When you get a call or notice from a collection agency, challenge the debt and ask for proof of the debt. If they cannot provide proof of the debt, they must stop hassling you. If they don't, call a lawyer and take them, and the original company, to court. It's a fucking hassle, but it's a slam fucking dunk if you get your shit together and handle it.
Highest priority: Chromecast Second highest priority: Different device
IFTTT is a messy, bloated way of doing the simplest of simple things. It's not surprising that Google's networking device uses it instead of regular, tried-and-true QoS and other features.
When will the morons in the media get it? Anonymous isn't an organized group. There is no central command, no inner circle to infiltrate. There are people who publicly label themselves "Anonymous", and there are many, many more who are Anonymous that you never see. It's in the fucking tagline - "We Are Legion".
I disagree. Having one account (with unique credentials) per service is more secure. Any fuckups are limited to the scope of that service. For a federated model, you have to trust the implementation of the IdP and the SP. Fuckups on the SP end (usually) don't result in major problems, but fuckups on the IdP end are a spectacle for the ages.
Oh look, the federated model fails yet again. Can the "single sign on" zealots be tarred and feathered yet?
"But federation works if you know what you're doing!" Sure, it (mostly) works IF there are people who know what they're doing and IF you pay them to do it and IF this is true at the end of both providers and IF you keep paying them to maintain it.
SCCM issues? Such as? It's trivial to select all inactive or non responsive clients and administratively push out the client again, forcing a reinstall to clear up any issues. The only thing that really needs more manual intervention on the client is fixing fucking WMI. Running Stop-Service winmgmt -Force; winmgmt/resetrepository from an elevated powershell window fixes that. If you've got issues within SCCM (as opposed to issues with the clients) then you're doing something wrong.
Users not logging out? Your maintenance window fixes that. The machine will install updates (if not already done outside the window) and restart. The users will be reminded of policy every they lose "work" (whatever shit they left open in the browser).
I don't see why you can't place a sticker next to the USB-C connector that has analog out.
So a little headphone logo next to the port? What about a mic logo? Does it work with my in-line microphone? Does it support surround sound? I mean, if we're replacing audio ports with USB-C, we can get red of 6 audio ports with one USB-C port, can't we? That's the whole point, to get rid of those ports? And once those ports are gone, your 7.1 setup will need to plug into something. So we need at least 7.1 audio via analog pins.
Where would we fit the logo (or logos)? Below the super speed plus ( SS+ {- ) logo? Above the charging port (lightning bolt) logo? To the left of the Thunderbolt logo? Wait, that's also a lightning bolt. Can we go back to the old battery logo for the USB charging port? Did we ever make that official? No? Uh, we're still telling people to make those yellow, right? How does that look for the USB C connector? Not good at all? And we can't actually use it as a charging port once we pass it off to the OS, right? And we can't indicate which one port has been set to be a charging only port in the BIOS/UEFI, thus making it work as a charging-only port even in the OS? Clearly we need USB-D, with an LCD display for each port telling you WTF it is and WTF it's capable of. Get Samir on it!
I've said it before and I'll say it again. Intel is becoming the next IBM and they've got the pedal-to-the-metal.
What about AllowOSUpgrade in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\OSUpgrade ? This was the original, official way to control it. They then decided to ignore anyone who set AllowOSUpgrade to 0.
Then they put out the second piece you mention. The registry location for this is DisableOSUpgrade in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\WindowsUpdate. However the client needs a specific update installed for the setting to actually do anything. This update is not pushed out to WSUS servers, and thus is not pushed out to the majority of clients in a managed domain. It's only available via regular ass Windows Update. Further, there are no complete ADMX/ADML files available containing this definition so you can't set it via Group Policy Editor. They reluctantly put out updated ADMX/ADML files containing the definitions, but they were older, incomplete files. You have to take your existing policy definitions and manually merge the DisableOSUpgrade pieces into them.
