Things Windows can do that your average Linux distribution can't

>Windows works great with its own features

kys

* BSOD

>>60257075
Well gee i had no idea that windows would run great with things that were made FOR IT and make it harder to install other OSes.

It's like saying macs are better because they have native dmg support with no hassles

Oh and btw secureboot was confirmed insecure last year since the master key got leaked

File: risitas.jpg (319KB, 800x800px) Image search: [Google]

319KB, 800x800px

>>60257075
>* run UWP applications from the Store

>checking a box in a software manager is significant tinkering
>adding Packman is significant tinkering
>using an update manager instead of Microshit's automatic botnet is significant tinkering
>using proprietary drivers
>using Microshit's Approved Botnet™ Software©
>calling user access control "Group Management"
>falling for the UEFI botnet
>using the CLI is a bad thing
>using backdoored NSA encryption
please stay on Windows you tard

>>60257208
>Oh and btw secureboot was confirmed insecure last year since the master key got leaked
https://arstechnica.co.uk/security/2016/08/microsoft-secure-boot-firmware-snafu-leaks-golden-key/
>The company said: "The jailbreak technique described in the researchers’ report on August 10 does not apply to desktop or enterprise PC systems. It requires physical access and administrator rights to ARM and RT devices and does not compromise encryption protections."
https://news.ycombinator.com/item?id=12260454
>TL;DR: Microsoft's Secure Boot bootloader is vulnerable to an attack where you use a (Microsoft-signed) supplemental boot policy instead of a regular boot policy, effectively removing the Secure Boot lock and allowing to run unsigned code.
>This affects locked devices (Windows RT, Phone, ...) and might be used for jailbreaking devices as well as to attack their security.

>>60257103
>>60257208
>Windows works great with its own features
Let's completely ignore font rendering, hardware support, signed binaries in UEFI, the kernel and userspace, faster booting, unsupervised automatic security patch installation, group policy (which you can maybe try to replicate with SELinux policies) and hard drive encryption.
It's like I didn't list anything at all, right? Is this the level of denial you have to live with?

>>60257283
>font rendering
not an argument
>hardware support
nouveau drivers for Nvidia babies
Packman for audio/video
Packman for Broadcom issues
>signed binaries
stop right there, UEFI is shit and binaries themselves can never be trusted regardless of signing
>kernel and userspace
what about them?
>faster booting
Libreboot is infinitely faster than your preinstalled binary BIOS, and if you want to look at just how locked down BIOSes are right now, compare yours to the options that used to be Phoenix BIOS. You can't even change your CPU frequency from your locked down shit anymore
>unsupervized automatic security patch installation
you literally just described Windows
>group policy
SELinux is an NSA botnet too, and AppArmor is friendlier to use. Just because there isn't a monolithic application for it doesn't mean that it doesn't exist as a feature
>encryption
dm-crypt+LUKS

Video games.
>b-b-b-but...
no one spends $600+ on a gaming machine only to cuck themselves out of 90% of the available library because of a lack of support and Wine being trash.

>>60257075
>* decent font rendering
Somebody has not used FreeType 2.7.

>* have drivers for new hardware and certain brands known to be problematic, such as BroadCom
Most of the time there is drivers for problematic hardware, you just have to install it.

>* support signed drivers to prevent tampering
Tampering from who? You?

>* support signed chain from UEFI to the kernel (UEFI SecureBoot)
SecureBoot does not have a realistic threat model; it only exists to lock you out from reprogramming your own device.

>* support signed application binaries
See above.

>* run .NET applications (inb4 Mono, to which I say: WPF support)
I have never used anything written in .NET, but can't you just run anything that won't work with Mono using WINE?

>* run UWP applications from the Store
This may be true, but WINE would support it if anyone cared.

>* use hybrid boot for faster booting
It's called hibernation and Linux had this way before Windows did.

>* install automatic and invisible security patching in the background

dnf install dnf-automatic

apt install unattended-upgrades

>* provide group policies for easy management of what computers can and cannot do
So you can take away users freedom?

>* integrate with an Active Directory to provision group policies across all Windows boxes in a network
Isn't this just LDAP? Just use Samba and Kerberos.

>* painless three-click setup of hard drive encryption through BitLocker
gnome-disk-utility (AKA GNOME Disks) to set up LUKS.

