“10”‘s Nagware Ruins Your Day

“The Chinko Project manages roughly 17,600 square kilometres (6,795 square miles) of rainforest and savannah in the east of the CAR, near the border with South Sudan. Money is tight, and so is internet bandwidth. So the staff was more than a little displeased when one of the donated laptops the team uses began upgrading to Windows 10 automatically, pulling in gigabytes of data over a radio link.
 
And it’s not just bandwidth bills they have to worry about.
 
“If a forced upgrade happened and crashed our PCs while in the middle of coordinating rangers under fire from armed militarized poachers, blood could literally be on Microsoft’s hands”
 
See Even in remotest Africa, Windows 10 nagware ruins your day: Update burns satellite link cash
I can relate to this although people only shot at me by accident. Schools in the northern wilderness have similar issues: fragile IT and limited bandwidth. There’s no room for That Other OS in such cases. If you want software that works for you rather than you being a slave to its supplier, use Free/Libre Open Source Software like Debian GNU/Linux. It saved me many times from re-re-reboots, malware and slowing down.

About Robert Pogson

I am a retired teacher in Canada. I taught in the subject areas where I have worked for almost forty years: maths, physics, chemistry and computers. I love hunting, fishing, picking berries and mushrooms, too.
This entry was posted in Linux in Education, technology and tagged , , , , , , , , , , . Bookmark the permalink.

18 Responses to “10”‘s Nagware Ruins Your Day

  1. oiaohm says:

    Or you know, just download the app from the Store. Sure it’s a metro app, but good enough for streaming a video feed.
    LOLOLOL idiot it does not have the means to stream anything itself.
    kurkosdr that app goes and enables silverlight in your browser when it installs. What it is a wrapper around the browser you turn silverlight off and you find it turned back on after you have used netflix app.

    Because Windows is an OS with genuine interest for developers and has native apps, so you don’t have to hack it with browser plug in, unless you are ohioham and have facts to distort.
    Windows you have be careful because all they did was hack browser to put app in front of user and did not tell user what it in fact does.

    But you can always upgrade to the latest LTS and break your drivers and apps or something…
    Windows users installing updates suffer from the same thing. For example Quickbooks PDF printer function breaks quite commonly with windows updates so far 4 updates in Windows Xp, 3 in Vista, 6 in Windows 7/8/8.1 and 2 already in windows 10 have broken it. This is not something special to Linux. Ok Linux LTS updates attempts to force users to use current editions secure drivers bad problem lot of hardware makers as soon as they release the hardware stop doing driver updates. Linux in face about it Windows you just silently keep on running out of date and insecure drivers. Flatpak work might make people happier sitting on older LTS and using Flatpak to run newer applications. Even so that will not solve the on going problem of the hardware people using not having maintained drivers.

    Meanwhile in DesktopLinuxLand, most binaries outside the repositories are unsigned and AtYouOwnRisk(tm) (the repos are not a walled garden, honest! )
    This is kinda a problem that you get wrong.
    https://blogs.mcafee.com/mcafee-labs/signed-malware-continues-undermine-trust/
    So Windows malware is signed so being signed or not does not do much to prevent malware spread. In fact some worm authors have worked out they can add there own CA to the approved list inside windows. So security wise signing is not being much better than a checksum.

    Also the idea that signing has to be inside the binary is also kind of wrong it shown by SHA1 issue. If all debian signing had been inside the binary files changing from SHA1 to newer would have kind of screwed up. White list database has advantage over signing in each binary individually and embedding because if a validation method gets broken you just change the database and don’t have to change the binary. Does bring me to a few annoyances like chrome from google and vlc direct from vlc is still using SHA1 based signing and this is under Linux/Windows and OS X. If you look deeper most windows application signing is mostly out of date and broken.

    I saw the same thing when people were writing about mint iso issue that they should have included a signing key in the iso. Now that really does not work.
    https://help.ubuntu.com/community/VerifyIsoHowto
    Mints checksums were not signed that was incorrect. Now not embedding means if you release a broken image and it gets mirrored and someone downloads your whitelist from your site that should be signed the broken fails. Now if it embedded in the image it can look as approved.

