It's nice that we have multiple options.
I assembled a PC last year from used parts specifically to try gaming on Linux after two decades with only the occasional FreeCiv or MineTest, and the experience with Steam is mostly painless. Impressive!
> If a game has an aggressive anticheat, like Battlefield 6 or Valorant, it will not work and you can forget about it.
Yeah this is why I stick with Windows. Unlike it seems a lot of people on HN I don't really see any issues with it that would want to make me move away, especially as I already have WSL if I do need Linux, as WSL has GPU passthrough.
> I don't really see any issues with it that would want to make me move away
If you don't care about privacy issues or ads in your face, then yeah Windows is pretty good. I care a lot about that (and open source in general) so for me it's way worth it. But everyone is different and that's ok
I don't, no (otherwise I wouldn't use Google and their ecosystem either). I also don't see any ads people talk about either, I run ad blockers everywhere so maybe that's why.
Vague concerns about privacy are not strong enough reasons for me and most others, based on OS market share, to move away when the concrete reality is we can simply play more games on Windows. The only reason Linux gaming is getting good is because of Valve funding it heavily in the past few years for their own products like the Steam Deck, and to move away from an OS they have no control over in Windows, not because of privacy concerns which I guarantee you 99% of Steam Deck users don't give a shit about, they just want to play their games.
> not because of privacy concerns which I guarantee you 99% of Steam Deck users don't give a shit about, they just want to play their games.
I actually agree with everything you said except the above. Valve (and their employees) do actually care about privacy concerns, regardless whether their users do or not. I agree that's not the primary reason they did it (it was because of Windows control as you said), but it isn't a non-zero factor.
Is there a performance hit for cs 2 compared to windows with an rtx card? That‘s pretty much the only thing holding me back.
It depends what are your expectations.
I thought it was fine, until a competitive player, friend of mine who has a machine comparable to mine saw the game running on mine and noticed a lot of stuttering and framerate loss. I don't believe it is a machine performance issue (Threadripper Pro 3XXX with a 3080p), and I was running a pretty standard Gnome Fedora 43 with NVIDIA drivers.
So if you are into competitive gaming, I guess it is debatable.
CS2 has first class linux support. I'm on cachyos specifically, and on my machine it has better performance than on Windows (I made the comparison a couple of months ago, so pretty recent)
It works better lol.
That being said CS2 runs substantially worse than CSGO. It at least kicked my addiction when it released, since it no longer ran at acceptable framerates on my laptop ahaha
I have been a happy user of the Bazzite distro (which used proton) for several years at this point. Very happy as well.
I have 3 4k monitors. Windows drives them without a problem. Linux still can't. I tried for a whole day and eventually gave up.
And importantly, older games now tend to work better in Linux than they do in Windows.
> Things run very well out of the box.
> a good number of wheels, pedals, joysticks, VR headsets, and other wild and wacky input devices might not work that well or not at all
> If a game has an aggressive anticheat, like Battlefield 6 or Valorant, it will not work and you can forget about it
> Not sure about VR, but I know it was a bit dire 1-2 years ago
The determination of the average Linux user to ignore the faults of Linux is something to behold
> to ignore the faults of Linux
When someone brings up issues related to Linux themselves, that’s clearly not “ignoring” them. It would be a true case of ignoring them if they simply kept quiet about them.
>> If a game has an aggressive anticheat > the faults of Linux
And besides, as far as I know (well, maybe I'm missing something?), anti-cheat issues aren’t a fault of Linux itself.
There's Windows games that don't work on Windows 11 but do on Linux (e.g., Red Alert 2). There's wacky gaming peripherals that work on Linux but not on Windows 11 (Try an OG Xbox controller for example). Hell, MS has even removed support for a bunch of VR headsets when they nixed support for Windows Mixed Reality.
Why do Windows users ignore the faults of Windows?
The deterimination of some people to hate on Linux is also something to behold. It's not perfect (nothing is, not even Windows), but it's a lot better than most people (who I don't think have actually tried) seem to think it is.
The majority of people don't use fancy wheels that require custom software to work. Many people do use anti-cheat, but plenty of people don't need it.
Aggressive anticheat not supporting Linux is not a fault of Linux. It is a fault of the aggressive anticheat and the games that decide to use it.
It doesn't matter whose fault it is, I go where the games actually work and are playable, which is still Windows today for many games.
It doesn't matter to you, but other people care about false accusations.
Who is accusing Linux as the cause of anticheat not working? I haven't ever seen that, I see people blaming the anticheat creators for not supporting Linux, they know Linux is not the one at fault yet they still want to play games therefore they use Windows instead.
You didn't read the thread? It's the comment I was replying to: https://news.ycombinator.com/item?id=47718255
They quote "If a game has an aggressive anticheat" and then state "The determination of the average Linux user to ignore the faults of Linux", which is accusing Linux of being at fault for the aggressive anticheat not working.
I did not read that to mean that Linux is at fault, I usually would use "X's faults" colloquially to mean drawbacks, not literally, X is at fault and therefore responsibility for this.
Ah well then we have a slightly different interpretation. I would read "the faults of <x>" as "the flaws of <x>", which would then imply a flaw of Linux is why aggressive anticheat doesn't work when it is just companies deciding it isn't worth their time.
FWIW, I am not alone in that interpretation since this commenter reached the same conclusion: https://news.ycombinator.com/item?id=47718389
But I don't think we can conclusively say either one of our interpretations is correct.
Yeah good on them, everyone needs to do this. It's nuts Windows is still the go-to for anything these days despite everyone knowing what a parasitic, buggy mess it is. "Easy" shouldn't be the excuse in this day and age. Big orgs and especially government entities should be hiring the people that know what they're doing and get off that crummy platform.
Problem is that people like having a similar interface for both work and non-work things, and Linux doesn’t have enough penetration into the consumer market to influence stakeholders. The first step is making Linux the default choice for hardware providers. Framework was one of those pioneering this but was underfunded imo
> It's nuts Windows is still the go-to for anything these days despite everyone knowing what a parasitic
Linux still doesn't have anywhere near as nice and cohesive as Group Policy, Active Directory etc.
Plus you can pay Microsoft to host it all for you on Azure.
Imagine what can happen if the French and other governments would start pouring all the money into developing that further in the open, rather than just giving it all to Microsoft instead?
Most of the cost (to the government) for Windows is "support" (in a very general sense) and that cost isn't disappearing with Linux.
Especially since it is easier to find badly underpaid (and not particularly competent) Windows sysadmins than it is to find badly underpaid Linux admins.
Ok but the license fees are, what, 50 quid? times say, 3k or 30k people? A 150k or 1.5m injection into the linux ecosystem to develop those would pay for a _lot_ of developers and a _lot_ of developer time.
From what I heard about NGI-zero, another government sponsorship project (1), the problem so far is primarily finding the projects that need sponsorship.
I don't think that cost is what is mostly driving the move from Windows nowadays.
> Imagine what can happen if the French and other governments would start pouring all the money into developing that further in the open
You'd get a clusterfuck of a consensus spec, then they'd all get pissed off and develop their own incompatible versions anyway?
Have you seen international projects without strong, centralized leadership?
I have worked on things like PSD2, a well oiled government-led machine that just works. There are some dysfunctional things, then there are things working perfectly fine.
You need to update your notes its not 90s.
Credit where credit is due, I think the strong centralization of the EU administration has made for better pan-European requirements and software.
Sometimes the perfectness of the product is less important than the fact that there was one opinionated decider.
They'll start pulling Linux in a direction that suites them, which will potentially be at odds with the preferences of open source software enthusiasts.
They might have an effect in the development of an office suite, possibly of a desktop environment or one specialized Linux distribution. Nobody will be forced to use those specific ones if they don't like them. There are plenty of options in the Linux world.
Why haven’t they done it yet? I just think they’re incentivized enough for it.
Because until literally a year ago, the country that hosted Microsoft was one of France's most trusted allies.
It takes time to find a suitable replacement to a global monopoly.
It looks like the president - which was a businessman - will make a huge damage to American IT businesses. And IT stocks dominate the S&P 500, comprising roughly 1/3 of the index's total market capitalization... Good luck America!
Not really. I mean Trump has amped the rhetoric, but there have been no new laws passed.
The privacy threats were always there.
Law is irrelevant under the power of the gun; it was the threat to invade Greenland and the threat to leave NATO which have triggered this.
(people keep saying things like "only Congress has the power to declare war"; that may be technically true, but a war declaration is a piece of paper, and practically the authorization of force is at the personal disposition of the President)
Not everything makes US news but the decision by Microsoft to shut down ICC accounts after a Trump EO on sanctions really spooked a lot of EU governments.
Gotta love anti America Reddit tier fear mongering
You know about Europe from Reddit subs. I know about Europe because that's where I live. We are not the same.
> yet
Best time to start doing it was yesterday. Second best time to start doing it now. They are at "now" step.
If governments, especially France, get involved in software development the likely outcome is that people will soon regret the days of Microsoft...
The so called free market really did a bang up job didn't it? The proprietary buggy mess of Windows and the walled garden of MacOS which given its *nix underpinnings could have been really fantastically awesome but instead is a proprietary buggy mess.
> Linux still doesn't have anywhere near as nice and cohesive as Group Policy, Active Directory etc.
Isn't it about time someone developed one?
The foundations are there; you can imagine an organization deploying laptops with, say, Ansible, and not giving users root on them. LDAP sort of matches the old capabilities of AD, but not completely. There's even a "SAMBA as fake domain controller" mode.
Ironically what it needs is a product or service which organizations can pay to take the problem off their hands. But then people get stuck in never paying for anything in the open source world.
> Isn't it about time someone developed one?
Honest question: Why? If you want a Windows-like environment, run Windows.
I get this all the time when people ask about a Linux equivalent for something, and aren't really satistied when it doesn't work or look the same. Linux isn't a clone of Windows. Linux comes from an older heritage, and has a unique culture. You are in for a hard time if you want to use Linux like you would use Windows. That's a suboptimal experience, at best.
That said, of course Linux should be easy to manage. But Windows is from a single corporate entity, of course their management tools will be different. It used to be unix admins that laughed about people using Windows as servers. The culture around Linux is one of scriptabiliy where even the user interface, the basic shell, is one where every command is inherently a script. That's why management on Linux looks like Ansible and OpenSSH, not like Remote Desktop and Group Policies.
You could write something like Group Policies for Linux of course, but it wouldn't be a complete solution so people would just continue using Ansible, OpenSSH, and the respective package managers.
> If you want a Windows-like environment, run Windows.
One of these questions where we, those doing the discourse, need to pick apart what the word "you" refers to here.
In this context, it is national governments, who have started to fear that there may come a day when they are not allowed to or able to or safe to run Windows. That gives rise to the question, "how can we get a system that minimizes the disruption of migrating away to Windows?"
Ultimately it's not about specifically wanting AD or GP as technologies, either, but the things they enable: seamless single-sign-on across an organization, and management of software security and updates across a fleet of desktops.
(possibly the thing that fills this hole is simply a fleet of consultants which go around explaining things to CIOs!)
Right, I see where you are coming from, I still want to make the stronger argument that we should not strive to re-work Linux in Windows' image. Most such initiatives, like gconf/dconf, have severely degraded the desktop experience.
I have some experience at places where Linux are run on desktops at scale, but they all have in common that these are engineers for whom Linux is the better experience to begin with. It's not like that for administrative staff and management. And as much as I'd like to tell people to use Prezi instead of Powerpoint, and Markdown instead of Word, sometimes Libre Office is the best answer.
We have to be practical. Still, I feel that too often it is engineering that has to use tools intended for administrative people. Once in a while, they other way around may not be that bad.
For a modern workplace, where smartphone and cloud based applications rule, the traditional Windows tools like AD and GP can only do so much. You also need MDM tools, and something like SAML. If you are looking for an out-of-the-box tool that can manage both Linux and Windows clients, Red Hat has FreeIPA. It's not AD, but it goes beyond that capability.
