As expected, Windows Update dropped off several packages of security and reliability fixes for Windows 7 earlier this week, part of the normal Patch Tuesday delivery cycle for every version of Windows.
[...] What was surprising about this month's Security-only update, formally titled the "July 9, 2019—KB4507456 (Security-only update)," is that it bundled the Compatibility Appraiser, KB2952664, which is designed to identify issues that could prevent a Windows 7 PC from updating to Windows 10.
[...] I spent the afternoon poking through update files and security bulletins and trying to get an on-the-record response from Microsoft. I got a terse "no comment" from Redmond.
My research did, however, confirm that this is not a mistake, and it led me to a theory for why these mysterious files are shipping in an unexpected location. I strongly suspect that some part of the Appraiser component on Windows 7 SP1 had a security issue of its own. If that's the case, then the updates indisputably belong in a Security-only update.
And if they happen to get installed on systems where administrators had taken special precautions not to install those components, Microsoft's reaction seems to be, "Well ... tough." The Appraiser tool was offered via Windows Update, both separately and as part of a monthly rollup update two years ago; as a result, most of the declining population of Windows 7 PCs already has it installed.
https://docs.microsoft.com/en-us/windows/deployment/upgrade/upgrade-readiness-deployment-script
ConfigScript.ps1 is pretty interesting.
Of note is there are different versions of DiagTrack (the script checks the version):
https://github.com/MicrosoftDocs/windows-itpro-docs/issues/3347
There is a blog post on it:
https://techcommunity.microsoft.com/t5/Windows-Analytics-Blog/How-does-Upgrade-Readiness-in-WA-collects-application-inventory/ba-p/213586
Upgrade Readiness in Windows Analytics provides an inventory of devices and applications for enrolled devices. We've had a lot of customers ask about the details of how this works, and this blog post is meant to answer those questions.
[...] This data is collected by an OS component called "Appraiser", which is built into Windows (require a KB to be installed on Windows 7/8.1 devices, per below).
[...] Core Inventory (apps, drivers) data collection is triggered via a scheduled nightly task "Microsoft Compatibility Appraiser" which runs every 24 hours. This assumes the system is awake and idle for long enough period to complete the scan. If the device was found inactive we resume the scan on the next available opportunity. This data is only sent to Microsoft if the device is opted in for CDO (Commercial Data Opt-in) on Win7/8.1 or Basic level in Windows 10.
Mozilla have https://bugzilla.mozilla.org/show_bug.cgi?id=1197768
(Score: 3, Interesting) by Pino P on Friday July 12 2019, @11:26PM (4 children)
I think part of the fear is that a government agency might subpoena the Core Inventory data from Microsoft as part of a fishing expedition to find who might be doing things that certain politically powerful publishers don't like, such as independent video game development for consoles and handhelds with physical inputs or using short clips from movies in reviews of those movies. The colorable reason for such an expedition would be allegations of circumvention in violation of national implementations of the WIPO Copyright Treaty of 1996.
(Score: 2, Insightful) by Anonymous Coward on Saturday July 13 2019, @02:10PM (3 children)
no
the fear is that as a person that built my computer and tries to live an honest life, corporations are invading my privacy, taking away the control, and saying "well.. tough. Shareholder value FTW!"
fuck that. an invasive government needs something to work with; growth via exploitation of the user base, the invasion of privacy and the elimination of individual choice in regards to security decisions... are all in favor of shareholder value and corporate sentiment.
that is the thing to fear. it is also the stock to buy. no one makes money doing the right thing, unfortunately.
(Score: 2) by Pino P on Saturday July 13 2019, @02:33PM (2 children)
I'm trying to identify specific harms that may come from corporations invading your privacy. Without identifying specific harms, I don't know how I could convince the apathetic majority that corporations invading your privacy is something that a private citizen ought to care about in the first place.
