Slashdot Mirror
Ask Slashdot: How Will You Handle Microsoft's New 'Cumulative' Windows Updates? (slashdot.org)
Microsoft's announced they'll discontinue "individual patches" for Windows 7 and 8.1 (as well as Windows Server 2008 R2, 2012, and 2012 R2). Instead they'll have monthly "cumulative" rollups of each month's patches, and while there will be a separate "security-only" bundle each month, "individual patches will no longer be available." This has one anonymous Slashdot reader asking what's the alternative:
We've read about the changes coming to Windows Update in October 2016... But what happens when it's time to wipe and reload the OS? Or what about installing Windows on different hardware? Admittedly, there are useful non-security updates worth having, but plenty to avoid (e.g. telemetry).
How does one handle this challenge? Set up a personal WSUS box before October to sync all desired updates through October 2016? System images can work if you don't change primary hardware, but what if you do? Or should one just bend the knee to Microsoft...?
Should they use AutoPatcher? Switch to Linux? Or just disconnect their Windows boxes from the internet... Leave your answers in the comments. How do you plan to handle Microsoft's new 'cumulative' Windows Updates?
How does one handle this challenge? Set up a personal WSUS box before October to sync all desired updates through October 2016? System images can work if you don't change primary hardware, but what if you do? Or should one just bend the knee to Microsoft...?
Should they use AutoPatcher? Switch to Linux? Or just disconnect their Windows boxes from the internet... Leave your answers in the comments. How do you plan to handle Microsoft's new 'cumulative' Windows Updates?
I run Linux. I keep a Windows system around for minor software that needs it, but I don't put sensitive information on it like mail or personal data.
Linux is your partner. Microsoft is your master. Choose wisely.
Sometimes the "writing on the wall" is blood spatter...
I kept Windows 7 to update my GPS maps, but I boot 99.9% of the time in Debian.
Since tye year 2000 times I had tried different Linux distros but never had enough motivation to leave windows.
Windows 10 provided enough stimulus.
After using Linux for 18 or so years, I think it's time to switch back to Windows..... actually, nah.
My wife's photography business currently runs on Windows 7. We can't accept the risk of Microsoft screwing up her production environment (Photoshop + Lightroom).
For now, we're going to stop installing Windows updates, and cross our fingers.
Once that starts seeming too risky, I'll look into moving Windows into a VM with limited Internet access, or we'll migrate to using a Mac for the photo editing.
Neither option is appealing. I haven't yet figured out how difficult it will be to get monitor color-calibration right if Windows is running on a VM inside Linux. And sufficiently powerful Macs are painfully expensive.
I'll be curious to see if Microsoft's overall strategy from the past year is going to pay off for them. They're literally driving previously satisfied customers into their competitors' arms.
Appy app apps guy is right - the future in everyone's mind is Apps, not some LUDDITE desktop application or "pre-App web app" -- but I think Microsoft is really dismissing how much legacy code is out there and is broken by various updates. I do systems integration work with an end user desktop focus, and there are _so many_ crappy IE-only, ActiveX or Java applet or Flash or Shockwave (!) monstrosities lurking in corporate IT shops everywhere. Most of it isn't even in-house developed - it was written by really expensive consultants who want another few million to modernize it.
It will be very interesting to see how they pull this off - whether there will be an exception for Enterprise, etc.
We'll see what happens, but for now I've taken the precaution of using WSUS Offline to download all updates as of today. If I ever need to install Windows 7 again I have my original disc (and backed up ISO on cloud storage) and I can use the update installer from WSUS Offline to apply the updates I downloaded without ever needing to put the computer on the Internet. (And yes, this tool lets you add specific updates to an exclusion list so that they don't get installed).
But is Apple installing telemetry and all sorts of crap that spies on their users? That's why people want to be able to pick and choose which updates they install. My feeling is the only reason MS is doing it this way is to get that telemetry onto all the computers that refused to install it.
It is so sad to see it come to such a painful end. I actually bought Windows 1.0 in my youth and have had a machine running a Windows version ever since. I did manage to skip the most disastrous versions (ME, Vista, Bob and friends) and as a result had a pretty good run. By Windows 7 it had finally become a stable workhorse OS that, for a time, served me well as its owner and master.
With Windows 8.x and then 10 it became evident that Windows as an OS no longer served me as its (paid and rightful) owner but instead answered to an increasingly malevolent master who was working against my will and interests. Its aim was nothing other than to harvest and sell me, my identity, my movements, my thoughts, my keystrokes, as a product like any other meat based commodity. I knew I could not in good conscious willingly give myself over to such abuses. I concluded that Windows 7 would be my last Windows and in my personal view was THE last Windows as I knew the product all these years, with the things that came after no longer sharing a common purpose with those that came before.
While corrupting the Windows brand was bad even more nefarious was to take the Windows 7 the I own now away from me. The tried heartily to wear me down with deceptive pop-ups and then with malicious corrupting patches but, through great effort, I diligently thwarted them all. Now it seems the end has come, my paid copy of Windows 7 Professional will be corrupted by force or left to wither and be ravaged by wild dogs and the NSA in what I personally view to be a heinous crime against all humanity.
As a long term Microsoft customer, the sentiment I now associate most with the company is betrayal.
I will apply all the patches that the vendor supplies in an automated way where possible and where not, as soon as is practical. While it is true that a vendor could screw up a patch, it is also true that my hard drive could die, malware could get on my system, an other hardware or software problem could corrupt my data, or I could just screw up and delete data myself.
To protect myself from any of these occurrences, I keep regular backups. I take these backups at a frequency similar to the amount of data I am willing to lose in the event of any failure (including "evil" actions on behalf of my OS vendor.) For me the frequency of backups is generally daily.
