Slashdot Mirror

Vista is still in extended support until April 2017. source

Okay, Microsoft has been injecting all sorts of stuff in their interest a the expense of their customers since Windows XP (WGA). We've had more "phone home" since WGA, and progressively more with each release. Windows 10 is the result of prodding a broom handle up our butts progressively deeper and seeing how deep it goes before we say "stop". The "telemetry" (really?!?) data collection, which MS admits you cannot turn off, and now ads in IE?

It just isn't data collection Microsoft has a full blown BACKDOOR it can deploy at will to exfiltrate ANYTHING it wants from a Windows 10 users system by DEFAULT without their CONSENT or KNOWLEDGE.

https://technet.microsoft.com/...

When do we say "enough is enough".

The most egregious aspect of this in my view is actually the domain check. It is one thing to hide political messages in a security update. I don't consider this to be defensible behavior.

To me the domain check signals Microsoft knows full well what they are doing is wrong so they installed a little check to limit outrage and damage from customers who pay them the most money. It reflects a willfully deliberate calculation of what they believe they can get away with.

Unless you are a gamer or have specific hardware (medical mainly), nobody needs MS Windows

Thank goodness cost of developing multi-platform games continues to fall as major game engines support more platforms out of the box and Vulkan inevitably overtakes dx12.

No where in the security fix description does it say its going to install something completely unrelated that nags you about updating to Windows 10.

This is not strictly true. The KB article for MS16-023 (KB3139929), under 'More Information', has 'Nonsecurity-related fixes that are included in this security update', 'General distribution release (GDR) fixes', it lists KB3146449, 'Updated Internet Explorer 11 capabilities to upgrade Windows 8.1 and Windows 7'; if you navigate to the KB article for KB3146449, its description is "This update adds functionality to Internet Explorer 11 on some computers that lets users learn about Windows 10 or start an upgrade to Windows 10." So as long as you're willing to go look up the KB article for the root patch and read it all the way through, and follow all the links to the incorporated KB articles, you'll find out that you may be getting nagware installed on your system, with nothing describing how you can tell whether or not you'll get it unless you just bite the bullet and install the update, then see if you get the nag pop-ups.

No where in the security fix description does it say its going to install something completely unrelated that nags you about updating to Windows 10.

This is not strictly true. The KB article for MS16-023 (KB3139929), under 'More Information', has 'Nonsecurity-related fixes that are included in this security update', 'General distribution release (GDR) fixes', it lists KB3146449, 'Updated Internet Explorer 11 capabilities to upgrade Windows 8.1 and Windows 7'; if you navigate to the KB article for KB3146449, its description is "This update adds functionality to Internet Explorer 11 on some computers that lets users learn about Windows 10 or start an upgrade to Windows 10." So as long as you're willing to go look up the KB article for the root patch and read it all the way through, and follow all the links to the incorporated KB articles, you'll find out that you may be getting nagware installed on your system, with nothing describing how you can tell whether or not you'll get it unless you just bite the bullet and install the update, then see if you get the nag pop-ups.

A trojan horse is something that claims to be something that it isn't. Everything is very up front about what it is so long as you actually read what it is.

It's not up front in this case. Read the description page for KB3139929. You need to dig deep to find that there's an advertisement included. In the list of meta-updates, KB3146449 (which adds the advertisement) is simply described as "Updated Internet Explorer 11 capabilities to upgrade Windows 8.1 and Windows 7".

A trojan horse is something that claims to be something that it isn't. Everything is very up front about what it is so long as you actually read what it is.

It's not up front in this case. Read the description page for KB3139929. You need to dig deep to find that there's an advertisement included. In the list of meta-updates, KB3146449 (which adds the advertisement) is simply described as "Updated Internet Explorer 11 capabilities to upgrade Windows 8.1 and Windows 7".

Pretty good.

- Microsoft giving away free copies of Windows! Damnit...