    When you wake up Linux world is using the whitelist database signed method you will find quite a lot of the on-line Linux binaries do have a signed validation file. Is that validation method quality is all over the place just like Windows binary signing. Unsigned Windows binaries and Linux binaries without a signed verification file are about the same level of rarity.

  2. kurkosdr says:

    kurkosdr netflix demands silverlight on windows to play 1080p.

    Or you know, just download the app from the Store. Sure it’s a metro app, but good enough for streaming a video feed.

    Because Windows is an OS with genuine interest for developers and has native apps, so you don’t have to hack it with browser plug in, unless you are ohioham and have facts to distort.

    Great exploit, Dougie.

    I am always amazed by the “exploits” FOSSies claim to “prove” post – XP Windows is not secure. Meanwhile in DesktopLinuxLand, most binaries outside the repositories are unsigned and AtYouOwnRisk(tm) (the repos are not a walled garden, honest! ), and LTSes stop receiving security patches long before Windows releases from the same era do. But you can always upgrade to the latest LTS and break your drivers and apps or something…

  3. Deaf Spy says:

    Great exploit, Dougie. To get it, you need to run certain obscure executables as administrator. Great job, I tell you.

    But this is what happens when you rely on Russians. 🙂

  4. oiaohm says:

    kurkosdr netflix demands silverlight on windows to play 1080p.
    http://usa.kaspersky.com/about-us/press-center/in-the-news/2016/kaspersky-caught-scent-silverlight-zero-day-hacking-team-breach-da
    Guess how Windows systems have been getting infected kurkosdr.

    So being stuck at 720p under firefox or chrome under windows or linux and not infected while using netflix does not sound too bad does it kurkosdr.

    Some to learn kurkosdr when a service provider is normally doing something that is platform dependant it normally means you are doing something that will result in your system infected.

    is being ignored by manufacturers (the major ones) HP Dell and most of the other majors Linux workstation models yes that are meant to run Linux Desktop so I would not call this being ignored by manufacturers. Annoying HP and Dell may tell you to buy X model with windows on it and format over it as it certified to run Linux yes those machines contain the ubuntu KEK and a few other distributions as well as the Microsoft set in bios in most cases so disc works out box without messing around with anything. So manufactures point is bogus as normal what is annoying is paying for Windows with no plan to ever use it not lack of vendor support.

    application vendors and (guess what) users. This gets interesting depend on the application vendors. Anti-virus vendors almost all of them make a desktop Linux product. Depends on the category of application vendor what percentage is for Linux.

  5. kurkosdr says:

    You still haven’t responded with a penetration testing scenario that works in a Windows machine (Vista or higher obv) with default settings and not on Desktop Linux, yet you keep repeating “malwares” on every irrelevant occasion.

    You understand there is a reason it’s only you I call dogbrain and generally disrespect around this blog? No?

    BTW, Desktop Linux, when not under ChromeOS colors, is being ignored by manufacturers (the major ones), service providers (such as Netflix), application vendors and (guess what) users.

    Perhaps if you Desktop Linux community didn’t male the life of application developers hard by mandating dependency hells, perhaps if you didn’t still rely on X.org, perhaps if you kept PulseAudio away till it was ready… You know perhaps if you acted more like a commercial vendor instead of a bunch of kids messing around the kitchen…

  6. dougman says:

    “Unfortunately, Desktop Linux is years behind and slowing fast. Even low-end, standard features such as stereoscopic video output and 1080p Netflix are science fiction for Desktop Linux users. The only option for a word editor is one with a UI stuck in 1997 (with it’s Office 97-like toolbars being almost cute in this day and age) and whatever MS Office knockoff China sells. Battery life is a joke. GPU drivers usually suck.”

    I read this part, whereby the Windows SLOG still think s Linux is undesirable for the mases, due to a few nuances that they have picked and chosen.