>>60257075
>Have working drivers for my soundcard
>can play games
linux btfo

>>60257450
KVM+QEMU
>muh 5fps overhead :^(((((
get a better computer nigger

>>60257497
>please buy more expensive hardware to account for our autistic software that does nothing better
I've fallen for many /g/ memes, but not this one.

>>60257075
>* have drivers for new hardware and certain brands known to be problematic, such as Broadcom
right, it's Linux fault that vendors don't write drivers

>* support signed application binaries
every distro which uses repositories support checking signature of repository since time immemorial

>* run UWP applications from the Store
considering fact that uwp is cancerous piece of shit not being able to run those apps is feature - look at all those developers who want to write them!

>* install automatic and invisible security patching in the background
invisible? you mean "we'll reboot automatically when it'll be most inconvenient for you"?
most distros have automatic update checker which work is more invisible than Windows "reboot" 10 "times every update"

>* painless three-click setup of hard drive encryption through BitLocker
yes, install bitlocker, also send us password/key to your disk so it'll be more secure

encrypting disk in Linux is also painless, it's one option during partitioning in most instalators

>>60257422
>>font rendering
>not an argument
"I am fine with an inferior reading experience."
>>hardware support
>nouveau drivers for Nvidia babies
>Packman for audio/video
>Packman for Broadcom issues
https://help.ubuntu.com/community/WifiDocs/Driver/bcm43xx
Yeah, that looks easy and painless.
>>signed binaries
>stop right there, UEFI is shit and binaries themselves can never be trusted regardless of signing
No argument made.
>>kernel and userspace
>what about them?
You have no guarantee check that the author of the program actually wrote the code that's running right now. Scary prospect to me.
>>faster booting
>Libreboot is infinitely faster than your preinstalled binary BIOS, and if you want to look at just how locked down BIOSes are right now, compare yours to the options that used to be Phoenix BIOS. You can't even change your CPU frequency from your locked down shit anymore
Please leave the goalpost where it was, the OS half of booting.
>>unsupervized automatic security patch installation
>you literally just described Windows
I also described https://wiki.debian.org/UnattendedUpgrades which should just be enabled out of the box. Users cannot be trusted to do the right thing and apply security patches in a timely manner. Not even you.
>>group policy
>SELinux is an NSA botnet too, and AppArmor is friendlier to use. Just because there isn't a monolithic application for it doesn't mean that it doesn't exist as a feature
You seem to love to say "botnet", but your claims are not backed by any evidence. If your opponent is the NSA, you probably ought to stop using computers in the first place.
>>encryption
>dm-crypt+LUKS
OP says: "without significant tinkering and/or dropping down into the command line"
The only distribution I've seen do this right is Fedora (and subsequently RHEL).

File: file.png (35KB, 620x468px) Image search: [Google]

35KB, 620x468px

>>60257517
>Please leave the goalpost where it was
Epic denial in overall.

>>60257511
>right, it's Linux fault that vendors don't write drivers
It isn't, but that doesn't make it any more convenient.

>every distro which uses repositories support checking signature of repository since time immemorial
ToCToU. It's not checked when the application is loaded into memory, meaning an attacker can social engineer a custom binary copied into a privileged path. No signature verification to stop it.

>>60257451
>Isn't this just LDAP? Just use Samba and Kerberos.
Nobody actually has publicly documented how the group policy storage in LDAP actually works.

>>60257075
>* decent font rendering
freetype2 looks great
>* have drivers for new hardware and certain brands known to be problematic, such as BroadCom
third party issue, it's not linux's fault broadcom provides poor linux support
>* support signed drivers to prevent tampering
>* support signed application binaries
false, packages can be signed
>* run .NET applications (inb4 Mono, to which I say: WPF support)
>* run UWP applications from the Store
you can't be serious
>* use hybrid boot for faster booting
>* install automatic and invisible security patching in the background
false

>>60257451
>So you can take away users freedom?
you need group policy to enable passphrases in bitlocker, for example

>>60257517
>Installing updates, please wait...
>faster than GNU/Linux
t. retard

File: blepe-fs8.png (27KB, 544x593px) Image search: [Google]

27KB, 544x593px

>So, tell me, why are Linuxlets still refusing to use Windows on their desktop?

