sylver_dragon

I tried that, I ended up with this weird “Windows 11” adware installed and couldn’t get rid of it. There was also a problem with odd programs and advertising showing up in my Start Menu, even after I removed them. Also, my settings would occasionally just change, without my knowledge or permission.

It depends on the environment. I’ve been in a couple of places which use Linux for various professional purposes. At one site, all systems with a network connection were required to have A/V, on-access scanning and regular system scans. So, even the Linux systems had a full A/V agent and we were in the process of rolling out EDR to all Linux based hosts when I left. That was a site where security tended to be prioritized, though much of it was also “checkbox security”. At another site, A/V didn’t really exist on Linux systems and they were basically black boxes on the network, with zero security oversight. Last I heard, that was finally starting to change and Linux hosts were getting the full A/V and EDR treatment. Though, that’s always a long process. I also see a similar level of complacency in “the cloud”. Devs spin random shit up, give it a public IP, set the VPS to a default allow and act like it’s somehow secure because, “it’s in the cloud”. Some of that will be Linux based. And in six months to a year, it’s woefully out of date, probably running software with known vulnerabilities, fully exposed to the internet and the dev who spun it up may or may not be with the company anymore. Also, since they were “agile”, the documentation for the system is filed under “lol, wut?”

Overall, I think Linux systems are a mixed bag. For a long time, they just weren’t targeted with normal malware. And this led to a lot of complacency. Most sites I have been at have had a few Linux systems kicking about; but, because they were “one off” systems and from a certain sense of invulnerability they were poorly updated and often lacked a secure baseline configuration. The whole “Linux doesn’t get malware” mantra was used to avoid security scrutiny. At the same time, Linux system do tend to default to a more secure configuration. You’re not going to get a BlueKeep type vulnerability from a default config. Still, it’s not hard for someone who doesn’t know any better to end up with a vulnerable system. And things like ransomware, password stealers, RATs or other basic attacks often run just fine in a user context. It’s only when the attacker needs to get root that things get harder.

In a way, I’d actually appreciate a wide scale, well publicized ransomware attack on Linux systems. First off, it would show that Linux is finally big enough for attackers to care about. Second, it would provide concrete proof as to why Linux systems should be given as much attention and centrally managed/secured in the Enterprise. I know everyone hates dealing with IT for provisioning systems, and the security software sucks balls; but, given the constant barrage of attacks, those sorts of things really are needed.

It depends on what your goals are.

• Ventoy is good for having an alternate OS on a Thumbdrive. Even with a USB 3 device, you may encounter I/O blocking and find this isn’t suitable as a “daily driver” OS. However,. for booting something like Tails or Windows/Linux for OS specific hardware/applications, it can be a good solution.
• Dualbooting is a good way to “test drive” an alternate OS and also have a way to fallback to the other OS if you regularly need access to some software which only runs on that OS. This is likely to have better performance than the USB/Ventoy setup at the cost of Windows fucking up the bootloader config from time to time.
• Windows/Linux with a Linux/Windows VM is useful when you know what OS you want to run on a day to day basis, but have some reason to reach into the other OS on occasion and aren’t too worried about performance and hardware access in the alternate OS.

Ultimately, it’s going to come down to what you are trying to do and why you want to run multiple Operating Systems. For example, my main system is running Linux. But, I want the ability to run Windows malware in a controlled sandbox (not a euphemism, I work in cybersecurity and lab some stuff for fun). So, I have KVM setup to run Virtual Machines, including Windows.

For another example, prior to making the switch to Linux, I had Windows as my primary OS and booted Linux on a USB stick (not Ventoy, but close enough). This let me gain confidence that I would be able to make the jump.

I don’t have a good example for dual booting. Maybe something like a SteamDeck where you want a stable, functional OS most of the time; but, have some games which will only run in Windows.

At the time I stood my server up, I was supporting RHEL at work and support for docker seemed a bit spotty. IIRC, it took both setting up the docker yum repo directly, along with the EPEL repo. And every once in a while, you could end up in dependency hell from something which was at different versions between EPEL and the official repos. Ubuntu, on the other hand, had better docker support in the official repos and docker seemed more targeted at .deb distributions. So, I made the choice to go Ubuntu.

I suspect this is long since all sorted. But, I see no compelling reason to change distributions now. The base OS is solid and almost everything the server does is containerized anyway. If I were to rebuild it, I would probably use something more targeted at containerization/virtualization, like Proxmox.

I had dabbled with Linux before, both at home and work. Stood up a server running Ubuntu LTS at home for serving my personal website and Nextcloud. But, gaming kept my main machine on Win10. Then I got a Steam Deck and it opened my eyes to how well games "just worked’ on Linux. I installed Arch on a USB drive and booted off that for a month or so and again, games “just worked”. I finally formatted my main drive and migrated my Arch install to it about a week ago.

I’m so glad that I won’t be running Windows Privacy Invasion Goes to 11.

My experience has been pretty similar. With Windows turning the invasive crap up to 11, I decided to try and jump to Linux. The catch has always been gaming. But, I have a Steam Deck and so have seen first hand how well Proton has been bridging that gap and finally decided to dip my toes back in. I installed Arch on a USB 3 thumbdrive and have been running my primary system that way for about a month now. Most everything has worked well. Though, with the selection of Arch, I accepted some level of slamming my head against a wall to get things how I want them. That’s more on me than Linux. Games have been running well (except for the input bug in Enshrouded with recent major update, that’s fixed now). I’ve had no issues with software, I was already using mostly FOSS anyway. It’s really been a lot of “it just works” all around.

And once you have found your specific collection of plugins that happen not to put the exact features you need behind a paywall but others, you ain’t touching those either.

And this is why, when I’m investigating phishing links, I’ve gotten used to mumbling, “fucking WordPress”. WordPress itself is pretty secure. Many WordPress plugins, if kept up to date, are reasonably secure. But, for some god forsaken reason, people seem to be allergic to updating their WordPress plugins and end up getting pwned and turned into malware serving zombies. Please folks, if it’s going to be on the open internet, install your fucking updates!