“The large pop-up screen, which first appeared over the weekend, gives users the option of upgrading straight away or … that evening. Users can still opt out by clicking on the red ‘X’ in the top right corner of the window, but less savvy computer users (part of Redmond’s core market segments) might not figure that out.”
See Microsoft’s steps up Windows 10 nagging • The RegisterOh, the memories M$’s nagging dredges up. In the old days it was BSODs and missing this that or the other. Now, it’s “Home invasion! Ready or not, here we come!”. The last time I saw such a message, I installed Debian GNU/Linux on the thing that same day. I really love an OS that does its job and stays out of my way. I love Debian GNU/Linux.
We’ve been here a while – search
Tags
- 2015 - Year of the GNU/Linux Desktop
- Acer
- adoption
- AMD
- android
- Apple
- ARM
- China
- cloud
- Debian
- Dell
- desktop
- education
- firearms
- FLOSS
- food
- garden
- GNU/Linux
- government
- HP
- hunting
- Intel
- LibreOffice
- Linux
- market share
- migration
- politics
- renewable energy
- Samsung
- security
- server
- small cheap computers
- smart phone
- software-patents
- Solo EV
- tablets
- that other OS
- thin client
- thin clients
- trolls
- Trumpism
- Ubuntu
- uptake
- weather
My Mission
My observations and opinions about IT are based on 40 years of use in science and technology and lately, in education. I like IT that is fast, cost-effective and reliable. My first use of GNU/Linux in 2001 was so remarkably better than what I had been using, I feel it is important work to share GNU/Linux with the world. Now that I'm retired I still use GNU/Linux on every computer in my home except the smartphones which run Android/Linux.Lately, I've been giving lots of thought to the world I inherited and which I will leave to my descendants. I'm planting grass, trees, flowers and vegetables in my large lot and I've ordered a Solo EV. I plan to charge my Solo by means of a tracking solar array. Life is good if you have a purpose. I do.
Outlinks
Posts
No, wait, I admit, it has to be extraordinarily difficult to force a Gnu/Debian/Android/Chrome/FOSS/FLOSS/Linux … I forget the nom du jour on this one … desktop or tablet or even server into a boot via Grub.
Gosh, Dog-Brain. I wonder how, in that tiny little interval between, say, 2009 and 2015, I might have done so?
I’ll leave the research to you. You’re the one on “sabbatical.”
Not quite what you said in the first place, Dog-Brain. May I remind you?
It’s not too late to admit that you lied about “falling adoption rates,” you know. You could even adopt Fifi’s basic tactic here: “I lied, because I am a professional.” In your case, “on sabbatical,” of course.
Which reminds me of Robert’s rather weird link to a 2010 blog conversation, wherein for some bizarre and clearly unfounded reason he believed that he was being insulted by Oldman. Unlike you, Dog-Brain, I like to analyse the cites provided. And what do you know, Robert’s cite provided the following hilariously bad prediction:
Try counting again, Twitter.
Jeez. It’s a wonder you people are allowed outside, in public, without a leash and a muzzle.
Did you figure out how to “Press backspace 28 times” on the Windows boot-loader, Dog-Brain? We’re waiting …
Incidentally, nothing about this exploit, including Deaf Spy’s link, even once suggested that it was available over a network. Unlike, say, Heartbleed or Shellshock.
Nice try, though. I’m sure you’ll be ready and willing to make a cogent response, once your “sabbatical” is over and you get the chance, once more, to engage your awesome intellectual powers on the question.
Please show us how you “Press backspace 28 times” remotely upon booting a computer.
The link you provided is no different than one using Ophcrack, PCUnlocker, Kon-Boot or any of the other tools to bypass login passwords.
Exploiting this vulnerability requires physical access to the computer during startup, and if you’ve got physical access, there are about a zillion ways you can bypass security.
The bug is about bypassing Grub2’s internal password protection. Most users don’t password-protect Grub2.
The bug is in the Grub2 bootloader. If you’re using direct boot from UEFI, LILO, classic Grub, or any of the non-x86 bootloaders, you’re not vulnerable to it.
If you’re worried about this bug, install your distro’s patch for it, but keep in mind that, except in unusual circumstances, the vulnerability doesn’t actually reduce security.
This will only affect people who use a GRUB password prompt, which is not the default on Ubuntu. So a default Ubuntu installation was never vulnerable.