Poverty and mental illness.

>>60257075
>Things Windows can do
>* decent font rendering
/g/, why are you bullying a blind person itt? Do you feel no shame?

>>60257634
https://insider.windows.com/?wa=wsignin1.0
Seems like you are the one with mental illness.

>>60257517
>>>signed binaries
>>stop right there, UEFI is shit and binaries themselves can never be trusted regardless of signing
>No argument made.
what the anon wanted to say is: Even signed binaries can do things that you don't know and maybe don't want (like telemetry). The only programs that are trustworthy are the ones you compiled yourself (and read the source (but since nobody does that, the arguments for-and-against/about signed binaries are all bullshit anyways in either way))

>>60257672
What about it?

>>60257672
Did you post the wrong link?

>>60257511
>encrypting disk in Linux is also painless, it's one option during partitioning in most instalators
Only if you have a single drive, try to do something like encrypt more than one while sharing a password and oh boy time to waste time on the terminal again.

>>60257075
> Windows
> decent font rendering
> everything gets fucking blurred
are you blind? windows font rendering is the worst in existence

Windows is a Spyware

>>60257075
Why do you even care? Are you retarded? Use Windows and shut the fuck up. No one cares about your operating system.

>>60258076
I was a Linux user for most of my life until I'd seen the light. I am compelled to spread it.

>>60257283
You do know when it comes to hardware linux wins right?
Try using an s3 card or a voodoo card and expect it to work on windows 10.
Pretty much anything you plug will work no problem when it comes to controller without using shit like x360ce.
I am also pretty sure windows 10 does not support a million different architectures.
Also ntfs is trash. How am i supposed to keep my hentai collection intact when it gets corrupted and chkdsk fucks up everything else.
And why the fuck does it not have a package manager with trusted repos and good programs and not mobile malware trash

>>60257749
>terminal
>waste of time

All about that learning curve young padawan, terminals aren't wasting time if you know what you're doing.

It's either navigating to the right option through Control Panel or finding the right command to pass or file to modify, pick your poison.

>>60258098
Why? You seen the light, great. Keep it for yourself and don't share it, just like Windows does.

>>60258108
Then use ReFS?

File: windows encryption 101.png (184KB, 939x705px) Image search: [Google]

184KB, 939x705px

>>60257075
>* decent font rendering
Last I checked they can't even into hi DPI
>* have drivers for new hardware and certain brands known to be problematic, such as BroadCom
just get a fucking LB LINK. broadcom chips are backdoored 24/7 and has no physical killswitch compared to a USB wifi
>* support signed drivers to prevent tampering
Installing android recovery? lol. it just werks on linux, no need to do this shit.
>* support signed chain from UEFI to the kernel (UEFI SecureBoot)
Secureboot only blocks you from USB booting and may hard brick your whole thing (not even recovery cd works and have to use the trashy recovery partition that is worth 14GB. Drive failure means it goes into trash)
>* support signed application binaries
?? anyone can spoof that shit and even bypass the UAC and implant spoofed services labeled as microsoft (c)
>* run .NET applications (inb4 Mono, to which I say: WPF support)
Qt > .NET
dotnet is backdoored, anything compiled with it comes with telemetry and also the reason why most viruses ever compiled are traced back from its origins
>* run UWP applications from the Store
Is this even relevant?
>* use hybrid boot for faster booting
Hybrid boot more like non-volatile RAM that is dead insecure, allows LEA to extract the previous data in RAM and drive thanks to your fake shutdown
>* install automatic and invisible security patching in the background
Security patches that contain even more security holes courtesy of NSA (tm)
>* provide group policies for easy management of what computers can and cannot do
Protip: You can't modify NT/System Policy which contains all the telemetry and metadata and even webcam pictures of you (kek)
>* integrate with an Active Directory to provision group policies across all Windows boxes in a network
Active directory suck. Unix systems are the network standard. Doubt windows got any decent NFS
>* painless three-click setup of hard drive encryption through BitLocker
Painless one-liner to decrypt

>>60258159
I'll still keep the huge microsoft buttplug of metro, phones ,botnet, windows update,svhost.exe,no drivers for my old controller that whose company is dead, software bottlenecked vulkan/opengl.