It's called Programa de DoaÃão de Software (something like "Software Donations Campaign") here in Brazil: it's pretty common in universities here :/

They have been doping for quite a while.
Linux is actually pretty important for Microsoft's Azure cloud platform.
Did you know that Microsoft even has a Linux certification? They do

"How long before we see a version of "Microsoft Linux"?"

About six months ago

https://azure.microsoft.com/en...

Microsoft should adopt the same model.but it would require a herculean effort to get their products up to the same standard of quality.

What, you mean authenticating applications based on a central certification authority? Kind of like what this does: https://msdn.microsoft.com/en-... . Or maybe you mean not allowing the installation of any applications that don't posses a preapproved certificate, in THAT case what you want is this feature over here: https://msdn.microsoft.com/en-... . God forbid you would have to learn how to manage your own certificate chains, afterall the documentation is so difficult to find: https://msdn.microsoft.com/en-... . The only thing missing is the paywall, which isn't really missing since you can pay for a third party authority to verify your certificate. But as we can see by the premise of this article that isn't actually a deterrent is it?

The difference between Microsoft and Apple is the same as it has always been. Apple forces you to follow their policies, Microsoft forces you to live with the consequences of the policies you wrote yourself.

Microsoft should adopt the same model.but it would require a herculean effort to get their products up to the same standard of quality.

What, you mean authenticating applications based on a central certification authority? Kind of like what this does: https://msdn.microsoft.com/en-... . Or maybe you mean not allowing the installation of any applications that don't posses a preapproved certificate, in THAT case what you want is this feature over here: https://msdn.microsoft.com/en-... . God forbid you would have to learn how to manage your own certificate chains, afterall the documentation is so difficult to find: https://msdn.microsoft.com/en-... . The only thing missing is the paywall, which isn't really missing since you can pay for a third party authority to verify your certificate. But as we can see by the premise of this article that isn't actually a deterrent is it?

The difference between Microsoft and Apple is the same as it has always been. Apple forces you to follow their policies, Microsoft forces you to live with the consequences of the policies you wrote yourself.

Microsoft should adopt the same model.but it would require a herculean effort to get their products up to the same standard of quality.

What, you mean authenticating applications based on a central certification authority? Kind of like what this does: https://msdn.microsoft.com/en-... . Or maybe you mean not allowing the installation of any applications that don't posses a preapproved certificate, in THAT case what you want is this feature over here: https://msdn.microsoft.com/en-... . God forbid you would have to learn how to manage your own certificate chains, afterall the documentation is so difficult to find: https://msdn.microsoft.com/en-... . The only thing missing is the paywall, which isn't really missing since you can pay for a third party authority to verify your certificate. But as we can see by the premise of this article that isn't actually a deterrent is it?

The difference between Microsoft and Apple is the same as it has always been. Apple forces you to follow their policies, Microsoft forces you to live with the consequences of the policies you wrote yourself.

It's interesting how cumulative updates have taken a big role in Windows 10. Large packs of updates that service many things. Also it's supposed to make upgrading a fresh OS installation a bit more convenient.

If you want to take a look under the hood, Microsoft provides a list of files (CSV) that KB3140743 patches.

I went into the linked blog post to see what this text-to-speech code (in a vbs script no less!) was all about, and it turns out it's just a couple of lines calling Windows' SpVoice interface. Quite disappointing.

It is about time. The primary Diffie-Hellman key exchange https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange is one of the most basic cryptographic algorithms out there and is still used practically today. The simplest version of it is simple enough that you can explain it to a bright 8th grader. Variants of it, including both the original version and others such as those using elliptic curves are mainstays of practical crypto today.

Moreover, DH key exchange along with RSA started modern crypto in a fundamental way. Prior to that work, the idea was to have the key be completely secret and maximize the fundamental entropy of the encrypted messages, leading to the ultimate logical conclusion of the one-time pad. RSA and DH both showed that instead of relying on high entropy, one can rely on the computational difficulty of actually understanding the order that really is in the encrypted message.

