this post was submitted on 27 Sep 2024
143 points (88.6% liked)

Linux

48371 readers
1684 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

Earlier this week my company bought a LIDAR from Ouster. The LIDAR is a network device: it has an ethernet interface, it gets its IP from a DHCP server and then it talks to whichever machine runs the Ouster application.

The engineers and the marketing guy in charge of evaluating it installed the software on a Windows 11 laptop and tried to make it work for 2 days, to no avail. The software simply wouldn’t connect.

So they came to me, the unofficial company “hacker”, to figure it out. And I did: the culprit, as always, was the Windows firewall. Because of course…

But here’s the twist: because it’s Windows, you need some sort of additional antivirus on top of it. Our company uses WithSecure, which is phenomenally annoying and intrusive, and constantly gets in your way when you try to do any work in Windows that isn't Word or Excel. And of course, WithSecure wouldn’t let me punch a hole in the Windows firewall, because of course…

Anyhow, after trying to work around Windows and the hateful compulsory antivirus, I called IT and told them I needed WithSecure disabled, at least temporarily. They told me to fuck off because they’re not letting an unsecured Windows machine on the intranet.

Fine. I pulled another, older Windows laptop without any antivirus, connected it to an air-gapped router, configured DHCP in the router, connected the LIDAR to the router, launched the Ouster app and… it didn't work.

After 3 hours trying to figure out what was wrong, I finally found the problem: the stupid app is an Electron app built with an older version of Electron that had a bug in node.js that prevented it from working if it couldn’t resolve some internet address.

Sigh… Electron… Because of course…

This was getting too painful and annoying with Windows. So I blew away the Windows partition, installed Linux Mint on the laptop, configured the ethernet interface as a private interface, installed the DHCP server so I could do away with the router, connected the laptop to the guest wifi so the stupid Electron app could resolve whatever it needed to resolve to work, installed the Linux version of the Ouster app, and hey-presto, it worked rightaway.

So I made an account for the guys in Mint and handed them the laptop. They played with the LIDAR for a few hours without any problem, pulled records and files out of the machine on USB sticks without any problem, viewed some Excel files in Libreoffice without any problem.

Eventually the marketing guy asked me:

“So what was the problem then?”
“Windows of course” I said. “What else?”
“Wow. That Linux stuff is really good. We tried so hard to make this work but we never could. But it worked rightaway in Linux. That’s slick!”
“Well yeah, I keep telling you guys Windows is crap. There are reasons and this is one of them.”
“Yeah I can see why you don’t like it. And that Linux desktop is really nice actually. I might give it a spin at home.”

So hey, I managed to impress a marketing guy with Linux 🙂

It shows how polished Linux has become, if ordinary computer users can be convinced this easily now. It wasn’t like that for a long long time and it feels kind of rewarding to know you bet on the right horse all along and you're vindicated at last.

all 35 comments
sorted by: hot top controversial new old
[–] DesolateMood@lemm.ee 82 points 2 months ago (1 children)

What is that fanfiction headass conversation at the end lmao

[–] variants@possumpat.io 36 points 2 months ago (1 children)

Maybe it's just how marketing guys talk haha they can't turn it off

[–] possiblylinux127@lemmy.zip 3 points 1 month ago

You need our brilliant product. It will save your business millions!***

*** licensing fees not included in calculation

[–] gencha@lemm.ee 46 points 2 months ago (1 children)

How do you sell what you did as "it just worked"? Rightaway? You lied to them. You have your coworkers on an unmanaged machine with a foreign OS on the guest WiFi with custom networking. Don't oversell a workaround as a solution.

Simplifying the problem to "Windows" seems unfair, given how many problems you found. All of them still require a long-term solution for regular operation.

[–] schizo@forum.uncomfortable.business 11 points 2 months ago (1 children)

You have your coworkers on an unmanaged machine with a foreign OS on the guest WiFi with custom networking.

Which, at any of my last few corporate jobs, would be grounds for termination, if not immediately throwing you out of the building and telling you if you come back we're calling the cops.

You really don't bypass controls in a corporate environment like this if you like working there.

(And yes, not EVERY job will react that way, but any that's got any compliance requirements absolutely will.)

[–] possiblylinux127@lemmy.zip 5 points 1 month ago

It is especially damming that they said they can't turn off the security solution. If they won't be flexible enough to add an exception then I'm pretty sure they definitely don't what ghost IT. This could end up costing this company a lot of money down the road

[–] Zeoic@lemmy.world 23 points 2 months ago (1 children)

Windows Defender is actually quite good these days. The main reason an enterprise would use a 3rd party AV/Firewall would be centralized management of said av and firewall. If IT needs to install apps and make them work, they also need the ability to manage the AV/Firewall.

[–] ExtremeDullard@lemmy.sdf.org 5 points 2 months ago* (last edited 2 months ago) (1 children)

Well I'm sure they have very good reason and I'm not questioning them. I'm just talking from a user's standpoint (and I'm a very poor Windows users): whenever I try to port any of our tools to Windows, wham the damn antivirus kicks in and puts my stuff in quarantine. If I use an engineering application that talks to some device on an unusual port - and I'm talking outgoing traffic, not incoming, wham it's blocked. And unblocking it requires making a formal request to IT, that whitelists the application, until WithSecure updates itself and forgets about it, and here we go again.

It's just a complete PITA. You constantly feel like you're fighting an algorithm with stupidity built in just to get normal, honest-to-goodness work done.

[–] possiblylinux127@lemmy.zip 3 points 1 month ago

In my experience the over engineered solutions are often the least secure.

[–] killabeezio@lemm.ee 18 points 1 month ago (3 children)

This story has nothing to do with why Linux would be any better than Windows. Sure, if you lie to people, then anything can be convincing. What if I had a firewall installed in Linux, wouldn't you have had the same issues?

