Running a business using linux
I've run a small business for over 10 yeas. I use linux. I'm grateful to the community and I use FOSS where possible.
I have had some issues over the years, but have always been able to get around them (except CAD in 2013), but recently I've had issues with my government (UK). First they introduced 'making tax digital' and told me for years that I would have to buy windows only software (there was no legal option on linux until a few weeks before the deadline (https://www.comsci.co.uk/100PcVatFreeBridge saved the day). The UK Government didn't create a free solution or any route to that as they don't want the source to be open for making tax digital so accounting software companies have made a killing!
This week my internet banking stopped allowing payments, it no longer works in firefox (I'm guessing). On the telephone they asked me 'what search engine I was using'^+^ and advised to use google.
What is the best UK business bank to use if you use linux to run a small business? Do I have to use Chrom(e)ium? Does anyone else use linux for business admin? Is anyone (Freesoftware foundation, etc) thinking about the creeping legislative changes that make it literally illegal to use FOSS and linux?
I wanna be an ally, but its so tiring.
^+^ browser ≠ search engine. Yes, I'm pedantic, at least I didn't confuse them by saying 'quant' or 'duck duck go', OK!?
Hmm I didn't know the UK was THIS bad.
I don't know if the UK is worse than anywhere else (?)
I'm in Canada and use Linux full-time without any such problems whatsoever. On rare occasions I use Edge instead of Firefox, and that's it.
Well it surely is much much worse than my country by the looks of it.
Which is?
In Sweden most government provided services are accessible through a web browser, but you need "BankID" which requires Android. Which is kind of Linux, though not fully FOSS.
But I’m sure the fact Android is FOSS had nothing to do with it, it’s just a random coincidence. It would simply be the most popular OS.
Bad? It's a couple of decisions made by organisations or politicians who are ignorant of free software alternatives and open standards.
Certainly better than the US's tax system, where you have to pay to file your taxes or at the least, have to spend a lot of your time working out complex tax submissions each year.
In the UK, your income tax is automatically paid by your employer when you earn it. Unless you're self employed - or doing your own business accounts like OP, you don't have to submit any tax information, ever.
All these third world countries can’t compete with the powerhouse that is Brazil and its free, multiplataform tax system since the nineties.
Seriously though, it’s not a technological issue, it’s a political one.
Taxes are not the only things that matter, mister/miss. In the US you at least aren't legally forced to use Windows and I'm not even talking about the fact that the US supports genocide. But who am I talking to? Americans are fully dead inside and won't understand. There's no way to revive them.
I'm not in the US - and who was talking about genocide? We're talking about tax and it's software here.
The original topic wasn't about tax either.
Have u tried changing user agent? Get an add-on on Firefox with a similar name and change to chrome. The website will now think that u'r using Chrome. U could even change ur displayed OS if it has that big of a problem with Linux.
Firefox also has a built-in list of user agent overrides for websites that don't work on Firefox for no reason.
You can create an issue here, and maybe they'll fix it at some point. Not sure what the normal turnaround is for fixes like this though, could take a while.
You can see the list in
about:compatbtwThanks - I had not thought of this. I'll give it a go... [edit: no dice :(] It works in chromium, so there is a solution... its just tiring to remember which browser to use for which site.
If you do find their site works on a other browser (and I mean, the browser, not due to an addon, etc.) then complain to the company / bank / etc.
If they take your complaint seriously then I'd persevere with them... if they don't then they're not customer focused and your business (money) goes elsewhere.
Yeah, let's NOT pay taxes!
/sUnless you're talking about the bank, in that case they're literally here asking for a good alternative bank.
I gave up and used a Windows VM for such shenanigans. It's hard when even the government doesn't want to listen. This is a good project which bridges the gap -> https://github.com/Fmstrat/winapps.
First time hearing this. Is WinApps stable? Does it consume too much resources?
I found for sites that I have to run in Chromium I use Tools -=> Create Shortcut, then Run in Windowed Mode. This puts a shortcut in your app list for the site, and runs it without menus like a web app. It helps me since my brain treats it like the company's application vs site.
Governments should not require the use of proprietary software. I personally would refuse to use it. I don't live in the UK but in the US I think you could easily make the case.
I think in that case they would say they accept paper.
That's just not practically possible.
