Security updates for Windows 7 ostensibly end tomorrow, but also officially continue until 2023

[Commodus]

24 minutes ago, jagdtigger said:

Not updating != exposing the machine to exploits. You do that when you are a jackass and open anything willy-nilly....

I'm sorry, but that's a shitty, cowardly excuse.  If you care about the security of your system and those it connects to, you make sure there are no weak links; that means keeping the OS updated and being smart about online behavior.  Not every threat comes from clicking links or opening attachments.

[jagdtigger]

13 minutes ago, Commodus said:

I'm sorry, but that's a shitty, cowardly excuse

More like reality........... (personal experience)

 

/EDIT

Before i jumped ship and switched to linux for my daily stuff and keep my gaming pc as gaming only(exiled onto the iot network where it belongs now) i used win7 as a daily driver. Last time it seen updates was back in 2016-ish. No infections, no hacks, nothing. I had up-to-date AV but it was more of a safety net than actual necessity. Fully up-to-date browser(!= IE/Edge) with no-script and adblock and some common sense. This is all you need to not get hacked. But if someone doesnt have a brain.....

Edited January 21, 2020 by jagdtigger

[Commodus]

1 hour ago, jagdtigger said:

More like reality........... (personal experience)

 

/EDIT

Before i jumped ship and switched to linux for my daily stuff and keep my gaming pc as gaming only(exiled onto the iot network where it belongs now) i used win7 as a daily driver. Last time it seen updates was back in 2016-ish. No infections, no hacks, nothing. I had up-to-date AV but it was more of a safety net than actual necessity. Fully up-to-date browser(!= IE/Edge) with no-script and adblock and some common sense. This is all you need to not get hacked. But if someone doesnt have a brain.....

Personal anecdotes don't represent proof of larger patterns.  That should be pretty easy to understand, shouldn't it?

 

It reminds me of what a friend once said about operating without a backup: you're fine, until suddenly you're not.  In both cases it's easy to pretend you're safe because you've never had an incident, but you're really just making a bet that the odds will work in your favour.

 

Besides, can you imagine an IT security person spouting what you've said to their higher-ups?  They'd be fired on the spot and laughed out of the building.

[Colonel_Gerdauf]

36 minutes ago, Commodus said:

Personal anecdotes don't represent proof of larger patterns.  That should be pretty easy to understand, shouldn't it?

 

It reminds me of what a friend once said about operating without a backup: you're fine, until suddenly you're not.  In both cases it's easy to pretend you're safe because you've never had an incident, but you're really just making a bet that the odds will work in your favour.

 

Besides, can you imagine an IT security person spouting what you've said to their higher-ups?  They'd be fired on the spot and laughed out of the building.

With all due respect, you are wasting your time with such a person who believes in only one way to do things in the world with the academic source of only himself and absolutely nobody else. Especially one who repeatedly exhibits really childish behavior as is apparent in this thread.

[Delicieuxz]

On 1/21/2020 at 10:19 AM, Commodus said:

No, those matters are one and the same.  If the OS updates are so unreliable that you actually dread upgrading, that makes it a crappy platform because one of its core features -- updating -- is effectively broken.  To abuse car analogies, it's like buying a car you don't dare take in for service because the repair process always breaks something else.  It doesn't matter that the car itself is initially great if the maintenance is uniformly terrible.

Installing problematic updates for an OS and using the OS while avoiding problematic updates are not one and the same thing. And products often have a feature that's broken while other aspects of it function properly and usefully.

 

Updating in Windows cannot be a core feature when it is entirely avoidable and the experience of using Windows isn't harmed for avoiding it. You can't tell other people that Windows Update is why they use Windows - and for me, it certainly isn't. Most people don't use an OS for the experience of updating it, but only update it either because they can't avoid it or out of a desire to protect their continued usage of their OS. Updating an OS is anecdotal to a person's usage of it.

