On Friday, July 29, 2016 at 4:40:52 PM UTC-4, Roy wrote:
How do they get on an Apple machine if not by being downloaded? For
decades now you could have updates downloaded and installed automatically
by Windows if you choose. I don't see how what Apple does could be different than that.
There are valid reasons why you don't want updates installed automatically.
Even MSFT recognizes that, because they allow enterprise customers to
avoid automatic updates on Win 10. I know they can delay them for
months at least,
if not avoid them all together. While it's not common any more for updates
to screw up something, it can and does still happen. Just like business,
some home users prefer to decide when to have a PC update itself. Many
people use home PCs for business too. If you knew you had an important
Skype video conference with a client, your boss, etc tomorrow at 9AM, would
you want your PC to apply some updates at 5AM? I have a friend who is
an author and uses his PC to write books. He's not super PC savvy, had
auto updates set on and he's one of the many people who got slammed with
Win 10. He went to use his PC and instead of the familiar Win 7 interface,
unexpectedly he was faced with Win 10. So now it was spend whatever time
it takes right now to figure out how to use it, regardless of his needs
and schedule. He called up MSFT irate, and they
told him it was $120 to talk to a tech, no other help. He gave them a
CC, got through to a tech in India, who stepped him through putting it
back to Win 7. Then he kept complaining, got a supervisor and finally
a supervisor cancelled the charge. The tech told him he had many calls
like his. And how did he get slammed? By having it set to auto update.
Also, if you want to be very cautious, before applying updates you would
want to make a backup of the system, so that if it does cause problems,
you know you have an almost 100% and quick solution. Those are some of
the reasons I have always had my PC set to notify me of updates, but let
me choose which ones to download and install. That is how I avoided getting
slammed with Win 10 until I was ready.
Some people are so damned impatient. My dumb neighbor who still runs XP wouldn't accept any updates for years and his computer was and is a friggin' mess all of the time.
I agree not installing updates at all is foolish, but that is different
than controlling when and which updates get installed.
Depends on your needs. We have an XP machine at work and it has never
been upgraded. It is not connected to the internet, does not use email
and runs two programs that monitor some equipment. It has 2 hard drives
plus I have a spare.
On 07/30/2016 08:39 AM, Ed Pawlowski wrote:
I have an old machine (166MHz Pentium, 128MB RAM) That's running Windows
2000 (I have a friend who likes Spider Solitaire, which won't run on
9x). This machine does have a limited lifetime considering that it
requires a hard disk smaller than 8.4GB.
On Thu, 28 Jul 2016 11:10:43 -0400, Ralph Mowery wrote:
This might save a bit of time on occaision, but is generally not
recommended unless you are deliberately installing software.
If there ever is a new exploit discovered (in Windows itself, Windows
programs like IE or Office apps, Adobe programs, etc.), your admin
session may much more easily install malware. And let's face it, hackers
discover such security problems on a regular basis and there is always a
delay before corrective fixes are developed and distributed.
If you have a habit of using a user-level account, you will usually (at
least sometimes) get a dialogue box asking if you want to "make changes
to the system". If you are running a session with admin permissions, you
will often see nothing to indicate that you have been hacked. If you are
lucky, you might get a command window that comes up and dissapears
before you can read it.
To Ralph: Thanks for that description. It's the first
detailed review of Win10 software compatibility I've seen.
| If there ever is a new exploit discovered (in Windows itself, Windows
| programs like IE or Office apps, Adobe programs, etc.), your admin
| session may much more easily install malware. And let's face it, hackers
| discover such security problems on a regular basis
Yes, and most of them bypass file restrictions.
That's part of what makes them exploits. If you
want to wear a helmet to take a walk that's up
to you. It may make you a bit safer. Before you
tell other people to wear a helmet you need to
know what you're talking about.
I always run with no restrictions. I haven't used
AV for years. I wouldn't touch things like MalwareBytes.
I've never had malware. Why? Because I avoid enabling
installed, I don't install anything from Adobe, and I
don't have Java installed. Nearly all malware from
exploits Flash or Acrobat Reader plugins. Much of it
exploits MS Office programs.
There's no reason for using Adobe products or MS
Office, with the exception that some might have to use
MS Office for work. Even then, you can be careful
about MSO file extensions. You don't have to cripple
the system to do that. Just be careful.
lackey mode with file restrictions, then you're walking
around with a helmet while staring at your cellphone:
You'll almost certainly be run over sooner or later. In
the meantime you're saddled with that uncomfortable
Me, also. It's called Linux and I run all that stuff you decry. I
also run NoScript, which kills all client-side scripts (java,flash,etc) at yer
browser. I can also visit those web-sites you warn against. No so,
On Thursday, July 28, 2016 at 10:29:09 AM UTC-6, Mayayana wrote:
You and your computer must live a dull life with few risks to make your heart beat faster as the predators close in on you.
Being super safe also excludes one from the joys of "Flash" and "Java" and all that they entail.
