There are the same exact problems on Windows though. Microsoft nowadays basically treats it's install base as beta testers and you regularly hear about breaking updates. There are devices out there with funky drivers, most notably Nvidia cards, but if you can avoid those (I know many people can't, me included) and choose a stable distro, I genuinely fail to observe these supposed instabilities on Linux.
Personally, I think the real reason why companies are not switching is familiarity. Think of all that money spent on MS product training over X employees. Billions are spent yearly in this industry I'm sure.
Which is why the first thing I do on any Windows install is disable or block automatic Windows Updates and only run them once every blue moon when I've set aside time to waste on borkage.
And before anyone says I'm in danger by running unpatched Windows:
NO.
My threat model is such that the time lost and wasted from updates breaking shit is significantly greater than the dangers posed by hypothetical threats those patches ostensibly guard against. Updates are simply and literally not worth my time and concern compared to having systems that just work every day all year long.
If I need to comply with regulations or audits or I am the target of focused attacks, then yes the scales shift the other way. But as a general, and particularly personal, concern? No, updates are a waste of my time.
Linux is even worse because I don't even need to run updates for something to break and waste my time.
Your comment feels like it came straight from 2014's /g/. This is literally "My time is too valuable to do X" argument. But perhaps you don't care. Fair enough. You do you. You are, however, absolutely in danger running unpatched Windows, unless it's an airgapped industrial PC or something similar. Even then, such systems can and were compromised (stuxnet, for instance).
>If I need to comply with regulations or audits
I hope you are not handling any customer info on such systems... or are you?!
There seems to be a deeper issue at play. I've seen it many times, even here on HN. So very few people actually know anything about information security, and if they do they only have horrifying misconceptions from god knows where. No wonder why there's so many data leaks when the responsible people have these attitudes.
My time is too valuable to be wasted by god damn updates, because you know what? I'm only getting older, my eventual demise keeps looming closer, and I have so many things I want to do and places I want to go before the grim reaper picks me up.
It's the kind of re-evaluated outlook on life you only get as you grow older and you start witnessing more and more deaths and imminent deaths around you. I'm also dealing with cancer in the family (I'll spare the details), so my time really is too valuable for god damn software updates.
>I hope you are not handling any customer info on such systems... or are you?!
I'm not. Like I said, if my threat model actually incorporates the kind of threats that updates ostensibly protect against, the scales would weigh differently.
Would I keep business computers updated? Absolutely, if for no other reason than so I can make it all someone else's problem. I'm talking about my own personal computers.
That is understandable, and, as I said, your choice. You did mention business use in your original comment though, where I wouldn't say it is, or should be.
On a flip side though, I've seen so many older folks loose so much time and undergo a lot of stress (which may be highly unwarranted for medical reasons) from having money stolen by banking malware, or more recently, good old phishing. It's like a vaccine, we endure a small pain to prevent a much greater one in the future.
