Replies

I fully agree with you, but a guess at Microsoft’s rationale:

The main thing is that they own Windows and can do whatever they want with it. You’re providing a physical computer, but your access to Windows is merely a license to use (which you agree to when you click Accept on the EULA offer).

One of the primary differences between Home and Pro editions is that the Pro edition allows the option of user or organizational management of the computer.  Hence, the availability of Group Policy Manager in Pro, as well as some measure of being able to decline/defer updates pushed by Microsoft, but not Home.  And the ability of working without a Microsoft ID. With a Home installation, they have decided that they are going to manage the machine, and they do so based on their own priorities.

Especially noteworthy is the fiasco that happened at 1903, of semi-annual upgrades erasing user data. In Microsoft’s view, since the problem was limited to users running Home editions, and some early adopters running Pro (that did not defer updates).  Because the problem was fixed before general roll-out to Enterprise users and official designation as “Ready for Business”, the 1903 deployment was considered a success (even if it caused annoying problems to small-scale users) because the problem was caught before it affected Enterprise users.

Thus, expectation of Microsoft IDs? Check.  Immediate updates applied as soon as they’re available from Microsoft? Check. Lack of ability to control the system to user-specified preferences? Check.

Unfortunately, if you’re not paying $$$$ for Enterprise licenses, they really don’t care that much about you.  Thank you sir, may I have another?

Why is printing so hard to get right? I think a lot of it is that printing is a lot more complicated than most of us appreciate. There are a lot of moving parts, and at several levels. Part of it is the mechanics of getting ink or toner onto paper, some of it is in all the possible options of paper handling, plus multiple interactions between printer spooler in the operating system and printer drivers, and for most of us, there is usually a networking element, as well as the differences between wired and wireless. Plus things like printer manufacturers adding “call home” spyware elements, and other ways of trying to force continued purchases of consumables from authorized sources.

However, I do want to offer a defense for hard copy printing. There may be plenty reason for output to electronic content, not all output is suited to that. I recognize that there is some measure of personal preference, as well as established policies and procedures that require hard copy, but it’s important to remember that every communication media has strengths and weaknesses, and none is infinitely preferable to everything else. And this even applies to the difference between hard and electronic copy.

There are plenty of reasons to output to PDF (or for that matter, HTML), and I won’t try to recount them here. However, PDF has limitations, including that it’s a proprietary format, and depending on how you’re creating PDF, there can be problems that may not turn up until much later.

However, there are other problems problems with electronic copy (whether PDF or anything else). One significant problem (especially with PDF) is that it’s still page-centric, and on modern 16:9 screens, you can’t see a full page of output without scaling the display so small that it’s barely possible to read. This is especially true if you’re working on a small (e.g., 13″) screen. If you have several pages of output, hard copy can allow for seeing much more content than is possible from a screen. The electronic capacity for searching (assuming it hasn’t been disabled in a PDF doc) should not be discounted, but there are occasions where it’s a lot faster and easier to find certain things with visual scanning than trying to do searching to locate something specific.

Furthermore, electronic copy does not easily lend itself to the simple markup that can be done with a pencil.

And just because something is in a PDF file doesn’t mean that at some point, you’ll need to produce hard copy, anyway.

1 user thanked author for this post.

wavy

The thing that I find most annoying about printers is inkjets, in general.

I live in a dry climate with a lot of dust, and because I don’t do a lot of printing, I have constant problems with inkjets getting clogged and producing bad output, even in draft mode. This isn’t brand-specific, and over the years, I’ve bought, used and discarded printers from Lexmark, Canon and Epson. I currently have a Brother that’s 2-3 years old, and it’s beginning to show issues, as well. Yes, print heads can be cleaned somewhat through cleaning cycles, but the reality is that I have to be conscious about making sure that my inkjets get several pages per week. And of course, cleaning cycles use up quite a bit of ink.

The worst is when heads get really clogged, and I have to do multiple heavy-duty cleaning passes, and more than once, that’s happened when I’m low on ink, and have to replace one or more cartridges. It doesn’t help when the printer manufacturers insist that only OEM ink is acceptable, but by the time I start having problems, basic warranty coverage is already expired.

