Ask Slashdot: How Will You Handle Microsoft's New 'Cumulative' Windows Updates? (slashdot.org) 405
Microsoft's announced they'll discontinue "individual patches" for Windows 7 and 8.1 (as well as Windows Server 2008 R2, 2012, and 2012 R2). Instead they'll have monthly "cumulative" rollups of each month's patches, and while there will be a separate "security-only" bundle each month, "individual patches will no longer be available." This has one anonymous Slashdot reader asking what's the alternative:
We've read about the changes coming to Windows Update in October 2016... But what happens when it's time to wipe and reload the OS? Or what about installing Windows on different hardware? Admittedly, there are useful non-security updates worth having, but plenty to avoid (e.g. telemetry).
How does one handle this challenge? Set up a personal WSUS box before October to sync all desired updates through October 2016? System images can work if you don't change primary hardware, but what if you do? Or should one just bend the knee to Microsoft...?
Should they use AutoPatcher? Switch to Linux? Or just disconnect their Windows boxes from the internet... Leave your answers in the comments. How do you plan to handle Microsoft's new 'cumulative' Windows Updates?
How does one handle this challenge? Set up a personal WSUS box before October to sync all desired updates through October 2016? System images can work if you don't change primary hardware, but what if you do? Or should one just bend the knee to Microsoft...?
Should they use AutoPatcher? Switch to Linux? Or just disconnect their Windows boxes from the internet... Leave your answers in the comments. How do you plan to handle Microsoft's new 'cumulative' Windows Updates?
Linux. (Score:5, Interesting)
I run Linux. I keep a Windows system around for minor software that needs it, but I don't put sensitive information on it like mail or personal data.
Linux is your partner. Microsoft is your master. Choose wisely.
Re: Linux. (Score:2, Informative)
++
Linux user since more than 5 years.
But unfortunately thats not a solution for everybody.
Re: Linux. (Score:5, Insightful)
++
Linux user since more than 5 years.
But unfortunately thats not a solution for everybody.
I've been a Linux user for over 20 years and have watched it grow into something that could be a solution for a lot of people.
You're right, not everybody; I've often said in these forums that if you need or want to run Windows, go run Windows. I'm not here to try to make you change.
But the need to run Windows is, I think, often quite overstated. It's certainly the case when you have some mission-critical software that simply can't be replaced. It's true if you want to do certain classes of gaming. And sometimes it's true when you need 100% document compatibility with entities that insist on Microsoft Office.
My quibble is that there are many who want to run Windows but say they need to run Windows, when they very likely don't. If it's a want rather than a need, fine, go for it, but don't claim that your choice is truly based on Linux's inability to perform.
Re: Linux. (Score:5, Informative)
My quibble is that there are many who want to run Windows but say they need to run Windows, when they very likely don't.
A good rule of thumb is that if you have to run Windows because of old mission-critical software then it is probably easier to get it going under Wine than on Windows 10.
Microsoft used to keep new versions compatible, but not so much anymore.
They have broken the compatibility so much that pretty much all old games sold on gog.com is wrapped with dosbox, even those that worked fine on XP.
Re: (Score:2)
My quibble is that there are many who want to run Windows but say they need to run Windows, when they very likely don't.
I think the question isn't so much one of need on an OS level, but rather specific features and or learning how to make alternatives work.
Switching OSes is a simple sell. Switching OSes + applications, or OSes + learning how to run things in emulators and live with resulting bugs, that sell is significantly harder.
Re: Linux. (Score:4)
>My only lack of understanding in this matter is why so many people aren't capable of understanding more than one Operating system.
I think it's less laziness than the efficiency of familiarity, combined with the fact that "alternative OSes" historically presented a far more different UI than has become the case with many today. Consider driving a car that had replaced the steering wheels and pedals with joysticks or something - a functionally trivial change in a modern fly-by-wire car, but your ability to maneuver the vehicle effectively is going to be considerably compromised by your unfamiliarity. Yes, 80% of the time that may not matter, but that last 20% is going to be constantly cropping up with irritating reminders of your incompetence until you have a few thousand hours of familiarity under your belt. And long after that you've achieved basic competence, the differences are liable to generate pro-active interference with each other, assuming you still drive normal vehiecls as well
While an unfamiliar operating system is generally less personally dangerous, the difficulties are still quite frustrating. Even something as ubiquitous as the file load/save dialog often presents a considerably different interface between operating systems, with many non-obvious differences in how you configure and leverage bookmarks and other non-trivial navigation aids, on top of the differences in file system organization conventions. Or heck, take the MacOS file manager with it's drop-down folder heirarchy menu from the title bar - beautiful idea, I sometimes find myself missing it on other platforms, but completely non-intuitive, and until you learn of it it's pretty much impossible to navigate up a folder heirarchy.
What makes it worse is often the differences seem to be added purely for the sake of being different - take the window min/max/close buttons on MacOSX and Ubuntu, which for some reason they decided to put on the left instead of the right which everyone has been made familiar with over the last couple decades. When switching OSes you now need to retrain your "muscle memory" on how to close windows, and if you use multiple OSes on a regular basis you probably end up momentarily confused on both. And to what end? Even if there's some grand philosophical reason to the change (and I've never heard one), the end result is that they made OS migration that much more difficult for the sake of a tiny functionality change.
Re: (Score:3)
The majority of my difficulties with switching between OS's is the occasional typing
Ok sorry but you just lost the interest of 1billion people without finishing that first sentence. dir? what is that? The only time a Windows user types dir is when a scammer calls them up and offers to help "fix" their computer. The people who type dir are sys admins and power users. They aren't the ones that won't learn another OS, and chances are they already know multiple anyway.
