What do y’all think? Does switching to Linux as an entire corporation mean RedHat? Or could it be done on a distro like Debian?

  • 0x0@programming.dev
    link
    fedilink
    arrow-up
    35
    ·
    5 months ago

    The Windows target costumer has always been the employer – expect group policies to disable Recall in any enterprise version. Not Home though.

    • Ænima@lemm.ee
      link
      fedilink
      arrow-up
      2
      ·
      5 months ago

      Yeah, gonna suck for all those with Home who become the AI trainers of tomorrow! While it’ll suck for us in IT who constantly have to pivot and scramble to block shit every time Microsoft or other software company decides to jam AI into it’s product.

  • mozz@mbin.grits.dev
    link
    fedilink
    arrow-up
    28
    ·
    5 months ago

    Corporation: Yo can you add a button so I can see all my employees’ screenshots? And maybe get like a little report of what % of the day they’re spending on doing exactly what they’re told? And then like an automated email to HR and their manager if it drops below a threshold…

    • shalafi@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      ·
      5 months ago

      LOL, you’re vastly overestimating company’s IT abilities, funding and give-a-shit motivation. As to money, now you gotta hire people to watch people. No matter how automated, there’s a cost and additional personnel need.

      And if the corporation is technically competent enough to manage all that mess, that’s probably a company with skilled workers who will leave under such conditions.

  • slazer2au@lemmy.world
    link
    fedilink
    English
    arrow-up
    21
    ·
    5 months ago

    No, there was always an off switch for enterprise versions of win 11 before MS back peddled and made it opt in.

    Enterprises have a function called Group Policy where you can make mass adjustments to managed PCs and no doubt there would be a setting there to disable Recall.

    • Ænima@lemm.ee
      link
      fedilink
      arrow-up
      3
      ·
      5 months ago

      Technically, GPOs are just registry adjustments with English definitions tacked on. No doubt there will be tools for Home editions to fix this; for those that look, that is.

      An example of this, that comes to mind, is Windows Update Blocker (WUB). All it does is enable the policies that block Windows Updates from Microsoft servers and stops their attempted workaround of the Windows Update Medic or whatever it is, which is solely talked with making sure the WU service is running. These are the same policies/registry settings that are triggered when an enterprise org uses WSUS to control update deployment.

      I don’t doubt, though, that Microsoft will to something shitty to ensure Home users cannot block it forever.

  • JJROKCZ@lemmy.world
    link
    fedilink
    arrow-up
    19
    ·
    5 months ago

    No… we just won’t buy the recall PCs and will disable it on the normal enterprise licensed workstations via GPO. Could always block the update in WSUS as well if you’re using that vs another RMM tool

  • Nougat@fedia.io
    link
    fedilink
    arrow-up
    13
    ·
    edit-2
    5 months ago

    No.

    If you’re talking about desktops, there is a huge cost involved in switching to an entirely new operating system. I’m not just talking about “How do you get it installed and configured on n laptops for users to then use?” Those users will require training in order to use it - and allllll of the new and different applications that run on that new operating system. (Users are mainly just button pressers, and when you change the buttons …) The alternative to the above would simply be to disable Recall via group policy. Done and done.

    If you’re talking about migrating Active Directory to some Linux LDAP centralized authentication, that’s going to introduce a whole lot of other complications. Not impossible, no, but it would be a very long, time-consuming, and costly process.

    If you’re talking about servers, you surely know that lots of companies run Linux servers on the back end. When you’re using Windows servers, there’s a reason. You want/need to use MS SQL, or Exchange on premise, or SharePoint on premise, for example. Are there other mail servers, database servers, collaboration servers? Sure - but again, switching from an existing platform to a different platform is costly.

    These transition costs get exponentially higher when you consider whether companies actually have the in-house expertise to be able to pull off such a thing (Narrator: They don’t.)

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      2
      ·
      5 months ago

      Active directory is just a LDAP server for the most part. You can join Linux clients to it without issue.

  • Possibly linux@lemmy.zip
    link
    fedilink
    English
    arrow-up
    13
    ·
    edit-2
    5 months ago

    No

    Look at the VMware Broadcom merger. The price went way up and companies paid it anyway. However some did switch to the cloud or some other hypervisor.

    Also the Linux desktop isn’t geared as much towards the enterprise. It isn’t easy to lock down and the vast amount of options is a blessing and a curse.

    • mojoaar@lemmy.world
      link
      fedilink
      arrow-up
      4
      ·
      5 months ago

      Look at the VMware Broadcom merger. The price went way up and companies paid it anyway. However some did switch to the cloud or some other hypervisor.

      It is not all of us Enterprises that “just paid”. We chose a migration project over “just paying” Broadcom and would not call it a merger, but rather a takeover.