OP said they're running a small business. It's great that they want to fly the flag for FOSS, but they're not in the business of promoting and advocating for FOSS. They still need to do the things they need to do.
Refusing to file your taxes on the grounds that the software provided is not open source is a great way to no longer be in business.
The US has a couple of laws and executive orders that is supposed have government stuff (development and purchases) default to opensource but overal enforcement sucks on it and there it little carrot or stick
I'm also based in the UK. I don't run a business but have occasionally encountered problems trying to use Librewolf on the web, especially with Noscript on.
I tried to use Qubes to separate my activities into VMs but I found it difficult. So I did my own, less extreme, approach using KVM.
I created a virtual machine which only has Chrome on it. This is what I use for accessing my bank, Paypal and doing online shopping.
I have a second machine I use for Whatsapp and email and finally a third with Librewolf for general web browsing.
Each uses the same VPN service but different servers.
I only use Freetube and Retroarch on my main machine.
This is on a very beefy Thinkpad I essentially use as a desktop in my office. I use a smaller machine downstairs with VNC on it as a remote when I'm sat on my sofa.
This sounds smart
This sounds ridiculous. So much work and overhead just to usea web browser?
It's not just browsing discussed there. Re-read that again with cybersecurity in mind... online banking shouldn't be done whilst you're sharing a browser with tiktok (as an example)
Yep, there's private / incognito modes, but they just drop all the local session data, they're not any more secure.
Why? Be specific because unless something has gone horribly wrong sites can't access data from other sites or tabs unless they're cooperating. In which case they do so with session data.
And you could simply have a separate Firefox profile rather than spinning up an entire virtual machine.
Neat, Mozilla’s VPN supports setting servers on a per-container basis.
Though gotta watch for DNS leaks apparently.
This is what I do. Even though there is nothing wrong with the Qubes approach, I think it's overkill unless you are hiding from nation-state attackers.
XSS springs to mind.
And spinning up a VM (or container) is not that hard nowadays.
This does absolutely nothing to defend against XSS.
This is the problem with paranoia-based security. You create needless overhead thinking you're "more secure," but you're not. Not in any way that really matters, at least.
So if i spin up a container to run just that browser for just that site i do nothing against XSS? Interesting.
I can't tell if you're being facetious or not...
XSS is an attack within a site. For example - if I were to embed JavaScript in this post, and your lemmy website didn't properly sanitize it, then it would be executed by your browser. This would let me run code on lemmy with your credentials. I could then rewrite posts, delete your account, maybe send your data to another site where I could capture your session or credentials.
It has nothing to do with any other tabs and it would be limited to lemmy and the page that executed the script. I couldn't have that script read data from your bank on another tab, for example.
This is what Firefox containers are for. Put the predatory sites in a container so they can't see out of it.
They can't "see out" of their own tab either. Websites can only access data in the browser that they create.
Sure they can, with cookies or tracking pixels for example.
What? No. Just... No. My god - the misunderstanding around cookies is ridiculous. I blame the EU - they put a 'warning label' on them an now eveyone thinks they're just evil.
Firstly - Cookies are only allowed to be read/written by the site you requested from. If they could read all cookies that would be a MASSIVE security problem and the internet would be fundamentally unusable for business.
Secondly - This has nothing to do with tabs. Nothing. ... Nothing.
Thirdly - There are "third party" cookies which happen when a site coordinates with a third party for things like advertising and allows them to track hits when their ads are displayed. This requires both sites to cooperate. But also see "firstly" as it won't allow that third party access to, say, your authentication information.
Lastly - This still has nothing to do with tabs.
Nobody here said it would let them see your authentication details, so I'm not sure why you're so vigorously fighting that straw man. Third-party cookies absolutely let them know which other sites you've visited. That's their main purpose.
Your session ID is stored in a cookie. That is what a website uses to know that you're logged in. With a XSS attack one can steal your session and use the site as though they were you. So yes - it is "authentication details".
Nobody here mentioned it because nobody here seems to know what they're talking about...
And they are not stopped by using a separate VM with a web browser. So....
It's not that much work. I created a VM which is running the same distro as the host. I removed all of the apps except for the terminal. Then I cloned it for each VM I need.
The Whatsapp/ email client VM and the Librewolf VM start with my OS so it's like having them in separate windows. The others I only start if needs be.