 

Everything a person wants to do in an OS is why they use it, and is why they might or might not update it. Updating the OS is done for the sake of serving a person's interest in using the OS - and if updating the OS interferes with a person's interest in using the OS then not updating the OS serves the person's interest. But people don't use an OS just so they can update it. Therefore, updating Windows is not a core appeal of it - Windows has many features, not all of which appeal to every person.

 

I don't see your car analogy as fitting at all. If a car is great but the service a person uses for maintenance on it is terrible, then the car is great but that service is terrible and that service is to be avoided so that it doesn't threaten the well-being of the otherwise-good car. The quality of maintenance service from a company is not the same thing as the quality or capabilities of a vehicle which might or might not use that repair service.

 

Also, a car is taken in for servicing to fix an issue or for preventative maintenance. If taking a car in for servicing resulted in it being broken when it wasn't broken before, then that "service" would be an anti-service and people wouldn't take their cars there. Likewise, people might avoid Windows updates for the purpose of maintaining their OS and not breaking it. In my case, I've found disabling updates to be a successful preventative maintenance measure that has spared me from problems and down-time.

 

Quote

Also, have you forgotten that a compromised PC may contain data for other people, or can be used as a conduit for attacks on other machines?  Willingly exposing your system to those kinds of exploits doesn't make you smart; it just makes you selfish.  It's the digital equivalent of being an anti-vaxxer.

I would say the opposite is true: You're arguing that other people have to risk their PC so that yourself and others can feel safe, disregarding why other people might not update their PC and also the fact that a person's PC is their PC and not yours or everybody else's. And you're comparing someone not updating their PC over real and proven dangers over someone who believes unproven ideas that vaccines will give them diseases. Unless you're saying that vaccines are in-fact proven to pose a threat to people but that it's selfish to not gamble with one's health by taking them anyway, your comment doesn't present an analogy.

 

Your comment also doesn't acknowledge that Windows updates are not the only way to secure a PC from malware threats.

 

What's smart is behaving in a manner that accomplishes what you're trying to accomplish. If a person's interest is running a PC with a minimized risk of downtime and data-loss, while maximizing consistency and stability, then not updating can accomplish that.

[Guest]

W7 users just need an enterprise key. What is it.... 20 bucks on ebay? Get security updates till 2023. Not hard to figure out really. 

 

W10- Merge into the now. Merge Google with Explorer. Merge All devices.

 

Plant chip in brain. Become assimilated.

 

I heard Rumors in the year 2030, Microsoft will implement a shiny new laser eye to each assimilated customer for a discounted price!!

 

 

[leadeater]

45 minutes ago, Delicieuxz said:

I would say the opposite is true: You're arguing that other people have to risk their PC so that yourself and others can feel safe, disregarding why other people might not update their PC and also the fact that a person's PC is their PC and not yours or everybody else's. And you're comparing someone not updating their PC over real and proven dangers over someone who believes unproven ideas that vaccines will give them diseases. Unless you're saying that vaccines are in-fact proven to pose a threat to people but that it's selfish to not gamble with one's health by taking them anyway, your comment doesn't present an analogy.

 

Your comment also don't acknowledge that Windows updates are not the only way to secure a PC from malware threats.

 

What's smart is behaving in a manner that accomplishes what you're trying to accomplish. If a person's interest is running a PC with a minimized risk of downtime and data-loss, then not updating can accomplish that.

You do know you still have the choice of applying updates yourself at later dates when you know issues with them have been resolved. Not installing updates on the month they are released because you don't trust the reliability of the update service is actually a pretty valid thing, something all companies with an actual patching policy do.

 

Never applying updates and applying known working updates are very different things.

 

And yes I know why you and others had your Windows 7 install updated to the date you chose, fact is that's not a viable thing anymore and current and future products have included in them the function you're avoiding and it's not possible to remove them, only try and block it. So for anything newer than Windows 7/8.1 there is no reason to avoid updates for the reasoning applied to that (Windows 7 2016).