What's the Linux version of AD and group policies? (honestly curious; linux sysadmin at scale not my day job)
On a Linux desktop you can lock down waaaaay TF more stuff than Group Policy allows. The only difference is you need a sysadmin that knows what they're doing. You can't just point and click a button that prevents users from connecting USB devices. Instead, you use a combination of groups, udev rules, and systemd-logind. There's also ways to do it with PAM if you want.
The most popular way to control user desktops that I've seen is to have your user login via LDAP (just like AD), optionally with Kerberos and then have their permissions to various things controlled via those groups. For example, if you were building a "desktop policy" for Linux users across your organization, you'd probably make a .deb or .rpm that installs some udev rules that grant or deny access to various things based on which groups the users are in.
Of course, you can also control things down at the user level. You could put a script in /etc/profile.d/ that does whatever you want when the user logs in. You can even make it dependent on how they login (detect remote SSH session or local login).
There's also dconf and KDE's Kiosk mode if you really want to lock shit down to annoy TF out of your users (haha).
Once you've got your Linux desktops setup the way you want (which is usually just a matter of making your_company_desktop.deb or .rpm) to customize things/permissions, you have so much power to do things you can't do on Windows. The fine-grain control in Linux is unreal: You can give a specific user access to run and do very, very specific things as root (Windows Administrator equivalent) without much effort at all.
Linux also lets you lock down the hardware in ways Windows doesn't support. For example, you can chattr +i to make certain devices/files immutable. You could compile a custom kernel that doesn't even have USB mass storage support. What's more secure than that? Haha.
BTW: You can also make all USB mass storage devices read-only with a simple udev rule. You can even add exceptions for special things!
I don't know. What's the Windows equivalent of dpkg (from 1993) and ssh (from 1995)?
Still nothing, three decades later. Not because Microsoft engineers couldn't do it, of course, but becasue they didn't want to. It doesn't fit the Windows model. They did recently adopt SSH, but that was because they want to use Windows in cloud-like environments, where expectations are set by Linux-style tools.
By the time Windows got to the point where it even could be centrally managed in any reasonable fashion, Linux environments was routinely run an order of magnitude larger still.
There is a reason why the whole cloud runs Linux. Anything else is a rounding error. That's because Linux is inherently so much less work to manage at scale.
If something like Group Policies would somehow be accepted by the Linux community, that could only be a step backwards. A well run Ansible or Puppet or similar environment works on a completely different scale.
> What's the Windows equivalent of dpkg (from 1993) and ssh (from 1995)?
PowerShell PackageManagement [1] and Remoting [2]
[1] https://learn.microsoft.com/en-us/powershell/module/microsof...
[2] https://learn.microsoft.com/en-us/powershell/module/microsof...
They are not exactly equivalents, but that's not the point. I try to expand on this answer in the sibling comment.
What's important to notice however, is that the oldest of these are from 2009. At no time in the intervening 15 years (!) did someone say "Windows is unusable for desktops because it is not manageable".
Isn't WinRM/PowerShell/RDP equivalent of SSH, and dpdk/apt-get is basically .msi with group policies for installation? This has been there for decades probably?
Group Policies also allow you to enforce things like browser configuration (proxy, homepage, search engine etc.) wallpapers, screen locks etc.
Can this be done on Linux? Honestly, I have no idea - I think gnome with gsettings/dconf can do that, but can KDE?
That's the point I want to convey is that while there are tools like MSI on Windows, many years after Linux had dpkg, it's not the same thing. On Linux the package manager rules the filsystem and keeps a complete database of which package owns which file. There are no exceptions, not on the parts of the filesystem where the package manager rules. Even the operating system itself and all patches is handled by the package manager.
That's first and foremost a cultural difference, not a technical. Sure, there's nothing to prevent a Linux vendor to write "install scripts" that copy files willy-nilly across the file system, and many vendors have done this but always with disastrous results and since Linux people hate it, those products are either repackaged or stored in a separate directory far away from other files.
This means installing software at scale (any number of systems), or the question how to cleanly uninstall software it not a question you should ever ask in a Linux environment. The questions you should ask are different in a Linux environment. That is why the tools look different.
Tools like gsettings are culturally alien to the unix world. Instead, home directories are seeded with dotfiles. And dotfiles are kept in version control. Yes, that means that unix people can't answer the quesion how to lock the proxy settings so the user is unable to change them. Instead, should a sensitive system require it, they would instead manage by policy and disallow any traffic outside said proxy.
I mean, Linux package managers are so great that we have at least 2 different ways of delivering software (especially GUI software) to Linux distributions that depends on "app images". To me that shows that none of those approaches are solving 100% of problems that you encounter in the wild.
> This means installing software at scale (any number of systems), or the question how to cleanly uninstall software it not a question you should ever ask in a Linux environment.
And yet this is a problem that so many third-party vendors who try to support multiple Linux distributions have been struggling for years.
> Tools like gsettings are culturally alien to the unix world.
Sure, Linux and UNIX are coming from different roots, but "cultural" means nothing in large organizations, where computers are basically tools not that far from printers, projectors, even hammers. A way to do someone's job. I may hate locked systems, but then I don't have to support users who cannot find their trash bin on the desktop anymore.
You can seed dotfiles for all users, but you can't really enforce that user cannot for example move his taskbar from bottom to the top of the screen without policy enforcement. gsettings/dconf may be culturally alien to this world, but it is (or at least was) solving an actual problem. A problem we may not care about, but some companies do.
Now, I think there is an interesting discussion here to be had - given this latest push from Windows to Linux, as a way of distancing Europe from US, would adding features that bridge this policy enforcement gap between Linux and Windows is desirable?
15-20 years ago I was going to say yes, but back then I cared so much more about Linux as Windows alternative for office use. Today I actually prefer Linux Wild West and how hard it is to lock it into any sort of MDM.
I wasn't curious about those things. I was asking about AD+GPO, because I was interested.
Lixnux version of AD is FreeIPA, with group policies translating to dconf - at least that was the way "enterprise" linux vendors (like RH or Canonical) were moving towards.
Now, how well is dconf integrated with all the software you want to run is another thing (it was done by GNOME, and ignored by KDE), and whether this is still the way they are all moving is yet another question but the infrastructure was being built.
The concept does not really exist it is a Windows thing. You could call Puppet or other config managements group policies, but Linux is not a monolith so it is more organic.
AD is LDAP+Kerberos, which has existed in the Unix/Linux world long before Microsoft bastardized it. So pick any of half a dozen LDAP server implementations and any of 3 or 4 Kerberos implementations and use those. If you want point-and-click/drool interfaces, use FreeIPA. If you really want it to look like AD, use Samba 4. Even Windows boxes will hardly know the difference.
Group policies don't exist and won't ever exist on Linux. Group policies are LDAP entries that are copied on system boot and user login into their respective parts of the local registry. Software may then read, interpret and use those registry entries. On Linux that wouldn't work for numerous reasons. First, on a multiuser system rebooting to apply configuration changes is not viable. On windows that's apparently fine because its single-user anyways, and reboots are an accepted fact of life. Also, to apply a system policy that is intended to limit what a user could do, asking the user's software nicely via registry entries is stupid and insecure. Lots of software won't even read the registry and have group policies that it will obey. Want to get around an Internet Explorer Group policy? Use Chrome or Firefox!
So what you do instead on Linux is: If it's just configuration, just copy it over, using the usual text configuration formats that are common on Linux. There are lots of tools to do this, starting from simple hack jobs like using scp to full configuration management systems like ansible or puppet. The "group" part is handled by those systems as part of their function, you can easily group/subgroup/discover/inventory/parameterize. If it's policy, so you want to restrict what a user can do, you use the higher-privileged layers of the system to put in actual restrictions, not just "group policy" suggestions. You can configure the user's home directory to be mounted noexec, so software execution after an unauthorized installation is impossible. You can put them in containers, namespaces, limit their resources and system access using cgroups, filesystem permissions, and more fine-grained permission systems like SELinux. If you are so inclined, you can forbid the user from opening files starting with the letter 'f', using eBPF syscall filters (this will of course break everything, but I needed a stupid example ;). All those can also be configured with your configuration management system of choice.
Just as a comparison: Our windows team needs 3h just to re-image a laptop, just for windows. After that, all the software needs to be reinstalled, all the data copied over. Then, after 2 days and 10 reboots or something, it will have picked up all the policies, updates and things and maybe be usable. Our Linux installation takes 45 minutes. Including all the software that was previously assigned to this system, including all the settings. It will be fully updated, configured and usable after the first reboot.
Well AD is just a really opinionated LDAP/Kerberos setup, so you’d think that there would be something that Linux could do.
But when you’re talking about enterprise management of thousands of devices, you need some kind of consistent security policy management. That requires running OS software that accepts remote policy management, which is a very specialized configuration and not just “vanilla Linux”.
You can get really far with LDAP, but I’ve only used it for remote accounts, file shares, and sudoer config. I’m sure there are more policy configurations that would be possible with a more advanced tool.
I suspect the RHEL world has something to offer here, but I’d love to see a more general and commonly supported solution developed. It would make Linux more of an option for enterprise managed endpoints.
But, I agree with you - for an enterprise customer, this really needs to be some kind of paid/supported product. I wouldn’t want the French government to rely on some scripts that worked on my small cluster.
> That requires running OS software that accepts remote policy management
Every Linux system that supports SSH potentially "accepts" remote management! The challenge is just putting it into a framework.
Group policy is an annoying pain. Yes, there aren't many better options out there, but it's not as if group policy is _good_.
> Linux still doesn't have anywhere near as nice and cohesive as Group Policy, Active Directory etc.
Enterprise environments use a number of tools like Powerbroker, UCS, Centrify/Delinea etc to bind linux machines to active directory and manage identity and access through active directory. This is for mixed environments with both Windows and Linux machines.
For pure linux environments, there are a number of tools like FreeIPA/IdM, Samba AD/DC (for A/D like management), and OpenText's eDirectory for the current version of Novell's eDirectory counterpart to A/D. They all provide centralized user/host/policy/access management.
Since Entra+Intune are the recent MS products, cloud-based equivalents are Jumpcloud+Fleet, Okta PAM, FreeIPA/IdM.
I don't know any of these tools but I believe your comment answers most questions in this thread.
I really hope some of these answers are ergonomic enough for windows sysadmins to accomodate this transition.
> Linux still doesn't have anywhere near as nice and cohesive as Group Policy, Active Directory etc.
I take your word for it (I know of Kerberos and LDAP and Netscape and Sun trying to make such palatable, but clearly haven't followed that in the last quarter-century).
That assumes however the server to be currently MS Windows. For government agencies, I'd rather expect some Mainframe to be (and remain) in place. Surely IBM (or here rather Groupe Bull) has user authentication/authorization figured out (more than half a century ago, methinks).
Yes, liberty comes at a cost. It seems that convenience is no longer the main motivator for many people.
Convenience comes as a result of mass market adoption, for products for which convenience was not already the main selling factor. Look at cars; they were kind of difficult to drive and maintain 60 years ago, now they're super convenient to drive and maintain as you essentially just press buttons and look at screens to get all needed information about the car and drive it.
It's probably something like "inception -> adoption -> convenience". For Windows it was the same, was it not? It wasn't absolutely convenient to use, it was just better (in terms of usability and features for the average consumer), and convenience came after (Windows XP, Windows 7). Sadly the functionality degraded, and now all that is left is convenience.
lol "liberty" as if you are fighting to free slaves or something.
Europe doesn't want to depend on US infrastructure, that's the only reason to do this.
Nobody cares about Linux "freedom" or open source.
If your email was forcefully terminated would you call that an infringement on your freedoms.
The primitives are there and they're solid, beyond that it's "just" architecture and integration work. Hopefully the French government will be rational with this (I believe the time and financial constraints will for it to be, we're broke and we lack time) and they won't fall into the trap of trying to internalize every bit of the platform.
A good example of that would be what happened with Docker. Off the top of my head cgroups, namespaces, seccomp, overlays and capabilities had been around for a while before it got rolled up in a nice utility in 2013 and opensourced in 2015. Hence the containerization movement. Solaris zones and FreeBSD jails were nice but they always were let's say a bit too bearded.