So its a bad thing being a power user? Regardless, I've put a lot of people on Linux, and they are closer to the stereotypical Granddma we talk about. Email, web, and the occasional word processing. My whole comment was in the differences between interfaces. As in many cases, not much. My wife hit her stride on Linux Mint instantly after she refused to use W8 after a month. Her previous computer was a W7 machine.
I have this thing, perhaps it is only me, but I do not believe that computing is a one size fits all environment, and just like I have a set of metric tools, and a set of American baed tools, I sues the tool that is best fit for the job at the time.
Bad comparison. A metric driver won't drive an imperial socket.
Whoosh. My point that you com
Re:Linux. (Score:4, Informative)
Pretty much the same here. I won't deal with it. I have been running Debian for over 10 years so that I don't have to deal with shit like that.
I keep a Windows VM somewhere for the days where I absolutely need Word or Excel. I don't remember when is the last time that VM was updated.
Re: (Score:2)
Linux here as well, both at home and at work (now going on 20 years). As always, there is that one Windoze-only piece of software that i occassionally need at work, but the sysadmins are responsible for keeping that box updated.
Conflict of interest: For MS, bugs are profitable. (Score:5, Interesting)
1) Autopatcher and WSUS Offline Update: Use Autopatcher [autopatcher.net] until Microsoft begins its new system of hiding even more completely what it is doing with its updates. Kvasio [slashdot.org] said to use WSUS Offline Update, another community driven solution.
Apparently Microsoft approves of WSUS Offline Update. This is from the Microsoft web site: Update Offline Virtual Machine with PowerShell and WSUS Offline Update: Part 1 [microsoft.com]
Update Offline Virtual Machine with PowerShell and WSUS Offline Update: Part 2 [microsoft.com]
2) Windows on an isolated network: Don't allow any Microsoft operating system to have a connection to the internet. Use Linux on a separate computer on a separate network for internet connections. Use Bluetooth to communicate between the Windows OS network and the Linux network.
For Microsoft, convincing people that Windows is buggy is profitable. An article I wrote last year, Microsoft Windows XP "end of life" [futurepower.net], makes the point that Microsoft fixed 319+828+459=1,606 bugs in Windows XP since Windows XP SP1 was released. Now Microsoft says Windows XP is still too buggy to use. We have 16 computers running Windows XP and haven't had any problems. And software does not have an "end of life", it continues to do what it always did.
Do secret government agencies pay for vulnerabilities? Why do Adobe Flash and the Windows operating system have so many vulnerabilities? Do Adobe Systems and Microsoft sell vulnerabilities to secret government agencies and fix them when they are publicly discovered?
Get serious about recognizing abuse. Quoting this comment [slashdot.org], with modifications: We've seen Microsoft's continuous stream of lies and incompetence... including a number of "bugs" and "mistakes" that appear deliberate.
Re: (Score:3, Interesting)
I keep a Windows system around for minor software that needs it
AKA "games".
Re: (Score:2)
I keep a Windows system around for minor software that needs it
AKA "games".
Other than games, the very important thing that keeps Windows on my personal system is TurboTax. Like pretty much any other US Taxpayer that has a tax situation too complex for form 1040-EZ and doesn't want to pay ~$150 for H&R Block or ~$300 for a certified CPA. I hired a CPA once and $50 per year TurboTax did a better job!
Before anyone says Wine, its a non-starter. TurboTax uses a bunch of .Net features that don't work 100% right on Wine like WPF. Unfortunately the Mac version is absolute garbage, so
Re: (Score:3)
Linux is your partner. Microsoft is your master. Choose wisely.
well, when Linux is of the Google variety, then it's a partner like the overly attached girlfriend of Youtube fame. It's not that easy to choose, I think.
Re: (Score:3, Insightful)
I agree, Macs are great. I only boot into Windows for games. I'm delighted with Steam's attempt to move to Steam OS / Linux, but they have a long way to go. Once games are more widely available for either Macs (not likely) or Steam OS / Linux, there won't be any need for a very large number of people to ever use Windows.
Re: (Score:2, Insightful)
I can build a new PC and buy a used car for the price of a Mac. I have no need for the 'hipster status symbol' that mac ownership is these days.
Re: (Score:2, Insightful)
Seriously dude, lots of people don't care about "status." We use computers as tools to get sh*t done, and we need tools that work all the time without having to screw around with them much. Macs are closest to that ideal.
Re: (Score:2, Insightful)
What? What can't you hook to a Mac? Film Scanners, CT scanners, Drones, printers, cameras. All hook to my various Mac boxes. Possibly some POS hardware dingy who's software was last coded when Visual Basic 4 was hot but not much else.
I run the full Adobe suite, Maya, Modo, various Autodesk programs (sigh) on the Mac. I can finally hook to the network at work. Recently, I've dropped Parallels because I just don't need it anymore (and Parallels' business model pisses me off).
Don't know about your world,
Re: Linux. (Score:4)
Pretty much this.
I've kept a Windows VM around for years to run two applications: eTax (Australian) and Visio. eTax is now web-based and Crossover/Wine supports Visio to a 95% level. It's probably time to ditch the VM.
Re: (Score:2)
imho, Macs are great at giving people the impression they are getting shit done, when in reality a lot of times it's really only consumer level word-processing that's going on.
And even then you don't get basic stuff like a 'delete' key. Or page up/down keys. Or...
Still, the keyboard's 'clean', right?
Re: Linux. (Score:2)
Huh? What are you taking about? Connect a keyboard with these if you want them. There have always been key chords for these and I particularly like that many keyboard shortcuts are the same as on Linux, like the Ctrl+E/-A combos. Pointy-clicky and advanced people are satisfied, but Windows users have to learn a new way (and so what?)
Re: (Score:2)
You bought a Mac Pro (Darth's trashcan) as your first Mac because you wanted to try one?
You are definitely holding something wrong.
