Microsoft Backtracks On 'Nasty Trick' Upgrade To Windows 10

Reader Raging Bool writes: Days after angering many users with its so-called "nasty trick", Microsoft has reversed its crazy decision to infuriate users by upgrading them to Windows 10 automatically. Users were angry that clicking the cross to dismiss the box meant that they had agreed to the upgrade. Based on "customer feedback", Microsoft said it would add another notification that provided customers with "an additional opportunity for cancelling the upgrade". Microsoft told the BBC it had modified the pop-up as a result of criticism: "We've added another notification that confirms the time of the scheduled upgrade and provides the customer an additional opportunity for cancelling or rescheduling the upgrade. If the customer wishes to continue with their upgrade at the designated time, they can click 'OK' or close the notifications with no further action needed."

Re:Malware trick

[JohnFen]

Unlike with Windows 10, with Windows 7 you actually can remove the spyware. Check out this link: https://www.reddit.com/r/pcmas...

Re:Malware trick

[Gr8Apes]

In short, install W7 from a known "clean" source, as much as that exists, and then manually download and update only those pieces that you deem necessary. There's a list out there somewhere with what you need.

While I may be flippant above, it actually is the right answer for 99% of windows users, including most admins. If you're running any still supported windows, you will need to expend significant effort to ensure that you are both "safe"* and not subject to those "bad" updates.

I say this from the POV of someone that has gone through that process with NT/2K/XP/2003/2008/2008R2 in stripping down the OS to only what was needed, removing large amounts of useless (to me) and insecure components and only keeping those that were needed updated. The first step in any of these processes is to remove Windows Update entirely from the system. The second is download all updates you need. If you're lucky, a service pack can be used and then stripped down post install. In others, be prepared for a couple of days of fun getting everything packaged up. Slipstreaming an install disk used to be the way to go. With the latter few OSes we didn't have to install much, because those were appliances that were heavily restricted and cordoned off from just about everything with only 2 services really available. Keeping up with the updates is a different story though, that's almost a full time job.

* "safe" means you have the updates necessary for security for those components you have running, as much as windows can be made "safe". You'll note elsewhere that my opinion on windows (in)security can be summed up as "a castle built on sand". Everything you code in windows has to design around the masked security tokens they use, where each process must have a maximum permission token for the process with permissions masked for anything you wish to reduce. There is no permission elevation, only removal of mask(s). This is why every buffer exploit in windows is a potential System level process, since just about every process starts with System when it's spawned.