In a way, this has already happened. Microsoft has chosen to classify qBittorrent, Transmission, and Deluge as PUA (potentially unsafe application). As a consequence, Defender will block their installation and remove existing copies.
As someone who uses Linux daily, when will this stop being parroted. Your average person, your average BitTorrent user even, does not have the skill set required for the running of Linux to be anything near trivial...
Probably when my <50yo dad stops asking me to change the font size on his phone everytime he changes it. The thing is, technology is just a tool for most people and except software engineers almost no one wants to spend any time dealing with anything that they would have to configure. Until the day linux based OSes come pre-installed with sane defaults that work out of box on laptops, the average person won't use it.
If all distros were Gentoo or Arch, you'd be correct, but Linux Mint exists, and my very non-technical grandmother has no issues using Mint for her day-to-day. Linux is no longer gatekept by the command line.
I would still recommend Debian, possibly with some added repos for things that need to be newer or which aren't normally included.
If only that recently discussed change to include just the closed source firmware blobs in the standard dist gets approved, things would be even better than they currently are.
Maybe? My grandmother typesets organ music on her linux mint laptop and runs into no issues. Some people who need to use specific software still run into issues, but it's not guaranteed anymore.
Thank you!! When I first set up Linux as my daily driver I questioned if perhaps I just chose a bad distro or got unlucky in my setup. After trying 2-3 distros I saw that even as a fledgling software engineer at the time I lacked the ability to set up Linux in accordance with my desires without hours of googling and frustration.
Considering some of the issues I help my friends and family with on their personal computers, I couldn't imagine any of them installing and configuring Linux on their own.
It frankly does more harm than good when people try to perpetuate the myth that a Linux installation is just as trivial as a modern Mac or Windows install as it causes people to approach Linux with unrealistic expectations.
This is the wrong way. Try hardware designed for Linux instead of a Windows-certified one. Ideally, with preinstalled Linux. Look, the Linux community can't develop drivers for all hardware in the world for free, especially when it has no documentation whatsoever.
> I lacked the ability to set up Linux in accordance with my desires without hours of googling and frustration
This is so fuzzy, I can easily say the same for Windows or MacOS. Depending on you needs, hours of googling might even be very reasonable.
I had never used an Apple product before buying my mac mini but upon opening the box I had all needed software installed and was able to be productive in under an hour.
This parody brought to you by the people for common sense.
I have a system76 machine that I've used for years without any difficulty until my kids school said she needed access to this weird OS called Microsoft Windows that I don't know much about so I got a second drive and resolved to try this Windows thing on a secondary drive.
Installing the physical drive was the easy part. Everything after that went south. First instead of just going to windows.com or something I got shunted to stores where they were selling entire computers. I didn't NEED a new computer just an OS. Then I found people selling things called cd keys. What are those? Who even buys an OS anymore?
Eventually I figured out you can download something called an ISO file (what is that?) from microsoft and pay for it later? It looks like I'll be paying hundreds of dollars for what comes standard with Linux isn't that crazy? Then I tried to "burn" the iso to a usb drive and THAT didn't work so I borrowed a portable usb optical disk and bought some writable disks at Walmart like it was 1999 and finally got it installed whereupon it took a giant shit on my computers ability to boot anything except Windows. At first I thought it destroyed all my data on Linux and I about had a heart attack but after hours of troubleshooting I realized I just had to restore the ability to choose my OS at boot time and all my data was still there and I calmed down a bit.
Then I booted up this "Windows". At first nothing worked including the internet so I had to do research on my phone. I discovered that unlike Linux windows doesn't actually come with the drivers needed for your machine you have to go to each manufacturers website and navigate their confusing site (and avoid malware sites offering drivers) and find each individual driver. If you ever need an update you will have to do this all over again unless the driver includes an auto update feature. For the stuff that does auto update if it ever causes a problem with your hardware it will probably be impossible to fix and you will just end up reinstalling windows all over again and hopefully realizing what tanked your install in the first place and people actually do this over and over again!