Note that I use the term OS vendor instead of Microsoft here, this because I run several computers with several operating systems (Microsoft, Linux(s), others) and I have had them all screw up a patch.
Since I have chosen not to write or personally review the source code for all the software I use (because I don't have that kind of time), I choose to outsource that work to several vendors, one of which is Microsoft. Yes, there are risks to running software from Microsoft (or any other vendor), Microsoft may not have my best interests in mind. However their software meets my needs and I have made the calculation that the value the software provides outweighs the risks.
I still consider Windows 7 as the best OS Microsoft ever made. As far as updates go I completely disabled them after the update gate fiasco. If you feel like me and had to disable windows updates because you can't trust them not to update your entire operating system then it's probably best to part ways, like a psychotic girlfriend that spies on your every move. Trust is a two way street. Once you break that trust the relationship can never be the same. Time for me to go back to Linux. As unrefined as it is, at least they're trying to do good things for their users instead of exploiting them. I'll never run a Mac OS or Google OS for the same reason. Microsoft didn't just cross the line, they got in a spaceship and flew light years past it at ludicrous speed.
Microsoft hotfixes were never "individual" in the first place.
There are two servicing branches for Windows. GDR and LDR. GDR is what used to go out on Windows Update. LDR is for changes that are considered more risky, and is a superset which also contains GDR changes. All changes are cumulative, per binary. Once you install an LDR fix, that binary stays on LDR branch until a service pack is applied.
At service pack time, GDR and LDR branches are merged.
There's no such thing as an "individual" Microsoft patch. All binaries are patched cumulatively; the only question is what cumulative version you have installed for a given binary.
All that's changed is that they don't want to actually document bugs that are fixed in the hotfixes in detail, and they want to force everyone to more or less the same patch level, because 90% of the time, customers having problems are running old bits that aren't being tested by Microsoft any more. There's an ongoing religious argument over "patch to the latest" vs "don't touch it to keep it stable". But in truth, if you hit a new, unfixed bug, and Microsoft created a new hotfix for you, or even if you just install the latest security update, you were always forced to accept all the cumulative changes between the patchlevel you were at, and the new hotfix you are installing. It's just that at the moment the heavy handed "force em to patch" faction has the upper hand at Microsoft now.
Ideas: (partly a re-post from Stop updating completely? Methods and comments)
1) Autopatcher and WSUS Offline Update: Use Autopatcher until Microsoft begins its new system of hiding even more completely what it is doing with its updates. Kvasio said to use WSUS Offline Update, another community driven solution.
Apparently Microsoft approves of WSUS Offline Update. This is from the Microsoft web site: Update Offline Virtual Machine with PowerShell and WSUS Offline Update: Part 1
Update Offline Virtual Machine with PowerShell and WSUS Offline Update: Part 2
2) Windows on an isolated network: Don't allow any Microsoft operating system to have a connection to the internet. Use Linux on a separate computer on a separate network for internet connections. Use Bluetooth to communicate between the Windows OS network and the Linux network.
For Microsoft, convincing people that Windows is buggy is profitable. An article I wrote last year, Microsoft Windows XP "end of life", makes the point that Microsoft fixed 319+828+459=1,606 bugs in Windows XP since Windows XP SP1 was released. Now Microsoft says Windows XP is still too buggy to use. We have 16 computers running Windows XP and haven't had any problems. And software does not have an "end of life", it continues to do what it always did.
Do secret government agencies pay for vulnerabilities? Why do Adobe Flash and the Windows operating system have so many vulnerabilities? Do Adobe Systems and Microsoft sell vulnerabilities to secret government agencies and fix them when they are publicly discovered?
Get serious about recognizing abuse. Quoting this comment, with modifications: We've seen Microsoft's continuous stream of lies and incompetence... including a number of "bugs" and "mistakes" that appear deliberate.
There a lot of complaints in this thread about this new *feature*, but hasn't the horse already escaped the barn? If you are using Windows, you are trusting them to do the right thing with your OS when you install it. How is this rolled up set of patches really going to change things? Either you trust them to do things right, or you go download *nix.
HA! I just wasted some of your bandwidth with a frivolous sig!
> Windows haters can do the same, in case it's over fake "security concerns" w.r.t. Windows 10, in which case, they need a one-way trip to Guantanamo Bay in order to learn what REAL invasion of privacy is. Fucking children.
You should probably look into what you agreed to send Microsoft in the EULA (hint: everything you ever do, say, everyone you know, who you communicate with, the contents of those communications, etc etc etc).
But keep going with that amazing comparison. You could write ad copy:
"Microsoft Windows: It's better than being detained indefinitely and tortured in a military prison on a communist island!"
That you have to compare a long term detainment and part time torture camp to the OS you bought and paid for shows just how Windows users will put up with anything. Ludicrous comparison to compare something you buy and pay for with indefinite detention.
As a counter for all the MS hate around here and all the Linux fans who think it will be taking over the world someday soon...
Windows 10 works just fine, I have it installed on over 20 computers, I've installed it on many more, it works very well...
I used Windows 7 the other day, it felt old all of a sudden, amazing when it felt so new just 7 years ago, but it is now out of date and the idea of staying on Win 7/8.1 is just not reasonable anymore...
Yes, you can use Linux if you want to, it has a purpose, but it won't be replacing Windows as the mass market desktop OS, well... ever...
Something else might, OS X could if Apple would licence it for use on other computers besides Macs, but really there isn't anything else for the mass market...
Linux.
This is a hacked account, for which the owner can not be held responsible.