Personal computers were used in office environments long before the technologies to make them administer-able as if they were a mainframe. Before blindly jumping in and reproducing those technologies, better to ask why they emerged in the first place.
Most workplaces don't have strict bans on personal mobile devices, and some of the ones that do, don't have the kind of physical perimeter defense that can detect people getting lazy about whether or not they carry their personal mobile devices into the workplace. That makes perimeter defense into security theater anyway. We need a rethink about what we are guarding against and how we're doing it.
> Most workplaces don't have strict bans on personal mobile devices
If you're talking about select work apps on your mobile device, sure, but that's limited attack surface.
If you're talking about employers who let unmanaged mobile devices hop on their internal network... I've never seen that. Maybe at a hypothetically perfect zero-trust shop?
I've seen a lot of un-seriousness about security. One that's easy to spot is old unpatched IP phones that aren't segregated on the network. I've given demos at companies that are serious, where a device I accidentally left behind caused an urgent search of every room I had been in. Security didn't have to be told which rooms those were.
You likely know better than I, but I've always had a weird intuition that enterprise IT security is bifurcated into "Leaders who understand compliance+details" and "Leaders who confuse compliance for details" with very different results.
And I get it's extra work, but I've seen some weird "But if you'd just built this a bit differently, you would have gotten all these free security bonuses to your posture" gaps.
Imho, a huge part of the problem is invisibility. I'm firmly of the belief the US government should be running scans on entities in regulated industries (defense, healthcare, utility, telecom) with regulated redress of any findings.
Trusting private industry isn't working.
It does, it's called FreeIPA (or RedHat IdM). The only GPO parts it doesn't do are those that are not related to policy in the IAM sense (i.e. configuring some application related thing). There's other systems for that, just like on Windows you practically never run GPO without anything else. On top of that, you can pay RedHat or Canonical to host it all for you on any cloud or non-cloud.
I've never understood the management thing. People manage fleets of Linux machines all the time. What does group policy do that e.g. nix or ansible don't?
Fuse membership and inheritance-based object (in the sense of 'any computing thing or person') ontology with configurability?
The insight in AD+GPO wasn't in either thing, but in the +. Each would be far less useful without the other.
Group policy just sets registry keys. That's nothing you can't do any other way. The important bit is the inertia of 30 years of Windows subsystems and integration with Active Directory and 3rd party Windows ecosystem software all being written to expose internal config and look to registry keys for the settings.
For the first part, Group Policy (GPO) can set the screen to lock after 2 minutes of inactivity, say, which works because there are Windows subsystems built to look for a reg key for their config, and policy templates exposing that config in the GUI management tools. Or group policy configures which security group can "logon as a service" which works because Windows has system-wide and domain-wide pervasive Access Control Lists (ACLs). GPO configures that Background Intelligent Transfer Service (BITS) should limit its bandwidth use, which works because Windows Updates use BITS. Or sets the machine-wide SSL cipher order, because Windows software uses system-wide schannel not OpenSSL. Or GPO sets what your default printer will be and that's only useful because decades of 3rd party Windows software was written to use the standard Windows printer dialog, or User Documents path, or whatever.
For the second part, Active Directory is a tree-shaped organization tool; in screenshot[5] that I quickly Googled, the tree on the left has a folder named "Sydney" and below that "Sydney Users"; this lets sysadmins organise the company computer accounts, user accounts, and security groups by whatever hierarchy makes sense for that company - e.g. by country, office, team, department, building floor, etc. Then Group Policy overlays on that structure, and the policies are composable.
e.g. in this basic screenshot of the group policy manamement GUI[6] it's showing at the bottom a list of all group policy configurations that have been made in a domain such as "Block PowerShell", and higher up it shows the policy "PsExec Allow" has been linked inside the "ADPRO Computers" folder. So users and computers in that folder in AD, will get those policies applied. In screenshot[7] you can see a basic example showing corporate computers getting machine-wide settings, corporate users getting user-level MS Office config, and Executives get settings that nobody else gets. (This echoes the registry having separate HKEY_LOCAL_MACHINE and HKEY_CURRENT_USER subtrees). Screenshot[8] shows the relatively tidy GUI on the right for seeing which settings have been configured in a policy.
If you apply more than one GPO to a folder, the users/computers will get the all the policy settings combined. This is often what people complain about when logging on to a corporate Windows machine takes ages, btw. You can filter GPOs on a case-by-case basis to build patterns like "apply this machine-wide policy to all computers in the Sydney folder which are members of the WarehouseComputer security group" or "apply these logon-settings to employees in New York who are members of Finance and logging onto a laptop". So companies which have been around for years can have really (messy) big and intricate designs which would be a lot of work to migrate.
3rd party programs can release XML files which plug into the GPO management, and the programs were written to expect to be configured by registry keys so they can pick up those settings; there are templates for configuring FireFox[1], Chrome[2] Adobe Acrobat[3], Word, Excel, Office[4], VMWare Horizon, Lenovo Dock Manager, Zoom, RealVNC, LibreOffice, Citrix, FoxIT Reader, and so on. The more enterprisey a tool is, the more likely it will plug into that ecosystem. Then all kinds of 3rd party reporting and auditing tools look there to see if your company is compliant with this or that; the whole thing is integrated with Windows' domain-wide ACLs so you can give some admins permissions to view or edit just their regional subset of this.
As usual the lockin is not that they do something amazing that nothing else can do, the lockin is that Windows domains have been around in this format for 30 years since NT4 and Windows 2000, and it has huge inertia, familiarity, is deeply embedded in a lot of companies, you can easily and cheaply hire lots of people who know how to use and manage it, you can send screenshots of it to auditors and they understand it, if you don't know how but you have a bit of (oldschool) Windows experience then clicking around will get you the basics, you can buy 3rd party auditing software that will send you a management friendly report with green ticks saying almost everything is fine but you should change this setting for security...
[Yes of course you can build your own custom replacement for every single thing, just like you can build your own custom replacement for any software; it's "just" ldap and kerberos and dns and some scripts and site-to-site policy replication and management tools und und und].
[1] https://support.mozilla.org/en-US/kb/customizing-firefox-usi...
[2] https://support.google.com/chrome/a/answer/187202?hl=en
[3] https://www.adobe.com/devnet-docs/acrobatetk/tools/DesktopDe...
[4] https://www.microsoft.com/en-us/download/details.aspx?id=490...
[5] https://www.windows-active-directory.com/wp-content/uploads/...
[6] https://activedirectorypro.com/wp-content/uploads/2022/09/gp...
[7] https://www.varonis.com/hs-fs/hubfs/blog%20posts/Group%20Pol...
[8] https://redmondmag.com/articles/2016/01/12/~/media/ecg/redmo...
> Linux still doesn't have anywhere near as nice and cohesive as Group Policy, Active Directory etc.
I am sure that's something the Gnome Foundation could figure out if they had a grant to do so.
Putting it in the hands on the GNOME foundation will just result in a lot of new soon-to-be-mandatory APIs and numerous configuration variables with only one allowed value.
Must be the only nice and cohesive parts left. Perhaps they have not figured out how to put ads on AI on it because it doesn't have many users.
No non-US government should host anything on azure, or any other US-owned cloud. Thats security and sovereignity 101, or more like 100. Reality with hostile US being as it is.
What you list are no showstoppers, and since its a well known topic I cant imagine why some EU-funded effort in say 2 billions over next 3-5 years shouldnt reaolve it once and for all, for entire world. Well invested money.
This is actually a good time to disrupt that, as Microsoft’s attention is not on windows and Active Directory is slowly moving to Entra, although big enterprises are mostly hybrid.
Some places are using Okta for many of those functions too. Trump’s instinctive parasitic slumlord behavior may be enough for the sleepy Europeans to get their shit together.
that's the catch with gp/ad. for a lot of orgs the hard part is intune/entra now. swapping the desktop is easy. replacing identity and device management is the real migration
Doesn't the Azure team own Intune/Entra now? Read: less inclined to give a fuck about artificially protecting Windows desktop.
I've no idea what current internal Microsoft org divisions are.
Group Policy and Active Directory are dead, for all intents and purposes.
It's now Intune (via OMA-DM), and Entra. Both of those products are about as bad as you might imagine the "cloud" versions of GP & AD might be.
They are better, in ways -- no longer having to care and feed for domain controllers is nice, and there's no longer an overhead for additive policy processing, so endpoints only get a single set of policy and log on much quicker -- but for the most part, enterprise management of Windows devices is in a worse place than it was ten years ago.
Try to figure out how long it will take an online Intune device to discover a new policy: As far as I can tell the answer is "eventually". There are bandaids for this, because of how infuriating it is, of course, but all time guarantees are basically gone.
Ask me a decade ago what an enterprise should do, and my answer would be straightforward: AD, GPO, Exchange.
The answer now is not simple.
> Ask me a decade ago what an enterprise should do, and my answer would be straightforward: AD, GPO, Exchange.
That was also the answer two decades ago. But if AD and GPO are now dead, what killed them and what are the options? Is the problem mobile and BYOD?
I’ve been primarily on Macs since that time where endpoint management isn’t much, so there are fewer knobs to fiddle with. In some ways it’s nice in that admins can’t screw around too much with my system. In other ways, I’m sure Macs feel limiting for those in charge of enterprise security. However, most endpoint management feels like it’s written for Windows with Macs as an afterthought for checklist security. Knowing that, I’m happy there are fewer places for dodgy software to be able to interface with the OS.
(Edit: added quote to top)
> "if AD and GPO are now dead, what killed them and what are the options?"
The changing world. AD and GPO come from the mid 1990s before pervasive internet, before WiFi, before Cloud computing, before people had multiple computers, before iPhones, before AWS cloud infrastructure, before Kubernetes, before cheap fast hardware for virtualization, before cheap bulk storage, before BYOD and WFH and everything-as-web-app. Before that was the world of isolated 8-bit machines, expensive Solaris workstations and Unix mainframes with expensive admins, and after say 1998 the world was cheap Compaq/HP/IBM hardware running Windows server and Windows 9x desktop, and after about 2003 it was Windows Small Business Server (AD, GPO, SQL, Exchange, SharePoint) and XP Pro desktops.
Cracks started showing when people wanted to logon to a laptop away from the office when it couldn't refresh policies, run logon scripts, talk to domain controllers; when people wanted 'offline files' from a company file share while away from the office, but wanted their corporate email to work when their laptop was online but not pull down company settings over a dialup modem. More cracks when they got a Blackberry or iPhone, more when AppStores appeared and people expect to be able to install whatever they like, more with the rise of Apple Macbooks, with the growth of website based services people can use from anywhere, more with Amazon AWS where company infrastructure is on someone else's premises, more with BYOD and WFH, more with people expecting software to be cost-free, being trivially able to spin up Linux web and database servers because there was plenty of CPU/RAM/Disk and no worries about licensing costs.
> "it’s nice in that admins can’t screw around too much with my system"
If it's a company device, it isn't your system. The company has legal oblications and practical concerns that conflict with your desires as an individual. That might be pushing full-disk encryption or updates, or auto-locking, or restricting use of USB or websites to block potential customer information leak points, or trying to stop you saving work locally that might be lost if the device fails, or trying to stop your device being an entry point for malware or ransomware, or trying to stop you screwing around with their system which costs them employee time to fix and your downtime while it's broken.
It was absolutely not the case two decades ago. There were no other options for an enterprise fleet, 20 years ago, if the question was asked. If you weren't Google (who never asked the question anyway), the answer for managing 25,000 endpoints was to use Windows devices with Active Directory as the management plane. Anyone doing anything else was in for a world of hurt... and that's why every enterprise ended up on Windows, and why everyone targeting enterprise management targeted Windows -- because that's what the endpoints were already running.
What killed AD & GPO was Microsoft, in their bullheaded push toward Azure everything. Instead of listening to what it was that the enterprise customers actually wanted, they designed a system that made sense to them, but to no one else. The original UI was written in Silverlight. It was horrific.