On the Canon printer I had, I was able to replace the print head, and that bought me a year or two of extra use. Although I generally like Epson WorkForce (at least for their feature sets), I haven’t found any way of cleaning clogged heads other than wasting more ink on cleaning cycles. If multiple cleaning cycles don’t produce usable output, then about the only thing to do is to replace the printer. I haven’t yet seen what can be done with a Brother printer.

Yes, I know that using a laser gets around the issues of clogged heads, but I do need a measure of color printing, and I’m not willing to invest in a color laser. And even a monochrome laser (alongside a color inkjet) would result in even less volume going through the inkjet, resulting either in accelerating the breakdown from clogged heads, or even more frequent cleaning passes (and corresponding ink use) to keep it clean.

One other consideration — I’ve found that for inkjets, if you’ve done 2 full sets of OEM cartridges (or 3, if a multi-function device that includes a scanner), you’ve paid out more for replacement ink than the original cost of the device. Although I don’t like discarding otherwise functional hardware, there comes a point where it’s easier and cheaper just to replace an inkjet than it is to try to fight through heads that won’t clean.

I know that the printer manufacturers use the razor blades model, where the expectation is that the printer is intended to be a device that consumes ink (and retail prices are only marginally above production cost), but if heads can’t be replaced, then the printer becomes a disposable item.

For people that can get a lot of years of use out of an inkjet, I suspect that most don’t try to work with dry climate and dust (or those that do, do a lot more volume of printing than I do).

True, in principle, but current Seamonkey 2.53.x) is predominantly Firefox 56, with essential security updates backported from current versions of Firefox.  There is an alpha of 2.57 which is based Firefox 60, but is a long way from being usable, including that 2.57 does not yet have support for WebExtensions add-ons. Yes, an unfortunate effect of WebExtensions is that some old XUL extensions are not possible because they require capacity not offered in WebExtensions.

As both Firefox (for a short time) and Thunderbird (much longer) had overlap periods of where it was possible to run both XUL and WebEx extensions, I’m guessing that the same will eventually be possible when Seamonkey 2.57 releases, unless the devs decide it’s too much work to try to support both.

I’m very fond of Seamonkey, because it gives me much better ability to tune preferences easily.

There are a growing number of sites that may have problems with Seamonkey.  A handful are ones that make use of features that are only in Firefox 78 and later (typically video-related stuff that originates from Google), but a lot of sites that “demand” current versions of Firefox work just fine in Seamonkey if you set the User Agent string to show an acceptable version number.

I think that the majority of unwanted material (malicious or not) tends to come from users that tend to click “OK” on everything, without reading the content of what they’re approving. A lot are simply trying to move on to getting work done, although I see this effect too often with the “I don’t know much about computers” people that are intimidated by the technology, and have the expectation that a using a computer should be no more difficult than using a toaster.

Developers and distributors know about this, and bury disclosures and opt-out options amid lots of arcane stuff, whether dense legal fine-print, FUD warnings, or obscuring things in “Advanced” settings dialogs that are often designed to discourage users from examining, much less actually making changes.

There is some that can be done by education and training, but some users don’t want education and training, and even if they have it, they’ll still finds to justify doing things that the training is intended to avoid.  It’s too easy for users to assume “I’m just one person, and I’m insignificant”, and where they really don’t understand that there is no such thing as “my little corner of the Internet”.

Ultimately, the process of installation of too much software (even for legitimate stuff) borrows from the same methodology as phishing.

2 users thanked author for this post.

doriel, RockE

One word of advice- always pay for your VPN services, don’t use a free service.

As with anything “free”, the question to ask is what a vendor gets from providing a service that they’re not directly charging money for.  With VPN, assume the answer is going to be “access to your data”, and where they’re using that access to fund their revenue stream.

IMO, a “free” VPN is automatically should be assumed to be untrustworthy.