    So given the choice, these few so-called “issues” or suffer the brutal fist of M$ and its never-ending malware. People would toss M$ to the wind, but alas! M$ prefers that you not to have a choice.

  7. oiaohm says:

    https://en.wikipedia.org/wiki/Windows_Genuine_Advantage#Data_collected

    kurkosdr define sensitive. Installation results did not just include Microsoft software but other third parties as well. So Microsoft was doing a little bit of snooping in the software you had decided to run. Now if that happens to include a classified application now that is sensitive. So saying not collecting any sensitive data is wrong. Collecting bare min sensitive data that in most cases is not a privacy or security issue is the correct description of WGA. If having X application owning to Y government/company so identifying yourself as such is not a good thing. This is some of the reason why governments are looking more at Linux live media for highly specialized areas. Yes some places running a Linux Desktop as default prac with windows running in a virtual machine or not at all is the correct thing.

    http://mrpogson.com/2016/06/05/want-permission-from-m-to-use-your-hardware-to-its-maximum-m-just-says-no/#comment-343661

    Please drop the netflix 1080p and bluray ones with minor alterations they do in fact work under Linux these days. Bluray is getting the key.cfg file that distributions don’t ship. Netflix 1080p is fooling netflix that your Linux machine is a chromebook.

    If you read more about Netflix https://www.reddit.com/r/netflix/comments/3ae26z/all_does_the_netflix_redesign_now_allow_1080p/

    You will find that 1080p depends on sliverlight on platforms Netflix does not directly approved. Like particular models chromebooks are approved so pretending to be such magic it works. Firefox + pipelight + sliverlight on Linux does result in 1080p Netflix. If go and read the security risks of using sliverlight you will not be want it in your every day browser. Sooner Netflix nuke the sliverlight requirement the better.

  8. kurkosdr says:

    M$ thinks they own your computer and you

    When FOSSies repeated that claim back in the XP days, often bringing up WGA as an example (which was completely bogus, since nobody found any sensitive data collected by WGA despite FOSSies’ best efforts), I called BS on them.

    Unfortunately, today it’s a reality. On one hand, you have a spy-happy OS that won’t let you postpone megaupdates even by 48 hours in its consumer/home version, and on the other hand users of the Windows 7 and 8.1 are being coerced into accepting 10 in their PCs.

    Unfortunately, Desktop Linux is years behind and slowing fast. Even low-end, standard features such as stereoscopic video output and 1080p Netflix are science fiction for Desktop Linux users. The only option for a word editor is one with a UI stuck in 1997 (with it’s Office 97-like toolbars being almost cute in this day and age) and whatever MS Office knockoff China sells. Battery life is a joke. GPU drivers usually suck.

    That’s too much compromise for me. I ‘d eat the occasional spying (although I hear you can disable most of it) and the mandatory updates.

    Microsoft owns laptops and desktops. I appreciate you guys tolerating Desktop Linux for having total control on your systems, but unfortunately you are the exception.

  9. dougman says:

    M$ thinks they own your computer and you, unfortunately for some that is true.

    Linux gives people freedom and choice; M$ isn’t about choice.

  10. kurkosdr says:

    People don’t care.

    They do. That’s the sentiment I get anyway.

    First of all, you ‘ve got the surprise marathon updates (which are actually upgrades) for existing users. The last Windows 10 megaupdate took 1 hour for me. On a relatively recent laptop (Z70-80). Of course, I knew about it and had allocated a time slot, but can you imagine the average user (who does not “have to know”) suddenly having his computer taken hostage by the update process for an hour or so? A quick Word write-up can become an 1-hour update-athon.

    Now, I know that the end plan of WinDiv is to force everyone to 10 by the end of next month, but in reality all that will happen is users turning off Windows Update. It’s already a burden (according to their perception) anyway.