Install the os and get updates via a lightweight package manager(or gui store which works the same way) and install/use the programs and games i like.

You install the OS(assuming windows likes your motherboard and doesn't show you msoobe.exe errors), go on a driver hunt, wait for your heavy AF windows update to finish, Hope windows update did not downgrade your driver, use the shitty bloated program your company wants you to use to update your drivers, use the browser to go get your programs, all of this and you still can't install them all at the same time and have to keep paying attention for every program that gets installed.

And don't even get me started on those idiots that thought not budling xna and the latest version of msvc and .net was a good idea. How the fuck is this supposed to be user-friendly. Instead you get ads and a 3d builder and some free2play mobile games.

>>60258159
Windows Server and 10 user here, ReFS performs terribly and is missing features from NTFS. The integrity protection is potentially there but the cost is too high when compared to other filesystems. I haven't found anything that beats ZFS yet.

>>60258403
And that's okay because you can only reasonably use ZFS on a select few systems (BSDs, OpenIndiana)

>>60258568
OpenZFS has stable ports to Linux, OS X, and maybe more systems.

>>60257075
>* decent font rendering
Gnu/Linux has better don't rendering. I don't know what you are talking about.
>* have drivers for new hardware and certain brands known to be problematic, such as BroadCom
Most things work though.
Windows on the other hand doesn't come with any drivers.
>* use hybrid boot for faster booting
Why though?
The majority of the time you spend on a cold boot is on the bios/UEFI stuff.
The gnu/Linux system boots in 1-3 seconds.
Boot times are not a thing to bitch about these days. We are now at a place where laptops are 15 times faster at booting.
Because everything from the bios to the monitor is faster.
>* install automatic and invisible security patching in the background
Windows can do that now?
This has worked for 15 years with gnu/Linux.
>* provide group policies for easy management of what computers can and cannot do
I don't see why having this as a cli application is a bad thing.
>* integrate with an Active Directory to provision group policies across all Windows boxes in a network
It wouldn't be all windows boxes if they ran gnu/Linux
>* painless three-click setup of hard drive encryption through BitLocker
Not through bitlocker, no.
But there is free replacements so who cares?

>>60257188
I hear it's black now

>>60257075
>buys MS surface laptop for 1000$
>can only install apps from store
>have to pay another 60$ to "upgrade" my system so I can install 3rd party software

>>60257517
>That looks easy and painless
Yeah man typing a command to identify a component then another command to install the appropriate driver for said component sure is hard.

>>60257075
Who is this semen demon ?

>>60260480
This is a guy, dude.

>>60260722
Close enough.

>* decent font rendering
Modern font rendering is really good, Oh boy i'm in for babies first shitpost aren't I

>* have drivers for new hardware and certain brands known to be problematic, such as BroadCom
Broadcom actually supports linux pretty well. This is a bullshit cherry pick bullet point, there are devices that don't support Windows either. Hardware/Driver support is good.

>* support signed drivers to prevent tampering
Don't need this if I have access to the source code, I can compile my own shit. You can also compare metadata for compiled binaries so this is retarded,

* support signed chain from UEFI to the kernel (UEFI SecureBoot)
Fedora, Ubuntu, maybe others,

>* support signed application binaries
This is actively being worked on, I would not be surprised if some enterprise crap has this.

>* run .NET applications (inb4 Mono, to which I say: WPF support)
Wine, or Mono.

>* run UWP applications from the Store
There are plenty of secure software repos for Linux

>* use hybrid boot for faster booting
Linux bootloader doesn't need this stupid shit. It already boots plenty fast.

>* install automatic and invisible security patching in the background
Linux can absolutely do this

>* provide group policies ... can and cannot do
Linux can absolutely do this as well

>* integrate with an Active Directory ... in a network
Linux can do this too.

>* painless ... BitLocker
There are distros that have painless encrypted partition setup.

>>60260785
>* painless three-click setup of hard drive encryption through BitLocker
>* painless three-click setup of hard drive encryption through BitLocker
>* painless three-click setup of hard drive encryption through BitLocker
Fuck you, faggot. If i don't have a TPM YOU GONNA HAVE A LOT OF PROBLEMS DO ENCRYPT YOUR HD.