 

Unlike the argument about applying current updates to make the system more secure, or others would say potentially more secure, there are known and actively exploited security vulnerabilities with Windows 7 so it's not a theoretical issue. I'm not saying you will get exploited but your system can and AV will not prevent it. Desktops in your home are far less of a risk obviously, laptops on the other hand.

[jagdtigger]

8 hours ago, Colonel_Gerdauf said:

academic source of only himself and absolutely nobody else

And metric butt-ton of companies who still run xp, 98, 95, or even 3.x....... And im sure im not alone with my experience, there are many ppl who got fed up with the bottom grade quality MS nowadays produces but we are forced to use it(in my case i most use MSO for university and the online learning portal runs  proprly only on older IE, bonus point the machines we do the exams on still run 7 to this day because of this).

 

6 hours ago, leadeater said:

there is no reason to avoid updates

Well i would say the 2 update that wiped partitions and files is reason enough for many ppl. (Remember, r=1 users dont ahve the foggiest idea about backups and why they should do it, so reading news about these they will simply look up how to get rid of WU[which is still possible to this day])

Edited January 22, 2020 by jagdtigger

[leadeater]

59 minutes ago, jagdtigger said:

Well i would say the 2 update that wiped partitions and files is reason enough for many ppl. (Remember, r=1 users dont ahve the foggiest idea about backups and why they should do it, so reading news about these they will simply look up how to get rid of WU[which is still possible to this day])

Except you are the one saying never to update and are talking in the context of people knowing what they are doing, you could never update or apply updates when you know they do work. There are quite literally millions of Windows computers updating fine through regimented updating schemes and you can replicate that yourself at home, it is as simple as waiting one month and or n-1. After one month Microsoft would have either resolved what ever issue might been with an update or withdrawn it.

 

If you are capable of disabling Windows updates you are also capable of setting the delay by days option to 30 days, or dropping in to registry or GPEdit.msc and changing what ever you like so you don't get updates in the first 2-3 weeks.

 

 

Percentage of people actually affect by the update problem you mention is very small, it would be even smaller with any setting that differs updates by just 7 days. It also happens to be that it's the obsessive tweakers that get impacted most often, ones more than capable to change Windows update settings.

 

Outright disabling it is literally the most cop out excuse there is. If I don't check my tyre tread depth then they are totally fine and legal and I have maximum grip, hope you don't actually need to rely on those tyres at any point . Like someone already said, it's all fine till it isn't and it never looks good when it was preventable and trivially easy.

[Commodus]

11 hours ago, Delicieuxz said:

Installing problematic updates for an OS and using the OS while avoiding problematic updates are not one and the same thing. And products often have a feature that's broken while other aspects of it function properly and usefully.

 

Updating in Windows cannot be a core feature when it is entirely avoidable and the experience of using Windows isn't harmed for avoiding it. You can't tell other people that Windows Update is why they use Windows - and for me, it certainly isn't. Most people don't use an OS for the experience of updating it, but only update it either because they can't avoid it or out of a desire to protect their continued usage of their OS. Updating an OS is anecdotal to a person's usage of it.

 

Everything a person wants to do in an OS is why they use it, and is why they might or might not update it. Updating the OS is done for the sake of serving a person's interest in using the OS - and if updating the OS interferes with a person's interest in using the OS then not updating the OS serves the person's interest. But people don't use an OS just so they can update it. Therefore, updating Windows is not a core appeal of it - Windows has many features, not all of which appeal to every person.

 

I don't see your car analogy as fitting at all. If a car is great but the service a person uses for maintenance on it is terrible, then the car is great but that service is terrible and that service is to be avoided so that it doesn't threaten the well-being of the otherwise-good car. The quality of maintenance service from a company is not the same thing as the quality or capabilities of a vehicle which might or might not use that repair service.

 

Also, a car is taken in for servicing to fix an issue or for preventative maintenance. If taking a car in for servicing resulted in it being broken when it wasn't broken before, then that "service" would be an anti-service and people wouldn't take their cars there. Likewise, people might avoid Windows updates for the purpose of maintaining their OS and not breaking it. In my case, I've found disabling updates to be a successful preventative maintenance measure that has spared me from problems and down-time.