This is sort of the problem I have with a lot of Linux enthusiasts, when you have a hammer, everything is a nail.

Compared to Windows and MacOS as a client desktop, Linux still severely falls behind, but it is getting better. For a server, Linux is just far superior.

[–] GSV_Sleeper_Service@lemmy.world 6 points 1 month ago (1 children)

You think linux doesn't have a firewall? I'm fairly certain every distribution has one installed and enabled by default.

The real reason linux worked so well in this situation was the local admin rights that came from being a rogue, unmanaged device on the network. I'm sure they could have made windows work if all the group policies weren't being enforced.

[–] killabeezio@lemm.ee 3 points 1 month ago* (last edited 1 month ago)

Yes, you have iptables and nftables, but it's not always enabled. So, when I said installed, I really meant enabled. I 100% agree with what you are saying though.

Unfortunately a lot of places just have shitty IT and people go rogue because of it. Some people are just impatient though as it sounds like in this case.

You also have things like apparmor and selinux. If those are enabled, you might be chasing your tail trying to figure out why something is not working. You would need to know where to look and how to fix it.

[–] Nibodhika@lemmy.world 3 points 1 month ago

As much as I disagree with your last statement (I think Linux for client is on par with Windows for the vast majority of users), I strongly agree with everything else. This wasn't a Windows problem, but a "your IT is cockblocking you" problem, it could have happened in Linux too if it wasn't because he used a rogue device, he could have fixed it on Windows too doing the same.

Personally I would have gone straight to Linux because I'm out of the loop on how to do these sort of stuff on Windows. If it had to be Windows, let IT figure that out, their firewall, their anti-virus, their problem.

[–] ulterno@lemmy.kde.social 2 points 1 month ago

What if I had a firewall installed in Linux

A previous company of mine, required an "AntiVirus" installed on the Linux computers too.
The one the IT guy installed, ran in the background all the time, doing nobody-knows-what and and slowing down every thing and having multiple segfaults in a minute, shown in the journal.

Long after I left, I also saw an RCE vulnerability related to it. So essentially, my system would have been more secure without the app.

[–] some_guy@lemmy.sdf.org 17 points 2 months ago (3 children)

It shows how polished Linux has become

Did you read what you wrote?

configured the ethernet interface as a private interface, installed the DHCP server so I could do away with the router

Yeah, you and I can do this. Most people can't. Yes, Linux has become more accessible. Most people still can't do this.

[–] Tlaloc_Temporal@lemmy.ca 5 points 1 month ago

And the alternative to doing that is what? This whole story was started because of windows and windows antivirus being inflexible.

[–] jjlinux@lemmy.ml 4 points 1 month ago (1 children)

All they have to do is learn, like we did. What's the big deal?

[–] WldFyre@lemm.ee 3 points 1 month ago (1 children)

Not everyone has a career where dedicating time to learn this stuff is helpful or worthwhile. There's a ton of "useful" skills that all of us don't bother to learn because our time is better spent elsewhere.

[–] jjlinux@lemmy.ml -1 points 1 month ago (2 children)

Yeah, that includes me. My career has absolutely nothing to do with technology. So, what's your point?

[–] fishinthecalculator@lemmy.ml 4 points 1 month ago* (last edited 1 month ago) (1 children)

Maybe the point is that you cannot demand that the whole world knows the same set of concepts as you do. Otherwise just learn to remove cancer by yourself instead of forcing a person that studied decades to get down their trone and do their job

[–] jjlinux@lemmy.ml 1 points 1 month ago

That's my point. They learned to remove cancer, and yet, can't remove them all. I learned to use GnuLinux, to make it work, regardless of distro, yet some things just fail. So, again, what's your point?

What's keeping anyone from learning anything other than the desire and effort?

You chose to bring up that ridiculous comparison only to confirm what I said. Ran out of hentai to watch or something? 🤣🤣

[–] WldFyre@lemm.ee 2 points 1 month ago (1 children)
[–] jjlinux@lemmy.ml 3 points 1 month ago (1 children)

Ok, you're right. I have to agree that it being worthwhile for me doesn't make it so for others. Can't disagree with you on that. I'll down vote myself for not reading your comment with the intent to understand before I replied. And, honestly, thanks for pointing out that I did not really get it, for real.

[–] WldFyre@lemm.ee 1 points 1 month ago

Hey no worries, sorry for assuming you were taking past me instead of just missing my point! No need to download yourself haha

[–] interdimensionalmeme@lemmy.ml 0 points 1 month ago

Sure the front desk secretary can't but the engineering team can if they use chatgpt and their brain.

The alternative is yielding to the techno priesthood and giving up on your dreams.

[–] sic_semper_tyrannis@lemmy.today 15 points 2 months ago

Great story. I have found that pretty much everyone I have shown Linux is pleasantly surprised with how nice it is. I think people have an idea of it being a hacker person OS with code running on the screen.

[–] possiblylinux127@lemmy.zip 12 points 1 month ago (2 children)

Your IT department sounds awful. I have never heard of "withsecure" but it sounds like a pain in the ass.

Anyway its better not to do ghost IT as that never ends well. Next time you should get the explicit approval of the IT department and document everything.

It was named f-secure before.

[–] interdimensionalmeme@lemmy.ml 0 points 1 month ago

Sodomizing IT is always mandatory unless you want to waive the white flag. They will never help you. IT is an invincible enemy, you just have to seal them up in a infinite bureaucratic loop and try to do your work while they are tangled in that web of logic.

[–] nkat2112@sh.itjust.works 2 points 2 months ago

This is a beautiful story. Thank you for sharing that!