-
-
I’ve administered Linux and Windows systems for many years. For server administration, I often rely on the command line/shell to get things done.
But when I’m using my personal laptop/PC to do non-administrative stuff I rarely have to resort to using the command line on Linux.
Heck, now that I think of it, I think I resort to Powershell on Windows more than using command line on Linux because so much stuff is tucked away deep into convoluted GUIs in Windows 10 & 11 now.
1 user thanked author for this post.
-
For the installing Linux on an Acer C710, this does a good job of outlining the steps:
https://www.linux.com/topic/desktop/how-install-linux-acer-c720-chromebook/
It’s focused on the C720 but the C720 & C710 are quite similar.
For installing Mint on the ZA3, the graphics drivers are apparently the biggest challenge. This gives some key info:
https://community.linuxmint.com/hardware/view/3924
===
Personally, I wouldn’t waste time on old laptops/chromebooks that have less than 4gb of RAM and are incapable of upgrading memory & disk.
On the other hand, I’ve had great success taking old laptops, upgrading the RAM & storage (if needed) and then turning them into nice Linux laptops. But I’ll only do this with laptops that have a CPU with at least 4 physical cores (that can do at least 2.6GHZ) and can physically support up to at least 16GB of memory.
1 user thanked author for this post.
-
When visiting some (not all) family members I sometimes am asked to look into issues with their computer or home network.
For the computers, I always start off doing what most here have already mentioned: check backups are being done, make sure AV & anti-malware is working & updating, check logs, looking for persistent errors, etc. I added “BIOS check” to this checklist after visiting a relative a last year.
During that visit I discovered they had a fairly new but virtually unused high end custom workstation (from a local mom&pop computer shop) that they bought for their CAD work. I asked about it and they said it would always crash after a few minutes of any kind of use, so they just didn’t use it. The vendor had apparently been of no real help & the relative was just too embarrassed to pursue the issue any further.
I looked over the system & confirmed the issues – but none of my typical checks uncovered an obvious cause. I spent hours on this and then – as an afterthought – I checked the BIOS.
OMG! The vendor had set one of those lame auto-overclock options… which I quickly confirmed had mis-configured memory and made the memory very unstable. Disabling the auto-overclock & setting proper explicit parameters for CPU, power and memory resulted in a stable awesome system.
So now when I debug a relative’s (or friend’s) computer/laptop I always look over the BIOS settings first.
1 user thanked author for this post.
-
-
What have you had to turn off? The stuff I have seen is opt-in when it comes to the OS itself.
After I do an Ubuntu install, there are a number of services I disable or uninstall. One of these is the “whoopsie” service that “phones home” to share data on any app/service/system crashes. The other “phone home” stuff I just opt out.
I actually uninstall the whoopsie service. That’s because – years past – some old versions of Ubuntu would sometimes re-enable whoopsie due to a heavy-handed update.
The other thing I always disable/de-install on newer Ubuntu installs is the snap packages subsystem (ie:snapd). This is due to how snap erodes Linux security and (to a lesser degree) reliability.
Due to similar concerns, Linux Mint has taken a stand against snapd & does not install it in its more recent releases.
It appears Canonical’s ‘devs are eventually going to make snap stuff absolutely essential for Ubuntu desktop releases. This is why I’m starting to completely abandon Ubuntu and go with Mint for desktops.
-
Well, in fact, various Linux distros have had degrees of “telemetry” for many many years. Most of this was/is “phone home” stuff to give the distros some idea about the number & kind of installs. Then there’s the “phone home” to report details of a software/system crash.
A decade ago, this kind of voluntary “phone home” stuff wasn’t that big of a deal. But the world we live in now makes folks (understandably) more sensitive to anything that can be associated with the word “telemetry”. The old IT security adage “trust no one” really does ring true in today’s world.
Unlike Windows, this stuff is pretty easy to turn off, disable or de-install. I always turn off telemetry when I install Linux.
2 users thanked author for this post.