One thing that could be a part of Microsoft’s reasoning on forcing newer hardware might be something that’s more or less a hardware equivalent of the upgrade cadence of Windows.  With Windows, by forcing regular upgrades, then developers can’t ignore new features with “nobody has them” as an excuse (from older versions that haven’t been upgraded). If 2004 is the current minimum, then pretty much everybody has all the features that have been introduced up until them.

With hardware, it may be that a significant source of support headaches for Microsoft is older equipment where updates can’t easily be deployed, if at all. That’s the physical hardware, as well as driver support.  By requiring newer hardware (and also dropping support for older system deployments), it may be part of the incentive is in making it much less likely that there are old machines that don’t get upgraded to current versions of Windows.

I also agree.

Ultimately, Windows (and for that matter, Office) is a mature product, except, of course for security fixes.  There are very few sales that are to new customers that don’t already have the product, and thus, a lot of rent-seeking from existing customers.

Although I know that there are lots of things in Office related to Enterprise installations, for user-facing stuff, I’ve seen very little in Office that is compelling that has been introduced since Office 97 or Office 2000.

One other consideration is the difference between user-facing processes and what is under the hood.  I won’t suggest that there aren’t significant structural issues that can and should be addressed.

I’m still skeptical about how Microsoft is presenting Windows 11, and I’m still having a hard time getting past the idea that it’s nothing more than a graphical refresh of Windows 10 (and being done to drive new sales).  However, there may be real security things in Windows 11 that are compelling, but they don’t really require changes on the user-facing side.

For that matter, the UI of XP was “good enough”, even if many of us got used to Win 7 or Win 10 as more or less “good enough” (and not counting the UI disasters of Vista and Windows 8 and 8.1).  There really hasn’t been that much change underneath since the release of Vista. Where there has been change, it’s been far more evolutionary than revolutionary, despite Microsoft making major UI changes.

That said, one positive of UI changes has been improvement of quality of graphical presentation (and use of newer video hardware), and even if I’m comfortable with the layout of XP or Win 7, the graphical quality implies “old and slow”, even if it’s not true.  I find the question of graphical quality to turn up frequently in open source projects, but that’s a different discussion

 

Fire drill!

If you can’t prove that you can recover your backups when you need them, then you don’t have backups.  I’ve seen too many cases over the years of backups that were unusable, when the time came to recover data.

There are lots of ways that backups can fail.  I’ve seen bad backup media, corrupt files, bad controllers, bad backup patterns (e.g., less than full backups, where data has been stored to folders not backed up), even something as simple as a forgotten access password.

It’s essential to do regular testing.  This is perhaps more obvious for regular/routine backups, but can potentially bite you when you do the “back up your system before you upgrade” (e.g., prior to applying Patch Tuesday updates) .  I know of lots of people who routinely do those kinds of backups, but I’m far less aware of those people who actually test recovery capacity before upgrading.

Microsoft has the annoying habit of recycling brand names for products that are only barely related, but handling of the “Outlook” name is easily the worst.  Years ago, I remember constantly having to instruct users that “Outlook Express” was a different product, and not merely a “lite” version (as implied by the name) of the Outlook that was bundled with Microsoft Office.

In the current setup, in our org, we have mail servers that run on Exchange, and of course, the user-facing web client is called “Outlook”, and in the minds of our users, it’s hard to differentiate between what is being presented through a browser, and what is installed as a local client as a component of Office.

1 user thanked author for this post.

Peter Deegan

Thinking initially of non-technical users (and not most of the people who hang out at AskWoody):

1. Negative intertia. If a patch has to be applied, unless it’s communicated as “OMG! The world is going to unless this fix is applied 10 minutes ago!”
2. Discounting severity: “I’m insignificant, I don’t have sensitive data, and this problem isn’t going to reach My Little Corner of the Internet”.

For both of these, end users frequently don’t care that much about security, or even administration of their own machines. It’s too easy to expect the computer to be just another appliance, where nothing is required than as with a toaster: insert slices of bread, press button, and in a minute you have toast.

For some, there is the “if it ain’t broke, don’t fix it”, as well as “even if it is broke, don’t fix it”. For the former, there may be perception that fixing isn’t going to make any noticeable changes, and for the latter, not wanting to apply something that forces changes (which are regarded as negative).