Linux Debian (Score:5, Interesting)
I kept Windows 7 to update my GPS maps, but I boot 99.9% of the time in Debian.
Since tye year 2000 times I had tried different Linux distros but never had enough motivation to leave windows.
Windows 10 provided enough stimulus.
if they screw me up, I will dump windows (Score:3, Insightful)
just that simple. they are acting like tin-star dictators already, and it seems to get worse every time they get a new brain-fart.
Ah the old "And this time I really mean it" (Score:2, Insightful)
You are one of those "and this time I mean it" people.
You won't dump Windows. Microsoft has probably crossed over your "line in the sand" 10 times in the last year.
They understand they have a captive audience. You might be ruffled about what they force down your throat, but they know you just complain and take it up the arse again the next time too.
Whining about what, exactly? (Score:5, Insightful)
Re:Whining about what, exactly? (Score:5, Insightful)
Now, while you can still defer the installation, you don't have that per-patch flexibility. That could potentially mean that you have to choose between breaking something critical to you (e.g. the USB webcam borkage of the recent Windows 10 update) and leaving your system exposed to some critical and remotely exploitable vulnerability instead of just patching the critical hole and waiting for Microsoft to fix the USB webcam issue. Yes, when it works, the new approach will be simpler, easier for everyone to manage, and will no doubt help alleviate some of the problems with Windows Update's seriously broken version control mechanisms, but Microsoft's track record on "when it works", has been pretty dire lately. It's also much easier for Microsoft to slip something nasty in there, again something their track record on has been pretty dire of late.
Frankly, I'm all for this latest brain dead move by Microsoft. Those that have a bit of technical nous can figure out some viable approach to patch management and additional security layers easily enough (they shouldn't have to, but still), while many of those that don't are inevitably going fall foul of a series of future USB webcam style screw-ups in the future. Same result in both cases; more pain for using Windows and a greater chance that alternatives will be considered, and anything that disrupts the Microsoft monoculture is fine by me.
I won't (Score:4, Interesting)
I've been running Linux exclusively on all my own machines for 15 years or so now, so I won't be worrying about this at all. I do have to use Windows machines for work, but those are supplied and supported by my employer, so I don't have to worry about it there, either. Hooray!!
Re: (Score:2)
Maybe I'll switch back to Windows (Score:5, Funny)
Disable, then VM or Mac (Score:5, Interesting)
My wife's photography business currently runs on Windows 7. We can't accept the risk of Microsoft screwing up her production environment (Photoshop + Lightroom).
For now, we're going to stop installing Windows updates, and cross our fingers.
Once that starts seeming too risky, I'll look into moving Windows into a VM with limited Internet access, or we'll migrate to using a Mac for the photo editing.
Neither option is appealing. I haven't yet figured out how difficult it will be to get monitor color-calibration right if Windows is running on a VM inside Linux. And sufficiently powerful Macs are painfully expensive.
I'll be curious to see if Microsoft's overall strategy from the past year is going to pay off for them. They're literally driving previously satisfied customers into their competitors' arms.
Re:Disable, then VM or Mac (Score:5, Interesting)
My wife's photography business currently runs on Windows 7. We can't accept the risk of Microsoft screwing up her production environment (Photoshop + Lightroom).
For now, we're going to stop installing Windows updates, and cross our fingers.
Once that starts seeming too risky, I'll look into moving Windows into a VM with limited Internet access, or we'll migrate to using a Mac for the photo editing.
Neither option is appealing. I haven't yet figured out how difficult it will be to get monitor color-calibration right if Windows is running on a VM inside Linux. And sufficiently powerful Macs are painfully expensive.
I'll be curious to see if Microsoft's overall strategy from the past year is going to pay off for them. They're literally driving previously satisfied customers into their competitors' arms.
Mac release updates that break functionality with Photoshop/lightroom digital negatives/importing all the time.. be prepared for even worse support than windows, and ridiculous problems where your recommended solution is to buy a new license.
Re: (Score:2)
Not to nit-pick but how is Apples update process any different from the model M$ is moving to ? You get what they give, when they want to give it to you and how they choose to dish it out.
I too like Apple's UI it is quick, slick and keeps several of my extended family members happy, while Windows 7 and 8 work for others that I haven't been able to pry from the platform. I have windows 10 working because I was curious and I know that eventually I am going to have to support it for someone. Other family membe
Re: (Score:3)
On Macs you can turn Auto-Update off and update when and if you ever feel like it.
Re: (Score:3)
You can do the same to windows 7/8, and with a little research even to windows X, though admittedly not as easily. My point was the updates, should you choose to accept them come pre-packaged in a large bundle not a per patch system like M$ KB's used to come. The question was, and still is how do you deal with them if a large rollout causes an interruption due to H/W or S/W failure ?
Re: (Score:2)
Huh? You can ignore updates on OSX. There aren't many of them and when they show up they are well described.
If you're talking about iOS then that's not comparable to Windows; everyone using Windows except for a tiny handful are using it on computers, not Windows Phones. When slashdot talks about Windows, they mean the real Windows.
Re: (Score:2)
Nor does windows 7/8. My point was the updates, should you choose to accept them come pre-packaged in a large bundle not a per patch system like M$ KB's used to come. The question was, and still is how do you deal with them if a large rollout causes an interruption due to H/W or S/W failure ?
Re:Disable, then VM or Mac (Score:5, Informative)
Its like you've never heard of backups. FFS, your wifes photography business sounds like it runs on one windows 7 computer.
A windows update that toasts your 'photo editing environment' is less likely than a variety of hardware failures. I'm sure, since you are clearly so conscientious about the reliability and accessibility of this environment, that you have a proper backup solution in place.
So.. in the unlikely event of an update fiasco... roll back, and carry on...
For a large enterprises, where it actually makes sense to lab test an update before rolling it out this doesn't work... but for 'your wifes photography business' I can't really figure out what you are trying to accomplish.