-
I purchased a new laptop 1.5 years ago from Dell. It was a nice Precision model with Ubuntu (18.04) exclusively preinstalled. It has worked great since I got it.
When ordering it online from Dell, I found that choosing Ubuntu instead of Windows for the laptop’s config saved me some bucks & made it a little easier to choose 16GB of RAM instead of 8GB.
Dell & Lenovo both offer desktops & laptops with Linux pre-installed.
Dell, Lenovo, HP and others, work with Ubuntu’s foundation/company – Canonical – to certify some of their desktops/laptops for use with Ubuntu releases.
https://certification.ubuntu.com/
I have indeed installed Ubuntu & Linux Mint on a number of desktops, servers and laptops with minimal-to-no issues. The key to this is to – up front – do adequate research to find specific desktop/laptop products that are already well documented to work with Linux.
Sometimes I’ve been lucky and old (3+ years old) laptops I already had on hand worked fine with Ubuntu or Mint. My experience has been that the older the equipment the more likely it will work with the latest Linux release.
All my Windows systems are in fact dual boot Windows / Linux. I install Windows first & then Linux after. Some motherboard UEFI implementations can make dual boot Linux installs a bit more complicated than necessary; but this is tempered by the various Linux distributions getting better at UEFI installs, doing a better job documenting how to do dual boot installs AND – in their forums – how to deal with particular manufacturer UEFI quirks.
Nowadays, when I plan new desktop/laptop purchases I select products I can confirm will work well with Linux as well as Windows. I won’t consider a server/desktop/laptop that has firmware that would effectively physically lock me into an OS exclusively – Windows or otherwise.
-
In my book, the list of “improvements” is pathetic for a 5 year scope for a OS with a relatively rapid release cadence.
It just confirms my suspicions of the Win 10 effort: that the product/dev teams are probably spending most of their time mired in project churn & wheel spinning. Much of this probably due to being stuck in a reactive-mode chaos caused by the relatively rapid release schedule. They just can’t handle it effectively, so actual measurable productivity goes out the window.
The product (and consumers) would fare so much better if the release cadence was dialed way way back to give the product teams and devs room enough to do the good work they are capable of.
It’s clear to me that the current release cadence has not added any value to Win10 and it is surely costing MS a lot of $$$ (e.g.: wasted productivity, PR impacts) by ignoring the reality and sticking with it at all costs.
7 users thanked author for this post.
-
-
Not sure what triggered Jake. I read the FBI article. Sounded pretty reasonable and factual to me. They were not preaching doom and gloom, just telling it as it is. Actually similar to a slew of articles/advisories written by various security gurus. Seriously, if the FBI article muted the potential risk, they’d get their behind handed to them later if consumers got harmed by some “new” exploit. Note that I used the word “if” there.
I run a pihole at home. When I got a Roku TV I was blown away at the massive amount of telemetry traffic I saw in the pihole logs. Things improved when I added some Roku specific rules to the pihole server. Fortunately, I got a Roku TV that doesn’t have – or support- a camera or microphone.
I spent some time reviewing Roku’s API. Heck, I’ve used the API for scripting turning the TV on and off & changing channels while away from home (to make it look like I’m home). But I have to say (in my opinion): the API is a disaster waiting to happen, due to the seemingly rich attack surface.
Then there’s the Closed Captions vulnerability for some TVs & media players. I believe this has been patched on most smart TVs by now. At least, I hope so.
The biggest security issue I see for smart TVs is that the manufacturers stop developing firmware/security updates after just a few years for many models. Problem is, a lot of folks keep their TVs *forever*.
For smart TVs, I think keeping them behind a good quality (and regularly updated) securely configured firewall/router is an absolute must. But many households have deficient/obsolete firewall/router setups, offering poor-to-no protection.
2 users thanked author for this post.
-
? says:
i looked around a bit and found this one;
and:
https://www.bleepingcomputer.com/forums/t/696802/cant-install-kb4474419-it-fails-and-reverts/
don’t know if they would help? so did the March version install w\o trouble? anyway i hope you get past this glitch and then on to whatever else they throw our way…
Aha! Thanks for the pointers.