<string id="DisableOSUpgrade_Title">Turn off the upgrade to the latest version of Windows through Windows Update</string>
<string id="DisableOSUpgrade_Help">Enables or disables the upgrade to the latest version of Windows through Windows Update.
If you enable this setting, Windows Update will not offer you an upgrade to the latest version of Windows.
If you disable or do not configure this setting, Windows Update might offer an upgrade to the latest version of Windows.</string>
If you already have one of the GWX updates installed you're fucked. DisableOSUpgrade didn't come about until hundreds of millions of machines had already been infected with GWX.
The DisableGWX piece you mention is the official way to suppress the GWX dialog. It does NOT remove GWX, it merely hides the popup. Anyone who has GWX still has it, and likely still has Windows 10 downloaded. The upgrade procedure can be initiated without the GWX dialog.
On top of all this, they bundled Windows 10 ads into an IE security update. The ads allow users to initiate the update process, regardless of DisableGWX, DisableOSUpgrade, or AllowOSUpgrade. The only thing saving you here is making sure users do not have the privileges to run the EXE located at http://www.microsoft.com/en-us... . I believe this installer will look for the Windows 10 installer in the default download location that GWX uses the same way the official "Media Creation Tool" for clean installation does.
This means that if a machine had GWX at one point (and most Windows 7 machines have had it), it likely already downloaded Windows 10. Nothing you mentioned removes GWX or the Windows 10 download. A privileged user running IE will see a Windows 10 ad. In 3 clicks and just a few seconds, they can install Windows 10.
If your machines require a "nightly maintenance window", maybe that's a sign that your OS isn't all it's cracked up to be.
Not necessarily. You don't want ~80,000 Windows systems updating at the same time. It's better to spread out the load over the course of a week.
creimer, creimer, creimer...
80,000 Windows machines updating at the same time is nothing. If you're managing these machines, you're using SCCM+WSUS or a similar 3rd-party suite. They all have a staging step where shit is downloaded to the client before the installation time. In an SCCM+WSUS environment, you first sync your server with the MS catalog plus any other 3rd party catalogs if you're also using Update Manager, then you create a software update group containing those updates, then you deploy them to various groups using various rules regarding the user's interaction with the process, along with an installation deadline. Deployed updates are published to your distribution point(s). In a large environment you would have multiple sites or at least multiple distribution points.
The clients then, on their own schedule, with offsets, contact the site server and ask for their policy and check to see if any updates apply to them. They then see the new updates, see which distribution point they're on, and download them. Depending on what level of user interaction you chose, the user will see a balloon notification stating that software changes are required and are being downloaded. They can click the icon in the system tray to view details, install now, or schedule installation. If they don't, the installation behavior set up in the deployment takes effect when the installation deadline you configured hits. Things can install, install and restart, or wait for the maintenance window. You can specify any maintenance window you want, such as 2 AM daily, noon every Saturday, or whatever. You can specify multiple maintenance windows. Each collection of computers can have their own set of maintenance windows. Users can specify their own window, if you let them, by specifying the times they work and times they don't.
All of this can be automated quite easily. The end result is on patch Tuesday you automatically sync with the MS catalog sometime around noon (after they put shit up), a bit later you automatically create the software update groups, download the updates, and publish them, some time later clients fetch the updates from your various distribution points, or an alternative download location if their regular DP happens to be down, and some time after that clients are prompted to install them or schedule the installation. If they hit the deadline shit happens regardless or is scheduled for the next maintenance window, depending on what you told it to do. When the maintenance window hits, any remaining tasks, such as installation or restarts happen.
Getting 80,000 machines to do this at once isn't an issue. They pull the downloads from local DPs using BITS. You can set bandwidth limits on BITS if you want, but it's already at background priority and clients download at staggered times from whichever DP is most available (or you specifically told it to use). This all goes down transparently over your LAN. You only download one copy of each patch over your internet connection.
If you don't want to pay for SCCM, WSUS is free and will give you much of the same benefit.