And EVEN the enterprise guys can still lab test before letting the cumulative update through to production... and hold it up if there is an issue. (Although its less clear how they resolve a problem.) But that is a whole other situation.
Re: (Score:3)
Its like you've never heard of backups. .
We actually do have a pretty decent backup regimen for the photographs themselves, including online, nearline, and offsite tiers. The photographs are irreplaceable.
However, Windows is not my day-job OS, and I need to be economical with the time, energy, and number of neurons I spend babysitting that OS. I can institute such a backup policy if necessary, but the more Microsoft makes it necessary, that more likely I am to just switch to a platform that's more reliable and is easier to rebuild.
Re: (Score:3)
However, Windows is not my day-job OS, and I need to be economical with the time, energy, and number of neurons I spend babysitting that OS.
So what were you doing up until now? Reading each KB article? Vetting each update on a test system? I dont' really see that based on you response, so how on earth does THIS cumulative update model really change anything for YOU exactly?!!
Meanwhile, a dead simple off-the-shelf backup software packages for windows suitable for a single system seems like a perfect solution...
For example...this is pretty much exactly what you seem to need...but choose any you like.
http://www.acronis.com/en-us/p... [acronis.com]
Full Disk-Image Backup
Back up your entire computer including your operating system, applications and data, not just files and folders to an external hard drive or NAS.
You've alread
Re: Disable, then VM or Mac (Score:2)
You're worried about her workflow but you're going to completely change her environment and make her learn a new way of working? Seriously I'd be more worried about Adobe than Microsoft breaking something.
BTW, I guess your wife's professional setup doesn't rely on 10-bit graphics? I can see banding in blue sky gradients in Lightroom on my MBP.
Re: (Score:2)
My wife's photography business currently runs on Windows 7. We can't accept the risk of Microsoft screwing up her production environment (Photoshop + Lightroom).
As a matter of interest why has the risk profiled suddenly changed for you? Have you been running your machine unpatched for years? Do you think there's something magically worse about a cumulative update vs installing 10 single updates? Did your computer melt into a puddle when you installed the Windows 7 sevice packs?
The cumulative update process still gives you the option to defer updates as it does in Windows 10 so that any issues are fleshed out before the update gets pushed to you.
Now a few more quest
OSX / Linux (Score:3)
Honestly, I only run Windows for a few specific applications now. I use Windows so infrequently that whenever I boot that disk I have 30+ updates to install. I am very happy with the OS X UI and find it to be much less distracting than the live tiles. Virtual Box works fine for most Windows needs.
The Live tiles are always tempting me to get off task and go look at something more interesting than my work.
Microsoft's underestimating their legacy base (Score:5, Interesting)
Appy app apps guy is right - the future in everyone's mind is Apps, not some LUDDITE desktop application or "pre-App web app" -- but I think Microsoft is really dismissing how much legacy code is out there and is broken by various updates. I do systems integration work with an end user desktop focus, and there are _so many_ crappy IE-only, ActiveX or Java applet or Flash or Shockwave (!) monstrosities lurking in corporate IT shops everywhere. Most of it isn't even in-house developed - it was written by really expensive consultants who want another few million to modernize it.
It will be very interesting to see how they pull this off - whether there will be an exception for Enterprise, etc.
Re: (Score:2)
It should be a lesson that if you build on proprietary technologies, you might end up in a mess if the owner of the technology abandons it in favor of a better alternative. Use open non proprietary technologies, they live much much longer. Take TCP for example, everyone still uses it. There were probably tons of proprietary competitors to TCP, but all of them died because in the long (and I mean decades) run, open solutions win.
Re: (Score:2)
I had any illusions that they cared about that sort of thing shattered when they dumped Visual Basic. It was huge in industry and millions (perhaps hundreds of millions) of lines of code, representing untold millions of dollars, suddenly became legacy code. (VB.NET was/is a completely different language)
Re: (Score:2)
"Cumulative updates might help with this - because the bugfix will be incorporated into the next month's cumulative update meaning getting the bugfixed version will be straightforward."
The problem comes not from the cumulative bug fixes, but the applications that, for one reason or another, rely on the buggy behavior. Concrete example - Microsoft has for some time now made IE updates cumulative for the very same reasons they're citing here -- better testing, etc. Since then, I have had more than one inciden
Re: (Score:3)
Are you afraid of MS delibrately breaking them?
They've done it many times before. They did it just last week. They will do it again.
Al-la-carte increased complexity of patches (Score:3, Insightful)
Do people really think al-la-carte Windows patches were a good solution for complexity and stability of the OS? What about when you needed to reboot 5 times to get a new XP install current or that the time to patch was longer than the time to infect from internet worms?
Apple just has cumulative patches for iOS and macOs and it isn't a terrible problem for them; it probably makes more reliable than having to test every combination for interactions.
Re:Al-la-carte increased complexity of patches (Score:5, Insightful)
But is Apple installing telemetry and all sorts of crap that spies on their users? That's why people want to be able to pick and choose which updates they install. My feeling is the only reason MS is doing it this way is to get that telemetry onto all the computers that refused to install it.
Re: (Score:2)
Yep, at least it seems that by default they know your ip address as soon as you connect to the Internet. Every time a friend comes by with an iPhone/iPad/iWhatever, I see denied push packets from Apple at my public IP facing firewall.
Re: Al-la-carte increased complexity of patches (Score:3)
So a friend visits with their device. The device logs onto your wifi (after you gave them the password) and then are surprised to see the device locating itself so that emails and iMessage works
Can you explain why an apple device is different from a Google device doing the same thing with hangouts and gmail?