The upshot of DH key exchange is that two people (or computers) have a conversation and at the end of it they will have a shared secret, but no one who is listening even if they hear the entire conversation will have any hope of finding out the shared secret unless they have far more computational power. This is a wildly counterintuitive claim once you hear it, and that lasts for about ten minutes (about as long as it takes to explain their algorithm). It is true that DH iand RSA are both only conjecturally secure, since the difficulty of discrete log and factoring would imply that P != NP (and in fact appear to be much stronger claims), and there are some serious thinkers who have expressed skepticism that such systems really are theoretically secure. (See for example Henry Cohn's short essay here http://research.microsoft.com/en-us/um/people/cohn/Thoughts/factoring.html which focuses on factoring but most of it applies just as well to discrete log). And we know that if we can ever get practical quantum computers working then DH will be breakable, but the overall impact of this work is absolutely undeniable.

So glad that I'm using a webserver that does NOT use this abomination called OpenSSL

It uses the abomination called PolarSSL with its own history of exploitable vulnerabilities.

and was writting with security in mind

Using naÃve heuristics to defend against SQLi and XSS demonstrates the opposite.

Drown, Heartbleed, Slowloris, etc, never caused me any trouble.

Whose fault is allowing SSLv2 and export ciphers in 2016? All those poor site operators... OpenSSL made me do it!!

--
https://technet.microsoft.com/...

https://tools.cisco.com/securi...

https://social.technet.microso...

http://www.kb.cert.org/vuls/id...

It's just a harmless protocol - nothing to worry about.

His response to people scrawling "All Lives Matter" was "All Opinions Matter". Facebook isn't interested in taking a stand on racism, in USA, Germany, or anywhere.

Nor should they.

--
https://technet.microsoft.com/...

an OpenGL emulation running on top of Direct X, as is done on Windows

Stop spewing bullshit. Windows provides a user mode thunk layer to allow installable client drivers (OpenGL, OpenCL, Vulkan, Mantle) to communicate with WDDM kernel mode drivers.

For anyone responsible to even see a trial.

--
https://technet.microsoft.com/...

Those of you who didn't cut corners or use the wrong functions for manipulating date and time pass the test. Your reward is the lingering possibility of being fucked over by vendors who have failed the test.

https://azure.microsoft.com/en...

--
https://technet.microsoft.com/...

Those of you who didn't cut corners or use the wrong functions for manipulating date and time pass the test. Your reward is the lingering possibility of being fucked over by vendors who have failed the test.

https://azure.microsoft.com/en...

--
https://technet.microsoft.com/...

Are we still talking about hard drives and seek time? In 1999 Jim Gray said "These calculations suggest the simple rule: Cache web pages if there is any chance they will be re-referenced within their lifetime." Rules of Thumb in Data Engineering

I'm gonna save my post count because repeating myself is an exercise in futility.

Reread the summary. Seriously. Put your big-boy britches on, read the summary anew, and apply some critical thinking. This isn't even enabled by default. It's not even the solitary option. You have to turn it on AND make sure to leave it (this is the default "on" setting - at least it is on 8) at that setting. If you don't like it, you can pick one of a few different settings.

So, to be clear. There is NO lock-screen by default.
If you enable the lock screen, this is the default setting (on Windows Phone 8).
If you do not like this setting, you can pick others - they do not have ads.
If you do not like any of the settings, you can disable them entirely.
If you want to control it even further, and have the tech chops to do so, there's an API and you can write your own lock-screen.

Here's how for Windows Phone 8:
https://msdn.microsoft.com/en-...

One of these links will help you out with Windows 10:
https://msdn.microsoft.com/lib...

You don't even fucking use a Windows phone. You've never even SEEN a Windows phone. You're never going to BUY a Windows phone. YOU are not the target audience for a Windows phone. Joe Average doesn't give a shit. Joe Average doesn't even have a lock screen. Joe Average sure as hell doesn't even get confused about it - he can figure out how to change it.

This is NOT some sort of major issue and the concern trolling is absurd. There's a million legit reasons to be annoyed with Microsoft. Contrary to popular opinion (though the moderators have since fixed it), there is no outrage here. Read carefully what I've written. If you have a problem understanding it, try again.

