My Solution for the best of both Worlds (Windows/Linux)


#1

I use Windows 10 for work, for development, and because it supports my hardware better. I need to use Windows, but even if I didn’t, I’ve yet to find Linux drivers for some of my hardware.

While Windows 10 is a fantastic OS, I do not like the telemetry functionality, and despite doing all I can to disable it, I’m still wary. A sad thing really as the OS is great.

But to the crux of my topic here:

Using Windows as the host OS and then running Linux within a VM where you do most of your computing seems to be the best of both worlds.

On the one hand you get driver support out of the bag for nearly all hardware. GPU drivers are usually more efficient and there is custom GPU hardware software for managing custom fan curves, etc…

On the other hand 95% of what you are doing is through the Linux VM (PureOS in my case). In fact, if someone were to walk up to the machine running, they’d think it was a Linux machine. In this way you take advantage of the software designed to support your privacy, while mitigating to some extent the vulnerabilities in using Windows.

This also makes your desktop portable as you can just take the VM with you and use it on another machine should you need to.

The reason for doing it like this is mainly because you have hardware that is not supported under Linux. However, it could also be because you would like to game on Windows. While Steam has made huge inroads with games on Linux through their wine branch, you will get much better performance on Windows with the same hardware, as well as a library of games almost infinite in selection.

So now that I’ve presented my case, I’m curious if this if the crowd here, who are more concerned with privacy and security find this to be a good solution? What do you think?


#2

One obvious miss here is that the hypervisor and/or the host system controls your VM. Even if VM runs only “good” software (PureOS, coreboot, etc.) and protects you from internal (to the VM) attacks, there always is an external controlling privileged malware (Windows) which can read the memory of your VM and do many bad things.


#3

Right, I wouldn’t call that a miss (as I knew about that of course), but rather something that just has to be accepted in my situation.

And is MS really that evil? Wasn’t RMS just at MS HQ and gave a talk? No, I know, if it ain’t FOSS it can’t be trusted.

The perfect solution would be for Windows to go open source, completely.

Then I would use it without even a second care for Linux. As that will probably not happen, I need Windows for hardware to work, and to work well.

When I’m feeling paranoid, I can use the Librem 13v3.


#4

Sub question:

If PureOS is the host OS and you are running Windows in a VM. Acceptable then to use Windows?


#5

We just can’t know for sure. The history of their actual deeds does not describe them well, even if they really try to be good. Personally, I tend to follow the RMS’ way and treat everything what cannot be proven to be good as bad. Others may trust MS - that’s their right.

At least in this case you have means to control and limit it. But this solution will bring your problem with drivers back :slight_smile:


#6

The actual reason for all those problems with drivers is simply wrong choice of the hardware. If you choose “Windows 10 certified laptop”, of course you will have problems with other operating systems. So before buying the machine just consult hardware compatibility list for your OS and be happy. I am having best of all worlds: Qubes OS, which works fine on my hardware and supports any necessary OS in the virtual machines.


#7

I’ve only used Windows in virtual machines since 2006, so I can’t comment on how well it works as a host. My only observation is that the only way that I can get virtual machines to work the way I want them to is to use the proprietary version of VirtualBox, because it gives me easy access to all the ports. At least that was the situation 2 years ago, when I gave up on using virtual machines.


#8

It still likes to destroy multi-boots with non-Windows systems.


#9

I use Windows 10 at work because I am forced to by corporate fiat.


#10

Sure. Of course that’s not my situation. I have a dual Xenon workstation running a special audio card for sound design, video editing, software development, and a small VM farm. As well as dual 1080 ti GPUs running in SLI.

A system I built myself. It is most certainly not MS certified.

I think for many people used to running Linux it is an idea of needing or wanting specific new hardware that is something that just doesn’t really ring true for them. However a lot of new hardware that comes out is just not supported on Linux. Not ideal sure. But Linux is just not yet at a point where it will get that kind of priority. We can hope right? Even when it does however, it wont be FOSS.


#11

That depends. Intel (and I believe AMD as well?) are very good about pushing drivers for their newest gear into the kernel tree, so not only do you get support, you get support before the hardware even comes out.

I’ve got a pair of Ryzen systems and they actually get better hardware support under Linux than they do under Windows (8.1 - I flat out refuse to run Win10 under any circumstances).