It's a lot of effort for the benefit you get, which is practically nothing. Especially considering there are even easier ways to get the same result
Such as?
Just use tabs they can't access each other's data. Or use a tab session manager. Or separate Firefox profiles.
I don't trust Chrome, Zoom or Teams, but sometimes have to use them. I will keep them in a separate VM but will look into Firefox profiles.
So it's just paranoia then... Which makes sense as it's way over the top.
Heck, even just creating separate system accounts and doing 'sudo -u social firefox' would be easier than spinning and maintaining VMs...
Yea, not going to lie that is probably the primary motivator here.
Tangential:
I‘m running my own IT company since recently and am transitioning to exclusively using FOSS. I still have some things I need to work around like my iOS phone. It already has a linux successor but its not finished yet. Pretty promising though. My plan is to put a fixed percentage of profits to open source projects.
This is not tangental - I am heartened, my hope is that this would become normal. Despite my moan, it isn't that bad and I'm sure I would have had different IT headaches on windows - security comes to mind.
I still use proprietary android software on my phone, but I try not to do anything secure on my phone (this is also getting harder as banks are insisting that I convert to apps)
Thanks! I‘m currently working with a customer who uses microsoft cloud stuff and windows. Honestly, I would have been done with my work after 20 minutes if he were on linux. Instead I‘m at 8 hrs and a full blown storage solution just because his hardware is incompatible with each other die to windows/microsoft BS.
I can not stress this enough: there are lots of issues on windows which require costly support while the issues on linux usually require a search engine or a friend with some linux experience.
The downside of postmarketOS at this point is the camera functionality. We need to get that working and we‘re golden. On the oneplus 6 I‘m working, its the only major thing that doesnt work. Otherwise the phone is pretty ready.
What is the Linux successor?
Its a oneplus 6 with postmarketOS.
Sweet
Oh I have another question. How do you deal with those elevated Java apps on the sim? If you're privacy focused I mean.
Sorry, no idea what you mean. I use the phone the same way I use my computer. I'm sticking to stuff that would probably pop up if it were to get compromised, otherwise I dont bother.
Ah I mean when you buy for example an Intel CPU it has IME enabled. Some vendors turn this off for you, because doing it at home can brick it. For phones you have some kind of micro Java running on the sim chip and it has full system access and can be patched remotely. I haven't looked into a real solution yet, but you can also use a solution where the sim is connected via USB. Or don't use one. There might be other hardware vulnerabilities, but that's one I know of.
Yeah, thats not what I‘m going for. I know about ime and that some disable it which makes sense imo. But I have to look for business opportunities so I dont focus on hackers with a freedom knack. I go for small businesses that can be swayed for healthier decisions, making them money and preserving an isle of control around them.
I‘m talking nextcloud instead of m365, open source crms and erps, on premise solutions. I am very low level compared to other IT firms but going that deep will destroy my momentum.
Ya you definitely have to pick your battles! I just use plain Samsung android with a sim and am aware of the vulnerabilities it creates. I see it as a low security device, so it can't just access everything willy nilly. I also work with XR and I am not sure if all the stuff works properly if I'd pick a different solution. I think it's best to remain practical and keep moving, but to invest a bit of time over the years, which has good results for me.
If you use Mettle, the phone based bank, you get FreeAgent for free. FreeAgent is a really good web based accounting package that works in Firefox. They gave a useful accompanying API and can do payroll, VAT, end of year and director self assessment. It's great.
I think the key part here is that it’s a guess on your part whether using Firefox is the cause. Do you get any specific error when using the website? Or does something just “not work”, such as you click a button and it does nothing?
Also, I’ve run into stuff like this before, and my best bet has been to be flexible about using other browsers to work around issues. I would suggest testing the banking website with Chromium (or even Chrome). If it works, file a bug with Mozilla (https://support.mozilla.org/en-US/kb/file-bug-report-or-feature-request-mozilla) and just use Chromium/Chrome for only that website until the bug is fixed.
This will allow you to still do business, while still participating in open source via a helpful bug report that could end up benefitting others as well.
It works on chromium, not firefox. I guess I should be more flexible. It is likely that the bug is in the bank's site, so I wasn't sure about putting in a bug report. The website pauses on the 'loading' animated icon, when you try to navigate away, it tells you 'Your session has expired'. It hasn't been fixed by changing the user-agent (assuming I got it right). I don't know if the bank would give them a dummy account for testing, but I'll file a report anyway.
