
Microsoft again forced upgrades on Win10 PCs specifically set to block updates - sus_007
https://www.computerworld.com/article/3261969/microsoft-windows/microsoft-again-forced-upgrades-on-win10-machines-specifically-set-to-block-updates.html
======
yolobey
Oh boy, this happened to me despite using the enterprise edition. The system
forced an upgrade, despite me doing everything to stop it, and every time the
upgrade crashed and I had to roll back to the previous version. Every day.

I spent a month like this, on an always-on system, trying to shut down the
upgrade downloader from the task bar whenever I can after failing to stop it
from settings, group policy, horsing around in powershell etc. Before that, I
had also tried to make the upgrade work by doing it manually, updating
drivers, unplugging all the peripherals etc. but it kept getting stuck halfway
through. So I couldn't upgrade, and I couldn't not upgrade.

Well last week there was an update to the update so I hoped at least the
upgrade would work now and I would be done with this charade. Nope, it crashed
again while upgrading, except this time there was no way to roll back and use
my system. I am torn between cutting windows out completely and going back to
windows 7.

~~~
spystath
I'm mostly a Linux user but I use Windows at work. There is also an additional
Windows computer in my house. Although I can't say I dislike Windows there is
a singular issue with it that really grinds my gears. The OS assumes way too
much about what I want to do. I get it that the defaults are there for the
inexperienced or casual users but there really needs to be a way to tell the
OS "Hands off! I know what I'm doing". I really don't want arbitrary actions
to be made before I consent to them.

~~~
yolobey
Honestly I could tolerate the defaults being heavy-handed towards updates, but
I was really miffed to find out I literally didn't even have an option to not
update, even when it was a system-wrecking one.

------
sevensor
As an HN reader, I believe I am qualified to comment on the strategic
direction of a major multi-billion-dollar software company. By pushing to make
Windows as idiot-proof as possible, Microsoft is zagging when it should zig.
They've basically lost the mass market. The e-mail checking machine in the
kitchen has been replaced by a tablet, and it doesn't run Windows. Their only
hope is to position Windows as the OS for people who want to get serious work
done, playing on their historical strength as the platform for office
computers. To that end, they have to stop taking the people who use Windows
all day long at work for granted, because it's never been easier to find an
alternative, and if they lose the enterprise, Windows is over.

And it's stuff like this I'm thinking of when I say "taking for granted."
Telemetry. User-hostile update policies. Minecraft in the start menu. Pushing
a Microsoft account for desktop login. These things are not office-user
friendly, they do not say, "we take your need to do work on this computer
seriously."

~~~
thirdsun
That's one side of the story.

There are still huge numbers of casual and home users who are much better off
with automatic updates and the reflex to disable them due to being a minor
annoyance has to go.

~~~
sevensor
> There are still huge numbers of casual and home users who are much better
> off with automatic updates and the reflex to disable them due to being a
> minor annoyance has to go.

Outside of gamers, though, most of them couldn't care less about Windows and
continue to use it because it's what came with the laptop. This is an
irretrievably shrinking market. I admit Microsoft is in a bind here. A huge
legacy install base that refuses to apply updates when asked nicely is a
recipe for another Conficker. Their previous success in the consumer market
has turned into a huge liability. But they can't fix that by having a punitive
update process in Windows 10. All those old unpatched Windows 7 machines are
still out there. The same users who don't apply patches opted out of the free
windows 10 update.

~~~
Piskvorrr
Let's take a look at what the "opting out" looked like:

"OMG OMG, there's a completely different _thing_ in the computer than there
was yesterday! Make it go away!! I didn't touch nothing this time!!!" And lo
and behold, there was indeed a completely different OS, without any attempt at
obtaining user consent (or, even worse, _against_ the expressed _denial_ of
consent). Are you surprised that the users "opted out" of further violations
of expectations?

TL;DR: nonconsensual "upgrade" bad; perhaps the tea analogy didn't quite
register with MS?
[https://www.youtube.com/watch?v=oQbei5JGiT8](https://www.youtube.com/watch?v=oQbei5JGiT8)

~~~
sevensor
> Are you surprised that the users "opted out" of further violations of
> expectations?

