Employee claims she can't use Microsoft Windows for “Religious Reasons”
old.reddit.com> Maybe do a thorough background check. I’m unfamiliar with Linux operating system but could it be used to hack and bypass windows based security systems.[0]
That's just plain funny. People like this are why so many view HR as the enemy.
[0] https://old.reddit.com/r/AskHR/comments/11fueld/ga_employee_...
> bypass windows based security systems
This is reasonable in a way. I don't think the person who commented this originally understands why, but still...
Larger companies often use remote device management / monitoring. Not being a part of the system means you won't get the same enforcement on updates, firewall, internal ssl certificates, etc. It's not strictly bypassing, but it's potentially not complying either.
> Not being a part of the system means you won't get the same enforcement on updates, firewall, internal ssl certificates, etc. It's not strictly bypassing, but it's potentially not complying either
A good company makes sure you can't bypass it.
On our platform if your computer is not managed you're not even getting on the network as it requires an automatically issued certificate for wifi and in most cases for the wired network too.
All the cloud services like MS365 we use will block you from logging in too. If you're managed but stuff is out of date you're rerouted to a mitigation subnet that just offers resources to fix it.
And we're not even a high security company like financial, military tech or healthcare.
We do support PC, Mac and Ubuntu and RedHat Linux though.
Very true, I've seen the same happen with users that get MacBooks. Until recently[0].
0. https://www.apple.com/newsroom/2021/11/apple-introduces-appl...
Apple management has been possible though MDM profiles way way longer than 2021. I set up complete management for our Mac fleet since 2017 and it was already around then.
Update: "We decided to give her a shot" https://old.reddit.com/r/AskHR/comments/11gztsz/updatega_emp...
This is why I always make sure that I confirm that I can use Linux /before/ accepting an offer.
I'm a Stallmanite, but I don't claim religious reasons. I just can't work efficiently or effectively on Windows or MacOS.
I'm highly suspicious of these kind of posts. They remind me of the old "Ask Alice" in the magazines, with all kinds of wild and outlandish questions to which there was always a "perfect" response.
I.e. I think they are made up situations for karma.
I agree. This post has so much visibility on Reddit and HN. The manager is openly discussing terminating the employee with strangers online. The situation and the details are so specific. If this is real, the employee is likely to find this post, or the HR department.
How does a qualified manager think this is at all okay?
Specifically, what is not "ok" (i.e., legal) about this?
I learned recently that there are services you can hire that will have actors call into your radio show, they even provide plot lines and scripts.
I'm Curious as to the religion behind this. Perhaps https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQywV_B...
The only one true religion: https://subgenius.com/
The Subgenus must have slack, but windows is okay too.
I've been thinking a lot about hiring recently. Friends and acquaintances often tell insane stories about their workplaces, and inevitably the problems all stem from poor hiring. The specific request in TFA is insane and shouldn't be entertained. This doesn't mean the employee in question is bad, but, in general, when you entertain requests like this you're bound to pick up a few bad eggs. When you build a team, you want to ensure that everyone has the right mindset. This means people with little ego who are willing to put aside their personal differences to do what's best for the team. Starting your employment with a bizarre religious exemption to using Windows does not illustrate that in the least.
There is also the related question about why the company needs this employee. What I've seen is that such red flags often come up in hiring. Good managers recognize that there is a potential culture fit and pass without losing any sleep. Bad managers, those who obsessed with increasing their headcount, are willing to ignore such signal. They're willing to sacrifice the quality of the team, its output, and the company at large for their own personal gain.
> They're willing to sacrifice the quality of the team, its output, and the company at large for their own personal gain.
I could write a book about it over just what I've seen with my own eyes for 30 years. I wish someone would have forced me to see that, when this happens, it's almost always because someone is making a _conscious_ choice to do so, NOT because "they're stupid." It would have saved me an unbelievable amount of time and frustration, trying to "correct" their thinking from a place of naiveté and best intentions. My personality is such that I couldn't conceive that this path would have been chosen, as I thought it would be (in essence) "evil." Really, it's just another strategy for whatever "success" they can achieve, by people who don't have any of the other tools at their disposal. It's sad, but it's a fact of life and the nature of the human race. Once you can understand this, it's easier to recognize it, and just route around it. It took me 20 years to get it. I hope others fare better.
Just wipe the laptop and let them install Linux, but make it very clear that it is not supported and they'll have to find out how to do everything themselves.
If they can, great, no problem, if they can't, they can be fired for failing to do the job, not for refusing to use the provided system.
Definitely shouldn't do this unless the company's IT department already supports Linux. Configuring Linux, securing it, tracking it, managing it, all for one person is a huge effort.
The top comments and I share the same view.
> is a huge effort.
Just use a stable distro, install the security updates and eat your spinach.
What "managing and tracking" needs to be done that the default package manager cannot do for you?
For example connecting to an enterprisey VPN solution integrated into AD to access your exchange mail. Your options here may be limited to: install a supported system, or reverse engineer the provided configuration and pray you're a good enough expert in IPsec, Kerberos, and emulating a custom 2fa app which relies on secure boot and keys in TPM. Your onboarding starts tomorrow... and go!