(Score: 0) by Anonymous Coward on Sunday July 14 2019, @02:18PM (1 child)
the fact that I dont want them to?
there are no harms in my looking in your windows and reading your diaries, finding out how much you make, and leaving advertisements in each of your rooms for products and services that I get a bonus for if you subscribe to or buy them?
here's the deal: i never asked them to snoop on me. i never willingly gave permission. just because you dont have a problem with it doesn't mean that everyone else doesn't, and that's cool -- maybe they can spy on you twice to make up for the loss they'll experience from not spying on me.
anyone anywhere invading my privacy is a problem that i am not apathetic to. someday, maybe, you too will get violated somehow and feel differently.
(Score: 1) by yuhong on Sunday July 14 2019, @08:23PM
In the case, I think it is intended to check programs for compatibility with Windows 10 by using a cloud service.
(Score: 1) by fustakrakich on Saturday July 13 2019, @12:33AM (5 children)
That's right! /s
*Who is going to stop them?*
La politica e i criminali sono la stessa cosa..
(Score: 3, Interesting) by yuhong on Saturday July 13 2019, @12:50AM (3 children)
It is even more complex than this. Can you guess why I mentioned there are different versions of DiagTrack now?
(Score: 1) by fustakrakich on Saturday July 13 2019, @01:48AM (2 children)
Sorry, I didn't even try to sort anything out. I just assume the system sends everything the bandwidth allows. I can't drown myself in the details.
But then, I would never discuss my plans to take over the world on a Windows machine, so I don't sweat the small shit.
La politica e i criminali sono la stessa cosa..
(Score: 1, Funny) by Anonymous Coward on Saturday July 13 2019, @07:19AM (1 child)
There is a Win 8.1 install on my laptop. It came with the machine. I boot it once in a while, just to torture it. I have never allowed it to be on a network. So far as it knows, it is the only Win8.1 in the universe. Which, I guess, saves it from some shame.
But I regularly deny its attempt to register itself, and upgrade itself, so it is left just more or less playing with itself, and the one hardware driver I keep it for, a video camera whose manufacturer is not smart enough to provide open drivers. And then I tell Windows 8.1, "it applies the lotion, or it gets the hose again!" Cruel, but you should see the look on Win8.1's face! Ha! Almost worth it.
Of course, the day will come when the appropriate drivers will be available, and my Win8.1 will no longer be required. A merciful death, "wipe /Win32 -R" Poor bastard.
(Score: 0) by Anonymous Coward on Saturday July 13 2019, @07:07PM
You fucking terrorist!!!
You made me feel sympathy for windows 8....
(Score: 0) by Anonymous Coward on Saturday July 13 2019, @02:02AM
BOFH
(Score: 2) by Knowledge Troll on Saturday July 13 2019, @04:52AM (9 children)
The last time this happened they offered a free upgrade to Windows 10. Well offered isn't the right word. More like raped into your computer. I jumped through the hoops and kept Windows 10 off my Windows 7 install. I have no plans to upgrade to Windows 10 until I have to and I have no plans to pay for Windows 10. If I can move to Windows 10 for free after Windows 7 is out of support I'll do that but I'm not paying for it.
Last I heard the free upgrade program that allowed one to convert their Windows 7 retail license key into a Windows 10 retail license key was over. I wouldn't be surprised if MS brought it back as a part of retiring Windows 7 support. They seem to want as many people running Windows 10 as possible and generating revenue off the sale itself is not the main priority. They make their money on something else - that's fairly spooky.
If I used Windows for anything besides a Wintendo I'd care about how they make money on it. I don't even have to boot into Windows anymore though unless I want to play GTA:V as other games from Steam work fine in Linux.
(Score: 1) by yuhong on Saturday July 13 2019, @05:20AM (1 child)
It might be that originally part of the purpose of this DiagTrack stuff was to help with GWX, but I think it is dead now. What I am talking about now is unrelated.