It had a mediocre but acceptable set of default applications. Not nearly as good as my computer came with but its ok. Then I went to install some software I'm used to and I discovered the windows app store unlike Linux has almost nothing of value and one is expected to do the same dance as above for applications just like drivers. While downloading from a seemingly legit site I acquired several weird pieces of adware and an actual computer virus. Something I had previously just read about on the internet. Good thing this insecure OS didn't have any of my actual data!
It's not surprising that few people use this "windows" thing. It's a total mess and not nearly ready for prime time. Maybe 2030 will be the year of the Windows Desktop.
I have not had to install a driver manually on Windows in a long time, probably approaching a decade. I will concede that Window's boot partition defaults are comically malicious to other boot managers on a system and personally temporarily unplug all drive besides the installation target.
All that being said this feels like a bit of a straw man seeing as your average user (which this entire sub-thread is discussing) does not even know their hardware can support multiple OSs at all, let alone simultaneously. They buy a computer and assume the OS it has at that time is all they can use, and if it somehow ends up in an un-bootable state that they need to bring it to GeekSquad...
Also to imply that the Linux app stores are at all better than the Windows one is a bit disingenuous. About 50% of the time that I have attempted to use them, I ended up with a broken and completely unusable installation of the program. There is some hilariously ambiguous error prompt that shows up and the real error is written out to some log file mentioning that the installation failed to do the system not using init.d or something about systemd. Oh and the log file is intended to be interacted with through terminal commands and is a pain to even find on disk.
> Also to imply that the Linux app stores are at all better than the Windows one is a bit disingenuous. About 50% of the time that I have attempted to use them, I ended up with a broken and completely unusable installation of the program.
The Windows store doesn't contain most of the software you want because they limited what license you could use, what technology you could use to build with, and want a huge cut leading to developers opting out.
Meanwhile major distros repos contain almost all the software you are liable to want with the rest easily added by configuring additional sources so you can use the same highly functional interface to manage all your software gui or cli. The experience you describe where half of installations resulted in broken software is highly suspect. Such tech has worked extremely well for decades. Problems outside of self inflicted wounds like manually screwing with the same set of files managed by your package managers or trying to install packages not built for your distro are rare. Your problems are virtually certainly the result of highly interesting choices which is like saying cars don't work because the last time you drove backwards on the interstate you kept crashing.
Logs are in /var/log like /var/log/apt not in a locked filing cabinet in a disused lavoratory with a sign "beware the leopard" not sure why you would NEED a terminal for this task although its certainly handy. Instead you could read all the messages in your gui client and stop doing whatever its is you are trying to break your system.
Lastly init.d? Did you time travel from 2003? If so watch out for that Putin fellow he's a bad egg.
Have you considered running Windows 3.1 in dosbox? It's the complete windows experience, and the terminal integrates in seamlessly with your desktop linux account. Office, etc run well, but you can use the Linux side for things like Steam, browsing the internet, development, media creation, etc.
Sadly, due to the hardware compatiblity issues you described, and the fragmentation of the UI in modern windows distributions, this really is the best out-of-the-box microsoft experience these days.
I really hate indirectly supporting commie zealots by paying hardware developers, knowing that some of the purchase price goes to making sure their hardware works well with open source software.
Once, I tried to organize a sit in at the FSF to get them to refund us, but it didn't work out. The lamestream media wouldn't cover it.
Sadly, as you have found, there just aren't any principled capitalists producing products with an acceptable out of the box experience.
So, I have to recommend things like the raspberry pi to my less tech-savvy friends, as much as a I find it to be a moral and ethical compromise.
One thing that has changed is the fact that most of the third party drivers is installed automatically when you install Windows and can also be updated as "optional updates" using Windows update itself... also with WSL, you can run a Linux instance which seamlessly integrates with Windows.
So, I think the time of the Windows desktop is already here.