Updates are an essential part of an OS because ongoing maintenance is an essential part of an OS in the modern era.  You expect your device to work with new hardware; you expect bugs to be fixed; and in terms of security, you expect it to evolve to keep you secure.  It's the plumbing that keeps the OS capable of fulfilling the tasks you want it to fulfill, and adapts as those tasks change.

 

And to clarify my analogy: it was made on the assumption that the service would always be terrible, and that this theoretical car, like all real cars, will eventually break down.  And arguably, Windows will 'break down:' there will eventually be a glaring security hole that must be patched, a bug that comes up that you previously hadn't anticipated, a feature you could use that's only available through an update.

 

11 hours ago, Delicieuxz said:

I would say the opposite is true: You're arguing that other people have to risk their PC so that yourself and others can feel safe, disregarding why other people might not update their PC and also the fact that a person's PC is their PC and not yours or everybody else's. And you're comparing someone not updating their PC over real and proven dangers over someone who believes unproven ideas that vaccines will give them diseases. Unless you're saying that vaccines are in-fact proven to pose a threat to people but that it's selfish to not gamble with one's health by taking them anyway, your comment doesn't present an analogy.

 

Your comment also don't acknowledge that Windows updates are not the only way to secure a PC from malware threats.

 

What's smart is behaving in a manner that accomplishes what you're trying to accomplish. If a person's interest is running a PC with a minimized risk of downtime and data-loss, then not updating can accomplish that.

Talk about twisted logic.  The whole point of the anti-vax analogy is not that I think vaccines are dangerous (I know they're safe), it's that you have to take on personal responsibility to avoid becoming a risk to others -- it's one thing to put your own PC at risk, it's another to knowingly increase the risk to other PCs (or to others' data on your own PC).  It doesn't matter that you don't feel like updating your PC; it's that I don't want my system to come under attack because your unpatched rig became part of a botnet or passed along a virus.

 

And yes, I know Windows updates aren't the only solution to malware threats, but the absolute truth is that anti-malware tools, firewalls and similar defensive measures won't completely make up for a properly updated OS.  Even heuristics won't catch some zero-day exploits; a firewall is not an impenetrable shield.  The chances of being attacked with up-to-date versions of both isn't high, to be clear, but you shouldn't voluntarily introduce a non-zero chance of an attack.

 

Like Leadeater said, if you're really concerned about updates causing problems, hold off on them for a bit before installing -- don't pretend an update is forever cursed and jeopardize your system (plus others) out of stubbornness.  And remember, you're going to experience much more downtime and data loss if your system is attacked than you'd ever experience by spending some time applying a patch.

[jagdtigger]

6 hours ago, leadeater said:

apply updates when you know they do work

Yeah, thats the issue, you dont know. We dont even know whats inside updates since MS wont tell anyone(maybe corporations but thats not public). Its bot a quality and trust issue. If i know a component can have hissi-fits i just shut it down and dont bother wasting time on it. Especially on my gaming PC back then when it was dual boot. It was refusing to upgrade. I just wrote it(win10) off as junk and re-imaged the system with windows7(it was less time than upgrading, dd is pretty quick). Didnt look back ever since. When i read all the issues(especially the ones where it completely wiped linux installs) i was laughing like a maniac at all the idiots who thought forced upgrades are a good idea. Plus i have better things to do than reappying everything twice a year because the OS nullifies and installs/uninstalls stuff at its discretion.....

[startrekdude]

31 minutes ago, jagdtigger said:

Yeah, thats the issue, you dont know. We dont even know whats inside updates since MS wont tell anyone(maybe corporations but thats not public). Its bot a quality and trust issue. If i know a component can have hissi-fits i just shut it down and dont bother wasting time on it.