    Users do care about WinDiv pestering them with upgrade notices about an OS they do not plan upgrading to. It doesn’t matter how awesome or not Windows 10 is. Users do not care enough to take the risk of broken compat and re-learning stuff. They do not care. They do care about Windows Update being annoying though. Just wait ’till they learn shutting it up is a couple of clicks away…

  11. kurkosdr says:

    Computer text reads so bad that it hurts, even if you set your TV to be in PC-input mode.

    1) Switch from and “Dynamic/Sports” mode to “Standard/Normal” mode

    2) Usually, the correct sharpness setting is either 50% of all the way down (0%).

    3) Disable overscan to get 1:1 pixel mapping in Full HD. Some televisions (such as Sharps) have the 1:1 setting surprisingly well-hidden, because, you know, reasons.

  12. I am very unlikely ever to go mobile with my new Odroid-C2, although I could run it on a few AA cells. Still need a big display. Eyes. Big displays are not portable. I use a large screen TV in the living room and have no trouble reading fonts with sufficient zoom.

  13. Deaf Spy says:

    Touch is quite useful for mobile stuff but it loses a lot for legacy desktops and such.

    Not necessarily. My work laptop is an HP Spectre 13 with a touch screen. When docked to external displays, touch is out of the question. But, when I go mobile with it, touch is very, very handy, and I find myself using it more and more even with Win32 apps. Things like scrolling and browsing through stuff are better with touch. I was surprised to find this. I first thought that using keys and mouse would be better, but touch obviously has its advantages.

    Another area 10 shines is the support of multiple displays (improved compared to 8.1) and high DPI displays, like 4K displays. I have a 40″ 4K display at home, and, I tell you, at 125% scaling, empowered by very convenient shortcuts and automatic window arrangement, productivity is amazing. This alone is enough to make me forget all 10’s sins.

    Btw, don’t make the mistake to use a TV for a monitor. Even when the TV is full HD. Computer text reads so bad that it hurts, even if you set your TV to be in PC-input mode. That improves the text quality only slightly.

  14. Deaf Spy wrote, “if you have touch, 10 is not that bad at all”.

    Touch is quite useful for mobile stuff but it loses a lot for legacy desktops and such. If I’m sitting at my desk in front of a huge display, I’d have to actually reach my arms to touch the corners of the screen. That’s just silly. It could work for talking heads on CNN who are walking around huge displays but I’m old and sedentary and like to sit still when I compute. Even now with a 15 inch screen, touch would be inconvenient. My next display will likely be a smallish TV mounted on the wall completely out of reach without getting up out of my chair. In the living room in my recliner, touch might be interesting but why should I have to change my OS to use touch? I prefer Debian GNU/Linux, the universal OS.

  15. Deaf Spy says:

    “lemme tell you “

    Well, let me tell you this.

    People don’t care. The problem with Windows 10, ladies and gentlemen, are its applications. Edge is basically in alpha, and so are most of the accompanying apps. If you stick to IE or put on some other browser, and you don’t have touch, you won’t even notice the OS. You will also like it, because the new start menu is much less middling than 8.1.

    And, if you have touch, 10 is not that bad at all.

  16. kurkosdr says:

    BTW, I am surprised Microsoft hasn’t yet replaced Windows Update with some Windows 10-like Update which won’t allow you to disable it or put it on notify only…

    The Windows Update of 7 has already being upgraded once, so it can be done.

    Did I just gave the WinDiv an idea?

    Or they had thought of it already but they thought it would break… Hahaha, they don’t care what they break anymore. For instance, they upgraded users of AMD APUs from 7 to 10 even if they knew there are no Win10 drivers…

  17. kurkosdr says:

    …aand just when the tech magazines and websites had convinced windows users why you should not disable Windows Update even if it does make you computer shut down slower or force-restart itself every second Tuesday of every month, Microsoft provides very convincing reasons to users to disable updates again.

    Continue doing that Microsoft, so Windows becomes the malware-infested hellhole it was 15 years ago. Apple and Google could use the extra marketshare…

    And to preempt the TEGs and DrLosers, lemme tell you most users will not play the “find the evil KB” game. They will just disable Windows Update, which to their minds is the source of the problem.

Leave a Reply