Re: (Score:2)
Yes ala-carte is a better solution. Because Microsoft's patches can cause worse problems and headaches than malware. We have anti-malware that reduces the problem to manageable levels. The advice to do what Microsoft tells you to do is just fear mongering designed to keep Microsoft in business. Which of course you work for.
WSUS Offline (Score:5, Informative)
We'll see what happens, but for now I've taken the precaution of using WSUS Offline [wsusoffline.net] to download all updates as of today. If I ever need to install Windows 7 again I have my original disc (and backed up ISO on cloud storage) and I can use the update installer from WSUS Offline to apply the updates I downloaded without ever needing to put the computer on the Internet. (And yes, this tool lets you add specific updates to an exclusion list so that they don't get installed).
My long term use of Windows is ending (Score:5, Insightful)
It is so sad to see it come to such a painful end. I actually bought Windows 1.0 in my youth and have had a machine running a Windows version ever since. I did manage to skip the most disastrous versions (ME, Vista, Bob and friends) and as a result had a pretty good run. By Windows 7 it had finally become a stable workhorse OS that, for a time, served me well as its owner and master.
With Windows 8.x and then 10 it became evident that Windows as an OS no longer served me as its (paid and rightful) owner but instead answered to an increasingly malevolent master who was working against my will and interests. Its aim was nothing other than to harvest and sell me, my identity, my movements, my thoughts, my keystrokes, as a product like any other meat based commodity. I knew I could not in good conscious willingly give myself over to such abuses. I concluded that Windows 7 would be my last Windows and in my personal view was THE last Windows as I knew the product all these years, with the things that came after no longer sharing a common purpose with those that came before.
While corrupting the Windows brand was bad even more nefarious was to take the Windows 7 the I own now away from me. The tried heartily to wear me down with deceptive pop-ups and then with malicious corrupting patches but, through great effort, I diligently thwarted them all. Now it seems the end has come, my paid copy of Windows 7 Professional will be corrupted by force or left to wither and be ravaged by wild dogs and the NSA in what I personally view to be a heinous crime against all humanity.
As a long term Microsoft customer, the sentiment I now associate most with the company is betrayal.
"security-only" bundle (Score:3, Interesting)
Good (Score:2)
Re: (Score:2)
It is comical to think that IT departments can "pick and choose" which patches to install. They aren't qualified to know which are important or not. I know a lot of corporate IT does this: they select only selected patches that they have supposedly "tested".
Ok explain how you can secure 5,000 machines where a single infection with ransomwaqre can get you reprimanded AND not have anything break?
The way I would handle any important system (Score:5, Insightful)
To protect myself from any of these occurrences, I keep regular backups. I take these backups at a frequency similar to the amount of data I am willing to lose in the event of any failure (including "evil" actions on behalf of my OS vendor.) For me the frequency of backups is generally daily.
Note that I use the term OS vendor instead of Microsoft here, this because I run several computers with several operating systems (Microsoft, Linux(s), others) and I have had them all screw up a patch.
Since I have chosen not to write or personally review the source code for all the software I use (because I don't have that kind of time), I choose to outsource that work to several vendors, one of which is Microsoft. Yes, there are risks to running software from Microsoft (or any other vendor), Microsoft may not have my best interests in mind. However their software meets my needs and I have made the calculation that the value the software provides outweighs the risks.
Re: (Score:2)
I will apply all the patches that the vendor supplies in an automated way where possible and where not, as soon as is practical. While it is true that a vendor could screw up a patch, it is also true that my hard drive could die, malware could get on my system, an other hardware or software problem could corrupt my data, or I could just screw up and delete data myself.
To protect myself from any of these occurrences, I keep regular backups. I take these backups at a frequency similar to the amount of data I am willing to lose in the event of any failure (including "evil" actions on behalf of my OS vendor.) For me the frequency of backups is generally daily.
Note that I use the term OS vendor instead of Microsoft here, this because I run several computers with several operating systems (Microsoft, Linux(s), others) and I have had them all screw up a patch.
Since I have chosen not to write or personally review the source code for all the software I use (because I don't have that kind of time), I choose to outsource that work to several vendors, one of which is Microsoft. Yes, there are risks to running software from Microsoft (or any other vendor), Microsoft may not have my best interests in mind. However their software meets my needs and I have made the calculation that the value the software provides outweighs the risks.
AMEN Nkwe!
Security only for servers, with one or two full rollups per year (in low demand periods, with full en-garde vendor support).
And full rollups monthly for desktops, but in waves, over one or two weeks, starting with less critical groups, and moving onwards in the criticality (Or, artenatively, with canaries in each and every group, and moving onwards to the rest of the respective teams).
And all this backed up (pun intended) with full backups (Baremetal recovery ones right before 'em patches)
Re:The way I would handle any important system (Score:5, Insightful)
Yes, there are risks to running software from Microsoft (or any other vendor), Microsoft may not have my best interests in mind. However their software meets my needs and I have made the calculation that the value the software provides outweighs the risks.
I think what you're missing is that your calculation is rapidly becoming inaccurate. In the past, Microsoft had to make sure that their software met your (the customer's) needs or they would lose that customer. Their best interest was to prioritize the best interests of their customer base, because they would then keep buying Windows-based computers which is where the revenue came from. Now that the market has shifted, they are placing their interests before that of the customer, and the value of the OS is thus diminished. What people are talking about is not the status quo you refer to that has been true for a few decades, rather it's the status quo that seems to be coming which looks much different. It's one in which you are not the customer to which the software needs to provide value, you are the product. The software will be providing value to the actual customers of Microsoft, which are likely those who want to advertise to you, sell to you and monitor you.
so dialup / system on ISP with very small caps (Score:2)
so dialup / system on ISP with very small caps may not get any updates and people with small caps may not want to download an 500-700MB update each month.
