NoelC

Are sheep proud of being herded? Some, however... -Noel

Reminds me a bit of the old Get Smart series, where they poked fun at escalating countermeasures (recalling the "anti-anti-anti-missile-missile-missile"). -Noel

Locks up for me too, but only after a second reboot - not on the first boot after the in-place upgrade that brings in 14257.1000. Seems to me it only locked up after getting the symbols, though. Might be a situation where it is taking the wrong path when the symbols are in and it doesn't even try if not? -Noel

MaxXPsoft, I wasn't able to reproduce the issue where you saw the procedure run through and leave the Apps installed. For me they were all removed the first time. I'll keep looking, but for now the only thing I can think of is that I did put several different versions of the batch file online... It's possible you didn't use the very latest one. I've updated it at the link I posted above. Jaclaz has made some good suggestions that I'm still going through. There will likely be further updates. -Noel

I always read it as "Windows - Bite This!" -Noel

God knows. At one time I'd have said "go ahead and get it". But this time is not that time. I can only tell you my choices: I'm not taking any more Win 7 or 8.1 updates myself without a hard reason to do so. There's nothing keeping them from shoehorning stuff into an update that has nothing to do with the subject material. All bets are off now. If I come up with some new piece of software that can't run because the system isn't providing something I'll re-evaluate whether to take an update. Any more it's all about managing risk without knowing enough to be confident in your decisions. I'm of the opinion there are a lot more risks we don't know about than those we do, so I plan for disaster (think backups, spares, etc.) as well as do all I can to avert it. -Noel P.S., Woody Leonhard thinks it's okay... http://www.askwoody.com/2016/ms-defcon-3-patch-but-watch-out/

But think about it. If your phone was stolen and just swich id-unit the phone was accesseble (for the thief) how fun is that. As bay a new iphone all your data is saved safe in icloude. I think it's great... I understand the issue, and I'm all for making those who are irresponsible with their precious high tech hardware pay for the privilege, but to get into a situation where you can prove the phone is yours, but you've had to have it repaired in a situation in which you had no alternative is a bit much, don't you think? Seems to me the underlying message here is that Apple service is circling the bowl. It used to be considered good. That some stuffed suit would come on and claim "it's all necessary in the name of security" is just so much whitewash. On another subject, if you think anything in a "cloud" is "safe", you're possibly just a bit brainwashed. -Noel

Just goes to prove that folks need to come to the decision to either accept ONLY security updates, or no updates at all. "Security updates" are generally patches to bugs they have had in the system for a long time (and haven't hurt us up to now), and possibly even more importantly, are coded by the very same people who are trying to force software on us. Terrible things can be done in the name of "security". -Noel

Woody's good, no doubts there, eh? Maybe old news now... He's warning against blindly accepting a new "Mystery Patch": KB3123862 See: http://www.infoworld.com/article/3030211/microsoft-windows/experts-recommend-dont-install-microsoft-patch-kb-3123862.html I don't know about you, but stuff like this just makes me want to trust them implicitliy again, right? I mean, they only have our best interests at heart, right? -Noel

Yes, those go together fine. Big Muscle's software uses the information in the .layout file to map the theme atlas graphics to the needs of the OS. -Noel

Fair enough. For those concerned also with tracking and the download of malware, a bit more aggressiveness seems prudent. -Noel

Yeah! Even though the main forbes.com window opens up on the same "You're using an ad-blocker" page, this still works (with FireFox, but not IE). In your eye, ad mavens! -Noel

Where's there a 14257 ISO I can try with? Please PM me if you'd rather not make it public. -Noel

That reminds me, I need to tidy up and share the tools I use to generate the blacklists I use (for hosts and for my DNS server, which are a little different). I'm surprised at how actively managed the online lists are now. For example, looking at the logs I see that just today many hundreds of domains were added. Stuff like welllsfairgo.com, which sounds a lot like it must be a scam site. -Noel

I suspect your blocker may not be perfectly effective at blocking ad, tracking, malware, etc. sites, then... Here's what's specifically blocked on that Forbes page for me: http://b.scorecardresearch.com/beacon.jshttp://stats.g.doubleclick.net/dc.jshttp://www.googletagmanager.com/gtm.js?id=GTM-NMQJM4&l=dataLayerFDChttp://tags.bluekai.com/site/3536?ret=js&phint=channel%3Dads&phint=section%3Dwelcome&phint=member%3D&phint=partner%3Dhttp://contextual.media.net/bidexchange.js?cid=8CUX956JU&_=1454788174081http://rt.liftdna.com/forbes_welcome.jshttp://www.googletagservices.com/tag/js/gpt.js?_=1454788174088http://contextual.media.net/amedianet.js?cid=8CU2T3HV4&fpurl=http%3A%2F%2Fwww.forbes.com%2Fsites%2Fgordonkelly%2F2016%2F02%2F05%2Ffree-windows-10-true-cost%2F&frurl=&_=1454788174089Yeah, I want all of them to have information about what I'm doing online. NOT -Noel