From the policy side of things, you may run into "your laptop is not reporting that the latest windows or macos patches have been installed, you're required to have them installed".
The enterprise-y stuff isn't getting easier. My last Corp job, the VPN wouldn't let you in unless the active Win64-based agents were installed, alive, and scanning every file you create, download, or delete.
It was way easier to accept the Windows laptop and just run Virtualbox all day long in full screen.
Well duh.. The company is responsible for its security and data privacy (think millions in GDPR fines). In order to do that they need to be able to secure the system, mandate patches, monitor suspicious behavior using EDR/XDR etc.
This sort of thing is not optional anymore and just dicking around with an unmanaged laptop and copying stuff onto unmanaged drives will be more and more difficult.
This stuff is not because of distrust or to make your life difficult. It's to protect the company and its customers.
What they should do though is support all business required OSes, not just Windows. Our company is pretty good at that and despite me doing all the work on managing non-windows compared to entire teams of Windows management people it works pretty well and users are happy :) Though I recently moved.
Not always about the amount of security software they have to deal with but these are just needed in this day and age.
I do understand your frustration though, as most enterprises don't care about developers if they're only a single-digit percentage of users, and have terrible IT processes like ITIL.
What they should do though is support all business required OSes, not just Windows.
That's not an enterprisey thing to say. MacAfee, CarbonBlack, ViperSnot, etc all go for the low hanging fruit which is massive corps with 10K+ Windows seats. They won't support Linux ever and personally I get it. It's no big deal. You find ways to work around it.
having to work around security measures is a big deal. an ideal system should support linux. if it doesn't there should be no way to work around it either.
> It's to protect the company and its customers.
Also to make IT life easier. "You're getting updates when we say so, logs are getting shipped back and aggregated, every new binary started gets reported" approach saves so much time.
Enforce things like a screen locker or drive encryption
You can certainly configure these things but there are often audit requirements to prove it
DLP snoopware for me. We actually need to be able to demonstrate that we know where the sensitive data is and is not. We have a metric for unsupervised devices and we need to keep that number as close to 0 as possible.
2ndly, there is the nature of what the company does. If you are at a software engineering company, chances are you can just grab any linux lappy and get to work because everything you need is covered.
If you are at a software consuming company, you are at the mercy of what your LOB apps support. Software that has this kind of company as its customer either only targets windows or only targets web browsers (and even web apps somehow find a way to be windows-specific).
Spying on your employees.
It's usually not that simple. At my company, for instance, a device registered as Windows will be blocked from the network if security updates are not installed within a reasonable period of time, so any non-Windows device needs to be registered as such and it's use justified.
No endpoint protection and no management = no access to the network or any proprietary data
Obvious consequences of cramming the pride flag in the taskbar
Now, wouldn't it be nice if everyone had Linux as a religion.
TempleOS
Actually, I rather like TempleOS, one really has to admire Davis' efforts. It must have been a lot of work. I can't but help feeling sorry that we've lost him.
I guess Windows and Mac aren't kosher.
What religion is this? I want to join
The church with no windows
Calling this a "religious reason" may be a bit too far, but using an OS of your own choice is pretty normal, right? I was never forced to use any specific OS wherever I worked, so this all looks very wild to me. Why would anyone care? She's not demanding a costly license from Microsoft, isn't she? And the answers on reddit are such bullshit only "micromanagers" can come up with.
Not surprised. I was forced to move a wireless access point from someone's office because they claimed to HR about the "heath risks."
Had the new employee been operating in good faith, surely they’d have mentioned this limitation during the interview stage.
Given the sensitive nature of the topic, I wonder how deeply HR can actually question the request.
Simple fix: use the winux distro: WSL is your environment, the window compositor comes from Redmond.
(This is a crazy story, I think OP is just trolling)
Unfortunately she's a tilist so a floating window manager just won't do.
The eclectic order of Saint InGNUtious approves.
I can think of many valid reasons for not wanting to use Windows. Religion ain’t one of them.
i can't use Microsoft Windows for health reasons. my mental health is severely affected every time i am forced to use Windows. MacOS is not much better though. it used to be ok, but it has gotten much worse lately.
We, at $Big_Corp really care about your mental health. Just tell us what your problems are and we will help you. /s
(remember how, when the new inmates came to a concentration camp, they were required to take a shower)
Just curious... why link to the old reddit subdomain? Is it just a personal layout preference or are there other practical reasons?
The "new" reddit is much slower when collapsing large comment threads and has annoying/dark patterns like pushing the mobile app download & sign-ins.
Ah. Thanks! Good to know. Only cost me a couple downvotes. Lol.
As well as old loading instantly, it doesn't have pop ups that block access which is surprisingly common on the Reddit website.
Church of the Subgenius?
Cult of Mac ;)
"her religion does not allow use of Apple or Microsoft owned operating systems"
Acolyte of the chief GNUisance or demons of BS.