Re: (Score:2)
Windows 7 Best OS (Score:4, Interesting)
I still consider Windows 7 as the best OS Microsoft ever made. As far as updates go I completely disabled them after the update gate fiasco. If you feel like me and had to disable windows updates because you can't trust them not to update your entire operating system then it's probably best to part ways, like a psychotic girlfriend that spies on your every move. Trust is a two way street. Once you break that trust the relationship can never be the same. Time for me to go back to Linux. As unrefined as it is, at least they're trying to do good things for their users instead of exploiting them. I'll never run a Mac OS or Google OS for the same reason. Microsoft didn't just cross the line, they got in a spaceship and flew light years past it at ludicrous speed.
Linux (Score:4, Insightful)
>"Ask Slashdot: How Will You Handle Microsoft's New 'Cumulative' Windows Updates?"
I run Linux and have for decades. That is how I handle dealing with Microsoft. Of course, that doesn't do most people much good...but people allow themselves to be slaves to Microsoft. The stunts Microsoft has pulled over the last several years shows they are just as controlling, unreasonable, and manipulative as ever.
There is never a better time to move away from MS-Windows.... Linux is just as robust as ever, it has a lot of great applications, lots of support structure, and more and more business software is finally moving to be cloud based and/or web-front ended so the clients can run whatever they like.
Change is never easy, though.
Re: (Score:2)
>Go fuck yourself, Mark Davis.
Brilliant, informative, and insightful reply, Anonymous Coward. I wonder how much you are being paid to be a troll.
Hotfixes were always cumulative. (Score:5, Informative)
Microsoft hotfixes were never "individual" in the first place.
There are two servicing branches for Windows. GDR and LDR. GDR is what used to go out on Windows Update. LDR is for changes that are considered more risky, and is a superset which also contains GDR changes. All changes are cumulative, per binary. Once you install an LDR fix, that binary stays on LDR branch until a service pack is applied.
At service pack time, GDR and LDR branches are merged.
There's no such thing as an "individual" Microsoft patch. All binaries are patched cumulatively; the only question is what cumulative version you have installed for a given binary.
All that's changed is that they don't want to actually document bugs that are fixed in the hotfixes in detail, and they want to force everyone to more or less the same patch level, because 90% of the time, customers having problems are running old bits that aren't being tested by Microsoft any more. There's an ongoing religious argument over "patch to the latest" vs "don't touch it to keep it stable". But in truth, if you hit a new, unfixed bug, and Microsoft created a new hotfix for you, or even if you just install the latest security update, you were always forced to accept all the cumulative changes between the patchlevel you were at, and the new hotfix you are installing. It's just that at the moment the heavy handed "force em to patch" faction has the upper hand at Microsoft now.
No updates are good updates (Score:2, Informative)
I still use Windows 7. It is what my company uses and I have to maintain a certain degree of compatibility. I also create content, both for myself and for the company I work for. I've avoided MS updates for years simply because Microsoft has proven time and time again that they cannot be trusted, and guess what. Everything still works. My non-Microsoft applications do not mysteriously uninstall themselves after an update, the driver for my printer/scanner does not suddenly stop working because it is not "th
Patch as we always do. (Score:2)
Frankly, if this finally fixes the issue where windows 7 searches windows update for hours taking 100% of a core and 1-2GB of RAM in the process then I'm all for it.
One of the reasons I was recommending people to upgrade to windows 10 was for this issue alone. Hell, Half of my "my computer is slow" calls this week were for this issue alone, which now I can't recommend to upgrade to 10 cause it's no longer (technically) free.
Re: (Score:2)
The last full installer of widows 10 not the anniversary update (untested) will update both updates and clean installs of windows 7 and 8 keys with full activation of windows 10 after the free cut off date.
Re: (Score:2)
Yes i know that. That's where the 'technically' in my first post comes in. Anniversary Does not take 7 or 8 keys at least from the test I did but the December update still does and you can update that to anniversary no problem, but no one really knows if it's going to come up as a pirate at some point or another. I highly doubt MS will do this but you never know.
It would have been just easier to extend the free offer indefinitely but if MS doesn't want to do that then so be it.
Re: (Score:2)
Anniversary Does not take 7 or 8 keys why??
It just makes it harder on people who want to a clean install down the road on systems with good keys be for the cut off date.
Re:Patch as we always do. (Score:4, Informative)
rankly, if this finally fixes the issue where windows 7 searches windows update for hours taking 100% of a core and 1-2GB of RAM in the process then I'm all for it.
Microsoft broke windows update on purpose here. The solution is to (1) disable windows update (2) reboot (3) download the june (?) update to windows update via web browser (4) install it (5) now download the latest windows update via web browser (6) install that too.
Now it will work again.
One of the reasons I was recommending people to upgrade to windows 10 was for this issue alone
Thats why they broke it on purpose.
Just roll with it (Score:3)
Should they use AutoPatcher? Switch to Linux? Or just disconnect their Windows boxes from the internet
How about just...fucking apply the cumulative updates and move on?
Grudgingly, an improvement (Score:2)
Windows is a monolithic mess, and managing patches for it has always been difficult. A lot of these patches require newer updates anyway, so it's just easier to delay, test, and then iterate mass-deployment rather than manage on a per patch basis. In the past, I'd just wait for the service pack and install that when the time came rather than dealing with the individual updates, unless I really needed a fix RTFN. Then MS killed the service packs. I guess this is a return to that, with more frequency.
If thi
Re: (Score:2)
If you can't trust the patches, why are you trusting the OS and its vendor?
Are you looking for someone safe to blindly trust?
Thats your problem right there. Nobody is safe to blindly trust.
Re: (Score:2)
Of course not, but if you don't care about the trustworthiness of the vendor or OS, the trustworthiness of the patches is irrelevant as is the debate over patch control, at least as far as security goes.
