[microtonal]

I can't see a reason why I would ever want to return to an OS as restrictive and inconvenient as Windows.

I have never been a Windows users, but there are some reasons why I use another 'restrictive' OS after using Linux and BSD for 13 years (including on laptops):

- Microsoft Office. LibreOffice is simply not compatible enough. Though, people are moving more and more to Google Docs, so this issue might disappear in the future.

- No GUI isolation in Linux. It scares the hell out of me that any application can read any other applications keystrokes, mouse events and viewports. When you have some vulnerability in some client (browser, mail), it could listen in on passwords that you type in a terminal as well. AFAIR Wayland will solve this. But the ecosystem did not move there yet.

- The lack of consistent keyboard shortcuts across applications.

- Supposedly stable upgrades that break stuff (especially in Ubuntu and to some extend RHEL, never had this problem in my many years with Slackware).

- The lack of cutting-edge hardware with good driver support. I love my 12" MacBook and wouldn't want to go back to anything heavier and worse keyboard/trackpad.

For other users, I can imagine that these are also problems:

- Installing applications outside the distribution's repositories is still unnecessarily hard.

- There is a lot of inertia - people do not want to invest the time to learn something new.

- Business my still have many older win32 applications that do not run on other systems.

---

Anyway, I don't think the traditional Linux desktop or Mac OS X are serious threats to Windows. It's Chrome, Chrome OS, Android, and iOS.

Edit: I don't want to sound too negative about desktop Linux. I just wanted to give some possible reasons why not everybody may be happy to switch.

[upofadown]

I had never even heard of the issue of GUI isolation before people started using it as a way of promoting the Wayland idea. It was well known that keystroke loggers were particularly easy to do in *nix type systems but once you own a user in most any environment in practice getting keystrokes (or anything else associated with that user) isn't that hard. You really have to go further and explicitly sandbox a potentially malicious program.

This sort of issue is why Android (also Linux based but doesn't use X) runs apps as separate users.

[microtonal]

I realized that this is an issue because the SSH documentation gives warning about this in the context of remote X11:

X11 forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the user's X authorization database) can access the local X11 display through the forwarded connection. An attacker may then be able to perform activities such as keystroke monitoring.

but once you own a user in most any environment in practice getting keystrokes (or anything else associated with that user) isn't that hard. You really have to go further and explicitly sandbox a potentially malicious program.

Definitely. But I think the trust model has also changed over the years. We have gone from trusting a handful of well-vetted programs (10-15 years ago I primarily used a browser, Pine, CenterICQ and a handful of traditional UNIX utilities) to more and more programs that are all newer and typically connect to the net, embed browsers, etc. Consequently, we should trust our applications less.

As you say, you really have to sandbox each program. Apple has pushed this quite hard: applications have UI isolation and App Store applications are sandboxed. In the meanwhile, much of the Linux community has been outright hostile to this idea (except the SELinux, AppArmor, and systemd folks) because it builds walled gardens and applications are provided by trusted distributors anyway.

The reality is that people want to install applications outside what is provided in the distro repos. And perhaps, we don't even want to trust every possible application packaged in a distribution.

We should really go to a small and trusted core operating systems where everything else is sandboxed by default.

[aurelianito]

Aren't Chrome OS and Android Linux flavors? That's my understanding.

[drdaeman]

Chrome OS is a variant of GNU/Linux. Android isn't, it only has Linux kernel, but the userland is mostly incompatible with any existing GNU/Linux distros (there is some resemblance, because of *nix roots and POSIX compatibility, but not much)

[microtonal]

That's why I said the traditional Linux desktop. Android uses the Linux kernel, but has a completely different stack on top of it. Also, more and more functionality is moving to the proprietary Google Play Services and proprietary Play Store apps. Chrome OS switched away from X11 and is just a system that boots to Chrome for the average user (and its normal use case).

(Yes I know that you can switch Chrome OS to developer mode and install Crouton.)

[chris_wot]

You are complaining about compatibility and you believe that people are moving to Google Docs to handled this?!?

[microtonal]

No. People are using Google Docs for (some) new documents, because it handles collaboration far better. When you are using Windows or OS X, you can use both.

[jasonkostempski]

There's also office 365 which runs in Chrome (and probably Firefox) on Linux. The office/Windows lock-in is definetly a thing of the past.

[microtonal]

It's indeed becoming a thing of the past. Unfortunately, the web version is not there quite yet feature-wise. But it's definitely getting better all the time.

[jasonkostempski]

I suppose I shouldn't speak for the editing side of things. If I do editing, it's basic Word and Excel stuff. It has been perfect for viewing though, which was what used to keep me stuck with an Office install.

[breakingcups]

Windows suffers from the same "No GUI isolation"-thing.