Under Windows 10, you can only postpone updates for so long. After some unknown amount of time, they are forced upon you, regardless of what you are doing.
Microsoft released a statement at the time, which read in part, “Customers continue to be fully in control of their devices, and can choose to not install the Windows 10 upgrade or remove the upgrade from Windows Update (WU) by changing the WU settings.”
Ignore lists are found on just about every SJW site. Revently, Twitter and Reddit both added/extended tools for SJWs to ignore users who don't agree with them.
To quote someone, "If you're trying to design a hammer that can turn screws, it's time for you to put the hammer down and go get a screwdriver.". OK, it's not an exact quote, but I can't do justice to the interspersed expletives in the original.
You could do the quote justice if you had more emojis.
Wrap your shit in <tt></tt> to monospace it on Slashdot.
I haven't found a way to prevent spaces from collapsing, but I didn't try much (perhaps there's a non-printable entity that Slashdot doesn't filter out).
When you get a call or notice from a collection agency, challenge the debt and ask for proof of the debt.
If they cannot provide proof of the debt, they must stop hassling you. If they don't, call a lawyer and take them, and the original company, to court.
It's a fucking hassle, but it's a slam fucking dunk if you get your shit together and handle it.
Tons of people bought this watch.
I have never seen one in the wild, however.
My prediction of Intel becoming IBM is coming true much faster than I expected.
I doubt it'll be hard for him to find someone who's hot to trot.
Covered on Slashdot back on May 29
Do you mean it will be covered tomorrow, or did you mean March 29?
Dat May in April feeling.
Highest priority: Chromecast
Second highest priority: Different device
IFTTT is a messy, bloated way of doing the simplest of simple things. It's not surprising that Google's networking device uses it instead of regular, tried-and-true QoS and other features.
When will the morons in the media get it? Anonymous isn't an organized group. There is no central command, no inner circle to infiltrate. There are people who publicly label themselves "Anonymous", and there are many, many more who are Anonymous that you never see. It's in the fucking tagline - "We Are Legion".
You are all Indian laser walls. Beep! Beeeeeep goes the Indian laser wall every Pakistan releases sacred cows at the border. Beep!
So simple one of the largest IdPs fucked it up royally.
I disagree. Having one account (with unique credentials) per service is more secure. Any fuckups are limited to the scope of that service.
For a federated model, you have to trust the implementation of the IdP and the SP. Fuckups on the SP end (usually) don't result in major problems, but fuckups on the IdP end are a spectacle for the ages.
8004100E is the WMI issue. /resetrepository
Run
Stop-Service winmgmt -Force; winmgmt
from an elevated powershell window, then reinstall the client.
The rebooting issue isn't an issue with SCCM or even the users. That in no way supports your initial
You don't want ~80,000 Windows systems updating at the same time.
claim.
Oh look, the federated model fails yet again.
Can the "single sign on" zealots be tarred and feathered yet?
"But federation works if you know what you're doing!" Sure, it (mostly) works IF there are people who know what they're doing and IF you pay them to do it and IF this is true at the end of both providers and IF you keep paying them to maintain it.
SCCM issues? Such as? It's trivial to select all inactive or non responsive clients and administratively push out the client again, forcing a reinstall to clear up any issues. The only thing that really needs more manual intervention on the client is fixing fucking WMI. Running Stop-Service winmgmt -Force; winmgmt /resetrepository from an elevated powershell window fixes that.
If you've got issues within SCCM (as opposed to issues with the clients) then you're doing something wrong.
Users not logging out? Your maintenance window fixes that. The machine will install updates (if not already done outside the window) and restart. The users will be reminded of policy every they lose "work" (whatever shit they left open in the browser).
The "crap" they put in GPUs is just a digital pipe.
I don't see why you can't place a sticker next to the USB-C connector that has analog out.
So a little headphone logo next to the port?
What about a mic logo? Does it work with my in-line microphone?