Not in the least. Like I said, I think MS is terrified of another Conficker,
and they reacted in the worst possible way by trying to coerce people into
applying updates. Worse, not all of those updates were truly for the users'
benefit, and some of them rendered the user's computer inoperable. The not-
unexpected result is that people, especially the less sophisticated userbase
we're talking about, have moved from total indifference towards updates to
moderate distrust.

------
zeedee
\- Ignores options blocking automatic updates \- Installs update assistant on
your machine without permission \- Starts downloading updates without giving
you the option to stop other than killing the process (which just restarts
again in a few minutes) \- Re-installs update assistant if you try to
delete/uninstall or break it \- Re-starts update service within minutes even
if you keep disabling it \- Re-boots your machine without your permission

Those were a lot of "accidents". Some of this behavior was on par with most
viruses I've come across... Seems MS were really desperate to get this update
out.

Will be upgrading to windows 7/8.1 as soon as I get the time(until I am
hopefully able to jump ship to linux).

~~~
chopin
I can only encourage the switch. I switched to Linux Mint recently and it was
smooth even for the not-so-computer-literate users in my family.

------
LifeLiverTransp
Everytime they overcome the carefully crafted group policys and firewall
settings- i ask myself- what is the difference to a rather run down linux
distro here.

The drivers do not work, i have no control over my system, the options they
offer you- are like a toddlers toys- nice buttons to push, which the 'adults'
can safely ignore on every update.

The only thing still keeping me in windows is the ecosystem of software, they
have held hostage. But there is a exit sign glowing brighter every thursday:
[https://www.vmware.com/?PID=3607085&PubCID=2786910](https://www.vmware.com/?PID=3607085&PubCID=2786910)

~~~
John_KZ
The only secure way to run windows at this point is to get an old CD or ISO
and run it in a VM or air-gapped machine. Unfortunately a lot of software
these days ignores the possibility of being disconnected from the internet -
some folks won't even provide a real installer, just a downloader for the
installer.

------
smittywerben
There is an overwhelming amount of "but the users NEED to update" in the
Windows 10 community. Sorry but now users are running random scripts they find
on the internet. This is worse than just "hacking the registry" or adding some
group policy to disable auto-updates.

I need security and no random shutdowns. I switched to linux about a year ago.
Lots of complaints, yes, but no auto-updates.

Example scripts (haven't used any):

[https://gist.github.com/alirobe/7f3b34ad89a159e6daa1](https://gist.github.com/alirobe/7f3b34ad89a159e6daa1)

[https://github.com/W4RH4WK/Debloat-
Windows-10/blob/master/sc...](https://github.com/W4RH4WK/Debloat-
Windows-10/blob/master/scripts/fix-privacy-settings.ps1)

[https://github.com/Sycnex/Windows10Debloater](https://github.com/Sycnex/Windows10Debloater)

[https://github.com/bmrf/tron](https://github.com/bmrf/tron)

~~~
apexalpha
For every person running a script there are thousands now updating their
computers who would've simply clicked 'no' on previous versions.

Win10 is inherently more secure because of these forced updates. Think about
WannaCry... it only worked _because_ people (and organisations) don't update.

Now I understand that some people apparently need a system that will never
update, but I agree with the policy of simply forcing the updates for 99% of
the people.

~~~
chopin
For security fixes, that is. Not for adware, crapware or phone home
capabilities (or resetting your preferences) bundled on top. Microsoft ruined
the benefits of auto-updates for which it should be criticized much more.