In general if I wait for it to force an update(restart on its own) I have never had an issue if there is one its usually found out by then and corrected. especially if you wait a month like prev suggested if there is any issue it will usually be fixed by then. If you arnt sure just see if anyone is still having issues and push them back temporarily. Just because updates can cause issues witch is true of any update weather it be phone game or word processor is not a reason to avoid being up to date when you can take reasonable steeps to avoid issues. 

 

That said it is your choice, But as a great fictional captain once said "risk is part of the game"

[jagdtigger]

24 minutes ago, startrekdude said:

That said it is your choice, But as a great fictional captain once said "risk is part of the game"

I would say our whole life is about risks.  Every decision we make a certain risk attached to it.  For me the benefits of not updating outweighs the possible risks involved. I dont go to sketchy sites and only browse with adblock, noscript, plus a few other addons which greatly reduces the risks involved with not updaing.

[leadeater]

2 hours ago, jagdtigger said:

Yeah, thats the issue, you dont know. We dont even know whats inside updates since MS wont tell anyone(maybe corporations but thats not public). Its bot a quality and trust issue. If i know a component can have hissi-fits i just shut it down and dont bother wasting time on it. Especially on my gaming PC back then when it was dual boot. It was refusing to upgrade. I just wrote it(win10) off as junk and re-imaged the system with windows7(it was less time than upgrading, dd is pretty quick). Didnt look back ever since. When i read all the issues(especially the ones where it completely wiped linux installs) i was laughing like a maniac at all the idiots who thought forced upgrades are a good idea. Plus i have better things to do than reappying everything twice a year because the OS nullifies and installs/uninstalls stuff at its discretion.....

Sorry but no that is not a good reason, like I said the thing you don't like is embedded  in the core of the OS now so you aren't going to be avoiding it by not updating. Unless Microsoft actually removes it then that is how it is. You can just not use Windows.

 

Like I said after 7 days the update will be stable or withdrawn. And yes I do know this.

[jagdtigger]

1 hour ago, leadeater said:

Sorry but no that is not a good reason

In case of win7 not getting the backported spyware is one massive reason. In case of 10 as i said i dont have time for its shenanigans, work+university+maintaining my motorbikes, car, and home network is more than enough. Dont need an extra headache....

 

1 hour ago, leadeater said:

You can just not use Windows.

*sigh* Did you even read my post?

 

11 hours ago, jagdtigger said:

in my case i most use MSO for university and the online learning portal runs  proprly only on older IE

Edited January 22, 2020 by jagdtigger

[leadeater]

1 hour ago, jagdtigger said:

*sigh* Did you even read my post?

Yes, my point is you're telling people it's better to just never update. The issues you raised to back that logic has a better and safer solution, wait a minimum of 7 days which you can easily do.

[Colonel_Gerdauf]

 

[Colonel_Gerdauf]

Here is a pro tip for any and all person using a consumer OS (Mac, Windows, any distro of Linux, Android/iOS, etc.) and therefore have a number of applications:

 

Keep everything up to date; delay for up to a week if you need to in order to be fully sure that the update does not have bugs that would affect you. Procrastinating or generally refusing to update till more than a week after release demonstrates your computer illiteracy and potentially also how empty your grandiose positions are. That is why more programs silently auto-update nowadays, and attempting to disable this mechanism in the ANY of the different apps is inexcusably stupid.

 

On a side note, I am growing less convinced over time that the need to hold software or hardware back for "101 percent stability" (I will repeat, this is an invisible pink unicorn concept that is completely disconnected from the reality of the tech world today) in industry/enterprise/military is justifiable in respect to time, manpower, or fiscal management.

[SpikeSpiegel]

https://www.theverge.com/2020/1/22/21076653/microsoft-windows-7-extended-security-updates-german-government-cost-price

 

Looks like the German government is willing to spend around $887,000 just to keep Windows 7 updated with ESU's.

[mr moose]

6 minutes ago, CalintzJerevinan said:

https://www.theverge.com/2020/1/22/21076653/microsoft-windows-7-extended-security-updates-german-government-cost-price

 

Looks like the German government is willing to spend around $887,000 just to keep Windows 7 updated with ESU's.