If you do use a GRUB password prompt (which is arguably not a very strong protection anyway, since a person who sees the grub screens has physical access to the machine) then you are protected if you’ve installed all recent security updates – in particular, if your grub2-common package is one of the following versions or later:
Ubuntu 15.10:
grub2-common 2.02~beta2-29ubuntu0.2
Ubuntu 15.04:
grub2-common 2.02~beta2-22ubuntu1.4
Ubuntu 14.04 LTS:
grub2-common 2.02~beta2-9ubuntu1.6
Ubuntu 12.04 LTS:
grub2-common 1.99-21ubuntu3.19
Already been fixed: https://lists.ubuntu.com/archives/ubuntu-security-announce/2015-December/003218.html
$ apt-cache policy grub2-common
grub2-common:
Installed: 2.02~beta2-9ubuntu1.4
Candidate: 2.02~beta2-9ubuntu1.6
Version table:
2.02~beta2-9ubuntu1.6 0
500 http://archive.ubuntu.com/ubuntu/ trusty-updates/main amd64 Packages
500 http://security.ubuntu.com/ubuntu/ trusty-security/main amd64 Packages
*** 2.02~beta2-9ubuntu1.4 0
100 /var/lib/dpkg/status
2.02~beta2-9 0
500 http://archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages
So, Deafboy, did you figure out how to “Press backspace 28 times” remotely upon booting a computer? We’re waiting.
More secure, really? How about hacking Linux by… Pressing backspace 28 times.
http://www.techtimes.com/articles/118177/20151220/linux-bug-allows-anyone-to-access-system-by-hitting-backspace-key-28-times.htm
Yes, I suppose Windows 10 installations would go up, when it’s frickin giving away for free and then, shoved down everyones throat, even those that do not want it.
… been tired by Dog-Brain’s incessant misrepresentations.
Here, Dougie, try this as evidence for falling adoption rates.
You say down, I say up.
dougman wrote, “by agreeing to the EULA they tossed the rights to a class-action suit out the window?”
The EULA from Hell is a contract binding on both parties. For it to be valid, the court has to accept that both parties were competent to enter into an agreement and that a consideration was exchanged. A court could well be persuaded that the EULA is not valid and open the floodgates. In the case of OEM versions, a judge might rule that the consumer paid the retailer, not the OEM or M$ so that no consideration was given. Further a judge could rule that a 10 year old kid clicked “I agree” and was not competent. You could have a class of parents of kids who agreed or a class of all consumers who clicked “I agree” without a lawyer present. For a contract to be valid, both parties have to understand it. Clearly, with consumers demanding class action they at least did not understand it. Further, a judge may rule that surrendering rights to access the courts is not conscionable or illegal.
http://www.valuewalk.com/2015/11/windows-10-class-action-microsoft/
LOL…don;t these ding-bats understand that by agreeing to the EULA they tossed the rights to a class-action suit out the window?
LOL..
luvr wrote, “Clearly, your first option, then, is to upgrade your hypothetical computer to a newer Linux release. Again, you’re out of luck: in order to work right, your hypothetical computer requires a hypothetical proprietary driver that is not available for newer Linux releases.”
Unless the PC is very old and can’t run a virtual machine, that could be a good option. I know the new on-line LibreOffice is being shipped in beta as a VM. I tried it but it’s a struggle on Beast. The VM is VMware aware and I had to edit GRUB lines to get it to boot from KVM but I couldn’t get networking to work and gave up after a while. It’s pointless without networking. That’s a failure of Collabora to ship a more generic image I guess but at least they tried and with more effort I probably could get it to work. I don’t have any trouble installing GNU/Linux in KVM so I could dip into RedHat’s archives and make any old GNU/Linux application work that way.
kurkosdr said, “So, Desktop Linux presents a hard-choice: Even stick to an old version with which your old drivers (and apps) work, but at the same time stop receiving new apps, or go to a new version and risk breakages.”
Let me get this right: You have a hypothetical computer that currently runs an old Linux release. Now, you want to install a hypothetical new application on it. Unfortunately, that doesn’t work, since this hypothetical application doesn’t run on that old Linux release. Fair enough.
Clearly, your first option, then, is to upgrade your hypothetical computer to a newer Linux release. Again, you’re out of luck: in order to work right, your hypothetical computer requires a hypothetical proprietary driver that is not available for newer Linux releases.
So, on the one hand, you want to dump the old Linux release, because it no longer works for you, and on the other hand, you cannot upgrade to a newer Linux release, because that doesn’t work for your hypothetical computer.
As an alternative, you may, obviously, decide to downgrade to Windows, and see if that works any better.