No, I meant that Windows AD was still the answer two decades ago. I can see how that may not have been clear - I edited my post to include the quote I was replying to. (You said one decade and I was just extending that timeline back another 10 years.)
There was LDAP and Kerberos support for *nix management, but nothing you’d deploy over a thousand end devices.
And you’re right, it wasn’t a question that got asked, because there wasn’t ever a second choice - AD was the only option.
> Kerberos
I remember it almost being a trope at the time that every Kerberos question thread eventually landed on some subtle / niche incompatibility or edge case.
No alternative, you can't realistically fully control everything everyone does on every device in their possession. It was job security for useless control freaks, the products never should have existed.
Spoken like someone who has never provided computers to non-technical, minimum-wage users.
What about offline, to my knowledge Entra and Intune do not work without actual internet connection?
Even the old companies have moved away from that nonsense. Huge waste of resources.
Honestly as wide spread as it is, managing group policy sanely is still a challenge I've found - it's very resistant to configuration as code.
Linux has a lot of the pieces but is principally lacking a solid distribution system - in particular a big missing component is the network-based SELinux policy distribution system which you can see some hooks in for the concept of a "policy server" which never eventuated.
SELinux would be a lot more viable if it had a solid way to federate and distribute policy and has some nice features in that regard (i.e. the notion that networked systems can exchange policy tags to preserve tagging across network connections).
> managing group policy sanely is still a challenge I've found - it's very resistant to configuration as code
Imho, this was historically (and continues to be) Microsoft's Achilles heel.
Large parts of the company reflexively wrote features / tooling as manual-first, code-second (or never).
In hindsight, what was missing was a Gates-level memo circa 2000 similar to Amazon's API one: all teams are required to build their configurators to be programmatically exposed.
Unfortunately, I don't think Ballmer was enough of a technologist (and was likely too distracted) to intuit that path not taken.
"Easy" shouldn't be the excuse in this day and age.
I think "Easy" has been the excuse for everything humans do in every day and age.
The money governments sink into Microsoft could have funded a sovereign OSS ecosystem many times over.
It makes sense that everyone uses Windows for gaming, because you can't run games in your browser.
It makes zero sense for businesses to use Windows if they're only doing PowerPoint and video conferences.
This comment was wildly invalid even years ago.
See proton, heroic launcher, etc, etc.
Cyberpunks own benchmarking suite runs 30% faster (for whatever reason; my wintendo install is stock and nothing but nvidia drivers) on the ntfs windows partition on Arch.
No it makes no sense at all. I do my gaming on Arch.
Windows sucks and I hope to see the demise of Microsoft during my lifetime(crosses fingers).
Most of their revenue is tied to other stuff though
1. Productivity / Business (~43%)
Includes:
Microsoft 365 (Office, Teams) - these can be likely ported to Linux if they're not already since they also work on MacOS? LinkedIn Dynamics (ERP/CRM)
~$120.8B
2. Cloud (~38%)
Includes:
Azure (runs on mostly linux, and moving cloud provider as a big corp is expensive, I don't see massive companies stuck in azure infra moving from it) Server products (Windows Server, SQL Server, etc.)
~$106.3B
I fully support the demise of Windows as an OS
But microsoft as a company has shifted away from Windows as their source of revenue, and will probably not be impacted too badly if it were to die completely.
The French move will hit the Productivity/ Business segment. Their motivation is to limit extra-European dependence so they will look elsewhere for this.
Similar to Germany with its DeutschlandStack and some migrations already ongoing.
> Microsoft 365 (Office, Teams) - these can be likely ported to Linux if they're not already since they also work on MacOS?
I thought the Mac versions were not a full fledged port and were missing features present in Windows.
I was under the impression anticheat is the only thing stopping linux gaming from taking over
Anticheat and support for joysticks, steering wheels, VR, etc. is one factor for sure. I would say almost all games people play, which dont fall in the above categories, run out of the box with no or very minor tweaks needed (no terminal).
Actually, it's the exact opposite. There is really no alternative to PowerPoint on Linux, unfortunately. I'm saying this as someone who's used Linux for 20 years now.
I haven’t seen power point used professionally for over a decade. All google (though I’ve made the odd prezi)
Are you just hanging around California startups? I work in big consulting and am inside hundreds of the largest companies in the US, everyone of which is fully Microsoft and only ever seen PowerPoint. I’m in dozens of teams meetings a week across as many organizations and have been in 2 Google meets meeting in the last decade, both of which were California fintech startups.
I've been out of the powerpoint loop myself for almost 20 years too; does it actually have any valuable functionality that you can't get on the free alternatives?
Yes, most people use MS where I live, too. But most of them only scratch the surface. To this thread's point, 99% of PowerPoint presentations I've seen are just walls of text on a bunch of slides, with the occasional illegible graph.
Now I'm not saying I actually know my way around PPT or that I'm some presentation whiz, but this can probably be done with the browser version. Just like the "new" Outlook is simply a new Edge skin.
I work for a company that has drunk the MS Kool-Aid and then went back for a refill, yet I've never had any issue using the web version of the suite ever since it came out. I don't even run Windows on my work laptop. Teams is the only app that seems marginally better in its heavy version (heh), since it supports separate windows for the calls.
Every single morning on the train to work, I watch people put finishing touches on PowerPoint presentations.
I've worked in academia for years (in computer vision labs) and I can confidently say that PowerPoint is the best tool to prepare research presentations.
Could you go into details about why you think this?
I haven't used PowerPoint in years as I think my needs are pretty simple but I wonder what I'm missing.
I can see that the Microsoft ecosystem gives control on who can view files and provides collaboration and control. Both of which would be useful in the corporate world.
Is there's somethnig other than that or is it just ease of use?
For the most part I see people using MS Office tools because it's what they are familar with. They're familar with it because it's the only thing their IT department will allow them to use.
At least in my field, 90% of presentations are Beamer. PowerPoint is bad at equations just like Word. Besides easily integrating video/animations I can't think of why it would be better.
I continue to be impressed as to how much of a bubble HN people reside in. A very small bubble.
I'm actually constantly surprised by the diversity of experiences I'm seeing here. It's very much not a small bubble, at least not in comparison to any other social network/activity in my life.
Probably just a matter of time, it’s possible the friction will create opportunities. Something in the spirit of iaPresenter, md first would be awesome.
At the moment i have long html page with key event for next and previous, tiny script to check on specif markup for autoscroll.
Libre Office Impress does all the things that PowerPoint is used for at my workplace.
I'm guessing it's not compatible with Teams and that MS make sure it doesn't work properly with LO produced PPT files.
Huh? There's a ton of PowerPoint alternatives that work on Linux. LibreOffice, OnlyOffice, Collabora Office, Calligra Stage, Google Slides, the online version of PowerPoint, more techy things like LaTeX Beamer or Reveal.js. Maybe these don't have perfect PowerPoint compatibility, or some niche PowerPoint feature you need but there's plenty of slide deck making options that work on Linux.
I tried LibreOffice (Impress) for something simple and it was not good - in fact it would just freeze. Although it did have a feature on MacOS that PowerPoint for Mac didn't, so I ended up using Impress for the first little bit and then PowerPoint for the rest.
And then Canva, Prezi, etc. I can't understand the idea that there's no alternative to PowerPoint on Linux either.
Presentation has been a solved problem for more than 2 decades already.
Whenever we are talking migration out of the windows world, there is always a group of MS fanboys that pretend that you can't replace a software with another one if it doesn't even have the exact same set of features down to the smallest details while totally ignoring the interesting features the replacement can have.
The reality is there are never 1:1 replacement and Microsoft would have never had any sort of success in the office area to begin with that sort of nitpicking.
I'd think the only Office part difficult to replace is Excel. It has a lot of functionality, provides a lot of value and is the workhorse of most business processes I see. Now how do you replace THAT?
If there’s no alternative to PowerPoint, that should be treated as a plus, not as a problem.
Run your Windows games on Linux: https://www.tomshardware.com/software/linux/nearly-90-percen...
My Linux computer now is my main gaming machine. I purged my Windows partition a couple of years ago and haven't had the need to look back yet.
1. total abandonment of desktop as a platform, and the massive hurdles to distribute desktop software
2. move to Cloud and use electron wrappers because not even MS can bother making native apps on their shitty platform
3. Make Windows so shit that even hardcore power users can’t debloat it.
The moat of Windows is gone. Games, office work, all the classic arguments, have basically vanished in the last 5-10 years. The only surprise is why more people don’t get in the life rafts, when the ship is listing at 45 degrees. Is it because there’s still an army of workers and institutional inertia trained in Active Directory?
4. putting Mac users in charge of the UI who are genuinely incapable of understanding how they are breaking continuity.
That's like staffing a neurosurgery department with dentists. Or a dental clinic with neurosurgeons, it does not matter, you can have decades of experience working with a drill in the head area and still be the wrong person for the job.
Continuity with what exactly? IME Windows has been a mish mash of GUI frameworks to the point you teleport through time whenever you click around in control panel, since.. the XP era? I mean, I don’t disagree with you in principle, but the timing is like saying horse carriages aren’t keeping up with cars because they’re designed by car users. The Satya era can be good or bad depending on who you ask, but that’s for Microsoft as a company – windows as a product has had no coherence for a decade+, and that’s generous.
> Is it because there’s still an army of workers and institutional inertia trained in Active Directory?
Yes, that is a huge driver of inertia. I've had to battle that in so many different companies now, and it is absolutely aggravating. That on top of comments about how Linux sucks from someone who either has never used it, or has only used it on a server and thinks that is all Linux has to offer, are absolutely soul destroying.
Most consumers are primarily on mobile devices.
Windows persists in the workplace where the cost to replace it is significantly higher than keeping it, and keeping it doesn't cost much to begin with. Part of that cost would be training, yes.
The other part is finding compliant equivalents for the rest of the software they use. If the MFA, VPN, chat, email, etc. are all already vetted and designed to be compatible, there's no way they'd want to switch. Many policies regarding proprietary information disclosure are also built off this ecosystem and the certifications Microsoft's cloud already has.
Except today games all work and invariably markedly better on Linux. Even the games that stopped working on Windows for me work great, like https://www.protondb.com/app/2008510
It's almost like Microsoft might be offering something on top of businesses using Windows, that isn't as commonly available for other platforms.
Or businesses are just clueless face-less entities who have no idea what they're doing. Probably the truth is a little bit of both.
What Microsoftoffer is having only one contact / contract for a huge fraction of the IT needs of a company so I can understand it solves some headache vs building stuff from many bricks with as many contracts.
Microsoft offers ease of integration, in exchange for your company to be locked in forever in their domain.
They offer a full ecosystem where everything integrates with everything else, especially the central pillar of identity. But you will pay for that in more ways than just money or lockin. If you work with their solutions, the more you dig into them with the help of MS people, the scarier it gets. So many "holy cow" moments.
Businesses choose it because it works with what they already have, the existing tools, processes, skills and because Microsoft was always a safe choice by virtue of being almost implicit. They choose Microsoft because they're already deep into Microsoft, it's the option carrying the lowest risk and lowest short term cost.
Switching to Linux is complex, expensive and risky. The transition is long and expensive, plagued with teething issues, your MS focused knowledge is redundant, the patience of your sponsor can run out before the move delivers anything of impact. Who wants to take such risks when they can just not rock the boat and call it a day?
The vast majority of my Steam library runs on Mint without issues (and some older games run actually smoother on Linux than they did on Windows).
Not to mention my very large emulation library.
I have no idea what you are talking about.
Many government orgs have spent the last decade and a half slowly transitioning old legacy applications and platforms to browser-based alternatives. That old ERP software that used to require a thick client? Now it runs in Chrome. Microsoft recognized this and smartly moved to keep these customers locked in via an ever growing Microsoft Office bundle - subscription based, with Teams for their chat and then building up additional capabilities to extend the dependency, like InTune.