If it works on chromium I’d consider that even if it is a quirk on the bank website, chromium is handling it cleanly and allowing you to use the site. That’s something we probably want incorporated in Firefox. I’d encourage submitting the bug report to Mozilla, and don’t assume too much about what they can/cannot do!
My bank blocked "firefox" at some point on debian. Then it was because the version of firefox presented it self to be too old (because debian) to the bank so they blocked me. Firefox was up to date on security pathes, but the bank did not understand that and blocked.
Slam an Edge user agent up in there.
I remember the good old times when testers has to check if their sites work on Chrome/Firefox/Opera/Safari/Edge.
Do you use an ad blocker or privacy extension? I'll just throw out there I don't think it's right, but I've had to disable adblock to get some banking site stuff to work
Also, please feel free to answer if you aren't based in the UK, I assume this isn't a UK only problem, but I'm based here.
I've had zero trouble with online banking. The only hiccups i may find is that some banking (android) apps may refuse to work unless you installed them via Play Store.
Can't speak to the specific sites that you use but I've personally found firefox user agent spoofing results in almost every site that didn't work on firefox suddenly magically working if they think you are on chrome.
I've found this to be the case a lot, too. I also spoof my OS because a lot of government sites will refuse to work unless it says Windows. It's stupid, but here we are.
yes it is. I have tried messing with user agent now. Chromium works on linux, not firefox. :(
Librewolf does this out of the box
I've been Linux in the desktop for years. You really don't have any choice other than to be a little bit flexible.
More times than not it turns out to be a plugin that screws over the site. Here's my general path:
Won't load in Firefox? Disable privacy badger and ublock origin
Still won't load? Try it in a private window with no extensions loaded
Still won't load? Move over to brave.
Still won't work? Disable Shields
Still won't work? Straight to a vanilla copy of edge, (a vanilla copy of Vivaldi would also be reasonable)
Just last night I ran into a problem with my ADP work portal. Things worked fine for ages, All of a sudden my password wouldn't work. I went into private mode My password now works but loading the actual page netted me a blank page
I opened it up in brave and it just worked outright.
Fuck ADP, same problem here. My company has moved away starting this month, good riddance.
Maybe you can use some German bank. They allow one to interact with their API for free. I use GNU cash for it. Though I doubt that you can file your taxes via GNU cash and be aligned with current UK law. You would need to check it for your own.
Is the free API part actually true for Sparkasse? I was not able to find an API solution for them. I did find something, but beyond a certain step, there wasn't an actual API.
https://www.aquamaniac.de/rdm/
Gives you an adapter and an standalone tool. All banks should use the same API, apparently.
I'll take a look, thank you
Should be everywhere. I've only tried it with DKB.
https://www.bundesbank.de/en/tasks/payment-systems/psd2/psd2-775954
So you can actually get transaction information of your own account via an API via psd2?
Yes. I tried it once with Gnu cash and my dkb account, got 12 months of transactions or so.
You mean you must use their software to do taxes or what?
Back in my neck of the woods you either do them on paper (almost no one) or you submit online... They have well-defined APIs and you can use whatever you want (the IRS submission does use some java crap underneath but it's fluid and you can save your progress in an XML file).
Although for most people it's just a matter of logging in, checking that everything is in order, and clicking submit.
Always use a separate Firefox profile for banking needs.
Or Firefox Containers?
Firefox Containers are for Cookies and Storage separation. Profile, on the other hand, is a COMPLETE separation in all aspects of Firefox's user data, setup , add-ons.
I am not in the UK, but wound up biting the bullet and using QubesOS for my business machine. It's kind of like a more straightforward to use everyday set of VMs. I have the windows qube there for running CAD/CAM and the sadly sometimes necessary Chrome install. I know this isn't an ideal solution, but it is the best that I personally have been able to come up with without going through the headache of dual booting, especially when dealing with either govt stuff, need Chrome for crappy websites my clients sometimes force me to use, or actually needing proprietary software that I have licensed for my business (MasterCam in my case).
When you say it doesn't work in Firefox, does it not work in Firefox or does it say it doesn't work in Firefox? In the later case and sometimes in both, I have found that just changing the user agent string to something chrome based is sufficient to get it working again.