Unfortunately, however, that option, too, is unlikely to work. After all, since your hypothetical computer requires a hypothetical proprietary driver that is no longer maintained—i.e., an old driver—that hypothetical computer must be relatively old. As a consequence, it will be unable to run any of the currently supported Windows releases (a.k.a. “Windows 10”) with any acceptable level of performance. Surely, you won’t want to run any of those earlier Windows releases (which are no longer supported, and consequently cannot be kept “secure”), will you?
I think it’s time for you to get a new hypothetical computer.
Microsh1t can and will remove any offending software it desires.
http://www.wired.co.uk/news/archive/2015-11/24/windows-10-update-removing-software
kurkosdr said, “At least with Windows 7 and 8, you have the option to stick to them”
Yeah, right… As if Microsoft will let you. Bwahahaha!
kurkosdr also said, “AND receive new apps”
If that is true, then Microsoft must have changed its policy. New Microsoft Office versions used to require the latest Microsoft Windows version. (Same goes for Microsoft Internet Explorer, but I consider that irrelevant.)
Oh and BTW I would gladly download third-party blockers in order to avoid the Desktop Linux dilemma I described in my previous post thank you.
And the fact no meaningful numbers of Windows 7 and 8 users migrate to Desktop Linux means most users are like me, sorry.
Not to mention that I don’t even understand why you would stick with an old Linux distro if it makes you unhappy.
Because some proprietary driver depends on it and the idea all companies should open their drivers has no application in the real world?
Aka the same reason even Nexuses stop receiving upgrades to new Android versions (Nexus 4 anyone?) and the reason unofficial ROMs suck (because old proprietary drivers have to work with new Android and linux kernel versions).
So, Desktop Linux presents a hard-choice: Even stick to an old version with which your old drivers (and apps) work, but at the same time stop receiving new apps, or go to a new version and risk breakages.
At least with Windows 7 and 8, you have the option to stick to them AND receive new apps.
Now, go ahead and chant how all your drivers and apps are open-source and you don’t care, as if the 99% would commit to 100% FOSS apps and drivers.
kurkosdr said, “That’s bad, but still better than Desktop Linux, were anyone not running at least the latest LTS of his distro is forgotten by everyone, app vendors and community.”
Really? Microsoft doesn’t show much respect for you if you attempt to decline the Windows 10 degrade, does it?
From the article that dougman linked to: “As such the outlook for those who wish to remain on Windows 7 or Windows 8 is looking grim. Yes you will be able to dodge Microsoft’s increasingly aggressive and sneaky upgrade tactics, but it won’t make for much of a fun existence if it requires endlessly dismissing notification prompts, tweaking Windows settings and upgrading third party blocking tools.”
If I had no other option than either this Microsoft crap or an old Linux distro, then I would happily go for the Linux distro. Not to mention that I don’t even understand why you would stick with an old Linux distro if it makes you unhappy.
With Windows 10 falling adoption rates, many have seen the company’s initial smugness evolve into incredulity and increasingly dirty tactics. M$ appears to have forgotten about respecting user choice entirely because life for Windows 7 and Windows 8 users is about to get a lot worse.
Pretty low for them to do this wouldn’t you say?
http://www.forbes.com/sites/gordonkelly/2015/12/16/microsoft-windows-10-free-upgrades-worse/
Windows update popup mimics malware, talk about failure.
Oh lets see…
1. Users gets a popup, pretending to be from Microsoft, about the Windows 10 update.
2. Once downloaded, this malicious update, takes over their computer and blocks the user from accessing all their important files, photos, videos, etc.
3. The attacker demand the users to pay a ransom 1-2 Bitcoins worth of hundreds of dollars to regain control of their personal computer.
4. Profit!
https://www.youtube.com/watch?v=qxP5_Qx9EqI
kurkosdr wrote, “That’s bad, but still better than Desktop Linux, were anyone not running at least the latest LTS of his distro is forgotten by everyone, app vendors and community.”
Still, one can usually preserve an application’s favourite environment in a virtual machine or chroot and carry on. GPL and other FLOSS licences don’t restrict that although some vendor might. I still think you are better off sticking with FLOSS than using any non-Free software.
That’s bad, but still better than Desktop Linux, were anyone not running at least the latest LTS of his distro is forgotten by everyone, app vendors and community.
BTW, gotta live the slime-y pitch in the pop-up. They toss the “all your files will be there” to create an impression of risk-free-ness, but they make zero mention about what happens to apps and drivers.