Does it support surround sound? I mean, if we're replacing audio ports with USB-C, we can get red of 6 audio ports with one USB-C port, can't we? That's the whole point, to get rid of those ports? And once those ports are gone, your 7.1 setup will need to plug into something. So we need at least 7.1 audio via analog pins.
Where would we fit the logo (or logos)?
Below the super speed plus ( SS+ {- ) logo? Above the charging port (lightning bolt) logo? To the left of the Thunderbolt logo? Wait, that's also a lightning bolt. Can we go back to the old battery logo for the USB charging port? Did we ever make that official? No? Uh, we're still telling people to make those yellow, right? How does that look for the USB C connector? Not good at all? And we can't actually use it as a charging port once we pass it off to the OS, right? And we can't indicate which one port has been set to be a charging only port in the BIOS/UEFI, thus making it work as a charging-only port even in the OS? Clearly we need USB-D, with an LCD display for each port telling you WTF it is and WTF it's capable of. Get Samir on it!
I've said it before and I'll say it again. Intel is becoming the next IBM and they've got the pedal-to-the-metal.
Wrong.
USB device poses as a keyboard and starts opening terminals and running commands shit the moment you plug it in.
What about AllowOSUpgrade in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\OSUpgrade ?
This was the original, official way to control it. They then decided to ignore anyone who set AllowOSUpgrade to 0.
Then they put out the second piece you mention. .
The registry location for this is DisableOSUpgrade in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\WindowsUpdate
However the client needs a specific update installed for the setting to actually do anything. This update is not pushed out to WSUS servers, and thus is not pushed out to the majority of clients in a managed domain. It's only available via regular ass Windows Update. Further, there are no complete ADMX/ADML files available containing this definition so you can't set it via Group Policy Editor. They reluctantly put out updated ADMX/ADML files containing the definitions, but they were older, incomplete files. You have to take your existing policy definitions and manually merge the DisableOSUpgrade pieces into them.
<string id="DisableOSUpgrade_Title">Turn off the upgrade to the latest version of Windows through Windows Update</string>
<string id="DisableOSUpgrade_Help">Enables or disables the upgrade to the latest version of Windows through Windows Update.
If you enable this setting, Windows Update will not offer you an upgrade to the latest version of Windows.
If you disable or do not configure this setting, Windows Update might offer an upgrade to the latest version of Windows.</string>
<policy name="DisableOSUpgrade_Title" class="Machine" displayName="$(string.DisableOSUpgrade_Title)" explainText="$(string.DisableOSUpgrade_Help)" key="Software\Policies\Microsoft\Windows\WindowsUpdate" valueName="DisableOSUpgrade"> /> /> /> />
<parentCategory ref="WindowsUpdateCat"
<supportedOn ref="WU_SUPPORTED_Windows7_Or_Win81Update"
<enabledValue>
<decimal value="1"
</enabledValue>
<disabledValue>
<decimal value="0"
</disabledValue>
</policy>
If you already have one of the GWX updates installed you're fucked. DisableOSUpgrade didn't come about until hundreds of millions of machines had already been infected with GWX.
The DisableGWX piece you mention is the official way to suppress the GWX dialog. It does NOT remove GWX, it merely hides the popup. Anyone who has GWX still has it, and likely still has Windows 10 downloaded. The upgrade procedure can be initiated without the GWX dialog.
On top of all this, they bundled Windows 10 ads into an IE security update. The ads allow users to initiate the update process, regardless of DisableGWX, DisableOSUpgrade, or AllowOSUpgrade. The only thing saving you here is making sure users do not have the privileges to run the EXE located at http://www.microsoft.com/en-us... . I believe this installer will look for the Windows 10 installer in the default download location that GWX uses the same way the official "Media Creation Tool" for clean installation does.