I believe Microsoft wants two things: A more homogeneous installation base and
the beloved walled garden with phone home capabilities. Both are directly
adverse to users interests. Therefore people don't want to update.

~~~
Karunamon
I think it’s a bit more mundane than that. Most people aren't putting that
much thought into their computers after all.

I think it's that Microsoft still hasn’t figured out how to do updates without
requiring a reboot. Nobody wants to lose their working state or wait minutes
to begin working to what appears at first glance to be pointless computer
housekeeping.

~~~
chopin
Maybe, maybe not. At work, I am on Win10 Enterprise and have seen content
pretty close to an ad. I can't imagine how it is for a Home user. And, as this
thread shows, things are breaking after updates. I don't believe that only
forced reboots make people think.

------
aplorbust
"A strategy devised by Myhrvold the salesman was just as significant. He laid
it out in a memo to Gates in 1992: "Regular upgrades are important for both
revenue and loyalty...A _feeling of progress_ and improvement is necessary to
keep users loyal...and an important way to produce revenue. Upgrades are the
closest thing we have to an annual fee or subscription."

source: Profile of Nathan Myrvhold
[https://www.1843magazine.com/content/features/myth-
buster](https://www.1843magazine.com/content/features/myth-buster)

~~~
dvfjsdhgfv
Except that in this case they get the opposite result: people are just getting
more and more angry.

------
sidyapa
Windows 10 updates in the past fortnight have consumed 9+ Gb of my data after
failing again and again due to my choppy wifi connection (there's no other
option available as I live in a university hostel). Having limited data per
month, this has made me buy up extra data just to get through this month.
Being a student, internet is indispensable and Microsoft doing this is really
bad on their part.

~~~
KMag
I find it crazy that resumable downloads aren't the table stakes for an
automated upgrade system.

Really, they also should be using erasure codes over UDP with TCP-friendly
flow control in order to make more efficient use of noisy or high-latency
channels.

~~~
exikyut
Huh. That sounds very interesting.

What sort of protocols are used for this kind of thing, and what would I
research if I wanted to do this myself?

------
ShorsHammer
This blew up on r/sysadmin today.

Was a suggestion to null route all Microsoft domains, which is likely a decent
option for an individual or small company. Cant see it going down well at
large scale.

[https://www.reddit.com/r/sysadmin/comments/843esj/for_the_th...](https://www.reddit.com/r/sysadmin/comments/843esj/for_the_third_time_in_the_past_four_months/)

------
some_account
I don't believe this is accidental. It's a strategy to get updates out that
help Microsoft, and then handle the PR afterwards. Most likely this won't get
much attention and Microsoft gets away with it.

~~~
kazinator
Pretty much the same as Mozilla Firefox.

[https://support.mozilla.org/en-
US/questions/993765](https://support.mozilla.org/en-US/questions/993765)

 _" I've tried to disable updates through the settings, and without fail a day
or so later it's updated to the latest version again. Any thoughts?"_

~~~
e12e
Except - you can check out the (old) version you want, and build it yourself?

Optionally disable the update code first...

[ed: there's also Firefox esr for those that need an old (if not ancient)
version:

[https://www.mozilla.org/en-
US/firefox/organizations/](https://www.mozilla.org/en-
US/firefox/organizations/) ]

~~~
some_account
Doesn't matter if a handful of people get around it. The behavior for the
masses will continue.

~~~
e12e
If one person is free to get around it, that person can help other people get
around it. That's why there's four software freedoms, not one or two.

With w10 there really isn't much of a real choice.

[ed:
[https://fsfe.org/freesoftware/basics/4freedoms.en.html](https://fsfe.org/freesoftware/basics/4freedoms.en.html)
]

------
lowlevel
My understanding was you couldn’t block the updates on windows 10. Looks like
in creators update, they offered ability to block updates/and this has been
ignored. As far as forcing updates, it’s kind of a double edged sword... noble
to protect the masses, but honestly it’s been a terrible experience. We had a
small ‘pilot’ team give it a try for a length of time. It seemed almost every
time the updates install, we’re dealing with failed network drivers, no
displays, blue screens and the odd boot failure. Not very good for a
professional services staff under tight client deadlines. We’re not upgrading
to Windows 10 at this time.

------
Crontab
Windows 10 is a total nightmare to those who value the control and privacy of
what is supposed to be "their computer".

------
nunodonato
Aside from those running windows-exclusive software, I'm more and more boggled
at the fact that some people still choose windows over other OSes. I couldn't
imagine living with this sort of crap. To each their own, I guess

~~~
dijit
It's a really nice development ecosystem I'm told.