Just an observation...not a criticism as such.
| You and your computer must live a dull life with few risks to make your
heart beat faster as the predators close in on you.
| Being super safe also excludes one from the joys of "Flash" and "Java" and
all that they entail.
I guess that's one way of looking at it. I wouldn't
want Flash even if it were safe. I don't like things
jumping and moving on the page when I'm trying to
read. I don't like slideshows that I can't shut off,
videos running that I didn't start, or windows popping
up that I didn't ask for. If I want to watch Saturday
morning cartoons I'll turn on the TV. :)
I can't imagine why you need Java. It's rare these
days. Very few people need it.
| > I can't imagine why you need Java. It's rare these
| >days. Very few people need it.
| In the business world there is a LOT of Java aplications that just
| plain will not work without the version of java they were programmed
| with, or higher.
Yes. On corporate intranets. I meant for
browsers on the Internet.
So did I.
In the insurance office where I spend every morning, the majority of
the "portals" we access across the internet are java apps. These
"portals" are insurance company websites from all over Canada (and a
few in the USA)
| > Yes. On corporate intranets. I meant for
| >browsers on the Internet.
| So did I.
| In the insurance office where I spend every morning, the majority of
| the "portals" we access across the internet are java apps. These
| "portals" are insurance company websites from all over Canada (and a
| few in the USA)
That's still corporate/business usage, even if it's not
intranet. In general, people visiting websites online do
not need Java and have not for many years. Java is
big, but mostly it's used in business for in-house applets.
You just happen to be accessing one of those remotely.
On Thu, 28 Jul 2016 12:28:22 -0400, Mayayana wrote:
I don't install Flash, Adobe PDF reader, or Java as well. JS is enabled
in FF; but not with IE. (If fact, I try not to use IE at all.)
But some exploits are directly in Windows itself. Unless you are
constantly installing software, I cannot see where the extra user-level
dialog boxes (the ones that ask for an admin password) cause enough
bother to offset the protection they can sometimes provide.
| I don't install Flash, Adobe PDF reader, or Java as well. JS is enabled
| in FF; but not with IE. (If fact, I try not to use IE at all.)
| But some exploits are directly in Windows itself.
I don't know what you mean. Do you mean like
attacks in email? That should also be blocked by
disabling script, HTML and remote linking in email.
Of course there could be attacks through
attachments. I sometimes get booby-trapped ZIP
files. One just needs to be careful. When the email is
from "Bridgette Wong", whom I've never heard of,
and the subject is "your contract", then I look at
the email as source code before opening it. :) I
also tell friends to write *something* in the email if
they expect me to open an attachment, so that I
know that they know they sent it.
I don't know what other kinds of exploits might
be "in Windows itself". It has to come from somewhere
outside: webpage, download, email, USB stick with
auto-run enabled, etc.
Most problems are with those Web-connected
programs. And those problems are nearly all related
ago there was a bug in gdiplus.dll that allowed
attacks via corrupted JPG files. That actually required
a Windows update to fix. But those problems are rare.
| Unless you are
| constantly installing software, I cannot see where the extra user-level
| dialog boxes (the ones that ask for an admin password) cause enough
| bother to offset the protection they can sometimes provide.
I don't like distractions and obstacles, especially
when they're unnecessary. As I said, I've never
had a problem, so the hassle would not be providing
protection. It would be like putting kiddie locks on all
of my kitchen cabinets. They'd drive me crazy, and
no kids live here.
For friends who don't know how to be careful
I install AV. That should let them know if something
tries some funny business. And I warn them about
email attachments. Even for them, lackey mode
seems like overkill to me. It's mainly designed to keep
corporate employees from doing anything they don't
have permission to do. One case of the OS telling me
I don't have permission to access a file is one case too
many of idiotic obstacles, from my point of view.
And as I pointed out above, most exploits that work
are now designed to bypass restrictions.
There are pros and cons to both sides of the argument.
The problem is that the pro-restriction side always talks
like their view is simply right. It's not "right". It's one
approach, which is designed primarily for corporate
customers. In recent years it's also become the norm in
general usage, due to 3 dovetailing causes:
1) Corporate IT people only know the admin/lackey model
and tend to advise about what they know.
2) Security online has become more of a problem.
3) Microsoft want to close down control of the system in
order to sell services. Causes #1 and #2 provide them with
a perfect excuse to move in that direction, with Microsoft
essentially becoming your IT admin/boss. They can access
files that you can't. Restrictions also help MS to reduce
tech support costs. If you can't touch anything but your
own DOC files then you can't break anything and therefore
won't be calling MS to get it fixed.
Windows 10 is very gradually moving toward being
interactive TV, selling you services while spying on
you and showing you ads. The widespread fallacy that
it's not safe to allow yourself access to your own
computer is helping them to achieve that.
So all I'm advocating is a reasoned approach. If you
want to run restricted that's fine. If you want a
governor on your car speed, or a protective grille around
your stove burners, or complex blade guards on your
table saw, or grab bars in your shower (as someone was
talking about above)... All those things could make some
sense. But that's not the same as saying everyone
should do what you do.
HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.