For those of us here, there is the common suspicion of changes that just as easily create problems as solve problems, and staying away as a way of trying to prevent big problems by ignoring small problems, but that doesn’t always work, and it’s not always desirable.  Unfortunately, the complexity of it all makes it difficult to evaluate which updates are necessary and desirable, which ones are not, and how to prioritize, when it’s nearly impossible to do realistic threat and risk assessments.

The implied criticism here is with Microsoft and how they handle patching with Windows, but this really applies to really any product and any vendor/developer. With Windows (and current Microsoft offerings, including servers and applications), Microsoft has the stance of “trust us, we know what we’re doing, and what’s best for you” (and equating the two).

Of course, that isn’t true, especially with Microsoft having dumped the bulk of its QA testing operations in favor of AI-driven crowd-sourced testing (and driven by all of the telemetry data generated by individual machines).  In concept, there’s a place for the crowd-sourced testing, as a better way of finding obscure problems that they can’t possibly try to test in the lab.  The problem with that is that they’re using that as primary testing, rather than complementing extensive testing that they do before that.  And the Insider track doesn’t turn up nearly enough.  As an aside, I think that might be part of Microsoft’s reason for the big raise in minimum hardware requirements for Windows 11, as a way of lowering the number of support problems caused by older hardware.

But the real problem is that there is no real way of prioritizing updates, and the mistaken idea that a fully patched machine is “safe” (at least until the next round of patches comes out).  Microsoft’s hierarchy of Critical, Recommended and Optional doesn’t really work well, especially if your particular situation requires something (who knows what, and how to identify it) that may be critical to you, but where it’s otherwise classified lower.

This is especially true for things like bug fixes and sometimes driver updates. I know that some try to avoid all except security patches, but there are times when bug fixes aren’t inconsequential, and applying an update that is bug fixes only (without security fixes) can make a real difference.

With Microsoft, the problem is compounded by the marketing people who can push stuff into the update channel.  I would say that this is less so with the monthly Patch Tuesday updates, but we also get optional C Week updates that eventually make it into Patch Tuesday updates. And then there’s the semi-annual updates.  Fortunately, over the last year or so, they’re mostly limited to roll-ups of Patch Tuesday, but Microsoft always finds a way of slipping in a few small changes, even if it’s as insignificant (at least to them) of changing user prefs back to Microsoft-preferred defaults.

The feature changes are usually presented as “for your benefit”, but too often they’re presented by Marketing, and ultimately, where changes are there to facilitate Microsoft’s needs (especially when familiar things are broken or deprecated) rather than user needs.

For the majority of people who hang out here, there’s a credible apprehension (if not outright fear) of updates imposing new problems that have to get fixed immediately.  That’s one thing if it’s just your own machine, but something else if you have to support machines in quantity (whether a handful, or dozens, especially if some or all of them require remote support).

To me, something that would help is clear designation of updates — which are security fixes, which are bug fixes, what are feature set changes, along with clear documentation of what problems each is intended to fix, and the ability to choose which ones I want, and exclude which ones I don’t want.  And where the documentation is written for a middle user — i.e., somebody who is technically adept, but not fluent as a developer or Microsoft insider, but at the same time, where it’s not written patronizingly, for a non-technical user.

My experience is that SUMo works fine on portables. Default scans check not only Program Files and Program Files (x86), but also the contents of %APPDATA% for stuff that installs in user space, as well as your desktop.

Two configs in the Settings dialog that are useful:

– Go to the Additional Folders button and add any folders that are in unexpected locations.
– Enable “show file path”. That one allows for easy identification of binaries, including if I have both installed and portable versions. A right-click on a particular title allows for opening a containing folder in the Explorer.

I will note that I use the unpaid version, which shows me available updates, but won’t actually install. That works for what I need, but I haven’t seen updates in action. There is also the capacity of downloading from SUMo’s server, or from the developer’s site.