A huge portion of the job for non technical people is ensuring hardware and software compatibility, installing, configuring the OS. With Windows people outsource this job to their OEM in general because that is what non technical people do with any OS they buy it as a package with their hardware and use it.
Using Linux isn't particularly harder than using Windows.
>Your average person, your average BitTorrent user even, does not have the skill set required for the running of Linux to be anything near trivial
This says more about Windows users than it does about Linux.
Numerous distro maintainers have already made things as easy as possible. Will you be satisfied when the installer has only one comically large button? How braindead does the setup process have to be? Have you actually used Linux in the last 15 years?
Which, may I ask? I have a Librem laptop, but I wouldn't give it to a previous Windows user because of the pre-installed desktop (some GNOME variant I think).
On the other hand I installed Linux Mint on all family hardware with no issues (complaints from family members).
As someone who has used both Linux and Windows extensively (and dealt with hardware and software problems in both), as well as guided at least a dozen different Windows users through some setup and use of Linux - this is completely, categorically false.
The closest truth is "some users find it easy to install and/or use Linux some of the time" but saying that it is "trivial" to run Linux in general is incorrect.
Point of clarification, "PUA" actually stands for "Potentially Unwanted Application" (not "unsafe"), which makes this an even more transparently bad faith classification.
Well, no, not really. The GitHub thread is based on a mis-understanding of what Windows is doing and how Windows AV works. Windows uses a system very similar to those used for spam filters, except for binaries. That system is "reputation". It tries to learn over time to classify software into wanted and malware.
Just like with email, to build binary reputation you need to cooperate by using cryptography. With email you sign your mail using DKIM and publish your DKIM keys in DNS. This lets spam filters associate the mails you send together and learn that a stream of mails, even though they may all be very different, are in fact all "good". With Windows programs you have to sign your software. This lets Windows know that different versions of your program are actually all "good".
Authenticode certificates cost money. QBitTorrent is open source. Unsurprisingly they'd rather not pay for a code signing certificate, so their installers are unsigned. From Windows' perspective every new version resets the clock and is "unknown" because the binaries have different hashes. It then has to start learning reputation all over again. New binaries are described as "potentially unwanted" rather than explicitly as malware because malware is polymorphic, exactly to evade blacklisting, so binaries that haven't accumulated any reputation yet might or might not be malicious. Windows just doesn't know yet. That's why some users report it happens and others don't.
This isn't QBitTorrent's fault exactly but they're experiencing the same problem you'd get if you tried to run a popular mailing list off a site that didn't use SPF or DKIM. You aren't signing, so, you get lumped in with all the other people who don't sign and many of them are malicious.
tl;dr It's got nothing to do with being a BitTorrent client.
> to build binary reputation you need to cooperate by using cryptography.
You need to get your software signed by Microsoft because it wants to be the arbiter of allowed software.
This is blatantly misrepresenting the issue and is technically wrong. And it disregards that this is mainly a mechanism to protect and conquer hegemony in software. This is not at all comparable to DKIM or SPF.
> tl;dr It's got nothing to do with being a BitTorrent client.
That's simply not true. It's got everything to do with it being a BitTorrent client.
> Microsoft uses specific categories and the category definitions to classify software as a PUA.
> Torrent software (Enterprise only): Software that is used to create or download torrents or other files specifically used with peer-to-peer file-sharing technologies.
Microsoft explicitly include "Torrent software" in their article for what's considered by them to be PUA.
> In a background article on what’s considered unwanted software, torrent clients are specifically mentioned, along with advertising software and cryptominers. The article suggests that it applies to “enterprise” only, but the complaints we have seen apply to other Windows versions as well.
As pointed out by TorrentFreak, the Microsoft article suggests that it only applies to the "enterprise" version of Windows however as we've seen this doesn't appear to be true. It at least explains why some experience this user hostile behaviour while others don't.
If your Windows isn't joined to an AD domain then the enterprise stuff doesn't apply. Maybe some of the users complaining about QBitTorrent are trying to install it at work, but it's much more likely to be simply because they don't sign their software. It's more or less guaranteed that not doing that will cause spurious and inconsistent security warnings.