Where we are at now is that the pain of moving away from Windows is acceptable for many larger organizations and governments, especially those with flat or decreasing budgets. You can just swap out the OS layer and keep other processes the same - keep using Office with just the browser versions if you want, or move to an alternative (like EU-based). Teams works on Linux. There is no moat on Windows anymore
> to browser-based alternatives
And many of those tool providers could see for 10-20 years now that if they didn't provide a web based version sometime soon, they would go out of business sooner or later.
There are almost no applications that a government employee should be running natively on their machine anyway.
Interestingly, Microsoft has been trying to get ahead of this for a couple of years now with their National Partner Clouds program [0], which they describe as:
> designed for scenarios where full ownership and operational independence from Microsoft is required
In France's case, Capgemini and Orange have a joint venture to operate datacenters that Microsoft runs Azure and Office on top of [1]. Moving away from Windows and Teams would still reduce their dependence on Microsoft substantially. But if the core goal is to reduce dependence on non-European suppliers, I would be wary of the French government buying services from "Bleu" when it's mainly Microsoft and a couple of consultancies in a trenchcoat.
[0] https://learn.microsoft.com/en-us/azure/azure-sovereign-clou...
[1] https://www.capgemini.com/news/press-releases/capgemini-and-...
France has been making good moves to achieve software independence from the US. It would be an even better move to allow those in Europe or indeed the rest of the world to also benefit.
France and Germany are actually cooperating on most of these, like the word processor: https://www.techspot.com/news/107225-france-germany-unveil-d...
Plus, it's all open source, so the rest of the world is free to use it as well!
This is great! Any plans to add spreadsheets to the suite?
The docs project is part of "La Suite"[1]. They choose Grist[2] as the spreadsheet which is made by an American company but open source and there is a significant contribution from the French it admin.
Interesting. By some luck i've been using Grist for two years and it just feels like the most no nonsense software. But it's a bit different to excel, i would say it's more like airtable. It's more columnar like gui over sqlite database which might be a bit more restricting BUT it greatly helps data integrity.
> It would be an even better move to allow those in Europe or indeed the rest of the world to also benefit.
Those initiatives are usually open source. It's just that many times, each country wants to make their own. But it's still better than staying with the TooBigTech monopolies.
> It's just that many times, each country wants to make their own
This hits hard. I'm a French citizen who made an open source alternative to Dropbox [1], I would have never thought my own government to attempt competing in my niche. I did contact the people at DINUM and it seems they are more interested in making their own than contributing to existing projects they don't fully control
On a side note. I want to take this opportunity to thank you for filestash, it is really a high quality software piece that solved a lot of pain points for me.
France is funding a lot of open source projects. They may not be very sexy or trendy, but they are there.
It's good to differentiate truly independent tech from the unfortunately common government-pushed French-tech that are US-tech rewrapped.
e.g. Qwant is a re-skin of Microsoft Bing
It's a great move overall.
Qwant is working on that. Together with Ecosia they're building their own index called the European Search Perspective:
"Today, Europe receives 99% of the answers to search queries from external infrastructures. We believe, however, that a higher level of digital sovereignty is essential for a functioning democracy and economy. With our new web index, we are creating a European perspective on politics, culture and values. This is a long overdue step towards more plurality in the digital world, which is also being called for by our society."
> a European perspective on politics, culture and values
To be honest this does not sound much better. 40 years ago maybe I would have preferred EU values over the US' puritan values. Nowadays I'd just expect a different flavor of poison.
At least when you have a few different values you can pick and compare but yeah.
As far as I know, Qwant indexes itself and substitute with existing crawler results, which seems a reasonable compromise.
Ok? You could make the same argument about Chinese tech, German tech, or American tech.
Still less, there is a lot of sovereignty-washing in EU, and specifically in France because this gives you access to grants and public markets.
Bpifrance, the Caisse des Dépôts, France 2030, Horizon Europe, etc.
To access that money, you need the right narrative. So companies learn to wrap their pitch in sovereignty language, get the grants, and then quietly build on top of AWS, Azure or GCP.
Not that it's dramatic, but there is a difference between hosted in France (where dependency still exists), and hosted + engineered in France.
Hopefully this transition to Linux is going to push France government to get rid of Crowdstrike, it's insane they let such backdoor run inside.
As a French citizen who's been building an open source Dropbox alternative for almost a decade [1], the sovereignty talk in France makes me cringe. Everyone has the word in their mouth, but nobody bothers to even search for alternatives, let alone give them a chance. France represents about 1% of my customer base with only a single customer: LVMH. I've had a whole bunch of French universities contacting me, nobody was willing to contribute toward the development because culturally we assume libre software must be free of charge so you'd better either beg for grants or have a rich uncle to sponsor your life. I've tried reaching out to the people who talk loud about sovereignty. Turns out it's just something they say at conferences to entertain each other as they have no power to actually make it happen, and don't even get me started on public markets.
They do: https://github.com/suitenumerique It's used by, among others, the Dutch government: https://github.com/MinBZK/mijn-bureau
There's been some 'back and forth' or "progress and regress' about this.
Adoption of Free Software:
2012 Prime Minister circular — the most important formal turning point: Orientations pour l'usage des logiciels libres dans l'administration, signed on 19 September 2012. It explicitly gave guidance to public administrations on free software use.
2016 Digital Republic Law — reinforced the direction by encouraging public administrations to use free software and open formats.
2021 action plan for Free Software and Digital Commons — launched after the Prime Minister’s circular of 27 April 2021, with goals to increase awareness, use, publication of source code, and reuse across administrations.
2024–2026 LaSuite / Suite Numérique — current state-led open-source collaboration suite, presented by DINUM as a coherent set of open-source tools for public agents and positioned as part of the state’s sovereignty strategy
Rollbacks and proprietary deals
Microsoft “Open Bar” contract with the Ministry of Defence / Armed Forces — a major counterexample. The Senate records say the framework agreement started in 2009 and was renewed for 2013–2017 and 2017–2021, without publicity or competition, giving the ministry broad access to Microsoft’s catalog.
Criticism and replacement with UGAP purchasing — later reporting says the open-bar arrangement ended in February 2021 and was replaced by a convention via UGAP, but the ministry still relied on broad Microsoft licensing and associated services.
2025 education procurement for Microsoft — a public tender worth 74 million euros for the Ministry of Education and higher education services was attributed to Microsoft, showing that proprietary dependence continued alongside open-source policy.
2025–2026 public-private partnerships in sovereignty language — France and Germany announced a partnership with Mistral AI and SAP for sovereign AI in public administration, which is not a free-software rollback in the strict sense, but it is a clear example of the state pursuing sovereignty through private-sector partnerships rather than purely internal open-source development.
---
Conclusion:
Like anything in capitalism: it's a constant fight, permanent struggle. The big private companies will try to massively impact political life.
So, there IS in France this 'feeling', this consciousness, throughout the political landscape (mostly on the left and also a little bit on the right) that we need to have some sovereignty over our data, services, software, etc.
Every once in a while, a right-side political figure, who are basically ruling since 2000, (except from 2012-2017 where France had a social-democratic government and president) has a sparkle of dignity, decency, logic, and honesty towards the best interests of the country and leans towards Free Software adoption. But...the lobbies are always there to rollback each decision, or part of each decision, and gradually gain back their influence.
As a French citizen who spent almost a decade building an alternative to Dropbox that's libre software [1] I was very disappointed my own country decided to build a product competing with mine when French companies are about 1% of the existing customer base. I would have never thought my own government would be competing on my niche
It makes sense a government will want to take full charge of the strategically important software they will run on especially when they try to establish it as a new standard in a challenging transition. One day when it's fully established they could still spin it off and some other entity takes point.
>a right-side political figure, who are basically ruling since 2000, (except from 2012-2017 where France had a social-democratic government and president)
This is not really true, since 2017 we have a centrist president. For the legal power, see https://en.wikipedia.org/wiki/National_Assembly_(France)#Fif....
It seems like what Europe really needs to do this is a viable mobile OS. It's been true for a while that Linux + LibreOffice is plenty to handle most government workers' needs on the desktop, but that's only good for when they are at their desks. Are there any viable alternatives to iOS and Android that are totally free of "dépendances extra-européennes"? What's the plan?
The Finns, as always, continue to develop mobile phones, Jolla is back from the dead and supposedly starts shipping sometime in 2026 with a new iteration on the hardware and the OS, time will tell if it'll have any impact.
Might not be 100% Europe-made from the get go, but good ideas and executions often start with small steps and iterate rather than having something groundbreaking out of the gate.
I'm not convinced that replacing one proprietary OS with another is the solution.
That said, I won't deny that Jolla is much more trustworthy than Google or Apple.
> I'm not convinced that replacing one proprietary OS with another is the solution.
Someone correct me if I'm wrong, as I'm not super familiar with Jolla's/Sailfish's architecture, but isn't most of the OS actually FOSS, while there is a thin proprietary compatibility layer, and that's about it? Was some months ago I last read about it so could be misremembering, but seems like a good first step at the very least.
I think it is a lot more, as far as I understand, most of the UI is proprietary:
https://forum.sailfishos.org/t/sailfish-os-clarifying-claims...
https://forum.sailfishos.org/t/sailfish-os-clarifying-claims...
> I'm not convinced that replacing one proprietary OS with another is the solution.
Consumer don't care if the OS is proprietary, as long as it works and there is a responsible party they can trust to serve them the offering.
Linux on Mobile has been progressing steadily in recent years, and is in a state suitable for very early adopters and tech enthusiasts. Definitely not for the general population IMHO.
See: https://postmarketos.org/
FWIW, it's not just the EU that needs this urgently: most of humanity sorely needs a trustworthy mobile OS that's not designed against their interests.
A big hurdle to this is hardware vendors locking bootloaders and making it impossible (or impractical) to write or use existing drivers.
Manufacturers maintain long running forks of Android (often very old Linux kernels) with their drivers hidden in their fork's source.
I'm a firm believer in the right to repair software - and the fact that it's illegal to reverse engineer binary blob drivers (or proprietary software at all) is a shame (not that you could even untangle a driver from a binary blob of a Linux fork). I'd go as far as feeling strongly that drivers should be open source, and if they aren't, documentation sufficient for the community to write drivers should be made available by manufacturers.
Linux on M5? Should be easy
Linux on an X Elite Surface Book? Should be easy
Ubuntu Touch on my Pixel 9? Should be easy
Android TV on my TV? Should be easy
Proxmox on my 5g mobile router? Should be easy
No drivers / locked bootloaders = not possible
>the fact that it's illegal to reverse engineer binary blob drivers (or proprietary software at all) is a shame
Where? I don't think it's illegal in the US at least. The only things I'm aware of that may have legal issues are related to radios, specifically modem/baseband stuff, and maybe WLAN cards.
Might be more google dependent than you're looking for, but I've been using Murena's /e/os (based in France) and it's working great for me.
Android Open Source is good enough. The tough part are device-specific drivers that never make it upstream and are eventually abandoned by the vendor, making upgrade past specific kernel versions very troublesome.
It is controlled by Google so it not. As long as Google is setting the roadmap for android it is not a viable option.
Why not? GrapheneOS and others show that it is possible to make viable operating systems on top of AOSP, which also have their own useful extensions.
It seems like a waste not to use an existing, well-developed, hardened, open source base, that at the same time provides great compatibility with most existing apps.
Since it is open source, it would always be possible to fork if AOSP goes off the rails.
I think the primary issue is that it is currently hard to get embargoed security patches, unless you have some partnership with an OEM.
At the same time it is an open source product and can therefore be forked. Being controlled by Google presents not nearly such an issue as Microsoft products or the Apple ecosystem.
I used Linux 10 years ago, but then due to job or corp. and needing Teams and Outlook I was forced to uses Windows. Now with corp job over I was finally able to switch to Linux this week (Fedora + KDE). Loving improvements made in the last 10 years, KDE will always have its quirks, but it is fast and smooth with no crashes yet. I got Claude to make me a migration script which worked brilliantly, haven't needed to boot Windows yet. Browser sessions and everything worked like nothing had changed. All my various ssh / putty configs migrated to Konsole, Thunderbird carries on like nothing has changed. Ahhhh freedom!