Re: (Score:2)
You say that all high and mighty like you haven't managed 80,000 computers who run dozens of combinations of software where our customers demand 99.97% uptime YET DEMAND no ransomware and security for HIPPA and PCI credit processing compliance!
We CANNOT RUN some updates. IE 6 uses TLS 1.,0 and it breaks the clients 17 year old app so that security patch can not work. We use App-v to run the ancient app as one example.
How is this an improvement? We have one guy whose sole job is mostly just testing patches a
Re: (Score:2)
High and mighty? wtf? I just said that in my experience testing and updating 1 service pack a year is a lot easier than queuing up a half dozen 'batch tuesdays' worth of patches to test every month. The other nice thing about them is they weren't forced. Obviously, my solution for win10 only works well for personal machines, or maybe a small office.
Overall, I agree with your post, but good luck managing all those patches. Don't be angry with me. Be angry with microsoft, and possibly the vendors of whatever
If you don't trust the vendor ... (Score:3)
If you don't trust the vendor, then it's time to look at someone else's products.
That being said, we are talking about Microsoft here. Many people disagree with their decisions, but they are more or less reliable. Their marketing may be agressive, but they aren't going to go to the point of breaking a product on purpose. They are going to test their patches to the best of their ability, and they are a large enough firm to have the means to do it well. Yes, there will be problems for some users. That is to be expected. Unlike many vendors, Microsoft has relatively little control over the hardware their product is used on or the software that is used on their operating system. So do take precautions like doing regular backups and be prepared to restore those backups if you end up being an edge case where things break.
While you can possibly do better than Microsoft, you can certainly do worse.
Why not have an 7 SP2 and 8.2 to have a new base (Score:2)
Why not have an 7 SP2 and 8.2 to have a new base level before starting this
Re:Why not have an 7 SP2... they do (sort of) (Score:2)
MS recently released an official update roll-up for win7 SP1, including all post SP1 updates up to May 2016 (I think)
They don't want to call it a SP because that would force them to increase the support deadline for the OS, which we know they don't want to do.
That in fact is the reason windows service packs have gone extinct, or at least are rebranded as other forms of cumulative updates.
Nothing for windows 8.x that I know of
What happens to the zero day updates (Score:2)
What happens to the zero day updates that some times comes out.
Don't give a fuck (Score:2)
I don't care what MS does. Fuck them. It's obvious this is a plan to get people to upgrade to W10, which by the way they are forcing it, means you want to stay really far away from it.
I wait on installing updates anyways, since MS has shown they will push broken updates and push telemetry data bullshit on windows 7 also.
Switch (Score:2)
"This has one anonymous Slashdot reader asking what's the alternative"
Switch OSs.
Mac.
Linux.
Unix.
Don't use Microsoft (Score:2)
Move any real work over to an OS you have full control over.
Use and enjoy Microsoft for games, end user testing, just move the real world important work away from any MS product.
Trying to work around and with mandated, pushed updates is extra work. That time could go to product testing, development on any better OS that is totally controlled in house.
Re: (Score:3)
Easy for you to say. Home users rarely are impacted except for a few scattered Windows 10 users with funky old drivers from updates.
What this shitstorm is going to hit is the enterprise. Where a patch can be devestating, but security and being up to date also is a must. Just imagine 100 applications and 70,000 computers all with different needs filled with very old quirky shit taped up where customers still demand we use IE 6 for much of it. We have a hack to get it to work under Windows 7 with Citrix. Thes
easy (Score:4, Interesting)
Back in the days of XP SP1 I bought a laptop. It wanted to install a "security update" right away, but I put it off. wanting to get comfortable with my new computer and my new operating system first. I also used a live Linux CD on the computer a lot.And if you recall, these were the days that Microsoft was particularly vocal about their hatred for Linux. After about a month I finally told Windows that it could install the "Security Update". I didn't notice any obvious change in Windows, but I did see one big change with my laptop, it could no longer connect to the Internet when I ran my live CD!
I checked everything. The CD was still the same and still had the proper CRC checksum. I made another CD anyway but, as expected, the results were the same. After a lot of work I finally tracked down the problem. The laptop NIC, like all modern NICs, had a small eeprom on it that stored the MAC address (that's how they can mass produce NICs that all have unique MAC addresses). And it turns out that there is plenty of extra space in the eeprom not needed for the MAC address, and the NIC used that space to store start up configuration settings, and mine were now set to values that made no sense and kept the NIC from working properly. Interestingly, XP ignored how the NIC was configured and reconfigured it as it wanted so that the device would work. But Linux, which worked fine on the computer for a month, didn't suspect that anything was wrong and tried to use my hardware as it was configured.
Once I understood this I was able to run :Linux again. It was a pain, I had to manually issue some commands every time I booted the CD, but I was able to work around the problem. Eventually Linux code was changed to not trust configuration settings and configure the NIC in the same way that Windows did and I no longer had to manually reconfigure the NIC on every boot.
I'm a cautious computer user. I have a decent hardware firewall and I also use a good software firewall (not one from Microsoft). So now I was in a position where the only malware that had ever done me harm was a Microsoft Windows Update. It wasn't too hard to figure out how to not experience another problem like this one. I've never accepted a software update from the malware provider who screwed me since then. I never will. I have had no malware experiences since then. So how I'll deal with the new update policy is to leave my Windows settings just as they are and not let Microsoft break anything else.
Updates off (Score:3)
My main box has been Linux. It is a lot more hassle to run Windows stuff under Linux, of course, but the writing was on the wall when Windows 10 seemed so sketchy. When I found out that the telemetry updates had been pushed MONTHS prior and then went live for 7 and 8, that was what made it clear to me that I must switch sooner: that was hugely disingenuous. I dual booted for awhile to get stuff switched over, and now my box's Microsoft code is DLLs for WINE.