#12

Interesting. I’ve been wanting to go back to the AMD camp anyway, so maybe when it is time to upgrade, instead of just getting a System 76 Helio I’ll do so with AMD chips.

I’m really referring to peripherals though. They are last in line it seems for Linux drivers.


#13

as an OS not so much but the ecosystem that M$ has created is overal state-of-the-art but not in any kind of ethical way. this is an old subject here @ Purism and should be moved to “round-table”.

must be really exotic if it’s not under the latest linux kernel.

okay it’s fine if YOU think it is but most of the internet and it’s infrastructure thinks otherwise. i think @Caliga @amosbatto @jeremiah and a “few” others could back me up on this.

you keep repeating yourself and we get it but it’s not a FACT.

i was with you on this for a long time but then i started asking questions and i’ve decided that the cons overweigh the “pros” regarding this practice.

everyone can decide for themselves if this is enough of a praise

https://www.phoronix.com/scan.php?page=article&item=3900x-9900k-gaming&num=1
https://www.phoronix.com/scan.php?page=article&item=hitman2-steam-linux&num=1
https://www.phoronix.com/scan.php?page=article&item=ubuntu-1904-desktops&num=1

waiting to see how the latest ubuntu 19.10 score with the latest AMD GPU drivers.

oh you mean the proprietary BIOS/firmware UEFI functionality exposed to the windows desktop side ? anyone that runs on weird hardware like that should know that lately even DEBIAN 10 has support for BIOS UEFI boot and can acces the SAME features in the UEFI directly before reaching the higher levels in the boot sequence. in fact the newest amd motherboards (especially the higher tier ones - the most expensive - which are also workstation class nowadays since they go up to 24 threads easily and soon 32) have gotten quite friendly with the linux kernel and besides from beeing “inconvenienced” by not having these readily available at the highest level (the desktop and “app”) there is not much else to say (sometimes them drivers in Linux perform better if it’s a manufacturer optimised solution and not just “nuveau” hint-hint quality.

sure if there are exotic users such as yourself i think they have not other choice. that beeing said everybody who owns “weird” hardware should check the latest non-RYF gnu/linux distro to see if this “issue” hasn’t been “resolved” before they go and pay for a windows license or “obtain” it from somewhere else around the www.

hm it’s interesting you bring privacy and security up for discussion but not software freedom since those two are unrelated … oviously :roll_eyes:


#14

reC, TLDR, I don’t have time to quote you and answer you in the same smug way you did me. Your tone and attitude are certainly not called for.

I’m also pretty sure no one here wants my opinion again on FOSS software and its importance.

The point of creating this thread was because I understand I don’t have all the answers, ESPECIALLY within the Linux domain, not to have some elitist Linux hound attack me because I don’t know every nook and crevice of it.

Let me ask you this though:

If every OS known to humanity was open source and RMS himself blessed all of them FOSS-R-US, which one would be the best? This implies that all software for these OS’s are also FOSS-R-US.

If you can’t answer that Windows is probably one of them, if not the best then you’re lying. (or you’ve just never used it.)

Now if you have some constructive solution for me that is better than what I’m proposing here, I’m all ears, and thankful for your time.


#15

I’ve been researching a fair amount lately and while I don’t know your hardware nor your goals, I think taking a step back and looking at the fundamental differences between the OS’s might be helpful in deciding which is “best”.

Windows is a huge install not because of bad programming, but by design choice. The choice to include everything most people are likely to need.

By contrast, each GNU/Linux distribution is a Linux Kernel with a bunch of pieces bolted together and released as an OS. This allows for a smaller OS, however it can also result in oddities like when removing one of those bolted on parts breaks another seemingly unrelated part, or when you can’t add some part that another distribution can. Generally a GNU/Linux distribution will be significantly smaller than windows some more stable some less so.

Then there’s BSD. BSD distributions are a Base OS consisting of the Kernel and what each distribution believes to be the minimum required for everyone to get started. This results, generally, in the smallest OS’s which are, generally,vmost secure and stable; though requiring the most pieces to be added in after the fact to allow for more advanced functionality.