Strange. I switched to Linux +25 years ago. My setup became quite minimal; right now I use IceWM for the most part. GNOME3 was always useless; KDE also changed since Nate "I need more moneys!" took over (see his donation daemon or the more recent "systemd-only" tied with wayland-only garbage that KDE succumbed to).
Linux is good in that you can combine things that work, so it is more flexible than windows. But desktop wise I don't see it becoming really dominant; GTK is now a GNOMEy-only toolkit. Qt is too busy focusing on their own business model. Desktop Linux is not useless, but it is really just sub-par compared to Windows. I also use Win10 on a second computer; I don't like it but I use it for testing. Linux lacks decision-making power focus (and corporations such as IBM/Red Hat are selfish, so these will never reach any "breakthrough" like the infamous Desktop of the Year, which I heard will come next year together with GNU Hurd ... I think).
> Desktop Linux is not useless, but it is really just sub-par compared to Windows.
Each to their own. My experience is the opposite (I use KDE). I have to use Windows at work and it's always such a pain. At least Windows 10/11 finally has multiple workspaces natively and some keyboard shortcuts for managing windows (ironic), but I would have preferred to stay in Windows 10.
Now Windows doesn't even support proper suspend anymore and it won't stay in the "modern standby" either. Constantly waking up and doing god knows what with fans screaming. When I take a look what it's doing, task manager claims that nothing resource intensive is going on. I'm guessing it's hiding some internal processes. It calms down when I put it to sleep again. Sorry for the rant, I better stop before I start.
yes the flaky sleep is what did it for me - laptop would randomly boot up at 2am, bright lights and whirring fans. Thought it was a virus! Seems like Fedora has cracked the hibernate/sleep issue, possibly due to good intel driver support for my Dell and finally Linux has better hibernate, sleep and wake than Windows 11 (ymmv!)
I actually have been lucky since even my laptop from 15 years ago already worked well with Linux and suspend while Windows didn't (wasn't OEM Windows anymore). I have also had multiple desktops that have _mostly_ had no issues with suspend either: only nvidia has given me grief on some setups when sometimes the screen would be blank when waking up, but I figured out workarounds for that.
At this point I wouldn't be surprised if American companies started using it if the French get it right. The instability of the current administration is one thing, but Microsoft disregard for its user deserves an appropriate response that will actually hit them where they care.
> I wouldn't be surprised if American companies started using it if the French get it right
As a French citizen who own a business [1] that is in direct competition with this incentive from my very own government, I'm happy to disclose more than 50% of my customer base is already in America and France represent about 1%.
I would love to self-host France's "La Suite" to keep myself out of Google and MS... but for many companies, it will not matter how much you tell them there are options that are both cheaper and better. They will believe that paying someone tons of money is better because others cannot afford it. That inherently makes it superior... for some reason... you see?
I find fascinating how so many people are moving away from Microsoft decades after they should have because of simply the inertia that large organizations have on adoption.
Above all, I'm also surprised on how those same organization are using Anthropic or OpenAI or other close source solutions for their agent harnesses instead of going for Open Source.
Malte just yesterday showed how powerful innovation with small teams can be achieved particularly in EU.
I hope they start looking for those alternatives too for their agentic systems, beyond using pi-mono.
> I find fascinating how so many people are moving away from Microsoft decades after they should have because of simply the inertia that large organizations have on adoption.
That should be a good lesson in anthropology : the delta between knowing something and acting upon it tends to be immediate necessity. We're still an immature species as we haven't learned to be lazy at scale, that is putting the right amount of work early on to do the least overall. But I'm optimistic we'll get there.
It would be great, however the title is misleading: the only announcement regarding linux desktop is that the DINUM - a relatively small but perhaps influential government agency pledges to leave Windows.
I believe the largest Linux Desktop initiative in France is GendBuntu[1] for the National Gendarmerie
How is it misleading? While DINUM might be a smaller directorate, they're also asking all related ministries, including public operators, to put together a plan for how they'll migrate from Windows to Linux by autumn 2026. France has a relatively broad "digital sovereignty strategy" that this is a part of, but it's bigger than just DINUM moving to Linux.
Anyone here familiar with the details of GendBuntu[1], the Ubuntu distro used by the French Gendarmerie? I'd love to hear what is working and what isn't on the ground.
[1] - https://en.wikipedia.org/wiki/GendBuntu?useskin=vector
There should be a chapter in economic books on how entrenched monopoly companies become on the inside, like small states where little companies (called departments) play freemarket for promotion points, the outside forces completely suspended while the endoplasmic reticulum of the monopoly company lasts.
I puzzles me to no end why the typical office clerk should care about the OS at all. I understand that secretaries will be trained on MS Word and will then have a strong preference to use such (or at least something which very closely resembles it). Same for accountants with Excel. But clerks in e.g. Revenue Service? Those I expect to interact (perhaps these days via a Web interface) with custom software. Why would those ever see a 'Start' button or somesuch?
That hasn't been my experience working in Corporate America at all. Everyone gets a company laptop and they use it for whatever they want. Whether that's Excel, Google Sheets, or Netflix at home.
People think company hardware is their personal hardware and they have preferences.
I had a company phone once (terrible experience) and I'd routinely get txts from random services and people outside our company thinking it was the previous owner. The last employee who had used it mixed company use and personal use.
Hope we’ll do the same in germany.
They tried it a long time ago, but it seems to be rolled back to Windows again. https://en.wikipedia.org/wiki/LiMux
I hope our French friends can learn from this initiative during the adoption phase.
I seem to remember many people saying it was done by the mayor because Microsoft moved their German headquarters
> Reiter denied that he had initiated the reversal in gratitude for Microsoft moving its German headquarters from Unterschleißheim back to Munich
I would say that's kind of a conspiracy-y explanation. Big companies in Munich either have their campuses on the outskirts of the city so that people can commute and park without flooding the city or they have it in the heart of the city as that is seen as more prestigious.
Lots of companies have flip flopped based on this, and that's what happened in MS case.
Tbh not saying MS didn't play dirty in general, but not necessarily in this.
> I hope our French friends can learn from this initiative during the adoption phase.
The apps are available now, so reasons to be optimistic.
When LiMux and similar efforts happened around 2004 most business applications were Windows only. Even the ones that purported to be web used windows only technology and required IE and Windows.
Now with years of business budget controlling types using their Macs and smart phones and wanting access to the their apps the majority - even MS's stuff - can be run well in a browser on almost any OS.
> but it seems to be rolled back to Windows again.
Apparently it was a decision by mayor Dieter Reiter after excessive lobbying by Microsoft. At roughly the same time, Microsoft moved their German headquarter back to Munich. What a coincidence...
There were and are initiatives. Of course, they were and are ridiculed all the time. Who can't recall LiMuX or check out ZenDIS (Zentrum für Digitale Souveränität in der öffentlichen Verwaltung). Read up on the current migration away from MS Office in Schleswig-Holstein.
It’s quite remarkable what the current administration have “achieved” in a year or so
Hopefully the rest of the world can benefit from their efforts. I hope the whole EU starts moving to Linux.
I am actually a research engineer paid by the French government. They take digital sovereignty pretty serious over here, which is sometimes good, sometimes less so.
Definitely the right call on Windows, though. Even my parents (in their mid-seventies) moved to Linux this year.
I am a counter example of that take. As a French citizen, I have spent a decade building an open alternative Dropbox [1] that is I believe miles ahead of even Dropbox itself. In practice, France represents about 1% of the customer base. I've tried reaching out to the people who talk loud about sovereignty. Turns out it's just something they say at conferences to entertain each other as they have no power to actually make it happen.
This should have been done years ago. This will certainly drive bad actors to harm Linux too unfortunately
France and Germany have endemic malware. Reacting defensively to it might be easier with Claude on the OS source code.
Great to see France purging itself of corruption. Why did they pay for an inferior product for so many decades when a superior free alternative was available? It was regulatory capture; corruption.
Hopefully this results in investment in desktop environments and Wine!
Why? We have plenty of well working Desktop Managers and WINE is doing better than ever. I'd argue there are bigger issues in Linux like default process isolation and access authorization per program being behind other OSes
What are my options if I want an independent phone OS ? Can I go into a store in Paris and buy an independent phone ?
Europe in general have great software engineers. What it lacks is investment. To see the goverment serving its own country instead of foreign billionaire interests is good change of pace.
And Linux development and adoption helps everybody not just France. A win win.
Got my full support, go go go!!!
My main reasons not to be able to fully switch 100% to Linux are the following:
1. Graphic design software is subpar (expecially when compared to mac) and very often under supported. And GIMP has absolutely the worst UX of any program I've ever seen for such a widely recommended software. 2. Gamedev (i.e. Unity) is much less stable and annoying to work with (mac is much better but Windows still wins) 3. Older hardware support, most of the times you can use a super old software (say a printer) and it works. Linux much better than mac for this, from my experience 4. Lots of things on Win are plug and play, Linux is a pain of custom drivers from dead githubs. Mac slightly better or worse, it might either exist as a stupidly expensive application or have to jump hoops to get a driver in.
And I know people say "just use Wine" or "GIMP is actually great and free" but at the end of the day, I want my main driver to be stable and good to use. If anytime I save a project running via Wine has a non 0% chance of it crashing and bringing down my entire work, it's not going to happen.
I do use and recommend Linux quite extensively but that's why I always have 3 different systems at any given time:
1. Win: gamedev, hardware stuff or bigger games, some design, GPU heavy work. 2. Mac: design, light GPU work, browsing and portability (battery life and cooling is fantastic) 3. Linux: everything else
This hasn't changed in the past 10+ years, even though now I can see much more gaming happening on Linux, which is very nice.
hmm. hoping that all the weird business requirements get confined to a specific distro with careful gating prior to upstreaming. it would be bad if they were allowed to pollute the ecosystem more generally (which one could argue is why windows is the way it is).
It's a good move. Hopefully, they stick with it. I remember some cases in Germany where they switched and then later switched back.
It's a shame that we have no equivalent to Google or AWS in Europe and now that it seems LLMs might eat search, we don't have any of those either.
Being dependent on US tech feels the same as when we were dependent on Russian energy: strategically unwise and avoidable. We have alternatives, they just need work.
This is so utterly urgent. The US is an increasingly-deranged, hostile actor, which is able to cripple our tech at will.
I think we've been far too complacent about the direction of travel across the Atlantic. Trump and his crew are the new normal, and the key players in Silicon Valley are on board.
Any European government not currently working towards independence from US tech is being almost criminally neglectful.
Steps are being taken. This week two big announcements in The Netherlands as well, one for a replacement to AWS and one for taking US tech out of state secrets, which weirdly enough wasn’t already a thing.
Like last time, I ask again: Which are the European made computers?
Which are the US made computers? Start by excluding all the ones with Korean LCD panels, and Taiwanese motherboards, and Chinese parts.
If you mean assembled then there are lots of very small European companies that make custom build PCs.
Economies of scale in the US, a single language, and cheap transport, mean that the US companies grow very big internally, very easily. And then go international without much effort. The same is not true in Europe, so there's not a huge Dell, HP, or IBM equivalent.
In 2026, the only country on the entire planet that can likely make their own computer with 100% their parts and labour, and is actively trying, is China.
The same is not true in Europe, so there's not a huge Dell, HP, or IBM equivalent.
In the 90s and up until the early 00s we used to have quite a few pretty serious contenders, but they are all dead now: ICL, Siemens-Nixdorf, Tulip, Bull, Olivetti, etc.
No European made computers today doesn't preclude the possibility that there will be one tomorrow. RISC-V is the way out, and there are a number of European initiatives (though nothing serious just yet, I admit)
As a European dev, because I like RISC-V and because of the geopolitical situation I wouldn't bet on x86 in the long term.
I've been not betting on x86 in the long term since the PowerPC was announced ;)
Being independent of Chinese manufacturing is a tougher challenge for anybody.
Though at least the Chinese are predictable, unlike dealing with the USA.
It’s all about risk management. No solution is ever perfect, and that works for the US as well.