If you check the github thread then the very first post says it was flagged as PUA but the actual error they show is clearly a malware classification. The fact that they have one naming scheme and QBitTorrent got dumped in the PUA section (because it's not malware) doesn't mean it automatically gets opted out of the reputation system. And they observe themselves that people are re-bundling qbittorrent binaries into third party re-packagings that are probably adware or malware, which in the absence of signing will confuse Windows because it can't tell the re-packaged versions apart from the upstream versions.
> If you check the github thread then the very first post says it was flagged as PUA but the actual error they show is clearly a malware classification.
Are you sure that's what you're seeing? The image in the first post of that GitHub thread shows that Defender did indeed flag the qBittorrent installer as PUA.
I think it looks like that because each program gets a single name to identify it in the Defender namespace, and that namespace seems to include a sort of general categorization. But then a program can be classified in multiple ways and blocked for multiple reasons. The people on that thread don't seem to be on corporate networks, so it seems like Defender is marking it as a "threat" for other reasons.
The whole thing is annoyingly confusing and opaque, but, I don't think the issue here is some sort of conspiracy against BitTorrent. Unsigned software is gonna trigger AV false positives, it's been that way for decades. Now they're getting AV false positives. If they started signing their code then eventually Windows would learn it's not malware. Corp networks might still opt to block it because they don't want their employees torrenting, but that's a separate issue.
Make it a Windows kernel driver for scanning process memory and I'm sure you'll have enterprise customers lining up to buy it. With or without this new legislation. A new tool for spying on their users (students, employees, etc) wont go ignored.
As an employee, you trade time and some basic human decency in exchange for money.
How much decency you trade is debatable, but I assure you, there are millions of people working in industries where losing far more decency is considered normal. Call centers, retail, food all immediately spring to mind.
Doesn't Microsoft use torrents to update their software? I thought they enabled P2P downloading to reduce their server overhead in windows 10. That's a bit hypocritical if you ask me.
Actually BITS is the old thing by now (it's been present in Windows since Windows XP), which only tries to download things in the background by using spare network bandwidth. I've never actively tested how well this "spare bandwidth detection" actually works, but on the other hand I've also never negatively noticed it, so I guess it might actually be doing its job quite well.
On the other hand there is in fact a newer (relatively speaking, given that it's a few years old by now, too) thingy specifically for Windows Update which also tries to use P2P distribution – that one is called DOS. Officially that stands for "Delivery Optimization Service", though personally I rather prefer "Denial of Service service", because when I first encountered I immediately noticed it in a negative way:
Even without any P2P features enabled, it spammed literally dozens of TCP connections to download stuff, and would thereby effectively monopolise the whole bandwidth of my internet connection. Until I figured out what was happening and disabled it (you can disable it and switch back to using BITS for downloading updates), every time my new (at the time) laptop was downloading updates, it would dramatically slow down Internet speeds for everything else in my whole home. Maybe by now that kind of issues have been fixed, but I've never tried it myself because BITS is, as I said, working perfectly fine and unobtrusively.
I have a few Windows machines at home and BITS is so good that I’ve never really noticed it in action.
By comparison, macOS App Store downloads and updates can hog bandwidth horribly. It was just my wife and I on our at the time 25mb/s line, and Netflix dropped to like 240p and was still struggling while I was doing an XCode update.
I'm sorry, not a network guy. But I was thinking of this[0], which says you can update your network through peers. And maybe it isn't bittorrent, but it looks P2P and I'm not sure that's meaningfully different.
The key difference for Windows' Delivery Optimization and traditional P2P is that it's only enabled by default on the Enterprise, Pro and Education SKUs, and then only enabled for connections on the same local network.
And adding to the fun, the one thing I wish it would cache, namely Xbox Game Pass downloads, you can't force it to cache or share on the LAN.
https://github.com/qbittorrent/qBittorrent/issues/14489
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclo...
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclo...
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclo...