Windows 10 Ameliorated Ordered to cease operations due to LTT video

[Master Delta Chief]

I think we can all agree on that updates from any operating system out there can break certain functions or have bugs that can cause major issues to the end-user, but majority of the time it only happens to a 'small, handful' of users. If you know that a certain  update is known to cause problems, just delay it for the time being (or test it in a sandbox environment if you're desperate) or have updates in general delayed for 30 days. That said, keep your any hardware that is connected to the internet up to date, plain and simple. People that are advocating that the regular user out there shouldn't update their system, please think again.

[leadeater]

9 hours ago, jagdtigger said:

Everyone jumps into the well, will you jump after them?  Just because everyone uses it it wont make it a good SW,  far from it.

Better to have a well to drink from than to die from not being able to drink 

 

Linux just is not better here, at all. It's at the current rate at least 2 decades away from being a corporate client OS replacement and that's if they actually try and push management features in to the OS so you can actually do what is required.

 

Linux world is also full of crap software too and it doesn't help to have 25 flavors of the crap either.

[leadeater]

7 hours ago, emosun said:

I have to admit , I'm quite enjoying that the "always update" people don;t actually relize theres a big difference between managing 100 machines in an office building with inexperienced users vs a single computer sitting at a house on no network.

basically the two sides are clashing and not figuring out that the two situations are different and therefor have no relation to each other. lol

Yea well if those home users would stop inserting "enterprise" and "corporate" in to their posts there wouldn't be a problem now would there. Those who start it shouldn't be throwing the first rocks when challenged.

 

Also yes I very much realize there is a difference, literally in one of my posts.

 

Plus no you can always update and be fine, just don't do it day one or even week one. There is no reason not to with this context applied. "I don't want to isn't anything more than your personal opinion", it's not actually a sound justification as to why people don't need to, they are quite welcome to not. We can all do as we please, nobody actually really cares outside of giving bad advice.

[jagdtigger]

10 hours ago, leadeater said:

Linux just is not better here, at all. It's at the current rate at least 2 decades away from being a corporate client OS replacement and that's if they actually try and push management features in to the OS so you can actually do what is required.

AFAIK it can join a domain so IDK what extra mgmt you want....... (/edit im genuinely curious)

 

10 hours ago, leadeater said:

Linux world is also full of crap software too and it doesn't help to have 25 flavors of the crap either.

Maybe but i had way less issues with my linux machines/vm's than anything that runs windows. As for flavors either use debian/ubuntu(/pop_os). The most popular flavors are branching off of these two.

[jamiethomaswhite]

I don't have much to add to this that hasn't probably already been said, just that: If you think Microsoft is willing to collect data (spying or not, anonymous or not) what the hell do you think a bunch of guys in their bedrooms are going to do, should a nefarious actor offer them something in return for data? I suggest anyone that thinks Microsoft, who are legislated and governed on so many levels that it must be painful for them to even exist, is less trustworthy than some random on the internet... you should probably read the news more often. And I don't mean THE news, I mean find reliable tech news from several sources as well as opinions from those immersed in it and inform your own position. In short: think again.

 

Personally, I love this sort of stuff and it was fascinating to know more. It's super hard to find out about this kind of stuff as Google, as much as Microsoft, work pretty hard to bury it and surface some other... stuff. I'm grateful to the video for bringing it to light.

 

I'm also grateful it drew enough attention to get shut down. I don't care who you are and what your reasons, if you aren't running this in a VM that is not in any way connected to the rest of your network and personal computing, THEN YOU SHOULDN'T BE RUNNING IT AT ALL. Leave it for the people that know what they're doing, as well as understanding that there are ways for you to do all of this yourself. Some of those ways are even automated, so you just have to tick boxes or run scripts. Scripts and software that are open-source and vetted.

 

On top of that, if it gets enough attention (which by this point it truly has over the years) Microsoft will have to respond, no matter how delayed/belated. I hope that means, in the future, that we'll get a version of Windows like that which the Xbox runs on. A minimal, lean form of Windows that can (and really already should) sit alongside the Enterprise, Server and enthusiast (Pro) editions. Windows Home Basic should mean just that, and there's no reason there can't be a "Gamer Edition", it would make for superb marketing. It highlights just another way that Microsoft are and always have been aloof and distant from the actual users and the community. I'd personally call them dangerously out of touch, after their courting of Tik Tok. If I was a shareholder, I'd be selling up or extremely vexed at the very least. But that's exactly why I'm not into shares, too much politics and ethics to get filthy rich 

 

Instead, I'm just going to leave some links here for people and projects that already do all of this and more and deserve the recognition, most of which you can vet and execute yourself. These are some of the most useful or up-to-date things I've found in my "messing about". Some I can't recommend; Blackbird, Tron, WPD, W10 Privacy are all great but some do irreversible things if you aren't careful, others counter-intuitively lock settings behind Group Policy leaving you to go through the process of undoing it before you can make simple changes via the usual Windows channels. Some things are less well proven (Timer Tool and Empty Standby List) and others I could no longer live without (Autohotkey, QTTabBar, RightClicker, CompatibilityManager).

 

Anyway, here's a link list with everything I've found over the years. One day I'd like to write all these up together myself in a guide and/or make an app that allows you to do everything, safely (in a way that can be rolled back with one-click) and securely obviously, but most of all easily. One day... TM.

 

I call this LOU'S List

(I don't actually know anybody named Lou but it stands for "List of Useful 5H17 List"):

 

https://linkslist.app/oJ0lUjU

 

[Arika]

22 hours ago, jagdtigger said:

Maybe but i had way less issues with my linux machines/vm's than anything that runs windows. As for flavors either use debian/ubuntu(/pop_os). The most popular flavors are branching off of these two.

Conversely I've had way less issues running Windows than in my time running Linux. It took me 3 days to get hardware acceleration working on my htpc for decoding streaming data, trying both manjaro and mint.

 

both OS'S are good, neither is inherently better than the other. People prefer one over the other, and that's fine, I strongly dislike the fanboyism (in general, not from you or this thread) in the tech world where people argue for their preffered product and hammer down anyone that disagrees

[jagdtigger]

15 hours ago, Arika S said:

I strongly dislike the fanboyism

Im just totally disgusted from windows. Maybe linux has some caveats but at least it honors your settings and program choices unlike some other POS......
(Bonus nail in the coffin for windows: i can pretty much safely enable auto installing security updates without fearing it will bork the system on linux systems i maintain.)

[blitzduck]

Not surprised since it's definitely piracy no matter how you spin it. That said, as a poweruser there was no way I'd ever ditch DX12.

[tridy]

I wonder what would happen if they share not the image but a script or application that strips down (extracts, modifies and packs back, for example) the original ISO instead of actually sharing the modified OS image, and opensource it

[jamiethomaswhite]

19 minutes ago, tridy said:

I wonder what would happen if they share not the image but a script or application that strips down (extracts, modifies and packs back, for example) the original ISO instead of actually sharing the modified OS image, and opensource it

https://msmgtoolkit.in/

I'm testing this atm myself. Comes from MyDigitalLife forums and their community, so pretty good people behind it.

[Exty]

well corporate is switching windows 7 to windows 10 right now or transitioning i guess Because of eol on windows 7 and people who say linux anywhere proffessional ?  you guys are funny they will give you a windows 10 machine and if you ask really nice because you just "cant be bothered to learn anything else" they will give you a mac. a linux based machine? yeah no

[saladking]

I'm personally glad they made a video on it! I hadn't heard of this project before watching it, and now I use it on my laptop, and its pretty awesome! Yes, its a bummer the pre-built ISO is gone, but honestly, as long as the project still exists, I don't see why its such a big deal. The way I see it, its a good thing that he helped spread this project to people who may not have known it existed, and even if the LTT video had something to do with the removal of the ISO, and I think he should continue to make videos on cool stuff like this.

[1c3z3r0]

On 9/6/2020 at 4:47 AM, Jasonv23 said:

Anyone1 know where I can get the torrent?

 

On 9/6/2020 at 4:23 AM, wamred said:

Yep, this sounds about right. That sucks tho. I was going to try this I'm not sure if I want to do this myself but yaknow. 

 

On 9/6/2020 at 6:59 AM, avatarmanz said:

Does anyone have a working .torrent link or file? The one on their website doesn't work either.

 

Archive dot org have a pretty big library of stuff ;)

[TopHatProductions115]

Can't wait for MS to start cranking up the amount of telemetry they shove down our throats, in response to this :3

/s

[Jito463]

On 9/8/2020 at 2:49 PM, SansVarnic said:

Lets use some common sense here and a proper understanding of how the legal process works.

A cease and desist order must be signed off by or approved by a Judge or an Adjutant.

Order, yes.  Letter, no.  I know this has already been addressed, I'm just a little late to the party.

On 9/9/2020 at 4:27 AM, Delicieuxz said:

There are C&D orders and C&D letters. Microsoft can write and send-out their own C&D letters without government or court involvement.

 

https://www.investopedia.com/terms/c/cease-and-desist.asp

https://www.upcounsel.com/cease-and-desist

 

Though, the OP doesn't make clear which the Win 10 Ameliorated project received. They could have received a C&C letter and reported they've been ordered to stop distributing their modified Windows image.

Precisely.

On 9/10/2020 at 6:57 PM, emosun said:

The implication that some lone machine directly connected to a modem with no network or even users can somehow get a virus just sitting there is the sort of misinformation that makes people in that situation hate these terrible updates that have no relation to their setup.

If you really believe that, then you must be young enough not to remember the Sasser and Blaster worms that devastated Windows XP machines.  Those are major part of the reason Windows has a built in firewall now (while technically one existed prior to SP2, it wasn't on by default).  And while Windows does come with the built in firewall to prevent these sorts of worms from happening again, there's no guarantee it'll be 100% foolproof in doing so.  No software is 100% certain.  Not a single one.

[leadeater]

7 hours ago, Jito463 said:

If you really believe that, then you must be young enough not to remember the Sasser and Blaster worms that devastated Windows XP machines.  Those are major part of the reason Windows has a built in firewall now (while technically one existed prior to SP2, it wasn't on by default).  And while Windows does come with the built in firewall to prevent these sorts of worms from happening again, there's no guarantee it'll be 100% foolproof in doing so.  No software is 100% certain.  Not a single one.

Also way back with dial-up modems the PC got given the public IP directly, no NAT. Having NAT in place now days is probably the single most effective thing to stopping rampant remote compromises.

 

You put a PC on the internet directly with no NAT even with a half decent AV and it'll get annihilated, 100% guarantee it will.

[jagdtigger]

4 hours ago, leadeater said:

Also way back with dial-up modems the PC got given the public IP directly, no NAT. Having NAT in place now days is probably the single most effective thing to stopping rampant remote compromises.

 

You put a PC on the internet directly with no NAT even with a half decent AV and it'll get annihilated, 100% guarantee it will.

I think you are mixing up NAT with firewall.......

[leadeater]

6 minutes ago, jagdtigger said:

I think you are mixing up NAT with firewall.......

No because default firewall has a lot open because it needs to be, NAT is the reason

[jagdtigger]

5 minutes ago, leadeater said:

No because default firewall has a lot open because it needs to be, NAT is the reason

What you need in that case is a proper firewall not NAT, NAT just breaks things and was designed as a stop-gap measure to delay the exhaustion of ipv4 addresses. It was never designed for security.

[leadeater]

14 minutes ago, jagdtigger said:

What you need in that case is a proper firewall not NAT, NAT just breaks things and was designed as a stop-gap measure to delay the exhaustion of ipv4 addresses. It was never designed for security.

No NAT is still a perimeter defense and is effective at what it does, even though it wasn't designed for that purpose at all. Giving direct access capabilities from the internet to your computer is currently and likely will be for a long time risky. IPv6 designed and compliant routers actually take those risk factors in to account and are designed to protect you, IPv4 ones are not. People simply are not going to be using "proper" firewalls at home, all they have is ISP provided and those for IPv4 offer zero defense because they assume NAT is in place and thus protecting you, again not designed for it but it does.

 

Edit:

This is how dial-up computers back in the day got destroyed, public IP directly on the computer relying on the security of and only of the computer and none of the AV and firewall software at the time stopped major viruses and malware. They did eventually but eventually is too late for those who had been hit already.

[jagdtigger]

16 minutes ago, leadeater said:

No NAT is still a perimeter defense and is effective at what it does, even though it wasn't designed for that purpose at all.

It has some side effects thast relate to "security" but calling it a perimeter defense is a overstatement.  NAT in itself wont protect you from anything, if someone finds out the IP range behind it you are done for. What is needed to really protect you is a FW, which by default will drop any unsolicited traffic from the internet.

[emosun]

20 hours ago, Jito463 said:

If you really believe that, then you must be young enough not to remember the Sasser and Blaster worms that devastated Windows XP machines. 

oh hold on , let me just time travel back to 2004 so your point will be relevant as the planet isn't running xp anymore

[Jito463]

2 hours ago, emosun said:

oh hold on , let me just time travel back to 2004 so your point will be relevant as the planet isn't running xp anymore

If it happened once, there's no guarantee it can't happen again.  Stick your head in the sand if you will, I prefer caution over illogical disregard.  I'm not talking full blown paranoia, but some precaution isn't uncalled for.

[leadeater]

12 hours ago, jagdtigger said:

It has some side effects thast relate to "security" but calling it a perimeter defense is a overstatement.  NAT in itself wont protect you from anything, if someone finds out the IP range behind it you are done for. What is needed to really protect you is a FW, which by default will drop any unsolicited traffic from the internet.

No finding out the IP behind your NAT will do nothing at all (already trivial and your browser gives this information out as it is so....). Unless you are creating DNAT and SNAT rules knowing your internal IP range does nothing, just like it does with IPv6.

 

I don't think you understand the problem, or how NAT works, or how you'd get compromised.

[emosun]

3 hours ago, Jito463 said:

If it happened once, there's no guarantee it can't happen again.

hmm thats true , we better all update our windows xp machines that we're all using right now then