Also, some partners are more reliable than others. If China becomes as volatile as the US, it would change the risk assessment and stimulate other parts of the industry.
I'm more concerned about the fact that only ASML can make machines producing advanced chips (EUV).
This is a way way more concerning topic. The irony is that China might be the one fixing that dependency + bring prices down.
One bomb on the Netherlands and it is over for nearly all the worldwide supply-chain, 10 or 15 years of regression.
Even worse, they can remotely kill the machines for political reasons.
I use an European made computer from Schenker (their XMG subbrand actually).
Of course the components are not European made. But Dell's components are not US made either.
I can also buy a Japanese or Korean (or Chinese) computer. There is no dependency on a single country.
> Which are the European made computers?
Recently, not so many I suppose. But many of the earliest computers were European, so surely we could get there again at one point, hardly impossible.
Achieving redundancy from China is likely not possible in the near future. Meanwhile, the risk emanating from a rugpull or from deliberate sabotage by the USA is very concrete.
The goal isnt to become independent of China / Taiwan / the rest of Asia. The goal is to become independent of America.
Interestingly, there are zero non-US powerful laptops. The closest option is the Moore Threads MTT AI Book (12-core 2.65Ghz, 32GB DDR5, 1TB SSD, 14 inch). It cannot reach a modern Ryzen in performance though. It's fascinating that only the US can make good computers. I'm not from/in the US so I'm not saying that from a patriotic point of view. How hard can it be to pop a good ARM chip in a laptop and compete with HP, Apple and the likes?
> It's fascinating that only the US can make good computers.
Seemingly, the US might be able to design good computers, but it cannot make them themselves. This should make it easier for others to do the same, design the computer in country X but actually make it somewhere else, just like the US. Yet we're not seeing this at all.
Which powerful computers are made in the USA? Design and assembly don't count, as these are the least robust to replication attempts. Apart from that, the manufacturing is all in East Asia; Intel is the exception, not the normal!
> It's fascinating that only the US can make good computers.
Lenovo is Chinese, right? Xiaomi, Samsung... can you really not name one non-US company making computers?
> "Like last time"
I am perplexed by people who use condescending phrases like this. You think we track what you said before?
What are the American-made computers? The Apple macbook assembled in China with Korean displays and Taiwanese chips?
I haven't mentioned America or any other continent. It is the Europeans who are shouting about sovereignty right now.
Americans for their part would probably be very happy to use made-in-Europe software on their computers whenever applicable.
I haven't mentioned America or any other continent. It is the Europeans who are shouting about sovereignty right now.
Well, no one has mentioned computer hardware until you did.
Surely you understand how "all the motherboards are made in Taiwan" is less of an immediate risk to sovereignty than "all of our business and personal data is stored on American servers and subject to US law"
It would be nice if Europe could produce its own computers, but right now no one can except China, so what is your point? That limited sovereignty efforts undertaken in the realm of reality are futile and that enables you to get some cheap shots in for whatever reason?
Computing is the software and the hardware. So you're right, I feel that it is futile.
Well, you can use the old hardware which you've already got if you get cut off from foreign suppliers. But the same is true for software. It's even more true for software.
If the French government and other Europeans were serious about reducing or eliminating dependency on American cloud services, they should switch to older versions of MS Office and MS Windows be done with it. No need to retrain your workers, and a realistic and speedy way to implement it.
they should switch to older versions of MS Office and MS Windows be done with it
That does not make any sense at all. These are full of known security vulnerabilities.
There is one very serious issue with software: it needs updates for security issues that are uncovered. And it might be built requiring access to MS cloud services to work. To get rid of these problems is basically equivalent to adopting open source products.
What they should launch is an abuse of dominant position on the desktop/laptop market, with appropriate remedies such as fines.
Switched to Nobara after getting fed up with one too many Windows bugs. Been a really pleasant experience to be honest
Government is the perfect place to do this. It doesn't matter if it craters productivity because the organization's budget is not conditioned on delivering impact.
Prediction: If USA ends up attacking EU, EU will freeze all the US tech company money and compel them to open their platforms and move all the backend services to EU soil in exchange of unfreezing it and continue operating in a free but regulated market.
For example locked communication devices are huge national security risk, so Apple will have their money frozen and given two options:
1) Open up iOS etc, bring all the servers to EU. Continue business as usual, EU financial institutions may choose to use Apple services as Apple pay but they may choose to bypass it. EU developers may choose to use Apple App Store services and pay the Apple's fees or they may choose to bypass it. Apple may chose to make Xcode a paid software, developers may choose not to purchase Xcode and use other non-Apple tools and pay nothing to Apple.
2) Use credit against the frozen money to refund your users if they bring their devices to you. All the Apple devices will be locked out from EU mobile providers(technically very easy for iPhone, simply by blocking devices with Apple IMEI on EU networks) and any remaining devices of the users will be refunded with the Apple's money. After some grace period, any money remaining in Apple's account will be transferred to Apple and if Apple wants to do business in EU again will have to do the option 1.
I'm bit on the doomer side of things, so I think that if Trump keeps his current course and power, at the end of the term American software industry will shrink by %90 as it will be expelled from most of the world and will be serving to 350M people instead of 8B people. Its amazing how US is screwing up its dominant position in this incredibly lucrative industry that lets them serve a market of 8B people and accumulate huge wealth in the process.
Open up iOS etc, bring all the servers to EU.
How is that going to work? Apple will still be under the CLOUD Act, so Europe would still be vulnerable. The only solution would be for Apple to fork into two completely separate companies, which is unlikely to happen.
Most likely there will initially just be a lot of chaos, because nobody is prepared for this scenario. There will be huge supply issues, COVID will look like nothing (both in terms of groceries, etc. and getting replacement hardware). Then Europe will on the short term rebase to Chinese/Korean/Taiwanese hardware, with probably an AOSP fork on the mobile side and Linux on the desktop/server side.
But it will be terribly messy. Nobody seems to prepare, because everyone thinks this scenario is unthinkable or they just don't want to put in the effort. Even all the people that I know that are talking about digital sovereignty are still using their iPhones, MacBooks, or GMS Android phones.
I am trying to tell tech people that the time to start switching is to alternatives is now, since tech people are usually early adopters and can help other people. But most switch from GMail to Proton Mail and proclaim victory. January 2026 (remember the good ol' days when the US wanted to take Greenland with force if necessary?) was already forgotten after 4 weeks or so.
If Apple can't work out a legal structure that works, it will be forced to refund for the devices then so the consumer can use the money to buy compliant devices probably from Korea or China. EU can work out special deal with the Asian manufacturers as there will be hundreds of millions of people with cash in hand looking to buy a high end smartphone.
Being messy isn't a worse outcome than US invasion. Europeans aren't rooting to live like Americans or go to wars for America and the tech thingy will be a nuisance at most.
If Apple can't work out a legal structure that work, it will be forced to refund for the devices
How is that going to happen if the US attacked Europe?
EU freezes/takes over all Apple assets in EU, users with Apple devices get the money in cash upon delivering their devices. If the money isn't enough for the refunds, a finance mechanism can be created that will be settle after the war.
The returned devices may be sold to 3rd party markets if Apple isn't cooperating.
EU freezes/takes over all Apple assets in EU
Most value/assets are in the US, I don't see how Apple in the EU would have enough interesting assets to refund. If 30% of the 450M inhabitants in the EU have an iPhone and the purchase price was 1000 Euro on average, that would be 135B Euro. I would be surprised if they have a fraction of that in the EU as assets. The primary useful asset I could think of is if the iOS source code was also stored somewhere in the EU. I guess in war it would be fair game to fork it. Wouldn't help with the existing iPhones, since the EU doesn't have the signing keys, but you could bootstrap a new phone ecosystem (and even revert Liquid Glass :p).
If the money isn't enough for the refunds, a finance mechanism can be created that will be settle after the war.
There are huge assumptions in this, like the EU wins the war, the war doesn't end in a sort-of cold war, Apple cannot get away from liability because it was not their decision, etc.
The returned devices may be sold to 3rd party markets if Apple isn't cooperating.
Flooding a 3rd-party market with over 100M second hand iPhones would drive down the prices by an extreme amount.
been a long time coming for windows. wonder who else will follow suit
Honestly the only thing keeping me from bringing up the idea of moving to linux is that Windows has active directory and domain wide group policies - if linux had something similar that was easy to manage I'm sure a lot more corporations would move to linux. The ease at which I can adjust system settings throughout the company or within each department such as disabling/enabling features, mapping drives or printers. I haven't found a better alternative than active directory
Every nations should avoid US based products and services. USA, China and Russia are rogue states. they pose a great risk to every other nation
Ah Windows. The Temu wine.
French administration is about to become even more inefficient it was!
About f'ing time.
I think the commentary here is mostly in agreement, we are just debating the finer points.
This should have happened already, is the general theme. I still have my Shrike CDs around and the modern-day Fedora (I think 44 is about to launch next week?) is more than sufficient for many, many use cases within the government, regardless of which distro they end up with.
My hope is that the backing of EU software development teams to open source will lift all boats and in addition to Linux, BSD may get some fruits of labor out of it.
9front as always is to be strictly forbidden without a security clearance.
Will the French government view open source software as software which should be well-funded and well structured, ie Blender level quality and organization, or are they going to underfund it and thus have it succumb to the shenanigans of Redhat, aka IBM, the infamous pushers of Gnome and Wayland?
But will they use azure?
I've been on a contract for a multinational European company that's in partnership with ESA for the past 18 months, and I've seen a lot of money and effort spent to move out of the US cloud to OVH. After the US decided to go rogue, this project became even more urgent.
My job is basically recreating a small part of the infrastructure that was designed for AWS, while patching some shortcomings of the OVH offerings which are not as featureful.
It's kind of good news, but it's also bad news -- with Linux popularity, crapware will be more popular. I kind of liked times when Linux was used only by power users. Today it's slightly different, and with more popularity... we get things like age verification in systemd.
But well, I can always switch to FreeBSD I guess. And that's my plan B.
I am very happy that Linux is becoming main stream but I share your sentiment. FreeBSD is a nice alternative if you want to stay on the edge.
I hope they also help in improving battery management on Linux notebooks, even pressing vendors via regulations.
This is traditionally how you renegotiate with MS.
But seriously, how long before MS offers them a deal they would rather not refuse?
It's different this time. It's a geopolitical safety move. You know why it happened and who is responsible for this. Never would have happened otherwise.
Vive la France !
These are almost always negation strategies rather than serious initiatives.
Sometimes yeah, but clearly not in this case, if you took the time to actually read the article.
You don't ask entire ministries and public operators to formulate a migration plan from Windows to Linux with a relatively short deadline just for negotiation purposes or just for the fun of it, you do that once you're committed to actually migrating.
This is not just a pilot project or some local administration doing an experiment, it's new country-wide policy enforced from the top, hardly a "negotiation strategy".
I don't think so. Having worked on a similar thing in my country, and the effort is monumental.
When doing this in a company, making technical people appreciate free software and making lasting changes is hard enough. When doing this with non-technical people, everything becomes exponentially harder.
I've been on Linux (I use Arch btw) since 2011.
I've been dual booting the first couple of years, then dumped Windows completely in 2016.
Since then I am on Linux only. Private and corporate.
Yes, sometimes I need to access a Windows machine or do work in one (I am my own boss), but then the client pays a "pain tax" as I call it.
There are some games I can't play I would've played in the past. Mostly competitive online games.
Technically that's annoying, but for me personally it's not a problem as I am not in my teens of twenties anymore and I have other hobbies and obligations.
France is doing many thinks way better than Germany.
This is one of them.
Fantastic news
Efforts like this are good for people to realise there is a lot of talent in Europe that just gets overshadowed by USA's dominance.
USAians tend think everything is less popular in Europe simply because it is inferior and fails purely on its technical merits. I know nothing will ever change their minds, but at least non-European non-USAians might recognise the efforts a bit more.
We are also willing to accept 'good but not perfect' and understand tradeoffs.