First, I did review the update log and saw error #80070643 for my earlier attempts to install KB4474419. I researched this and found no consistent answer on that code. But it did seem sometimes to correlate to file permissions issues.
And, yes, the earlier March version of KB4474419 installed fine, per review of my update history.
Anyway… fix discovered:
Well, per one of the links you provided, the “fix” was to login to the Administrator account and install the standalone 8/12/2019 version of KB4474419. Perhaps I could have just done a right-click “run as Adminstrator” on the standalone update via my normal account (which has admin privs), but I chose to just login as Administrator as others had done to get the update to install clean.
The bottom line: KB4474419 installed successfully (and relatively quickly) when running the standalone update when logged in as the Administrator user.
I did the same thing on my other Win 7 systems. No issues. I suspect I could have done a normal install of the update on those systems as they are Win 7 Ultimate.
I have to say: it’s been a loooong time since I had to resort to installing an update this way. I’m kicking myself for not remembering & giving it a shot initially.
Note:
On one system I had to actually make the Administrator user visible in the login screen. To do that, I right-click selected “Run as Administrator” for CMD.EXE. Then in the resulting CMD window, I entered:net user administrator /active:yes
Then I logged out from my account & immediately logged in as the Administrator user. Note that no password was set for the Administrator user yet, so I could initially login as Administrator without a password (!!!!). Thus, immediately after login I set a password for the Administrator user.
So if you choose to make Administrator visible on the login screen: PLEASE make sure the Administrator user has a reasonably secure password set.
-
-
I have a few Win 7 systems, some X64 Ultimate and one x64 Home Premium.
All of them already have KB4490628 (Servicing Stack update) and KB3125574 (a roll-up that includes KB3133977).
I downloaded the latest standalone KB4474419 (SHA2 v2) update from the MS update catalog.
The 1st system to be updated is the Home Premium system.
Launched the update & it seemed to install OK initially. But after I clicked on the post-install restart it has been stuck on the “Preparing to configure Windows” screen for almost an hour so far. The system is a laptop with a modest CPU but fast SSD. There’s consistent modest disk activity… but it’s taking forever. The last time I experienced this was with the last servicing stack update. I have my fingers crossed the update will complete…
So this was posted by me (ek). I had to post as anonymous because I was not on one of the home systems at the time.
Anyway…
I gave up trying to install KB4474419 on the Win 7 Home Premium laptop. The update just wouldn’t complete. The laptop is an old Acer AMD A6 system and has a weird hybrid UEFI/BIOS boot that cannot be configured at all in BIOS. It has always made setting up dual boot Win/Linux a pain and I suspect the quirk got in the way of the update.
In fact, all of my other Win 7 systems are BIOS MBR boot and do not have bitlocker installed. So, no real need for me to do the updates.
Back in July I decided to no longer do any updates to Win 7. But I got the recent impression I needed to re-update bitlocker/SHA2 updates with the latest versions to assure I could restore a Win 7 disk image backup. Appears not to be the case for me. So, hopefully, I’ll return to ignoring Win 7 updates.
-
We rarely have to deal with phone spam anymore.
For landline:
Got an AT&T DECT phone set with awesome call blocking features that work well. Folks we add to the contact list can call through, everyone else goes to message. We only pick up on calls from folks we know. There’s also an even more effective mode that adds a call screening step (callers get a “… press 2 to continue” prompt – which robo callers can’t handle), but I only enable it if/when we start getting too many robocalls again.
For mobile (iPhones):
Setup the phones to always be in do-not-disturb mode – with the option enabled to allow calls from anyone in Contacts. In addition (pretty much a redundant step): set the default ring tone to silence and then set each contact to an actual audible ring tone. So, the phone only rings if it’s from someone we know. As with the landline, we only answer calls from contacts we know.
Our basic rule for phone calls: if we don’t answer & the caller leaves no message then the call was spam and/or unimportant. Keeps life simple.
1 user thanked author for this post.
Author