>>60257075
>* decent font rendering
OK?
>* have drivers for new hardware and certain brands known to be problematic, such as BroadCom
Ndiswrapper, or you could just not buy retarded hardware.
>* support signed drivers to prevent tampering
Fair enough
>* support signed chain from UEFI to the kernel (UEFI SecureBoot)
Useless feature, but okay.
>* support signed application binaries
Fair point.
>* run .NET applications (inb4 Mono, to which I say: WPF support)
Hardly a feature, but I guess so.
>* run UWP applications from the Store
Once again, this is hardly a feature
>* use hybrid boot for faster booting
Agreed
>* install automatic and invisible security patching in the background
Linux can do this 1000 different ways on every distro
>* provide group policies for easy management of what computers can and cannot do
This is one of the core features of Linux
>* integrate with an Active Directory to provision group policies across all Windows boxes in a network
See above
>* painless three-click setup of hard drive encryption through BitLocker
"lol es eezierrr"

>>60257075
>decent font rendering
wew lad this bait was way too obvious

>>60257075
>signed drivers
Botnet, they should be free software
>SecureBoot
Botnet
>signed application binaries
Botnet
>.NET
Botnet

>>60257075

Sure, I'll bite.

>* decent font rendering

Most people don't give a shit about their font experience.

>* have drivers for new hardware and certain brands known to be problematic, such as BroadCom

There almost always exists an alternative to problematic manufacturers. In cases where you can't accept a substitute, you're probably doing something so specialized you're already not running Linux.

>* support signed drivers to prevent tampering

Driver signing is slowly getting more and more irrelevant. Certificate authorities and the companies signing drivers don't have the chops to secure their certificates.

https://en.wikipedia.org/wiki/Stuxnet

The malware has both user-mode and kernel-mode rootkit capability under Windows, and its device drivers have been digitally signed with the private keys of two certificates that were stolen from separate well-known companies, JMicron and Realtek, both located at Hsinchu Science Park in Taiwan. The driver signing helped it install kernel-mode rootkit drivers successfully without users being notified, and therefore it remained undetected for a relatively long period of time.

https://en.wikipedia.org/wiki/Duqu

The worm, like Stuxnet, has a valid, but abused digital signature, and collects information to prepare for future attacks... According to McAfee, one of Duqu's actions is to steal digital certificates (and corresponding private keys, as used in public-key cryptography) from attacked computers to help future viruses appear as secure software.

>* support signed chain from UEFI to the kernel (UEFI SecureBoot)

Secureboot is a solution to an extremely niche set of attacks that are generally not worth the trouble even against targets that don't use secureboot. The only reason it's pushed so hard is because it enables MSFT and OEMs to increase the difficulty of installing alternative operating systems (MSFT keeps market share, OEM doesn't have to deal with customers trying to use unsupported OSes.)

1/?

>>60257075
>decent font rendering
Stopped reading right there. Windows fonts always looks like shit.

>>60257075
You have clearly not used a Linux based operating system for longer than a week.

>windows works great with its own proprietary implementations
no shit

>>60257075
>>60261246

>* support signed application binaries

Apart from attacks against certificates, which I mentioned under "signed drivers", an attacker can get a hot fresh signing certificate that will tone down or eliminate warning messages for about 500 USD.

>* run .NET applications (inb4 Mono, to which I say: WPF support)

.NET is open source now. https://github.com/Microsoft/dotnet

>* run UWP applications from the Store

>implying there is anything of value in the Windows app store

>* use hybrid boot for faster booting

Irrelevant now that SSDs are the norm.

>* install automatic and invisible security patching in the background

Desktop targeted linuxes already do this.

https://help.ubuntu.com/community/AutomaticSecurityUpdates

>* provide group policies for easy management of what computers can and cannot do
>* integrate with an Active Directory to provision group policies across all Windows boxes in a network

OpenLDAP + Samba/AFS +Spacewalk/Saltstack/Puppet/Chef/Zentyal; or just use whatever Canonical and Red Hat are offering this week for system management. No shit group policy works on Windows, it's special LDAP designed for Windows.

>* painless three-click setup of hard drive encryption through BitLocker

Make sure you write down your super secret special recovery key, because if you change anything about your BIOS/UEFI config, or your hardware, Windows will refuse to boot without it.

2/2