It's not on by default. If you turn on the lock screen, this is one of the choices. It is the default choice when you enable the lock screen. If you don't like it, you can use one of a number of other optional screens. Those screens are built in and the options are available to anyone wanting to use them. If you don't like any of the screens, you can even go so far as to make your own. I'm pretty sure there are alternatives right in the App Store.

This is not complicated, this is not a justifiable reason to be outraged. There's no problem here. Nothing... If I were wrong, I'd admit it. I'm *good* at that. If this were sleazy, I'd admit that too. If there were any reason to be pissed, I'd be pissed - I like being pissed off about stuff. I like ranting and raving. I like pitchforks and torches. I like tearing up bad choices and making people realize that they've done stupid things. This? This is not that time. Doing so just makes you look like an ignorant fool who's frothing at the mouth about unseen enemies. You're about a half a step away from standing on the street corner screaming about Jesus and aliens at this point.

Actually, screw it. I'll post this as logged in. Then the rest can see it. I'm not gonna repeat it over and over.

Unless I'm missing something (and I do not believe I am) this is about as much a non-issue as was Google changing their font and favico.ico file. There's a lot of legitimate complaints. This is not one of them.

I'm gonna save my post count because repeating myself is an exercise in futility.

Reread the summary. Seriously. Put your big-boy britches on, read the summary anew, and apply some critical thinking. This isn't even enabled by default. It's not even the solitary option. You have to turn it on AND make sure to leave it (this is the default "on" setting - at least it is on 8) at that setting. If you don't like it, you can pick one of a few different settings.

So, to be clear. There is NO lock-screen by default.
If you enable the lock screen, this is the default setting (on Windows Phone 8).
If you do not like this setting, you can pick others - they do not have ads.
If you do not like any of the settings, you can disable them entirely.
If you want to control it even further, and have the tech chops to do so, there's an API and you can write your own lock-screen.

Here's how for Windows Phone 8:
https://msdn.microsoft.com/en-...

One of these links will help you out with Windows 10:
https://msdn.microsoft.com/lib...

You don't even fucking use a Windows phone. You've never even SEEN a Windows phone. You're never going to BUY a Windows phone. YOU are not the target audience for a Windows phone. Joe Average doesn't give a shit. Joe Average doesn't even have a lock screen. Joe Average sure as hell doesn't even get confused about it - he can figure out how to change it.

This is NOT some sort of major issue and the concern trolling is absurd. There's a million legit reasons to be annoyed with Microsoft. Contrary to popular opinion (though the moderators have since fixed it), there is no outrage here. Read carefully what I've written. If you have a problem understanding it, try again.

It's not on by default. If you turn on the lock screen, this is one of the choices. It is the default choice when you enable the lock screen. If you don't like it, you can use one of a number of other optional screens. Those screens are built in and the options are available to anyone wanting to use them. If you don't like any of the screens, you can even go so far as to make your own. I'm pretty sure there are alternatives right in the App Store.

This is not complicated, this is not a justifiable reason to be outraged. There's no problem here. Nothing... If I were wrong, I'd admit it. I'm *good* at that. If this were sleazy, I'd admit that too. If there were any reason to be pissed, I'd be pissed - I like being pissed off about stuff. I like ranting and raving. I like pitchforks and torches. I like tearing up bad choices and making people realize that they've done stupid things. This? This is not that time. Doing so just makes you look like an ignorant fool who's frothing at the mouth about unseen enemies. You're about a half a step away from standing on the street corner screaming about Jesus and aliens at this point.

Actually, screw it. I'll post this as logged in. Then the rest can see it. I'm not gonna repeat it over and over.

Unless I'm missing something (and I do not believe I am) this is about as much a non-issue as was Google changing their font and favico.ico file. There's a lot of legitimate complaints. This is not one of them.

So you admit it's FUD. There is no suggestion that they have network listeners (which wouldn't work anyway because most people have some kind of router level firewall, and many don't support UPNP).