What I COULD do, if I was inclined to keep a Windows partition around, is to grab just the security updates, and use those. That's probably what most slashdotters who give a fuck will do. I just don't give a fuck. I just can't ever keep up with the endless update debt of Windows, and fighting that seems almost impossible. It's this huge list of everchanging clusterfuck, and if I'm going to have to sysadmin my shit, it may as well be on an OS that isn't actively trying to fuck me over. I'd much rather prefer the accidental breakage of New Bullshit than the deliberate breakage of Known Hostile Entity.
At work, our Linux boxes obviously don't care about this, and our Windows boxes are Somebody Else's Problem, but those are Enterprise, so who cares anyway.
But I'll just use Fedora.
It is said, Windows users will put up with anything. Well, I won't, which is why I'm not a Windows user.
Simple, I don't run Win 7/8.1, I run Win 10 (Score:5, Insightful)
As a counter for all the MS hate around here and all the Linux fans who think it will be taking over the world someday soon...
Windows 10 works just fine, I have it installed on over 20 computers, I've installed it on many more, it works very well...
I used Windows 7 the other day, it felt old all of a sudden, amazing when it felt so new just 7 years ago, but it is now out of date and the idea of staying on Win 7/8.1 is just not reasonable anymore...
Yes, you can use Linux if you want to, it has a purpose, but it won't be replacing Windows as the mass market desktop OS, well... ever...
Something else might, OS X could if Apple would licence it for use on other computers besides Macs, but really there isn't anything else for the mass market...
Re: (Score:2)
I do agree. I still use Windows because so much of my essential software will only run on Windows.
I have a string of Unix qualifications dating back many years. I have a couple of Linux machines and periodically try new releases, but I always seem to run into some major problem...
However my main dislike of Linux is what I perceive as the childish users and flakey implementations. Really garish screens with dragons, blood, skulls and the like.
This whole thread is such a good example. The original OP asked a
Re:Simple, I don't run Win 7/8.1, I run Win 10 (Score:5, Insightful)
> Windows 10 works just fine if you don't care about being spied on.
FTFY. When even MS admits they Are unable to stop Windows 10 tracking [forbes.com] then you've just admitting to being MS's bitch. But I guess you have no respect for yourself since MS sure doesn't have any for you.
Only a complete idiot blindly trusts Microsoft.
The rest of us actually have a pair and don't allow MS to pretend they own our computers, nor our network connections.
> I used Windows 7 the other day, it felt old all of a sudden,
Ah, that explains it -- just another dumb hipster who thinks "Ooh, shiny!" is somehow more magically stable then something that has been around for a while. Windows 10 == more lines of code == more bugs, but keep on being a shill because Windows 7 works just fine for those of us using it.
But I don't expect an apologist to understand why Microsoft's forced upgrades on Windows 7 and Window 8 users leaves a bad taste with customers and users start looking for alternatives.
WSUS offline + PortableUpdate (Score:2)
I run windows 7 because I use my PC for gaming. By the time win7 is no longer supported by the latest games I expect steamOS/linux to have caught up on gaming performance/compatibility and I can leave microsoft forever. I refuse to use win8.x or win10 and I highly doubt microsoft will ever make a good OS (like XP or 7) again. Until then...
From October I will be disabling windows update and manually downloading the monthly security-only updates from microsoft.
I will be using WSUS offline and PortableUpdat
Jhou vill take it and jhou vill like eeet (Score:4, Informative)
This is just Microsoft's way of removing your ability to cherry pick which updates you will install, and which ones you won't.
This allows them to wrap one of those Windows 10 upgrade updates into a critical bug update so you have to choose.
Kinda like how Congress wraps their stupid little pet projects and other bullshit that would never pass muster in a million years into a general budget or defense budget bill.
I switched to Linux, here is why.... (Score:3)
So I had messed around with various distributions of linux over they years (and frequently work on linux/unix/solaris systems at work) but had never taken the full plunge for my personal daily driver until a couple of months ago. I had take the Win10 upgrade from the win7 that had original shipped, and didn't have any issues with drivers/etc. but something kept bothering me. It started with not being able to control when updates occurred, I'd be in the middle of something and windows would decide that right now was when it had to update. There isn't much the torques me more than being interrupted when trying to hack out some code. Then I was trying to boot a newer linux distro off a thumb drive and found the startup process wasn't letting me get to the bios to choose the boot device, which I found out was due to the computer being in some sort of hibernate state even though I told windows to shut down. Apparently in order to improve boot times Win10 actually puts the system in a hibernate like state when you shut down, unless you hack the registry or use a special parm on a shutdown command.
TL;DR I got fed up with it and switched to Ubuntu-MATE, and replaced the hard drive with a SSD. Booting from cold no takes 15 seconds including entering the password.
Ask Slashdot: How Will You Handle Microsoft's... (Score:5, Interesting)
Re: (Score:2)
You can run the disk cleanup wizard to get rid of a lot of that cruft.
Re: (Score:2)
Re: Very easily (Score:2)
Re: (Score:2, Insightful)
As the Snowden leaks showed the people calling others tinfoil hats were pretty damn naive.
Re:My opinion... (Score:5, Insightful)
> Windows haters can do the same, in case it's over fake "security concerns" w.r.t. Windows 10, in which case, they need a one-way trip to Guantanamo Bay in order to learn what REAL invasion of privacy is. Fucking children.
You should probably look into what you agreed to send Microsoft in the EULA (hint: everything you ever do, say, everyone you know, who you communicate with, the contents of those communications, etc etc etc).
But keep going with that amazing comparison. You could write ad copy:
"Microsoft Windows: It's better than being detained indefinitely and tortured in a military prison on a communist island!"
That you have to compare a long term detainment and part time torture camp to the OS you bought and paid for shows just how Windows users will put up with anything. Ludicrous comparison to compare something you buy and pay for with indefinite detention.