  • RmDebArc_5@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    13
    ·
    5 months ago

    Recall ist just on a few expensive laptops and companies generally disable stuff like this. In one company we frequently had to do the registry edit to bypass the Microsoft account. Companies in my experience used Debian or Ubuntu as Linux desktop distributions. Ubuntu because professional support and Debian (custom image) for machines that aren’t updated commonly.

    • JJROKCZ@lemmy.world
      link
      fedilink
      arrow-up
      3
      ·
      edit-2
      5 months ago

      Why the hell were you doing regedits instead of just imaging with WDS/MDT or similar and joining to AD?

      • RmDebArc_5@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        2
        ·
        5 months ago

        We only did regedits only sometimes when it needed to go fast, normally we had a drive made with Rufus to disable the account requirement

      • Ænima@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        5 months ago

        Edit: explanation for this particular user is below.


        I’d imagine it’s due to a lot of smaller companies/orgs that can’t afford it and have too few users or machines to justify the costs associated with management infrastructure and costs. I know a lot of companies just buy machines with Pro and have some local IT configure them manually. Pro is marginally better than Home, with regards to management capabilities, but still has some bullshit that is tough to manage consistently.

        • Possibly linux@lemmy.zip
          link
          fedilink
          English
          arrow-up
          2
          ·
          5 months ago

          You can setup Samba AD on a old machine in the worse case. However, a Windows Server basic license is expensive but not much more than pro.

  • palordrolap@kbin.run
    link
    fedilink
    arrow-up
    12
    ·
    5 months ago

    Chances are that many large entities are in too deep. It’s what Microsoft were counting on before the backlash, and now they’re probably going to do it by stealth instead.

    If I have to use Windows, I want the configuration of Windows that will run on the computers at a country’s top intelligence agencies.

    Because sure as hell those places will have it locked down and not sending one solitary thing back to Microsoft, whether they have to configure it themselves or put the fear of the unholy into Microsoft to get that to happen.

    And if not that, the configuration that Bill Gates or Mark “I put tape over my webcam and deactivate my mic for no particular reason” Zuckerberg will use.

  • Mikina@programming.dev
    link
    fedilink
    arrow-up
    11
    ·
    5 months ago

    Many companies are still using Windows 7 machines or 2008 win servers, without MS17-010 patch. They don’t really care about security that much, when it’s inconvenient or slightly difficult to mitigate. They won’t be switching entire architecture just for a few screenshots

  • Dudewitbow@lemmy.zip
    link
    fedilink
    arrow-up
    5
    ·
    5 months ago

    many dont have a reason to, because enterprise versions of windows is different than the consumer one. Windows isnt a singular OS version.

  • hactar42@lemmy.world
    link
    fedilink
    arrow-up
    5
    ·
    5 months ago

    Not a chance. Basically your opinions would be to retrain your entire user base, or set a GPO or Intune policy to disable a service you don’t want.

  • jasep@lemmy.world
    link
    fedilink
    arrow-up
    5
    ·
    edit-2
    5 months ago

    No large corporation in the Microsoft ecosystem will ditch Windows due to Recall because it will be turned off. This kind of setting can be managed / customized with Group Policy tools and MDM settings.

    Recall is targeted for home based users, not enterprise customers.

    • 0x0@programming.dev
      link
      fedilink
      arrow-up
      2
      arrow-down
      3
      ·
      5 months ago

      Macs are expensive though. Fine for managers to use for presentations and meetings but no way you could justify that expense for a dev.

      • nick@midwest.social
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        5 months ago

        Except that every company I’ve ever worked for (6 now) in Silicon Valley DOES provide top tier MacBook pros for devs.

        My current laptop is an m3 with 64gb of ram.

        • 0x0@programming.dev
          link
          fedilink
          arrow-up
          1
          arrow-down
          2
          ·
          5 months ago

          Tell me you’re a tech-bro soydev without telling me you’re a tech-bro soydev.

      • That’s not as much of a deciding factor as you might think. Enterprise laptops are stupidly overpriced; I wouldn’t be surprised if buying Macs didn’t actually save the average corporation money.

        The real cost is in the support contract, and any CIO or senior manager knows this. The trick is finding a company to provide Mac hardware support at an enterprise level. None of this going into a Genius Bar and standing around for an hour until an employee deigns to notice you; they want a telephone number they can call, get someone 24/7 (or some proximity thereof), and get someone to come over and fix the CEO’s laptop when the battery swells up. Or, more probably, when they run a diagnostic and find out it’s bad memory, or whatever - they want to be able to swap out hardware on a call, and have a rotating upgrade plan, and all that shizzle.

        The cost of the laptops is almost incidental.

  • sylver_dragon@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    5 months ago

    No, it’ll just get disabled. Security baselines are a common feature of enterprise IT, this will just be another requirement.