MS is really going after the developer using Macs in silicon valley here. WSL is good enough for development and no need for brew/ports--all on a MS surface can probably bring a better dev environment than messing with OSX's quirks. Kind of hard to see them making inroads into Linux though. No reason to use VS Code or Atom from Windows instead of Linux if you're developing for Linux.

Don't worry, uid is all about breaking anything that's "old" even by 1 year.

That is exactly the setup I would be running if it was up to me. However, I can't just run whatever I want on a company workstation because it would never be signed off as ISO 27001 compliant. It's either Windows 10 or macOS (if I have a laptop). Anything else needs to be in a VM.

Flawed arguement there.


ISO27001 compliant is achieved on Linux Debian/Ubuntu/RHEL by adding Lynis, Technically you macos require Lynis as well because its not ISO 27001 compliant out box. Windows is also not ISO27001 compliant out box as you need to be running a Microsoft audit tool you need to download and add.

I would be highly suspect that ISO 27001 is being used as a bull crap arguement. In most cases I find its a bull crap arguement you have a legal requirement to be ISO 27001 compliant they restrict the OS then don't run the audit tools so in most of these cases running ISO 27001 not compliant and hope no one notices.

I'm aware that you can make Linux ISO 27001 compliant. This is not a technical problem, it's a red tape problem. There is no way I'm going to convince IT or management that it's a valid option though. Our IT department is almost all Microsoft folk; I'm sure they were reluctant to let anyone run macOS but it was probably a requirement for design teams. Even when we could run Linux they were very hands off about providing support (they wouldn't be able to help you anyway).

We don't have a legal requirement but we do have contractual requirements. Whether or not they actually run audit tools is irrelevant. How long do you think I'll keep my job if I justify my decision to run a non-standard system image by saying that the company doesn't take compliance seriously anyway?

TL;DR - Microsoft wants to control developers.

why this over macOS ? windows 10 is bloated AF, they should embrace linux fully and drop NT and NTFS

The problem I have legal/contractual requirements you don't in fact have ISO 27001 complainant without the audit tools in usage. Basically Lynis should be on the Mac OS machines and there is a mirror setup on Windows.

Also you don't have ISO27001 without having to go though certification of your procedures by third party. The fact that using Redhat, Ubuntu, Debian and Mac OS are the same procedures required .

This is basically the problem if who you are working for has a contract requirement for ISO 27001 and they are not certified the company you are working for is in breach of contract so you could be out of a job.

Fun part about ISO27001 is running stuff in a VM does not make you ISO27001 compliant. This is why I would suspect you are not ISO27001 compliant because we can just run that in a VM basically does not work if you truly are. I am really suspect of a highly bogus arguement by the IT department can be a good question to ask who was the certifying body for our ISO27001. Please note its not your own company part of ISO27001 is having your policies reviewed by a third party and that is some party owning to the IAF.

This is my problem there is ISO number you could have been quoting that would have blocked Linux as host only and let Windows and MacOS though but ISO27001 is not that number. ISO27001 is one of the fun ones where using VM does not work you are required to certify all operating systems in usage in the business for correct data handling and security settings.

ISO27001 VM is absolutely not a magic bullet with ISO27001 VM and Baremetal requirements are identical. IT Officers in a ISO27001 setup should be wanting everything authorised no exceptions and no loopholes.

Basically I am not believing what you have told because it does not add up for ISO27001 requirements. If you really do have ISO27001 requirements and the Linux distributions you are using VM is not setup for ISO27001 you could be fired for miss handling data.

You need to double check randomizer if you really do have ISO27001 requirement even if IT department does not allow you to put Linux as a host you still need to know what you need in your virtual machines running Linux so they are ISO27001 compliant. so you will cause legal/contract trouble possible costing you job.

It could turn out they were using ISO27001 as a bogus arguement to cover up that they don't want to support Linux desktops. Its the companies hardware they can set those rules and you have to obey them to keep job. I am not say do stuff that cost you job just be sure you are not doing things like breaching ISO27001 with your VM usage that ends up costing you job.

ISO27001 is basically a bogus arguement why you cannot use Linux as your desktop when you are using Linux in servers/virtual machines. Problem is if the point is true you really need to be dotting your i and crossing your t on ISO27001 every time you spin up a VM image.

The simple valid line IT staff should have used is by company policy we only support Windows and OS X has host operating systems on desktops anything else will be breach of company policy. I see a lot who quote the ISO27001 as something to sound cool so people don't question without in fact understanding what size Pandora box ISO27001 is and is very important not to be saying something is for ISO27001 when you are not compliant.

No, thanks. MS should get lost with trying to lure Linux developers to use their stuff. Don't forget - MS is not your friend.

Then get a job at a company that isn't insane. You don't need a shitty European certification to get work done, if anything it hinders you.

You're at your own fault here, and nobody is to blame, not even Microsoft.