 

They are, quite a few will be because (as has been pointed out quite a few times already)  there are niche situations within business and large organisations that cannot easily upgrade.    But don't confuse what many people in that situation do with any domestic requirements. 

[MrDaniel1010]

PCs around my school have been switched for Windows 10 recently anyways, so it's no longer in my life except for their servers probably. shrug

[mr moose]

48 minutes ago, CalintzJerevinan said:

https://www.theverge.com/2020/1/22/21076653/microsoft-windows-7-extended-security-updates-german-government-cost-price

 

Looks like the German government is willing to spend around $887,000 just to keep Windows 7 updated with ESU's.

Also the German government is closing down perfectly serviceable nuclear power plants, in favor of importing coal fired power and they think 56.6K is fast enough.  It would not surprise me if they have decided to spend $881K in order to not upgrade $800K of machines.

[Dirtyshado]

9 hours ago, CalintzJerevinan said:

https://www.theverge.com/2020/1/22/21076653/microsoft-windows-7-extended-security-updates-german-government-cost-price

 

Looks like the German government is willing to spend around $887,000 just to keep Windows 7 updated with ESU's.

Is that all...

 

Two of Australias federal government agencies are spending over $8.7 million australian dollars to keep their Win 7 and Windows 2008 servers with Extended Security Updates for another year because they didn't think to upgrade to Windows 10 earlier, on top of the already wasted $5.3 million in the previous years to keep customer support.

 

$14 MILLION AUSTRALIA DOLLARS (9.6M USD / 8.7M Euro) ... Really could of used that money to prevent bush fires :P

 

https://www.itnews.com.au/news/defence-ato-fork-out-millions-to-keep-windows-7-secure-for-another-year-536572

[mr moose]

21 minutes ago, Dirtyshado said:

Is that all...

 

Two of Australias federal government agencies are spending over $8.7 million australian dollars to keep their Win 7 and Windows 2008 servers with Extended Security Updates for another year because they didn't think to upgrade to Windows 10 earlier, on top of the already wasted $5.3 million in the previous years to keep customer support.

 

$14 MILLION AUSTRALIA DOLLARS (9.6M USD / 8.7M Euro) ... Really could of used that money to prevent bush fires

 

https://www.itnews.com.au/news/defence-ato-fork-out-millions-to-keep-windows-7-secure-for-another-year-536572

 

 

Economies of scale/comparison are more than just the currency conversion,  Generally speaking Infrastructure spending in Australia is significantly more than other countries. due simply to how high our wages are. The Germans are only paying for 33K computers, Vicroads alone recently wrote off $97M in canning an upgrade to it's network . god knows how big that network was but it makes $8.7M  look like pocket change.  Now given the defense force makes up the lions share at $6.1M and god knows how many PC's that is for and the extra precautions that they have to take it's starting to look like small numbers. Then on top of that there is the size of the layout of the public sector that are different, I don't even know where to look to get any form of basic comparison that would do these statistics any justice.  Suffice to say when spending looks over kill in Australia, generally it's not because we are bad at budgets or finding a good deal, it's because we have a unique economy and maybe some serious wage issues. 

 

 

 

 

[TechyBen]

1 hour ago, Dirtyshado said:

Is that all...

 

Two of Australias federal government agencies are spending over $8.7 million australian dollars to keep their Win 7 and Windows 2008 servers with Extended Security Updates for another year because they didn't think to upgrade to Windows 10 earlier, on top of the already wasted $5.3 million in the previous years to keep customer support.

 

$14 MILLION AUSTRALIA DOLLARS (9.6M USD / 8.7M Euro) ... Really could of used that money to prevent bush fires

 

https://www.itnews.com.au/news/defence-ato-fork-out-millions-to-keep-windows-7-secure-for-another-year-536572

Yeah, on the Register.com it was commented that that's £/euro 50 per PC, so cheaper than many other installs/upgrades/new computers.