I've found HSBC to be ok using Firefox on Linux. I don't know if they have integrations with any accounting software, but the web access works well, and you can export your transactions for processing locally.
ETA: I've run small business accounting on Gnucash, I found the learning curve a bit steep, but once you 'get it' it's handy.
This is interesting, and meets my needs. I tried Gnucash, but the double entry bookkeeping was a bit to advanced for my small-business'/smooth-brain needs (amortising my stock of utility bills seemed a bit excessive! - though I am sure I was doing it wrong)
Damn, you got a lot of replies and no one said to just use paper forms.
Idk if the uk allows it still, it’d be surprising if it didn’t though.
Surprise! :D The project was called 'making tax digital' it was expressly to remove paper forms for VAT.
Oh wow.
Are accounting firms subject to the same requirement as businesses that file themselves? It almost sounds like it’d be a good idea to have someone do all the filing for you so that when there’s a leak and you’re damaged by it you have legal recourse…
try winapps
Ok, but do you give anything back?
I think what you can do is just get a separate computer running Windows for all your business stuff and business stuff only. I'd also recommend ALWAYS using a VPN on it if legally possible.
That is exactly what he doesn't want to do and why he is using Linux.
The point of getting a separate device is similar to using a VPN - to use proprietary and invasive software without getting the personal data stored on the main devices sent to third parties. The business device still can send some data (like WiFi connection info, approximate location and microphone recordings) but the personal data should be safe. It may not be a viable option for very high threat models though since Windows can have backdoors that the government might use to inject malware into all the devices connected to the same network.
I'm not worried about privacy, it's a business not a person. If the government want to look through my business' data, they just need to arrange an audit. I like good security, but am a small target.
It's about free as in freedom.
My worry is that if linux is allowed to become just a hackintosh of steamdeck, rather than an actual operating system. It will go the way of hackintosh.
[edit: apostrophe, edit2: added last paragraph]
That only works if the main reason someone uses Linux is personal privacy.
Aren't we talking about privacy and freedom as the main concerns here?
They are major concerns, but they aren't the only reasons people would use Linux, and also not everyone who uses Linux does it for these reasons. For example, while I care about them, my most important reason for using it is utility features such as my tiling WM.
I went a step further and am paying an accountant to handle this mess, using my favourite libre email client to contact her. I know, it's a privileged position.
Well, depending on the size of the business, that may be a necessity or even a requirement.
The best bank is monero
Ah yes, the currency that’s pretty much only accepted for buying drugs or anything illegal.
You can't prove or disprove this statement and that's the whole point of monero.
The whole point of what I’m saying is that nowhere accepts it and it’s therefore functionality useless for running a business, the point of this post/discussion.
I can easily prove that most retailers don’t accept Monero and it’s therefore basically useless.
It’s a pain in the arse to even buy in the UK, I know because I use it to buy drugs.
Make up your mind. Plus, you're wrong.
Also monerica. Include gift cards and almost all major retailers in the US and EU accept monero
I mean yes it's not the same as paying with PayPal or any other "normal" payment processer but acceptance got a lot better over the last few years you can order basically all the online shit through proxy stores or exchange them through gift cards or by games directly with it.
Drugs are an affordable replacement for food and shelter.
Wrong. Drugs are too expensive.
That's because you haven't been using monero :p
Actually, the last time cryptocurrencies were mentioned in a thread i was reading here on lemmy someone pointed out that, due to government regulation changes, using cryptocurrencies on the dark web was the only way some people could get the drugs they needed.
Lol wut? I buy my groceries, hotel, plane tickets, and electronics with monero.
Its great for privacy.
Crypto is scam.
Yes, treating crypto as a way to invest is a scam. The vast majority of crypto and crypto-adjacent “projects” are scams.
We live in a world where payment providers have the power to force Etsy to delist vendors that sell sex toys to customers of a legal age, payment apps like Venmo or PayPal will permaban your account for selling NSFW art or products, and physical cash is being largely abandoned for cards and digital wallets. Surely you can see the benefits of a completely anonymous payment method?
To be clear, I vastly prefer cash, but there’s an obvious issue with trying to anonymously use cash to pay for something on the internet or to send money to someone who isn’t within easy driving distance.