Our developers write exclusively Windows software (games company) and even
though it costs us multiple millions of dollars in software licenses to run
dedicated servers, the "cost of porting" is high enough to prevent people from
doing it.

~~~
reacweb
No, it is not a nice development ecosystem. Visual studio is a good IDE for
c++ and c# development. Eclipse is slightly better on Windows than on Linux.
In Linux, the whole OS is development friendly.

~~~
dijit
Ok, but you must understand that I'm going on the word of 500~ developers.
Maybe they selection bias themselves for Windows affinity but a lot have
development experience with Linux too and smirk at things like epoll with
absolute derision.

I'm not a developer myself but seeing how they work on Windows is definitely
impressive.

~~~
fzzzy
They smirk at epoll but are happy with IOCP? That seems... unlikely to me.

~~~
dijit
I don't know, like I said, I'm not a developer myself, however I thought epoll
was universally criticised for being poor.

I researched a little after I was told (while pushing linux) that things like
epoll were why they would never use it.

I did manage to convince them to write their storage backend on FreeBSD
because that uses kqueues and has ZFS.

[https://idea.popcount.org/2017-02-20-epoll-is-
fundamentally-...](https://idea.popcount.org/2017-02-20-epoll-is-
fundamentally-broken-12/)

------
ramijames
This is part of why I will never go back to Windows. I want real control over
my personal computer.

------
makecheck
It is possible that their implementation of settings simply sucks, not
checking the off-switch everywhere it should. This is one reason I don’t trust
Facebook’s huge list of “settings” either, for instance. In complex systems
there are just too many ways that a switch can be ignored, even if you _do_
trust the intentions of the developer.

A better solution for this (and Facebook) is to physically block at the
client. And rather than providing “settings”, Microsoft should proactively
encourage this too: the official FAQ for disabling updates should essentially
be specifying the domains and IPs to block in routers for example.

------
dvfjsdhgfv
I always think that the "10 tough questions we got asked" [1] weren't really
tough, and that it's still the same old Microsoft just presenting itself in a
slightly different way.

[1] [https://www.gatesnotes.com/2018-Annual-
Letter](https://www.gatesnotes.com/2018-Annual-Letter)

~~~
some_account
I think nobody who was there in the previous era of Microsoft has any trouble
seeing that they haven't changed. It's just because of a new generation
without experience that they are getting away with rebranding themselves.
People who go for Microsoft today will be locked in to their tech stack as
always after a while.

------
mdekkers
I am so fucking done with Windows. Windows 10 has a lot of cool things I like
and that are useful to me, but the only other time I felt such a complete lack
of control over my systems was during a 3 month Apple Mac experiment (ended
with an apple mac being flung from a 3rd story window).

Research for the coming months: getting Linux running on my Surface Pro.

~~~
boobsbr
You're so fucking done with Windows that you went out and bought a Surface
Pro?

~~~
pritambaral
Could be the parent had a Surface Pro and is now looking to supplant the
Windows on it with Linux.

~~~
mdekkers
That is the exact sequence of events. I'll miss onenote, which was one of the
reasons for buying the surface, but I currently miss not feeling like it is my
laptop even more

------
executesorder66
I really don't understand people who think microsoft has changed. They still
do shady shit all the time.

~~~
colejohnson66
Because while Microsoft is one huge entity, it isn’t run the same in every
department. While one department might be hugely user friendly, another won’t.

