SoylentNews is people
SoylentNews
Finally, some good news for people who are determined to avoid the Windows 10 "upgrade". Microsoft has this week issued an update that removes the Get Windows 10 App and other software related to the the Windows 10 free update offer, which expired July 29, 2016. From a report on Redmond Channel Partner:
An update issued by Microsoft this week will delete the infamous "Get Windows App" from users' systems.
The Get Windows App (also known as the "GWX app") was a nag-ware-like popup that showed up on Windows 7 Service Pack 1 and Windows 8.1 desktops, prompting users to get a free upgrade to Windows 10. It hung around with that same message over a one-year period for those who didn't accept the offer. It took a lot of effort to make it go away.
The update that dispenses with the GWX app is labeled as "Knowledge Base article KB3184143." It became available through Windows Server Update Services as of Sept. 20, according to Microsoft's description article.
(Score: 5, Insightful) by jmorris on Friday September 23 2016, @09:00PM
Ok, so we don't have to keep a constantly updated list of 'updates to avoid' to prevent infection with Windows 10. We still need to keep a list of the updates that inject the 'telemetry' malware. Have they promised to stop reissuing those with new update numbers? Until then, nothing has really changed. Windows Update is still more likely to cause harm than help you unless you have time to carefully research each new update. Turn it off, keep it off. Manual updates only.
(Score: 0) by Anonymous Coward on Friday September 23 2016, @09:17PM
OK, but where is the list of safe updates?
F'n windows update races my processor so I've had it off for months. Frankly have no interest in spending time researching updates.
Is there a reliable source of what updates are absolutely necessary and safe?
(Score: 0) by Anonymous Coward on Friday September 23 2016, @09:46PM
No trustworthy list. You must research or take your chances. . . But then, even with due diligence, it's still a crap shoot.
(Score: 0) by Anonymous Coward on Saturday September 24 2016, @07:03AM
Sure. They're here: https://www.mozilla.org/en-US/firefox/new/ [mozilla.org]
https://noscript.net/ [noscript.net]
https://addons.mozilla.org/EN-us/firefox/addon/ublock-origin/ [mozilla.org]
Seriously, for Windows install the critical security updates (which all the security researchers get excited about, there aren't that many ) then don't worry too much about the rest. The important bits are: don't install flash, keep your browser, IM, game and other network clients updated. If you're paranoid sandbox them especially your browser. Other than some media library bug, that's how you'd get pwned via code exploits nowadays (social engineering and similar are a different matter).
Don't believe me? Go look at the early pwn2own contests https://en.wikipedia.org/wiki/Pwn2Own#Contest_2007 [wikipedia.org]
ALL of the machines were uncracked at the first stage: "Remote attacks only. Contestants must join the same network as the target laptop and perform their attack without user interaction and without authentication."
They were only cracked at the second stage/day or even third day: "Browser and Instant messaging attacks included. Contestants could send a link to the contest e-mail address, which an organizer would click on from one of the contest laptops. The organizers would also sign into and receive IMs from the default, vendor-supplied IM client."
So much so that for future contests they skipped that first stage (for PC OSes), or moved on to attacking mobile devices (which haven't been as "battle hardened" as the desktop OSes).
If the attacker can pwn you remotely using an OS exploit without help from you, your browser or other network client you should be honored. The attacker is probably using a million dollar "zero day" on you (I'm aware that local privilege escalation zero days only go for 90k, but there really is a big difference the local one means you're _already_ in and in a lot of cases hackers don't give a damn once they're in- they can already get your keys, passwords, emails and use your computer for bitcoin mining or spamming all without local priv escalation).
In short it's pretty hard to remotely pwn a Windows 7 machine was patched up to the point just before MS decided to that they would get away with breaking computer crime laws[1] in many countries. Just patch and sandbox your apps.
[1] How many of us would get away with upgrading thousands of machines to Windows 10 without genuine permission (e.g. not my fault, they clicked the wrong button on the dialog box).
(Score: 5, Insightful) by edIII on Friday September 23 2016, @09:59PM
You're way off base, and the game has changed significantly since then. Microsoft got rid of individual updates some time ago. They're all or nothing now.
In order to get the update to remove the nag screen for updating to Windows 10, you also got the update to install telemetry into Windows 7, which is why they wanted you to update to Windows 10 anyways.
Downloading the update to remove the nag screen allows Microsoft to win. The operating system is now just the bait to get access to all of your keystrokes, visited websites, etc. Basically a wealth of personal information they can now share.
They've one-upped Facebook in terms of privacy invasion at this point. It's privacy eradication with 100% monetization of that information coming down the pipeline, and of course, national security theater gets the info in a backroom "deal" with Microsoft. I wouldn't be surprised if people started getting targeting marketing from Microsoft affiliates that puzzles them in that the information was seemingly private.
The only safe method of installing and running Windows 7 is to use older installation media without the telemetry, install all individual updates that are still available, and then to lock the system out of any future updates.
In other words, Microsoft operating systems are dead on arrival from now on, and the writing is on the wall. Move to Linux or BSD NOW. Or Apple, but if you're that okay with a walled garden, why move from Microsoft in the first place? ;)
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 3, Interesting) by JoeMerchant on Friday September 23 2016, @11:10PM
Ok, so we don't have to keep a constantly updated list of 'updates to avoid' to prevent infection with Windows 10
Do we not? August 12, 2016 Windows 10 update took out our MiraCast capability, rolling it back restored it.
🌻🌻 [google.com]
(Score: 2) by AnonTechie on Saturday September 24 2016, @07:44AM
I have heard that Spybot Anti-Beacon does quite well in stopping all telemetry programs. Does anybody here have any experience with this ?
https://www.safer-networking.org/spybot-anti-beacon/ [safer-networking.org]
Albert Einstein - "Only two things are infinite, the universe and human stupidity, and I'm not sure about the former."