>USAians
The word you're looking for is Americans, despite whatever preconceived notion you think the word "Americans" actually should mean in English. I know nothing will ever change European minds, but at least understand what the correct form is.
>everything is less popular in Europe simply because it is inferior and fails purely on its technical merits
So everything is less popular in Europe because it fails on many other points? Big applause to you, I guess. Are you looking for a participation award?
Excellent move. Hopefully these moves continue the trend spreading through Europe.
With another 3 or so years with the Orange Dildo in charge, there's a decent chance the momentum will turn into something tangible.
Vive la France !
Unless you need some windows-only software, using windows at this point is masochism. I was never a fan of Linux, but the Microsoft driven enshitification is so strong that Linux is now a better option. To win, all Linux had to do is stand still, and that's exactly what it did! Ubuntu in 2026 is pretty much the same as Ubuntu from 2006.
WINE has come a long way. Most Windows software now just works on Linux.
I don't know why you believe Ubuntu stood still. Looking at the history that does not seem to be the case: https://en.wikipedia.org/wiki/Ubuntu_version_history
Personally, the last holdover is Ableton. Last time this came up, bunch of people pointed me to https://github.com/BEEFY-JOE/AbletonLiveOnLinux which has since then been marked as archived, and I'm still unable to run Ableton 12 properly on Linux via WINE, even though I've probably spent too many man-hours on getting it to work...
I'm still eagerly awaiting the day though, any day now surely.
> To win, all Linux had to do is stand still, and that's exactly what it did!
It is moving? Red Hat has been investing in containised apps and image based distros for years, Valve single handedly made Linux gaming viable. HDR development is mostly driven by Valve and Red Hat customers.
And no Linux isn't good enough yet. UX is all over the place.
> And no Linux isn't good enough yet. UX is all over the place.
Sure, the UX for Linux desktop is all over the place, and a lot of software is messy and untidy. But Windows isn't any better in that sense. It doesn't have a clear, cohesive design style either. Its selling point used to be that users were familiar with the UI, but it seems to change so much that users can't really leverage that much either.
> And no Linux isn't good enough yet. UX is all over the place.
Of course you'd think the UX is messy if you only look at the kernel ;)
It's up to the distributions and desktop/window managers to handle the UX, and the experience varies as much as there are desktop/window managers. Some of them are fairly internally consistent, like KDE and Gnome, and at least they're currently more internally consistent than Windows and macOS. I use macOS, Windows and Gnome daily, and the only one that doesn't give me daily grief in some manner, is Gnome.
> Unless you need some windows-only software
In many cases even if you do though, its possible to run it on WINE pretty well these days. It's insane how good it's become in the last few years (partly thanks to proton and Valves investment in it all really)
"Pretty well" is doing a lot of work. I have no horse in the race. I just run native on MacOS or Linux. Haven't run any Windows in a number of years. (I don't really game much and would just use my Xbox if I really wanted to--though that mostly functions as a DVD player these days.)
But if "pretty well" causes the random administrative person to have issues with doing their job or increases IT support costs, it will be off the menu pretty quickly. We'll see. A lot of things are different from the last round of we're going to Linux in Europe.
Nowadays, pretty well a lot of times means really well, maybe even better than on Windows. See Windows games running faster on Linux through Wine.
As I say no dog in hunt and don't actually have a Linux laptop any longer since I had to send it back to my company--from whence I'm sure it went straight to recycling. Maybe I'll buy an older refurb Thinkpad at some point.
> See Windows games running faster on Linux through Wine.
Let’s not leave out all the ones that don’t. Which is in fact, the majority of them. Strange how that’s always left out, we wouldn’t want to mislead people now would we?
It's not a majority of them. Hasn't been for some time now.
https://www.tomshardware.com/software/linux/nearly-90-percen...
The 10% that has issues is normally down to kernel level anti-cheat and denuvo.
Go back 5 years and you'd be right. But it's a totally different situation now.
We've come a long way in the last 2 years. We're at a point where MOST Windows software works flawlessly. I said "pretty well" as theres no doubt a few that don't and it'd be a bit disingenuous for me to suggest otherwise.
I certainly wouldn't come into this with knowledge on wine older than 2 years and make a snap decision though as its a totally different landscape - no weird quirkiness and tweaking needed for the vast majority of applications anymore.
> Ubuntu in 2026 is pretty much the same as Ubuntu from 2006.
Well, Ubuntu MATE perhaps :)
Windows LTSC I find comes pretty close to the less intrusive Windows I remember from the XP/7 era.
You forget about MacOS. And Apple are making some very aggressive moves as of lately to capture users.
MacOS is the same sort of walled garden as Windows though. It has plenty of dark patterns in stuff like iCloud too, I imagine with some more years of enshittification it will be in a similar state to Windows today.
And corporate customers like the French government will want their users to be within strictly controlled environments - walled gardens. That's why they've used Microsoft for so long. MacOS isn't as good for this scenario from what I understand, but is Linux?
IMO the walled garden doesn't have to be the employee's computer but centralized servers holding the data, intranet services, etc.
de Gaule v2.0 :)
Holy based
Next up: governments rejecting use of AWS.
At the least the french government has a plan. Now please have a look at Germany - the current leading guy is absolutely clueless as to what he wants to do. From appeasing Trump to ... actually doing what else? Germany with regards to its politicians is a problem for the EU. Yes, we also have Hungary etc... but it's a small country that is over-hyped by the media due to its intrinsic corruption in the leadership; the real problem really is Germany. In the past it always was "too much bureaucracy" - the problem goes much deeper. The THINKING process in Germany is broken. France, Sweden, Denmark, Netherlands, Finland, Norway (not EU but clever nonetheless) and so forth, are much better at THINKING. Something is broken in Germany and Merz is the showcase of cluenessness here.
That might work for government employees using webapps all day. But for power users it is unlikely to be friction free.
I consider myself a Power User, use of Windows is not friction free :)
Over the years I've come to believe that there is only one thing important: What you are used to. The friction is in the change process. Not in the destination.
As an independent, I have several customers on MS365, you know what my super power is? FireFox cookie containers. One for each org, and I switch with 0 effort between the orgs. No need for Windows in that workflow at all. In fact, using Windows and the native apps would probably give me a lot more friction.
Yes, sometimes I have issues. I.e. yesterday Word kept deleting my last 1-2 sentences for some reason, even though hitting ctrl-s tells everytime: "I should not worry". but in general it's fine.
My business is on Proton, and I love that MS365 AND Google workspace calender invites go right into my agenda with no effort. There is nice stuff out there. Especially now we have Proton Meet, I can take some ownership over videocalls in Teams and Google Meet finally.
>What you are used to.
Absolutely. I've given using a tablet (with keyboard) as an alternative to a laptop when traveling and it sort of frustrates me for a lot of things. But talking to people I know who have largely switched over, my conclusion is that, in general, I probably mostly just haven't put the effort and commitment to make it worth it for me. And I'm not sure, not spending nearly as much time on planes as I used to, it's worth it relative to getting a laptop that is even lighter than the combination.
As part of the human species, which has conquered our planet's poles, its deserts and its jungles, I believe we are in a unique position to adapt to many -if not most- circumstances thrown our way, and flourish.
Unlike modern Windows, known for its lack of friction.
"We have two versions of Outlook and none of them are working"
There are four ̶s̶i̶x̶ ̶(s̶e̶v̶e̶n̶ five counting the web version) maintained Outlook variants on Windows 11, last I checked and I have issues with each one. Search especially, but then that has remained an unsolved problem for 30 years. I am sure "AI" will finally solve this.
Edit: Have checked and found that two I thought were still maintained (16 and 19) were EOLd in October.
I feel like this is perfect being the enemy of good. So lets say only 80% of their staff can get off Windows and the remaining 20% need to remain on it. That's a great start!
And you can require new custom software to be compatible and guarantee an initial market.
It's a strategic decision and of course it's not financially optimal.
And if in 20 years thered still a few windows computers around in their org that doesn't matter
And a recipe for failure. All 100% of their staff needs to be moved off of Windows at the same time.
A few years ago, IBM tried to move everyone to LibreOffice from M/S Office. It failed, the reason why was top level execs and some others were allowed to stay on M/S Office. As time went on, M/S Windows became a Status Symbol. So people went begging and as time went on exceptions were granted. A few even went so far as to buy their own copy, which was allowed.
After 8 months IBM gave up. If you want things like this to succeed, you must be 100% in.
There's a negligible amount of "power users" among government employees; I think the majority of them are trained in reading and applying laws, and given the strong scientific/literary divide in the French culture, they usually think of themselves as inapt with computers (and the erratic behavior of MS products didn't help, if you ask me).
But knowing France, what to really worry about is execution, in particular for administrations. Probably people working there who read the TFA already think "oh, big mess incoming" even though they don't know what this "Linux" thing is.
I think standard IT/sysadmin training focuses mainly on Windows server etc., Linux being a second class citizen (because that's what the vast majority of small/mid sized businesses use). So recruiting good Linux sysadmins could be an issue, especially since the wages in government agencies are not exactly attractive.
Can you call yourself "power user" when your point is that switching away from Windows is too hard for you?
Respectfully, so what? There have always be specific use cases and user bases requiring a specific OS. No one ever considered OpenBSD interchangeable with Windows, few see Linux distros as a 100% drop in replacement for someone relying on Logic Pro.
Thing is, I really don't get this knee jerk "but what about INSERT_RARE_EDGECASE". It isn't helpful and argues something no one actually working on these projects ever proposed. Even if MSFT software remains in use, any gained alternative is a win, license costs and strategic autonomy both being valuable.
And yes, as you hinted, a large contingent of clerical work may already happen in a browser, with any found exceptions potentially addressable in the coming years, especially as older implementation may be updated anyways.
Let's be honest, we all underestimate how much we (can) do solely inside the browser anyways and even more so severely misgauge how few people are reliant on any native (none Electron) software at all outside gaming.
Power user is such a nebulous term anyway. To me, someone spending hours on end in Confluence can be a power user, having never left the browser. The same for a designer using Figma. Course, if one truly requires native only software, they may more likely fall under the umbrella power user, but again, few are seriously discussing just forcing those over since, reasonably, one must presume they have a reason for doing what they are doing.
What is a power user in this context? Someone deeply familiar with Windows and has tons of Windows related setup/applications?
That doesn't sound like a government worker... They rely on Microsoft Office, but the actual operating system could be anything. The only non-portable application is video games really. While LibreOffice may not have complete excel functionality, the vast majority of functionality can be replicated in web apps/libreoffice. And frankly most of this work can be migrated to AI.
You can even skin Linux to look exactly like Windows if you want, or use Mint or something. But really all people need is to be able to open up Chrome and Excel.
In fairness, the transition away from MSFT 365 Copilot (as we all of course call Office now) might include more friction. Mountainous VBasic monstrosities are sometimes the way things get done in orgs I am personally familiar with and that can be hard to switch away from. In general though, I consider this focusing on edge cases as just not helpful, especially as one must start a transition to fully uncover them and get to addressing them too. I also don't think that ancient Excel scripts are an unsolvable problem, but one that needs to be very carefully handled.
I imagine the biggest thing they need to open up is Outlook.
And if the decision away from Windows is an indicator, they will likely be moving email clients as well
Sometimes organizations need to undertake work that is not friction free to achieve longer term goals.
I'm a power user and I've used linux for over 25 years. My corporate windows machine is total trash and completely unsuitable for any power users, either because its windows or because corporate locks it down so much it's barely more functional than a chromebook, I don't really care.
Power Users faced the same problems when Office changed to ribbon menus. It doesn't has to be friction free.
That's also what Microsoft 365 is, a webapp, even the latest Outlook is a webapp.
Nobody in their right mind prefer the web apps over the native apps if they sit all day doing e.g spreadsheets. I tried the M365 web app for Word the other day and it's sluggish.
It doesn't have to be friction-free. The rough edges can be sanded down with government investment that addresses the needs of citizen-users.
“Well, did it work for those people?”
“No, it never does. I mean, these people somehow delude themselves into thinking it might, but……
…But it might work for us!”