What difference do modalities make? The fact capability exists and is used without explicit end user knowledge or approval is what matters.

Then you go on to wildly speculate about the mechanism being insecure. Tell

Security is nothing more than expression of value judgments made by individuals. It is not an objective measure. What is deemed secure or not differs with context, value of what is secured, consequence of failure and level trust the individual has developed in individuals and technology charged with implementing security.

The existence of an explicit targeted remote access capability that operates without user knowledge or approval is the definition of insecure in my opinion. I don't know how to trust a corporation that demonstrates such disrespect for the security and privacy of its customers. Without trust there is no security. Without security computers are worthless for many purposes.

There is a lot to be upset about with Windows 10, but I'm fed up of people making stuff up just to jump on the bandwagon. Some of us are looking for hard, objective data. I'm going to see if I can find time to create and post some Wireshark and Fiddler dumps to settle this once and for all.

I don't understand. People are complaining about shit coming from Microsoft's own site and expressed in their own privacy "agreements". Microsoft openly admits to having a backdoor to exfil whatever they want and your fed up with people making stuff up?

https://technet.microsoft.com/...

The summary is not really summary written by the submitter, the second and third sentences are taken verbatim from the Microsoft press release about the acquisition. Seems a bit advertisement-ish to me as well.

http://blogs.microsoft.com/blo...

Below is the third paragraph from the press release link above:

"In conjunction with Visual Studio, Xamarin provides a rich mobile development offering that enables developers to build mobile apps using C# and deliver fully native mobile app experiences to all major devices – including iOS, Android, and Windows. Xamarin’s approach enables developers to take advantage of the productivity and power of .NET to build mobile apps, and to use C# to write to the full set of native APIs and mobile capabilities provided by each device platform. This enables developers to easily share common app code across their iOS, Android and Windows apps while still delivering fully native experiences for each of the platforms. Xamarin’s unique solution has fueled amazing growth for more than four years."

How about, a download? (ducks)

Totally agree with this comment and I am not sure but I think Mark Russinovich still write it? (not 100% sure anymore) but it is pretty much the most indepth to Windows in book form. I had a copy for Win 7 back in the day and it was great. Just not my learning style though. Otherwise you have to hunt and peck online for what you need (my preferred method).

Mark Russinovich's write up on the Sony Rootkit a don't miss piece https://blogs.technet.microsof...

While not a book the Systernal programs: Process Explorer, Process Monitor, and Autoruns are a must have, Process Monitor while not easy can follow a program to spot your query.

Autoruns is pry the most important program you can run on a windows OS, it show everything that loads on boot up; Must set Options > Filter Options > unhide Microsoft entries as you can't trust MS anymore.

The GWX entries can be left alone as long as you take ownership then delete the directory Windows\system32\GWX (these are all Microsoft entries).

Agreed.

But if one is forced I've always liked Black Vipers Window's Service Configuration Guides

i.e.

* Windows 10
* Windows 7 SP1
etc.

--
Microsoft UI retards: Where is the < 100% font scaling option? Custom scaling?? Config per monitor???

Technet is what MS oriented IT professionals use nowdays. Detailed and only way to pass the MCSE exams.

Today it is far more convenient to get this info from the internet from multiple sources. So there isn't much of a market in all encompassing technical books.

TechNet: Windows 10, for example.

Hi there, It's a shame everyone is just telling you not to use it, instead of being somewhat helpful. I am but a simple sysadmin and am too much of a burnout to do any development work, but have you checked out Microsoft's online resources? It looks like the Microsoft Virtual Academy at least has some info on the subject: MSVA The SDK is available on Windows Dev Center -- I don't know what you've looked through yet, but I don't think there's going to be a silver bullet for this one. Try to hobble along with MS Virtual Academy and the Devel blogs until someone releases a book/guide with everything you need.

Corporate email is only accessible over IMAP with SSL/TLS, even through a VPN because that's how Exchange Server is configured out of the box for IMAP

That's just bullshit... I can't be bothered to look beyond Exchange 2013, but it's not TLS by default: https://technet.microsoft.com/...

