Posted by baranul 17 hours ago
The rest of your comment is just as ignorant.
So nobody is installing "monitor drivers" for Linux, but they're probably frantically installing packages trying to fix some random issue.
The reason people don't get malware on Linux is because they install software through the package manager, via trusted and reviewed repos. And drivers are all built-in to the operating system, not third party (with some exceptions, like nvidia).
On most Linux setups you aren't just downloading random junk from the internet and running it. Also the operating system won't install things automatically for you generally either. Even system updates are optional if you don't want them, and you won't be nagged for it.
Basically it comes down to a difference in culture.
In other words, Stallman was right, and proprietary software developers have too much power over users. And they inevitably, sooner or later, leverage this power for (more) profit, even if you paid for the product.
I definitely wouldn’t predict that Linux is taking over the world or anything but it wasn’t that long ago that playing AAA games on Linux on day one of release was ludicrous. Now the most popular PC handheld runs Linux, a PC console launched that runs Linux.
Now we have hardware like the MacBook Neo that threatens Windows even more. Sure, the XPS 13 came out and is arguably a compelling alternative. But I think the mindshare damage has been done on that one.
The idea that Windows might disappear entirely is not that far-fetched, especially when you look at Microsoft’s financial results.
If I was a PC OEM like Dell I would probably band together with other OEMs like Lenovo to make my own Linux distribution and support Windows offboarding even further as a hedge to my business.
IMHO the big difference is in enterprise Vs personal Windows, enterprise Windows can genuinely be a very lean, fast experience that is great for work. But my personal PC running windows is very firmly in the "I wonder what the latest update will break" teritorry.
I've had several laptops where audio just doesn't work even on rolling releases. Or the screen freezing up constantly.
This was all with relatively new hardware within the last year or so.
My issue with the Linux community is if you bring this up it's all of a sudden the fault of everyone but Linux.
The end user should of picked better hardware.
The hardware OEMs should of shipped Linux support.
The end user is lazy for not installing an RC kernel.
Macs are great, but my current workhorse computer has a 2TB SSD, and only cost 550$ with the SSD upgrade.
Vs 2000$ for the cheapest MacBook with a 2TB SSD
Which is usually at least 2x as much if we're talking about buying a System 76 laptop.
Windows laptops go on sale very often.
Although I will admit I have an HP laptop I brought last December that worked out of the box with Ubuntu. Nvidia drivers and all.
This is fairly easy to do by just not buying the absolute latest hardware. Installing something like Fedora in a 8-12 month old laptop I just can't recall last time I had issues.
What happens when they install Ubuntu and the Wifi doesn't even work ? An experienced Linux user might figure it out.
A new user would, very reasonably, assume Linux doesn't work and reinstall Windows.
It's easy: whatever is preinstalled will be guaranteed to work reliably. Worked for me.
When you uninstall, they give you an opportunity to type a reason. I wonder if anyone actually reads my accusations of them being scammers and bad people. I have uninstalled McAfee from more people’s computers than I care to remember.
The truth is that if you uninstall their software (and hopefully also if you just let the trial lapse, though I don’t actually know whether Defender Antivirus gets enabled automatically in that case) Microsoft will defend you against the lunch-eating bad guys just as well as McAfee, for free.
That easily qualifies it as fraud.
For that reason, I’m willing to call it a scam when preinstalled or otherwise installed without user intent. I wouldn’t call it a scam if people installed it deliberately (though I would still disparage it and its tactics).
So you won't have this problem if you're running Linux and other Free Software under your own control. The problem in this case is just another example of why proprietary software can't be trusted.
The understanding should also included that unless LG actually asked Microsoft to implement this autoinstalling malware, it wouldn't have been installed by itself.
I think parent commentator is making the argument that they don't want to financially support companies who engage in these sort of things, regardless if this particular scenario applies to their environment or not.
You could choose to buy from another vendor, but other vendors have the same incentives to abuse your trust in the same way once they manage to persuade you into running their proprietary software on your machine.
Arch Linux's AUR was recently hit by an actual malware supply-chain attack[1], which I would claim is arguably worse than adware. NPM is regularly in the news for supply-chain attacks. And then there was the XZ utils debacle in 2024. I concede that Microsoft is in part responsible for facilitating something like this, but just because something is free and open-source or based on Linux doesn't make it a universal panacea for malware or supply-chain pwnage.
[1]: https://lists.archlinux.org/archives/list/aur-general@lists....
