Lumilias

Interesting, never heard of Wazuh until now. That looks closer to what Trellix allows.

The guy in charge of picking endpoint security products (whose team writes these rules) has tried Defender and found it lacking in comparison. Also, that link is about historical search for threat hunting, so I’m not sure if it’s the correct one.

Edit: I just saw the section about writing detections, but that seems to be more of a reactive than proactive approach. It still does the detection from searches.

On the enterprise side, we use McAfee/Trellix and we’re pretty much glued to them for endpoint security. Why? Nobody else allows you to write custom YARA rules straight to the IPS engine like Trellix does.

Every other vendor only allows you to use rules they have defined for you and doesn’t give you that low level access. It’s frustrating because their support is dogshit too, but my company has niched itself into a corner.

Additional reason along with what others have said: my mom has been massively consuming books on Prologue. It’s easier to keep her on a single app than to switch her to ABS or Plappa.

I’ve been using Plappa while waiting for Prologue. Pretty solid app so far.

It’s been the Prologue developer’s next biggest priority on their roadmap. Apparently it’s coupled with the v4 Swift rewrite. I just saw it in the subreddit posted about 3 weeks ago.

ABS TestFlight is constantly full is one reason lol.

I’m looking forward to when Prologue v4 comes out and finally supports ABS. After that, I can finally move myself and my family to ABS and I’ll be one step closer to removing Plex.

I've recently been working on this kind of migration as well (but to Fedora instead), so I can speak from my own experiences:

• Cloud storage: I've heard fewer issues with Google Drive and Dropbox, but I had tried syncing OneDrive and ran into some issues. I ended up purchasing a license to Insync a while back, which was a bit overkill for what I needed it to do. I'm still working on weaning myself off OneDrive entirely and instead going to self-hosted cloud sync.
• Software installs: there are a ton of different methods to do software installs on Linux these days. I think Synaptic only does apt (it's in the name!), but a lot of apps are distributed through flatpak, AppImage, or even Snaps.
  • Native packages tend to work better with your desktop environment in terms of theming but any library dependencies will get installed with them, while the others are easier to distribute and include the dependencies with them.
• Other advice:
  • Play around with different distros and desktop environments until you find something you're really comfortable in.
  • Make a list of your required apps and verify which distro's native capabilities may or may not meet your needs.
  • It took me a few tries before settling on Fedora KDE spin, particularly because KDE had a feature I really wanted: per monitor wallpaper settings without having to install a separate app. I've found that many other KDE apps are really nice too, so I'm sticking with it. KDE also puts me in a familiar desktop environment coming from Windows as well.
  • One irritation I've experienced: gaming-centric hardware is designed for Windows and if you have stuff designed around that, it's going to become very obvious. Yes, there's open source projects that help adapt them for Linux. But they are nowhere near equivalent and generally they lack maintainers to keep them going.
    • I have a Stream Deck that on Windows, I used it for monitoring hardware temps. On Linux, you get app launcher buttons at best.
    • My mouse is a Logitech G604 Lightspeed. Piper + libratbag does a pretty good job at trying to support it, but it's middling at best and unfortunately looking at the repo, they're in pretty desperate need of maintainers.

This is my own personal (and recent) experiences and I'm pretty new to using a Linux DE for a main OS too, so anything I say could be incorrect and I welcome suggestions/corrections.

Thanks for the info. I wonder if it’s just the older Intel laptops that need the catchup then.

The only caution I would provide on Framework is their relative lack of BIOS updates: https://arstechnica.com/gadgets/2024/04/frameworks-software-and-firmware-have-been-a-mess-but-its-working-on-them/

They don’t have a BIOS updater for Linux (yet) and they have a history of overpromising stable updates. I get they’re hamstrung by upstream providers, but it’s a bad look on them to basically deliver a promised Thunderbolt update 1.5 years after announcing it. The CEO did say at least that they’ve hired on a new development team to get things moving, so hopefully they’ll be able to catch up.

Everything else I’ve heard about Framework is stellar.

Back in college during finals week, the school would do pancake parties for everyone studying. It was apparently a tradition stretching over 30 years.

Yep, you forgot Palo Alto’s GlobalProtect telemetry allowing for remote code execution. A perfect 10.