I’ve found that SUMo is quite thorough, where it will show available updates for an impressive volume of software, including some amounts of commercial software, and it’s good at getting a handful of updates that are nearly impossible to find separately. It does have occasional problems with showing pre-release versions that aren’t yet available from a developer’s public-facing web pages, and once in a while, they will show a beta. In the latter case, there is a place for “report beta”, and I’ve found the developer to be pretty responsive.

SUMo is also remarkably good at finding updates for techie tools and utilities that aren’t widely known, and the depth is far greater than the application-centric approach of tools such as PatchMyPC or Ninite.

Whether you decide to get a paid copy or not, it’s definitely worth taking a look at the free version.

Besides my own machines, I keep a portable copy in my collection of tools that I keep on USB device, and if I’m working on somebody else’s computer, a SUMo scan is a great way of seeing the status of what needs updating.

1 user thanked author for this post.

SueW

One of the primary sources of heat build-up tends to be dust, and this is especially true if you’re in an arid or semi-arid location. If dust accumulates in filters or fan bearings, the fan will not move as much air, and heat will build up.

For my desktop computer, it’s on the floor where it gets quite a bit of dust, and I have to make sure I clean out all the airways several times per year.  But even a laptop fan can have the same kinds of issues.  On this particular machine that I’ve had for a decade, there have been times where I’ve been sloppy about allowing dust to build up (and corresponding heat issues) that one time, the CPU burned out, and I had to have replaced, and at least once, I’ve had to replace the power supply.

For cleaning, opening up the case and using a vacuum cleaner is probably best, but a can of compressed air works well, also.  There have been times where I’ve worked on machines and where I don’t have either of those, and using a bicycle pump is sufficient for moving enough air to get the dust bunnies out.

With laptops, there’s more than just the getting air into the fan ducts.  It’s important to go for every opening in the case.  That includes all the bays (battery and drives), sockets for connectors (e.g., USB, Ethernet, etc) and things like SD cards, and even the keyboard.  Surprisingly enough, there is airflow through keyboards, and if you have a laptop with the keyboard covered (e.g., lid down if you’re working from an external monitor and mouse), it will run hotter.

Something that’s also important is to know what the normal temperature ranges for a computer, both when it’s idle, and when it’s busy.  That way, if you see higher temperatures, you know that you probably need check cleaning or the state of your fan.

Vandermere posted a screenshot of output from what looks like Piriform Speccy, and that works.  Other tools that can be used as temperature monitors include SpeedFan and MacsFanControl, both of which can be run as processes minimized to the Windows System Tray.  For this kind of thing, I think all the tools use Celsius and conversions to Fahrenheit aren’t necessary.

This is all a part of EULA agreements that are done (at least in the US) under the Uniform Commercial Code (UCC).  The UCC is what makes boilerplate contracts possible, where a vendor can offer a legally-enforceable contract under “take it or leave it” terms, where there’s no space for negotiation.

One of the specific things that’s permissible in UCC contracts is what I call the “weasel clause”, where the entity offering the contract reserves the right to change the terms, unilaterally, and without advance notice.

UCC contracts are pretty thoroughly baked into US contract law, and unless one turns up with terms that litigation considers unconscionable (and that’s common in some spyware and other malware), then it’s all enforceable.

 

1 user thanked author for this post.

Wheel_D

A common misunderstanding is that IE has never been “inert code”, not even now.

There are applications that explicitly call IE (rather than the system’s default browser) to do HTML rendering, and it’s a guess that some of that is where IE is necessary to execute ActiveX scripting.

Even though I have never voluntarily used IE, I’ve found it interesting that cleanup tools such as CCleaner often report the presence of cookies and cache content used by IE.

I would be very hesitant to remove IE, unless I am *very* sure that there is nothing on my system that uses it surreptitiously, and I’m not sure I would even trust IE Mode in Edge.

In the same way that we still see production systems running Windows 7, XP, Win 2000 and even Win 9x and DOS, because it’s not feasible to upgrade applications that depend on those versions, I’m going to suggest that it’s going to be a very long time before Microsoft breaks stuff that requires IE (or ActiveX) by removing them entirely from Windows.

 

2 users thanked author for this post.

PKCano, Alex5723