~~~
executesorder66
Which microsoft departments would you consider user friendly, and why?

~~~
hungerstrike
Nothing that Microsoft is doing is shady and every department is user
friendly.

There. I've argued my points as well as you have yours.

------
keldaris
Well, the good news is they haven't managed to get through to my (severely
eviscerated) Win10 Enterprise system yet - the only Win10 system I run. Still,
I guess it's time to finally block the relevant domains in the router to be
safe.

After the next hardware upgrade, I'll finally be able to relegate Windows to a
VFIO VM without network access. Looking forward to it more and more.

------
nkkollaw
A few years ago you would have Apple fans bragging about how Apple is so much
better, but now it's just as bad.

You have Linux left, but then again I accidentally removed the wrong package
the other day and I made my system completely non-functional, to the point
that I had to reinstall from scratch.

------
makecheck
A platform company ought to know better: at this point in history, peoples’
entire lives (or companies’ entire data sets) are intertwined with computers.
You are _not_ just talking about a software update anymore, you are directly
inserting yourself into people’s lives/businesses. That means you should _not_
just do whatever the hell you want.

Microsoft doesn’t deserve 44th or 45th chances to get it right with decades of
experience and billions of dollars. Does a law need to change here?

------
kayfox
This is causing turmoil in the Audio-Visual industry when machines cant be
relied upon not to try to upgrade in the middle of live events and critical
times. It kinda sucks to have your lighting workstation or video switcher
workstation have to upgrade and reboot because Microsoft decided to push a
critical update that wont let itself be deffered for the period of time
needed.

------
jeroen
Ironically, I just took a break from work to make a cup of coffee. On
returning, I find that my (virtual) pc is "working on updates".

It feels like the primary focus of Windows is no longer to do what the user
wants, but to do what Microsoft wants.

------
yorby
Thanks to Windows updates, my 70yo dad finally asked me to install Linux on
his laptop...

------
dingo_bat
This is the correct thing to do. They really must avoid another WinXP scenario
where people were running 10 year old builds on internet connected PCs. If you
connect to the internet, your device _must_ be fully patched.

~~~
some_account
Is it your computer or Microsofts? Because I really think the language in
Windows speaks to you as just the guest, while Microsoft is taking care of
your needs like a parent.

I guess I'm very hostile to that idea since I grew up in a time when my
computer was my computer, not the property of an American software
organization to decide for me what is best.

~~~
dingo_bat
It is akin to not getting your kid vaccinated based on rights to freedom. Your
freedom ends where mine begins. And if your botnet infused Windows PC is going
to fuck up my network, I'd say either get off the internet or get your Windows
patched.

~~~
khedoros1
Until your kid becomes outdated, and they stop making vaccines for her, sure.
(I'd have no problems keeping up to date if Microsoft's support periods were
as long as the medical industry's are for my child).

At this point, Windows is going to end up just being my mostly-disconnected
gaming OS when they stop releasing security updates in a little under 2 years.

Windows 10 needs to dump the animated ad tiles and allow complete removal of
their remote-processed speech API. If they're going to continue with forced
reboots, there needs to be some tech where apps run in suspendable containers,
or something. I'm tired of picking up the computer in the morning and trying
to remember everything I had open to work on whatever I was doing before the
reboot.

~~~
dingo_bat
> when they stop releasing security updates in a little under 2 years.

Not going to happen unless MS itself shuts down or they decide to exit the
desktop OS market.

~~~
khedoros1
Are you saying that you think they'll re-extend the Windows 7 extended support
period, or did you assume that I was talking about Windows 10?

~~~
dingo_bat
I am assuming you are talking about Win10. Because you should not be using
deprecated software on the internet.

~~~
khedoros1
Until January 2020, Microsoft is producing security patches for Windows 7.
I'll continue using it until that time. Past that point, it'll be a fallback
for software that I can't get running under Linux (similar to the positions
that XP, 98, and DOS fill for me).

If Microsoft only wants to support new software, they should make new software
that people want to switch to without being tricked, forced, and coerced into
it.