(Score: 1) by yuhong on Friday August 09 2019, @02:10AM
Update: See my Wikipedia article describing the history: https://en.wikipedia.org/wiki/Draft:Upgrade_Readiness [wikipedia.org]
(Score: 0) by Anonymous Coward on Saturday July 13 2019, @05:38AM
The upgrade remains free, and can be used with OEM and retail keys. I think the justification was originally related to "users who utilise accessibility features".
If I recall correctly, the process requires you to have 7 installed and activated, install 10 over the top from boot media, use a KMS key during installation, then your 7 key when activating online... YMMV.
(Score: 2, Insightful) by Anonymous Coward on Saturday July 13 2019, @10:40AM (5 children)
You just need to upgrade to the right 10. As in Debian 10.
(Score: 0) by Anonymous Coward on Saturday July 13 2019, @12:10PM (4 children)
I put Ubuntu 18.04 Mate. Most people can't tell the difference. They think it's just Windows with a new skin.
(Score: 2) by Pino P on Saturday July 13 2019, @02:54PM (3 children)
I plan to switch my roommate's PC from Windows 7 to Xubuntu come Windows 7 end of support, just as I did with her previous computer when support for Windows XP ended. It runs the applications she uses most, which are Chrome and LibreOffice. But the big question mark is support for peripherals.
What's the recommended way to sync recorded music from a PC running Ubuntu to a device running iOS 12? She has music CDs and a collection of MP3 music that we have bought on Amazon, and she wants to load them onto the Music app of the iPhone SE that she received years ago as a gift from a relative. We have in the past done this through music sync in Apple's iTunes application for Windows, but Wine AppDB has long listed iTunes as completely broken.[1] The libimobiledevice website [libimobiledevice.org] claims support up to iOS 10.3, but her iPhone has since been upgraded to 12.something.
She also has a TomTom portable navigation device, and she updates its maps before she goes on a long car trip about once a year. Forum posts like this one on TomTom's forum [tomtom.com] suggest that TomTom has no plans to release an updater for desktop Linux, and the first reply to this post on Linux Mint's forum [linuxmint.com] recommends either buying a second computer with Windows 10 or installing Windows 10 in a dual boot.
[1] Please spare me the "iTunes broken in Windows too" comments.
(Score: 2) by Knowledge Troll on Saturday July 13 2019, @04:02PM
I don't have a good answer for using those devices under Linux natively but I do have some special case software I need to run only in Windows occasionally. I just run Windows 10 in a VM to solve that problem. The Windows 10 install has no license key as one was never provided during install because you can just say "uhh no actually nope" when it asks for a license key during install and it will continue just fine. The installed copy of windows will then report that it needs to be activated but it seems to tolerate this forever and I've not yet had it try to disable anything on me. From what I understand this is rather common now for people to do. You can get the Windows 10 install media as an ISO from microsoft.com pretty easily if you want to go that route.
It's not great but it's pretty easy, free, and handles special cases fairly well. Not everything can tolerate being in a VM or having USB pass through to a VM but almost everything can.
(Score: 0) by Anonymous Coward on Saturday July 13 2019, @04:12PM (1 child)
For the TomTom stuff, you might want to look into using a virtual machine with a barebones Windows 7 "guest" install on the Ubuntu "host" (free of all the update crap). This way the main OS running is Ubuntu and when your friend needs TomTom map updates, she presses a button within the VM software and she's running Windows 7 and within that Windows 7 VM, you can install the TomTom software to interface with the GPS. It may take some trial and error to get it working but it should work.
(Score: 2) by Nerdfest on Saturday July 13 2019, @05:10PM
Microsoft even has pre-prepared images for various virtual machine managers. Not sure if you can install stuff, but the crappy browser support is there. [microsoft.com]
(Score: 1) by yuhong on Sunday July 14 2019, @04:28AM
This telemetry has legitimate users, BTW:
https://old.reddit.com/r/sysadmin/comments/c184ic/upgrade_readiness_deployment_script/ercr643/?st=jy2gjq05&sh=d3baf2ac [reddit.com]