The saving grace of linux currently is that volunteers package most of the software, and they don't generally package malware. There is no structural guarantee there, and if we invite corporate interests to package at some point (like flatpack and snap wants to) this is 100% going to happen eventually.
I woke up the other day to a notification that my LG monitor driver was installed, with a little window on how to use the on-screen crap.
Absolutely useless, since the buttons for the monitor are right there on the bottom of it, and probably easier to use than the software.
Apparently the 3 applications have some sort of screen partitioning/sharing capabilities, but it is still unclear if the LG App was remote access or not.
So far, LG is earning a lot of justified bad press. Should have returned it when I had to turn off the screens power-save mode to get it to stop fading out randomly. =3
... and so out of arm's reach, right?
As to why people do install such software? It sometimes provides additional features, controls and settings. For example with touchpad you could set the sensitivity, hot corners, set the scroll behaviour the way you like it, etc.
With monitors you might get a better colour profile (P3 instead of just sRGB), I don't know. I don't use monitors like this.
> Connecting some LG monitors to a Windows PC may automatically install software that promotes McAfee subscriptions
I too have a LG monitor, but haven't booted Windows in some days, guess I'll stay put in my Arch environment until they've fixed this shitshow.
Typically, the Windows update server downloads packages mapped to hardware IDs in the background. Since LG's business in Korea has been failing and their AI efforts are stagnating, they exploited their McAfee partnership marketing as a pipeline. Windows' Plug and Play does make development convenient. The DX experience is good.
Linux is quite fragmented. That's good from a 'my computer' perspective, but not from a 'product' perspective. And then there's the jitter issue. Windows has stable paid solutions, while Linux has version discrepancies.
In fact, the reason Linux is considered secure is simply because hardware vendors haven't standardized enough to build automatic deployment pipelines.
In programming terms, we all know singleton is bad, but for Plug and Play, it's overwhelmingly convenient.
The Linux security model (sudo to install or update software) doesn't allow this. No reputable distribution would include a program that scans hardware identifiers and prompts the user for permission to install proprietary software from a third-party source. This is possible on Windows because of the "universal backdoor," aka Windows Update, with Microsoft's consent.
Wouldn't it require cooperation from the distros anyway? You say "HDMI and DP also have two-way communication channels", but that doesn't force the OS to communicate over those channels. And it also doesn't force the "mapping of packages to hardware IDs" to be what the hardware manufacturer wants it to be.
Right away, with numerous distributions like Ubuntu and Arch, it's hard to account for all the possible cases from a production standpoint. But Windows has very few versions. As long as you pass Microsoft's standard specification, it just runs on Windows. That difference is huge. What you're saying is ideal, but when selling a product, time is money.
In other words, to summarize our conversation:
'As you said, separating them is the right thing to do. But UX Uesrs basically wanted that kind of deployment authority, and in the process, the problem of abusing it arose.'
It's a beginner level problem, but at the same time, it's also a difficult one.
The monitor only sends a unique device ID, everything else is handled by Windows.
Disabled LG & Switch App in taskmanager auto start, and set to Manual for all 3 LG process names in Services.
A lot of bad karma, for such an buggy monitor that doesn't even work properly till you turn off the silly power-saver auto-dim mode. =3
It still blows my mind that most people still put up with this kind of behavior. I get that some people can't get away from Windows due to genuinely needing to use software that will only run on it, but that has to be around 0.1% or less of current windows users. There is no justification for the other 99.9% to choose to stay in such a toxic relationship.
As far as I know, the source of the graphics was not the unifying receiver that I plugged in the USB port, and the notification was not using any OS API meant for hardware to be avle to prompt the user for additional download. It was a Logitech-built DLL shipped and loaded by the operating system as part of some default driver for the Logitech keyboard.
I have been using it for both personal use and other work use-cases, here is a demo: https://www.youtube.com/watch?v=jObZzI2_pv0
Just like youtube, I can log in to my netflix, amazon prime and then use the touch screen to choose the movie to watch and it gets played on the external screen. I am building it how I would use it as a power user.
No third-party installs, ads and spywares!
My solution is a casting device like chromecast or apple tv which works without apps and cables. Now I am extending the device's canvas for personal use case without the concept of app stores. AI can control the canvas, show multimedia content, open any website/app, and show you options to log in by extracting context, then control it.
So I can tell it to open netflix, it shows login options on screen and once logged in, you can ask it to show catalog or play something by just talking to it.
It can connect and cast content to TWO external screens simultaneously, that I think is the most powerful feature.
But those were different times...