Techno-authoritarians... In the voice of Jake Lonergan (Daniel Craig, Cowboys And Aliens): "Good words." -Noel

LOL... Click [ CONTINUE TO SITE> ] and see... Hey Forbes, take a hint: Your content isn't interesting enough to suffer through the ads. -Noel

Thank you. I aim to make it turnkey. Jaclaz has been suggesting that I make less use of 3rd party tools, though of course SetACL and SQLite3 will be needed. Generally speaking it's a good idea, as ultimately the thing really should be utterly self-contained. I welcome specific suggestions (i.e., code snippets to replace the code that's there). Meanwhile, I'm still trying to get all the "meat" needed into the thing. It doesn't yet, for example, disable services and scheduled tasks that are certainly not needed after the Apps are removed. -Noel

Thanks. So one has to actually install the Gnu Toolkit or at least carry a few more components along in the .zip file. My bad. I can't explain the reappearance of the Apps in Powershell after a reboot yet. At the end of the batch file it lists the Apps and Provisioned Apps. Did it list them for you the first time? Or did they actually come back? Correct me if I'm wrong, but if I CD to somewhere then the current directory won't be in the place where the rest of the files are, assuming the user has extracted them all into a particular place. Besides, All I get from CD /D "%~dp0" is an error ("The system cannot find the path specified."). What am I missing here? Is this something that only works on UAC-enabled systems? Edit: Did some research. I see, CD /D "%~dp0" puts you in the folder with the batch file. Perfect! Thanks for sticking with me while I got over that particular episode of being dense. -Noel

I'd also suggest that they want allow a minimum amount of customization to SAVE money on support, but that's just a guess. Windows as a Service works best (at all?) if every system everywhere is the same, and only a limited set of applications are allowed to run. We've seen the golden age of general purpose computing. That will probably be shifting more and more over to Unix. -Noel

Heh, the things you can do in the name of "security" are horrendous indeed. -Noel

That's kind of an overstatement. Any competent hacker can get Win 7 or 8 installed on a Skylake-based system. It's already been done. I hope you don't think Microsoft's "support" is necessary. And for what it's worth I have a 12 core workstation running Win 8.1 that's powerful enough to be pertinent for quite a while. Probably until 2020 at least. At that time, who knows what'll be available. Maybe Microsoft will have had to make Windows 10 useful. -Noel

Thing is, without Big Muscle's software supporting the translation between graphic elements in the PNG and the needs of the OS, it gets too tedious to keep changing the graphics to match. Microsoft's strategy is to wear tweakers down - quite clearly - and it's working. -Noel

Exactly on point. Windows can still give us value if you take the time to shut out all the value it's giving them at our expense. This isn't really fundamentally new... It's been a long time that a tweaked Windows setup can be a good bit better to use than a box stock Windows setup. I strive to only ever install my OS once. I don't see it as a given that it must be reinstalled all the time. If you do a lot of experimentation that disrupts your system, consider getting a virtualization package. -Noel

I'm glad there are people who care about Windows communications. I can confirm that they ARE numerous out of the box. It's been so since Win 8.1, and even Win 7 did a fair bit of it in stock trim. I have taken the approach one step further: As I detect it trying to communicate, not only do I figure out who it's trying to communicate with, but also I figure out how to de-configure the attempt. At this point I have Win 7, 8.1, and 10 (build 10586) to where they really don't try anything unexpected. There ARE some normal communications that are expected - for example to check certificate chain validity. I have those whitelisted. Anything else it tries to do I will hear about. The only limitation I'm running up against right now, and there's a fix coming, is that it takes a bit more than 40 whitelist rules to accommodate the needs of Win 8.1 in an ongoing fashion, and the Sphinx firewall has a limit of 40 (the author has promised to increase it). I'm still working on a strategy for long-term whitelist maintenance (i.e., when do you know a server no longer needs to be whitelisted? When Windows doesn't try to contact it for 6 months? When it goes offline? All of the above?). -Noel