When you install Microsoft Exchange Server 2013, IMAP4 client connectivity isn't enabled. To enable IMAP4 client connectivity, you need to start two IMAP services, the Microsoft Exchange IMAP4 service and the Microsoft Exchange IMAP4 Backend service. When you enable IMAP4, Exchange 2013 accepts unsecured IMAP4 client communications on port 143 and over port 993 using Secure Sockets Layer (SSL).

Not that "Corporate" even means Exchange in all cases.

The More Information section of at least one of the knowledge base articles mention...

So I went to the linked article which pointed me for further information to a MS security bulletin which said I needed to refer to a KB article which sent me back to the security bulletin. I think I saw a white rabbit with a wristwatch at some point too. In any case I think what MS is trying to tell us is that they have a problem with too many levels of indirection through pointers.

The More Information section of at least one of the knowledge base articles mention...

So I went to the linked article which pointed me for further information to a MS security bulletin which said I needed to refer to a KB article which sent me back to the security bulletin. I think I saw a white rabbit with a wristwatch at some point too. In any case I think what MS is trying to tell us is that they have a problem with too many levels of indirection through pointers.

The More Information section of at least one of the knowledge base articles mention...

So I went to the linked article which pointed me for further information to a MS security bulletin which said I needed to refer to a KB article which sent me back to the security bulletin. I think I saw a white rabbit with a wristwatch at some point too. In any case I think what MS is trying to tell us is that they have a problem with too many levels of indirection through pointers.

The More Information section of at least one of the knowledge base articles mention...

So I went to the linked article which pointed me for further information to a MS security bulletin which said I needed to refer to a KB article which sent me back to the security bulletin. I think I saw a white rabbit with a wristwatch at some point too. In any case I think what MS is trying to tell us is that they have a problem with too many levels of indirection through pointers.

If you want more LEGITIMATE sources how about Ars Technica, or how about MSFT themselves for a source? And please note that 19 pages of shit running in the background that CANNOT be turned off by anybody that isn't running Enterprise, aka "Not you you filthy peasant pissant". Also note that MSFT themselves have stated that will NOT turn off all phoning home, so even Enterprise can't completely STFU that OS!

It takes about 15 minutes to make Win 7 as quiet as a church mouse, with no phoning anybody, about 30 for 8.1, Windows 10? So far nobody has been able to stop it, not using MSFT's own tools, not using third party, NOBODY. Hmmm...let me think...is there any other software that the user 1.- Has no control over, 2.- Makes connections the user cannot stop, and 3.- Resists both first and third party tools to try to deal with it? Why yes there is...its called malware.

There is an active and vocal thread (one of many) that lead me to believe that there are a lot of people affected. Personally, I re-installed Win10 from ISO and the problem went away.

You are assuming that there was something wrong with the updates rather than something wrong with the way Corel had programmed VideoStudio. The More Information section of at least one of the knowledge base articles mentions VideoStudio (X8 and X9) and suggests that you install the updates from Corel to fix the crashing issues.

I have no idea if that actually fixes the problem or just puts the onus to fix it back onto Corel, but it does indicate that this might not be a mistake on Microsoft's part.

I am pretty sure I was physically present (more) for the announcement. I was a guest. I am that confident. So, whatever weight that carries, that's what it is. I can not say with any certainty that it was the wrong source. I would not say that certain to be the right source. I have zero way to prove that to you and I will not make the claim with any certainty nor give any appreciable input other than that. In fact, you can stop reading here.

But, I'm pretty certain. I know the people who were there. It was us, screaming at our leads, in the MVP program, that got the source opened up - and not the crazy guys with beards and spittle. You can see how it started...

https://www.microsoft.com/en-u...

You? You gotta sign shit and become a partner, or find another license to get into - they have a bunch there, OEM works for anyone. That's free, it's how you get to the NDA Just sign up as a partner, apply as an OEM. They'll give it to you as a system builder. You know how to build a computer? Congratulations, you're a registered parter with Microsoft and you're an OEM. Now, you can access it too! You gotta sign the NDA and that's about it, I think? I got it a slightly different way, I went through the MVP program and I'm assured they're the same thing. Unless you're an MVP, you have to do it the OEM way as a partner. It's free.

