The Windows target costumer has always been the employer – expect group policies to disable Recall in any enterprise version. Not Home though.
this post was submitted on 13 Jun 2024
48 points (83.3% liked)
Linux
4314 readers
389 users here now
A community for everything relating to the linux operating system
Also check out [email protected]
Original icon base courtesy of [email protected] and The GIMP
founded 1 year ago
MODERATORS
costumer
Yeah, gonna suck for all those with Home who become the AI trainers of tomorrow! While it'll suck for us in IT who constantly have to pivot and scramble to block shit every time Microsoft or other software company decides to jam AI into it's product.
Corporation: Yo can you add a button so I can see all my employees’ screenshots? And maybe get like a little report of what % of the day they’re spending on doing exactly what they’re told? And then like an automated email to HR and their manager if it drops below a threshold…
Highly illegal in germany
LOL, you're vastly overestimating company's IT abilities, funding and give-a-shit motivation. As to money, now you gotta hire people to watch people. No matter how automated, there's a cost and additional personnel need.
And if the corporation is technically competent enough to manage all that mess, that's probably a company with skilled workers who will leave under such conditions.
No, there was always an off switch for enterprise versions of win 11 before MS back peddled and made it opt in.
Enterprises have a function called Group Policy where you can make mass adjustments to managed PCs and no doubt there would be a setting there to disable Recall.
Technically, GPOs are just registry adjustments with English definitions tacked on. No doubt there will be tools for Home editions to fix this; for those that look, that is.
An example of this, that comes to mind, is Windows Update Blocker (WUB). All it does is enable the policies that block Windows Updates from Microsoft servers and stops their attempted workaround of the Windows Update Medic or whatever it is, which is solely talked with making sure the WU service is running. These are the same policies/registry settings that are triggered when an enterprise org uses WSUS to control update deployment.
I don't doubt, though, that Microsoft will to something shitty to ensure Home users cannot block it forever.
No.. we just won’t buy the recall PCs and will disable it on the normal enterprise licensed workstations via GPO. Could always block the update in WSUS as well if you’re using that vs another RMM tool
No.
If you're talking about desktops, there is a huge cost involved in switching to an entirely new operating system. I'm not just talking about "How do you get it installed and configured on n laptops for users to then use?" Those users will require training in order to use it - and allllll of the new and different applications that run on that new operating system. (Users are mainly just button pressers, and when you change the buttons ...) The alternative to the above would simply be to disable Recall via group policy. Done and done.
If you're talking about migrating Active Directory to some Linux LDAP centralized authentication, that's going to introduce a whole lot of other complications. Not impossible, no, but it would be a very long, time-consuming, and costly process.
If you're talking about servers, you surely know that lots of companies run Linux servers on the back end. When you're using Windows servers, there's a reason. You want/need to use MS SQL, or Exchange on premise, or SharePoint on premise, for example. Are there other mail servers, database servers, collaboration servers? Sure - but again, switching from an existing platform to a different platform is costly.
These transition costs get exponentially higher when you consider whether companies actually have the in-house expertise to be able to pull off such a thing (Narrator: They don't.)
Active directory is just a LDAP server for the most part. You can join Linux clients to it without issue.
Nope.
No
Look at the VMware Broadcom merger. The price went way up and companies paid it anyway. However some did switch to the cloud or some other hypervisor.
Also the Linux desktop isn't geared as much towards the enterprise. It isn't easy to lock down and the vast amount of options is a blessing and a curse.
Not to mention that most enterprise software is Windows based.
Not necessarily unless you are talking about legacy software
Look at the VMware Broadcom merger. The price went way up and companies paid it anyway. However some did switch to the cloud or some other hypervisor.
It is not all of us Enterprises that "just paid". We chose a migration project over "just paying" Broadcom and would not call it a merger, but rather a takeover.
Some did switch to the cloud or other hypervisors
Recall ist just on a few expensive laptops and companies generally disable stuff like this. In one company we frequently had to do the registry edit to bypass the Microsoft account. Companies in my experience used Debian or Ubuntu as Linux desktop distributions. Ubuntu because professional support and Debian (custom image) for machines that aren’t updated commonly.
Why the hell were you doing regedits instead of just imaging with WDS/MDT or similar and joining to AD?
We only did regedits only sometimes when it needed to go fast, normally we had a drive made with Rufus to disable the account requirement
registry edits
Why were you not using active directory?
Edit: explanation for this particular user is below.
I'd imagine it's due to a lot of smaller companies/orgs that can't afford it and have too few users or machines to justify the costs associated with management infrastructure and costs. I know a lot of companies just buy machines with Pro and have some local IT configure them manually. Pro is marginally better than Home, with regards to management capabilities, but still has some bullshit that is tough to manage consistently.
You can setup Samba AD on a old machine in the worse case. However, a Windows Server basic license is expensive but not much more than pro.