With that all said which is “best” is subjective. If the focus is security above all, something like OpenBSD is arguably the most secure out of the box, though to do much with it you will likely need to add on pieces which may decrease that security.

If your objective is ease of use, then Windows is likely the best for you as it requires the least amount of stuff to be added to it.

GNU/Linux fits quite nicely in between those two extremes.

All of that said, with regard to your original post, loading Debian with the non-free repository genuinely does not find the drivers for all of the hardware you need windows may be your only realistic option for some functionality. To improve the security, as compared to running a VM on windows, you could boot to windows for those tasks that require it then boot to something more secure for everything else. This would be much less convenient, but all increases in security decrease convenience.

Ultimately the decision of security vs convenience is one each person needs to make for themselves.

Note: I do not like Mac OS therefore it is not included as I didn’t research it any significant amount… Also Apple is the worst :stuck_out_tongue_winking_eye:


#16

Thanks for the comments!

I just had a pretty lengthy discussion with my Linux guru friend, and he suggested wiping it, installing Linux (most likely Ubuntu), and then using kvm to just pass the specific hardware directly to a Windows VM. This would take care of all of my serious needs, and the only downside would be gaming.

Does anyone have any experience with using hardware passthrough in VMs? Is this a good solution if latency is a concern?


#17

I just recently tried GPU passthrough on my System76 Thelio. I had some performance issues, but I think I likely did something wrong, as I’d never tried it before, and I was trying to learn some of the hardware details as I went. Additionally, the guides I had read also suggested passing through an entire disk for the OS, but I just used a qcow image instead, so maybe that was my issue.

From what I have gathered, if you pass a disk and GPU through (and do it correctly), there is not much of a performance hit.

Since I was trying it for the first time and using Pop!_OS, I was mostly following this guide:

I also referred to this page:
https://wiki.archlinux.org/index.php/PCI_passthrough_via_OVMF#Attaching_the_PCI_devices

Edit: I will also add that my Thelio is AMD 2920X CPU + AMD Vega 64 GPU


#18

You have a Thelio? Most excellent! I was looking at getting the dual cpu version as that is nearly a drop in replacement of what I have.

I was going to ask how the thermal controls work on it. I know they made their own board to control that, but I’m curious. Does it allow one to manually control things like the GPU fans, etc.?

I would not be pushing a GPU through just a sound card. I need both GPUs to run the 6 monitors. The real estate is nicer than having a dedicated gaming GPU. Of course I have another slot in there, so maybe I will just get another GPU and do that.


#19

I haven’t done a lot of hardware digging, but I haven’t noticed any sort of custom System76 software for such manual control (at least no GUI stuff), because I did wonder if there was something similar to nVidia’s control panel thing their proprietary driver package installs. There may be some command line tools that I haven’t looked for, or maybe BIOS/UEFI/whathaveyou settings I haven’t played with.

But I think passing a sound card through would work just fine.

For what it’s worth, during my attempt at passthrough, I had one monitor on the Linux GPU, and then another monitor on the passed-through GPU. So as far as just using 6 monitors, you could still do that with passthrough, but a few (I’m guessing 3, assuming a 50/50 split) would be displaying Windows. If you want 5 on Linux and 1 on Windows, then yeah, I guess a 3rd GPU is your option. You probably know all this anyway, but figured I’d make it explicit.


#20

Surely 1080 TI SLI would have at least acceptable performance even if using wine on Linux. Only issue I’ve had is that in the last year steam-native has lost Proton support for games on external drives (won’t even launch games), so now instead of sharing a 4TB external HDD between my Windows and Linux partitions, I have to install games directly on the Linux partition, basically installing games twice.

I do however understand your plight. I would love to recylce my Windows SSD, but I can’t do that until FruityLoops and Native Instruments’ Komplete, or at least NI’s Kontakt, get Linux support. (Ideally Lutris would run stuff like Battlefront 2 from Origin decently as well). I just have two SSD’s for the silicon separation. For anything such as music production that can’t be done via Linux, workaround or otherwise I boot into Windows until I finish what I want to do. Even on a 5 year old i7 and LUKS encryption, with NVMe M2 SSD’s boot to desktop takes at most 45 seconds (mainly due to long GIGABYTE logo on boot), which is tolerable enough for me for switching between partitions for the privacy gained.