That's here:

https://www.microsoft.com/en-u...

(Click on OEM thingy and get started. I gotta mention this part again --> You gotta be a Partner to do that, it should help you get it set up.)

In there are directions to get the source code. Follow 'em. You gotta request one thing at a time, pretty much. You ask for specific code. They're not just going to send you all of Windows 7 just for shits and giggles. Just make something up and ask for it in small pieces? Eventually they'll tell you now? I don't know, they've never told me no. I haven't asked for anything in a *long* time. (It has been available for a long time. It's not open source - but you can see it. You can't do much else. You can see it.)

I have no reason to doubt the code, I want to say that I was in the room when it was announced. I'm actually not sure if it was there or in an email/mailing list. There were reporters. I think we might have heard about it the night before and it was announced at a press conference on Sunday? Maybe Friday night? I am not actually sure - it was 15 years ago. Sorry but my memory is not that good. It might have been one of those days, the weekend before, the same weekend? I'm not really positive - it has been a long time. (That was the more.)

The funny thing, if you go back through my comments, I bet I've mentioned this program 100 times. LOL I'm not kidding. I've had people thanking me for telling them about it for years. I have no idea if any of them followed through. I am not kidding, I've probably pointed this out 100 times on Slashdot. Hell, I get moderated up for at least half of 'em. Someone's seeing it but almost every time I say something - someone new notices. So, I keep repeating. I have no idea if they follow up with ti, nothing. They say thanks. I looked and poked at it a couple of times back then.

That's the whole story and I do not have a vote of confidence to give you. I have no reason to distrust the code. There's everything I know. In a matter this serious, I can not nor would I accept accountability for an affirmative or negative answer about the certainty. I am not a lawyer, I am not your lawyer, you will be signing legally binding documents if you go through this process. Consult with a legal professional in your local jurisdiction prior to signing any legal documents.

That'll have to do. ;-) Sorry but that was ages ago and I went through it the MVP way, they opened at the same time. We were annoying, John was our lead, I remember that. I gave up partici

I am pretty sure I was physically present (more) for the announcement. I was a guest. I am that confident. So, whatever weight that carries, that's what it is. I can not say with any certainty that it was the wrong source. I would not say that certain to be the right source. I have zero way to prove that to you and I will not make the claim with any certainty nor give any appreciable input other than that. In fact, you can stop reading here.

But, I'm pretty certain. I know the people who were there. It was us, screaming at our leads, in the MVP program, that got the source opened up - and not the crazy guys with beards and spittle. You can see how it started...

https://www.microsoft.com/en-u...

You? You gotta sign shit and become a partner, or find another license to get into - they have a bunch there, OEM works for anyone. That's free, it's how you get to the NDA Just sign up as a partner, apply as an OEM. They'll give it to you as a system builder. You know how to build a computer? Congratulations, you're a registered parter with Microsoft and you're an OEM. Now, you can access it too! You gotta sign the NDA and that's about it, I think? I got it a slightly different way, I went through the MVP program and I'm assured they're the same thing. Unless you're an MVP, you have to do it the OEM way as a partner. It's free.

That's here:

https://www.microsoft.com/en-u...

(Click on OEM thingy and get started. I gotta mention this part again --> You gotta be a Partner to do that, it should help you get it set up.)

In there are directions to get the source code. Follow 'em. You gotta request one thing at a time, pretty much. You ask for specific code. They're not just going to send you all of Windows 7 just for shits and giggles. Just make something up and ask for it in small pieces? Eventually they'll tell you now? I don't know, they've never told me no. I haven't asked for anything in a *long* time. (It has been available for a long time. It's not open source - but you can see it. You can't do much else. You can see it.)