Many companies are still using Windows 7 machines or 2008 win servers, without MS17-010 patch. They don't really care about security that much, when it's inconvenient or slightly difficult to mitigate. They won't be switching entire architecture just for a few screenshots
Chances are that many large entities are in too deep. It's what Microsoft were counting on before the backlash, and now they're probably going to do it by stealth instead.
If I have to use Windows, I want the configuration of Windows that will run on the computers at a country's top intelligence agencies.
Because sure as hell those places will have it locked down and not sending one solitary thing back to Microsoft, whether they have to configure it themselves or put the fear of the unholy into Microsoft to get that to happen.
And if not that, the configuration that Bill Gates or Mark "I put tape over my webcam and deactivate my mic for no particular reason" Zuckerberg will use.
many dont have a reason to, because enterprise versions of windows is different than the consumer one. Windows isnt a singular OS version.
Not a chance. Basically your opinions would be to retrain your entire user base, or set a GPO or Intune policy to disable a service you don't want.
No large corporation in the Microsoft ecosystem will ditch Windows due to Recall because it will be turned off. This kind of setting can be managed / customized with Group Policy tools and MDM settings.
Recall is targeted for home based users, not enterprise customers.
Nope. They don't care about privacy, as long as there's no lawsuit.
No, it'll just get disabled. Security baselines are a common feature of enterprise IT, this will just be another requirement.
Most likely they'll go for Macs and then pikachu face when Malus does something dumb. Linux needs marketing.
Macs are expensive though. Fine for managers to use for presentations and meetings but no way you could justify that expense for a dev.
Except that every company I’ve ever worked for (6 now) in Silicon Valley DOES provide top tier MacBook pros for devs.
My current laptop is an m3 with 64gb of ram.
Yeah Macs are "Dev machines" for a lot of companies. They really think they are give a sweet perk with them too lol
Tell me you're a tech-bro soydev without telling me you're a tech-bro soydev.
That's not as much of a deciding factor as you might think. Enterprise laptops are stupidly overpriced; I wouldn't be surprised if buying Macs didn't actually save the average corporation money.
The real cost is in the support contract, and any CIO or senior manager knows this. The trick is finding a company to provide Mac hardware support at an enterprise level. None of this going into a Genius Bar and standing around for an hour until an employee deigns to notice you; they want a telephone number they can call, get someone 24/7 (or some proximity thereof), and get someone to come over and fix the CEO's laptop when the battery swells up. Or, more probably, when they run a diagnostic and find out it's bad memory, or whatever - they want to be able to swap out hardware on a call, and have a rotating upgrade plan, and all that shizzle.
The cost of the laptops is almost incidental.
As if.
I have not the slightest idea why companies use Red Hat. When people think this is how Linux is, no wonder they think Linux sucks.
I have to use Red Hat and I cannot stop thinking about how much more professional Debian appears to me. They can at least make decent packages that work properly.
First-mover advantage, combined with a long tail of support and the cost of migrating to a new platform.
RedHat was, for a VERY long time, the only real commercially supported Linux with SLAs and long-term roadmaps and backported security patches: and yes, Debian does those, but they don't offer any sort of guarantees that corpo management types really really like.
It was also one of the only (that I can remember aside from maybe SUSE - maaaybe Slack?) actually putting their distro in stores back in the 90s. I was a middle schooler and used Christmas money to buy RedHat at Best Buy (I had no idea what I was doing) because I thought it was the distro to get. I can't remember a single other distro more synonymously associated with Linux than RedHat because they were marketed hard and were widely available for purchase which I'm guessing made them at least appear more legitimate to new Linux consumer and business adopters.
SuSE was kinda in some retail stores but mostly only really the ones that were mostly exclusively computer-related (at least in the states). But RedHat was EVERYWHERE: book stores, computer stores, electronics stores, and hell even my college bookstore had it.
They really did make impressive inroads in selling Linux, even if they did decide to bail out after 9 and moved from consumer to corporate focused.
From my experience, I'll rather pay for a Linux consultant than for regular commercial support. They give me solid results and join my teams when they have something to do. And consultants seem to prefer Debian-based distributions, when I ask them directly.
Me too, and I hate Debian, too! But I'll always pick a deb-based distro over an rpm-based one. Maybe rpm has improved over the years, but I'll never forgive them the years of dependency hell I suffered through with them. dpkg is miles better, and even that pales in comparison to any rolling upgrade distro.
Depends on a number of factors. A ton of companies have moved to web based tools for a big chunk of their workforce. If those web apps are more or less standards-compliant you could pull it off with minimal retraining.
They will probably hang on to Windows 10 as they wait to see if Windows 12 is better or worse.
Windows is such a tiny piece. The real question is: will companies ditch M365 for Linux? Anyone who has used Teams on Linux knows how much it sucks.
i have to use a Windows laptop for work, and teams sucks there. and the android teams app sucks. and i use teams on my Linux laptop for some freelancing, and it sucks there too. I'm starting to think it's just that teams is shit.