Opinion I’ve been preaching the gospel of the Linux desktop for more years than some of you have been alive. However, unless you argue that the Linux desktop includes Android smartphones and ChromeOS laptops, there will be no year of the Linux desktop.
But there should be. For example, as GitLab recently revealed in its onboarding document for employees, staffers can run macOS, and they can run Linux on their desktops. But Windows? Forget about it!
Why? GitLab explained: “Due to Microsoft Windows’ dominance in desktop operating systems, Windows is the platform most targeted by spyware, viruses, and ransomware.”
Indeed it is. But Windows’ security mess has never been just because Windows is more popular. I’d argue Windows is insecure by design.
Today’s Windows is still built on a standalone PC operating system foundation. It was never, ever meant to work in a networked world. So, security holes that existed back in the day of Windows for Workgroups, 1991, are still with us today in 2022 and Windows 11.
Most of these problems come down to Windows having Interprocess Communications (IPCs) that move information from one program to another, which have no security in their design. Windows and its applications rely on these procedures to get work done. Over the years, they’ve included Dynamic Link Libraries (DLLs), Object Linking and Embedding (OLE) Control Extension (OCXs), and ActiveX. No matter what they’re called, they do the same work, and they do it with no regard for security.
Adding insult to injury, Microsoft’s data formats can hold programming macros. That’s why Microsoft Office formats are commonly used to transmit malware. Microsoft finally bought a clue that they should block Office from running macros by default. I mean, this has only been a major security hole since Melissa wreaked havoc on the Windows world in 1999.
But guess what? Showing that Microsoft still doesn’t know how to fix this fundamental security problem, the team in Redmond HQ have rolled back the Office macro block. Why? Because people use those IPCs to get work done. Given a choice between security and having applications work as expected, Microsoft often chooses the insecure status quo.
Making matters worse, another problem with Windows’ single-user ancestry is that the default Windows user all too often must run as the all-powerful PC administrator. This means, of course, that when malware does break in – and it will – it gets to foul up everything and anything on a user’s PC.
Not all versions of Microsoft are equally awful. As GitLab points out, “Windows Home Edition is notoriously hard to secure.”
Now, you might ask, but what business uses Windows Home for work? Cheap ones do. And, if your people are working from home with their own PCs, as so many are these days, they are almost certainly not running Windows 10 Pro or Windows 10 Enterprise E5. And, even if your business is reimbursing your remote staffers, what do you think they’ll buy? As GitLab knows to its sorrow, they’ll typically be purchasing a laptop preloaded with Windows Home Edition.
So, instead, GitLab demands that its employees use either macOS or a Dell Linux laptop. As a long-time fan of Dell’s XPS 13 developer Linux laptops, that works for me. Now, you don’t have to run Ubuntu, which is the default Dell XPS 13 operating system, as Dell also supports Red Hat Enterprise Linux (RHEL) Workstation – also a fine desktop operating system. Or you could opt for Arch Linux, or FreeBSD, or what-have-you, so long as it’s actively updated and supported.
But, I’m sorry to say, GitLab won’t support you with your Linux desktop. You’ll need to do that yourself. Darn it.
I and many other Linux users can do that, but not everyone can. I understand why GitLab does it this way. Supporting end users is expensive. I’m sure most of their users work with Macs.
But, let’s say you haven’t decided to go with Macs, which are, after all, expensive. Let’s say you’re still using Windows. That’s a safe bet. But if you really want security and stability, Linux is your best choice. So take a look at what you’re paying for Windows licenses, support, and your often futile attempts to secure it. Then, look at what it would cost to use a business-supported Linux distribution such as RHEL Workstation, Canonical Ubuntu Desktop for the Enterprise, or SUSE Linux Enterprise Desktop (SLED).
Chances are it will be cheaper to go with Linux. And no matter how the numbers work out, I can guarantee you it will be far more secure. ®