I have no reason to doubt the code, I want to say that I was in the room when it was announced. I'm actually not sure if it was there or in an email/mailing list. There were reporters. I think we might have heard about it the night before and it was announced at a press conference on Sunday? Maybe Friday night? I am not actually sure - it was 15 years ago. Sorry but my memory is not that good. It might have been one of those days, the weekend before, the same weekend? I'm not really positive - it has been a long time. (That was the more.)

The funny thing, if you go back through my comments, I bet I've mentioned this program 100 times. LOL I'm not kidding. I've had people thanking me for telling them about it for years. I have no idea if any of them followed through. I am not kidding, I've probably pointed this out 100 times on Slashdot. Hell, I get moderated up for at least half of 'em. Someone's seeing it but almost every time I say something - someone new notices. So, I keep repeating. I have no idea if they follow up with ti, nothing. They say thanks. I looked and poked at it a couple of times back then.

That's the whole story and I do not have a vote of confidence to give you. I have no reason to distrust the code. There's everything I know. In a matter this serious, I can not nor would I accept accountability for an affirmative or negative answer about the certainty. I am not a lawyer, I am not your lawyer, you will be signing legally binding documents if you go through this process. Consult with a legal professional in your local jurisdiction prior to signing any legal documents.

That'll have to do. ;-) Sorry but that was ages ago and I went through it the MVP way, they opened at the same time. We were annoying, John was our lead, I remember that. I gave up partici

Uhm, he works for them, of course his biased, and he has astroturfed for them all along.

https://mvp.microsoft.com/en-u...

Or his linked in profile, or anything else as simple google result shows, which is what should have been done if you see his last name and an article touting a Russian name on a website in America (simply because Russians typically use Russian websites just like Americans typically use American websites).

Its just slashdot and timothy is a fucking moron who's too stupid to catch these sort of things.

https://social.msdn.microsoft....

First useful google hit for me. There are many more. \\?\ and you're good.

processexplorer? http://technet.microsoft.com/e... Apologies if you tried that. Other utilities are available too.

enterprise users can turn off telemetry.

You can set your organization’s devices to use 1 of 4 telemetry levels:
Security (only available on Windows 10 Enterprise, Windows 10 Education, and Windows 10 IoT Core (IoT Core) editions)
Basic
Enhanced
Full

But what is the Security level? It doesn't suggest that it's an equivalent of Off. Looking further into the Microsoft link you provided, you can see what the Security level is.

It includes 3 classes of data:

Connected User Experience and Telemetry component settings (which cannot be shut off)
Malicious Software Removal Tool (which you can turn off somehow)
Windows Defender (which you can turn off somehow)

I find it horrible that the setting with the word Telemetry cannot be disabled. YMMV.

INCORRECT! And you made me log in.

http://download.microsoft.com/...

This is the Government Security Program, through which they release the source code of Windows versions to governments around the world, obviously including USG, but also including Russia. Windows 10 isn't on this list at the moment, but 8.1 and 7 are, and one is pretty safe in assuming that nothing of note has changed here, and DoD will have full source code access JUST AS THEY ALWAYS HAVE.

Further, they often DO get customizations to their deliverables, so it's almost ASSURED that their version won't be the same that the rest of us have access to. In FACT the article even explicitly mentions that its ENTERPRISE in the first place- you know, the version you can't buy, because you aren't a corporation and therefore have no expectation of privacy. Even enterprise seems to still have issues with chatting, but it's the ONLY version (unlike, say, Pro) where you can in THEORY set telemetry to "none".

So BOTH points are correct- the government won't be using the same version as "us plebes" (for two reasons) and ALSO they will have source code.

And for making me log in, lemme second the "go shill on Ars" guy. Good grief.

I spent this morning trying to delete an empty folder on our production Windows Server 2012 R2. Unfortunately, "The action can't be completed because the folder or a file in it is open in another program". Are you, or do you know any of those fabled "people who know what they're doing", because there are apparently none at Microsoft, since microsoft.com suggests to reboot the computer ....to delete a folder. I sure am glad they don't suggest to buy a new computer while I am at it.