This sort of thing is exactly why I have automatic updates disabled on my Windows partition. I've been burned so many times by bad Windows updates breaking stuff. My favourite is when stuff breaks during the "configuring updates" stage after a reboot, leaving Windows in a boot loop with no error codes or anything to help you figure it out. And of course the documentation from MS is utter garbage. Most of the time the only solution I found was to reinstall Windows.
Now I always google around a bit before applying any fresh Windows updates to see of there's any breakage reported.
My Windows install is stuck in a boot loop like this - it spends 10 minutes trying to update and then fails, except maybe 1/3 times it then boots normally. I don't even try to do anything about it, I just marvel at it.
I have a Thinkpad that did something like this, it would try to install updates, fail and eventually boot into some kind of recovery wizard that demanded the bitlocker key. That wizard wasn't able to actually fix anything either but after failing a few times the system finally would uninstall the update. The whole process took over an hour with zero feedback.
I had to switch to Linux just to get a machine I could rely on.
Yeah, I dual boot. I think my efi partition is around 100mb. I forget if Arch puts just one backup kernel in there, but I feel like I saw a lot of garbage in there once that I had to clear out. Maybe that's the problem, will investigate, thanks.
Yeah, 100mb has been insufficient for some windows updates for me in the past. New windows installs create a 500mb EFI, but Windows 7/8 created a 100mb EFI and kept it if updated to Windows 10. Unfortunately resizing it is a pain, as the EFI partition is normally before your Windows partition.
Yeah, it turns out applying updates during boot is bad design. I'm sure plenty of people at MS realise it is, but I guess they don't care enough to fix it.
The last time I had to manages windows I used Unattended to wipe and re-install to a base level. I found that diagnosing and troubleshooting was not worth the effort.
no idea. This was the early 2000s. I'm sure it's based on the same thing.
I set-up a netbsd box as the server and could hook up as many laptop as I had network ports. I would then just hit the enter key or perform a few manually steps when things couldn't be automated.
I'm sure it's all based on silent install or the /s switch for install.bat.
If my memory is working.
if you're at a point you need either of them, just hire someone too work on the oem scripts.
for personal use, not really worth it imo
if you're installing the right version of windows (Enterprise ltsc) it's already one click install. and your applications will change every week anyway.
This is really bad advice—don't follow it. Zero day vulnerabilities are a thing, and you intentionally prevent yourself from getting those fixed quickly. Running critical software without updating may have been possible in some distant past, but it isn't any longer: You will catch an exploit or crypto locker at some point.
Microsoft abusing its update mechanism to pushing crap is nothing new, but downright refusing updates ins't the answer either.
When a windows update destroys your install, is it really any different from actual malware? I consider it one and protect myself accordingly.
At least you can be careful about the rest with adblocking, sandboxing and being irrelevant enough to not make your machine a target for anyone competent, which gives you a pretty great chance at avoiding them. If you keep built-in malware (and in recent versions, also spyware) running, then getting screwed by it is a certainty. Personally, I'll take my chances and I think the average HN user would not have any problems doing this, but I wouldn't really recommend this approach to someone that's not tech savvy. I'd give them a Chromebook instead.
> At least you can be careful about the rest with adblocking, sandboxing and being irrelevant enough to not make your machine a target for anyone competent, which gives you a pretty great chance at avoiding them.
That maybe used to be a thing, but isn't anymore really: There only needs to be a single, unpatched vulnerability in your network stack, the multitude of devices around you, whether at home, work, or in a cafe, none of which you control, might exploit.
And one more little piece of trivia; high levels of expertise usually come with increased negligence on the basics, because you're less careful. This affects pilots and nerds alike; just think of Ross Ulbricht.
Windows updates are too dangerous to trust automatically. I've been burned to various degrees too many times to think otherwise. If Windows is too dangerous to use without automatic updates, then it's just too dangerous to use, period.
Yeah all it takes for to drop dead is a single blood vessel bursting in one's head, one careless driver, one wrong thing eaten, one wrong step and you fall and break your neck.
It's always one unlikely thing. I don't think living in such paranoia is a life worth living tbh. Some small risks you just accept to live normally, and 99.9% of the time it'll be alright. With 2FA and other multi device safeguards the risk is acceptable. Frankly authentication for things has gotten so bloated that even the actual user has a hard time logging into things these days.
Frankly I'm more worried about losing or damaging my phone, if that happens then I'm far more screwed and it's a risk we all accept every day. I keep it in aluminium armour to de-risk :)
> I thought flatpak would fix this on linux, but every time I flatpak itself updates half of its apps break with mysterious error messages and refuse to launch until they're also updated.
Linux oldheads could've told you this would happen before the project was even created. We solved package management and dependencies in the 90s and no one has improved on it since. Just stick with stuff in your distro's repos. If it's not in the repos, don't use it. Problems gone.
Going for a windows build with wine instead of the Linux build sounds completely crazy, but then again Proton works exceptionally well on Steam so this might genuinely be the more long term stable option. I'll have to try that out lmao.
Now I always google around a bit before applying any fresh Windows updates to see of there's any breakage reported.