This means that if a machine had GWX at one point (and most Windows 7 machines have had it), it likely already downloaded Windows 10. Nothing you mentioned removes GWX or the Windows 10 download. A privileged user running IE will see a Windows 10 ad. In 3 clicks and just a few seconds, they can install Windows 10.
Yo
If your machines require a "nightly maintenance window", maybe that's a sign that your OS isn't all it's cracked up to be.
Not necessarily. You don't want ~80,000 Windows systems updating at the same time. It's better to spread out the load over the course of a week.
creimer, creimer, creimer...
80,000 Windows machines updating at the same time is nothing. If you're managing these machines, you're using SCCM+WSUS or a similar 3rd-party suite. They all have a staging step where shit is downloaded to the client before the installation time. In an SCCM+WSUS environment, you first sync your server with the MS catalog plus any other 3rd party catalogs if you're also using Update Manager, then you create a software update group containing those updates, then you deploy them to various groups using various rules regarding the user's interaction with the process, along with an installation deadline. Deployed updates are published to your distribution point(s). In a large environment you would have multiple sites or at least multiple distribution points.
The clients then, on their own schedule, with offsets, contact the site server and ask for their policy and check to see if any updates apply to them. They then see the new updates, see which distribution point they're on, and download them. Depending on what level of user interaction you chose, the user will see a balloon notification stating that software changes are required and are being downloaded. They can click the icon in the system tray to view details, install now, or schedule installation. If they don't, the installation behavior set up in the deployment takes effect when the installation deadline you configured hits. Things can install, install and restart, or wait for the maintenance window. You can specify any maintenance window you want, such as 2 AM daily, noon every Saturday, or whatever. You can specify multiple maintenance windows. Each collection of computers can have their own set of maintenance windows. Users can specify their own window, if you let them, by specifying the times they work and times they don't.
All of this can be automated quite easily. The end result is on patch Tuesday you automatically sync with the MS catalog sometime around noon (after they put shit up), a bit later you automatically create the software update groups, download the updates, and publish them, some time later clients fetch the updates from your various distribution points, or an alternative download location if their regular DP happens to be down, and some time after that clients are prompted to install them or schedule the installation. If they hit the deadline shit happens regardless or is scheduled for the next maintenance window, depending on what you told it to do. When the maintenance window hits, any remaining tasks, such as installation or restarts happen.
Getting 80,000 machines to do this at once isn't an issue. They pull the downloads from local DPs using BITS. You can set bandwidth limits on BITS if you want, but it's already at background priority and clients download at staggered times from whichever DP is most available (or you specifically told it to use). This all goes down transparently over your LAN. You only download one copy of each patch over your internet connection.
If you don't want to pay for SCCM, WSUS is free and will give you much of the same benefit.
Under Windows 10, you can only postpone updates for so long. After some unknown amount of time, they are forced upon you, regardless of what you are doing.
Microsoft released a statement at the time, which read in part, “Customers continue to be fully in control of their devices, and can choose to not install the Windows 10 upgrade or remove the upgrade from Windows Update (WU) by changing the WU settings.”
Bulllllllllllllllllllllllllllllshit!
Ignore lists are found on just about every SJW site. Revently, Twitter and Reddit both added/extended tools for SJWs to ignore users who don't agree with them.
I hope both Trump and Sanders run as independents against Hillary and whatever "fuck you, Trump" option the GOP decides to go with.
To quote someone, "If you're trying to design a hammer that can turn screws, it's time for you to put the hammer down and go get a screwdriver.". OK, it's not an exact quote, but I can't do justice to the interspersed expletives in the original.
You could do the quote justice if you had more emojis.
Seriously, buzzfeed? I'd rather hear from Our Frequent Contributor than see a ./ story that sources buzzfeed.
Bennett Haselton
Bennett Haselton
Bennett Haselton
?
Wrap your shit in <tt></tt> to monospace it on Slashdot.
I haven't found a way to prevent spaces from collapsing, but I didn't try much (perhaps there's a non-printable entity that Slashdot doesn't filter out).