48 comments

[ 2.7 ms ] story [ 106 ms ] thread
> IT professionals around the world should gird their loins for the inevitable friends and family support calls when Windows 11 24H2 makes a surprise appearance, and uncle Fester is surprised that things have suddenly started working a little differently.

I hate this take, UIs changing without user consent or control is just plain WRONG.

I've recently wasted many hours on a machine owned by a family member that crashed randomly with Win10.

It has a Gen2 i5, 16GBs of RAM, and an SSD. A fine machine for a home user, but Win11 won't install and in the end I just reverted to its original Win7.

It would be fine with any Linux. I tested Ubuntu Mate and it ran fine.

It was the last straw. I will never again meddle with Windows.

I wish there was a linux distro for windows mimicry that autowines every exes it can and runs the rest on a internal win7vm. i would pay money for that.
Yeah but if we don't change the UI every few months that MBA who just got hired and is looking for a promotion won't get claps on the back for a good job.
Let's not make "MBA" a generic slur/boogeyman. No MBA ever asked me for a full app redesign. UX designers do all the time, though. No MBA ever requested that we force users to update their software, but the security engineers at my previous companies would have loved that. Yes, business-oriented teams often make our software shitty, but so do technical teams, product leads, and designers.
Given the widespread reports of bugs and the violation of user choice, this is unacceptable and companies like Microsoft can only do it because they face no regulatory action to address the lack of competition
I think in general regulation will go to other direction. Forcing operating systems providers to install security updates and if it mandates other updates that is accepted price for regulators.
This is also what I would expect, and it makes sense to not allow installations to get away with stalling the rollout of security fixes that affect downstreams. The argument of course is whether existing liability is enough of a deterrent that extra regulation is not required.
> This is also what I would expect, and it makes sense to not allow installations to get away with stalling the rollout of security fixes that affect downstreams

We shall also extend this to Microsoft employees: Got an pld car or electrical screwdriver ? You shall update it every two years because it is "out of support" and "insecure".

(comment deleted)
This is basically how windows has worked for consumer editions for years now. The article near the end:

>Almost a year ago, Windows 11 23H2 was rolled out in the same way – the company's support lifecycle means Home and Pro users must be kept up to date, whether those users like it or not, in order to receive support.

Consumer editions are released every year, and are only supported for 2 years, so it makes sense to upgrade people around half-way through that cycle.

https://en.wikipedia.org/wiki/Windows_11_version_history

> in order to receive support

It would be nice if users could simply opt out of "support," whateverTF that means. It sounds like something I don't want, if it means forcibly installing software.

>"support," whateverTF that means

security patches

>It sounds like something I don't want, if it means forcibly installing software.

HN readers might be competent enough to avoid malware even with vulnerable systems, but people like your aunt need all the help they can get. That includes a operating system that doesn't have EoP exploits that allow malicious code to escape from browser sandboxes. Forcing updates by default is probably a good thing. Disabling updates isn't hard if you're technically inclined, and if you can't you're probably better off having a patched system than being mildly annoyed that you have to restart your system every month for updates.

> security patches

You have fallen victim to Microsoft intentionally blurring the line between security patching and software changes. A security fix should never be bundled with or uninstallable without a UI/feature change unless that change is critical to fixing the vulnerability.

Yea, I would almost be OK with security patches being automatically applied by default (as long as there was a clear way to turn them off). I'd grumble about it, because ultimately I should be in charge of what gets installed and run on my computer, and I feel my computer should not do things that I have not deliberately commanded it to do. But just force-feeding me software simply because the manufacturer wants me to run it? No bueno.
>A security fix should never be bundled with or uninstallable without a UI/feature change unless that change is critical to fixing the vulnerability.

That's a nice thought but in practice it's infeasible to keep different branches for different UI/feature sets around in perpetuity. Consumer of Windows only gets 2 years of support, which is short compared to Ubuntu's 5 years of support for LTS (10 years if you pay them), but you can get similar support periods through enterprise contracts. It's also longer than mobile platforms, which only offer 1 year (if that).

> That's a nice thought but in practice it's infeasible to keep different branches for different UI/feature sets around in perpetuity.

So fixing a big here, introducing a bug there. /s

(comment deleted)
> That's a nice thought but in practice it's infeasible to keep different branches for different UI/feature sets around in perpetuity.

They have been doing exactly that since Windows 98. Windows Update used to only auto install security/bug patches and features were optional installs.

Microsoft also has an entire line of POSReady/WEI that gets only critical security fixes with zero other changes. This version of Windows is what runs on ATMs and self checkout machines.

As noted in the article this does not apply to enterprise IT managed systems.

I've got mixed feelings about the type of updates that happen, at the same time with security updates ... I feel like required updates can be justified as far as consumer editions go.

Read this with a smug "eh I still don't have TPM 2.0 so good luck with that", but little did I know TPM 2.0 is no longer a requirement since December 2024[1], guess I am getting upgraded whether I like it or not.

[1] https://www.techopse.com/microsoft-reverses-non-negotiable-t...

If you really want to avoid Windows 11, get Windows 10 IOT LTSC. It's supported till 2032.
The only downside I've discovered from using this version is the inability to install `winget` and thence, Windows Terminal.

I was able to add it at one point but then MS added new barriers and I haven't attempted since.

FWIW, I don't use winget but was able to install WSL/WSL 2/terminal without any issues on my windows 10 ltsc iot edition.
With the MS Store removed too? I don't recall the "wsl --install" commands working out of the box on IOT.
At that point you're technically violating the license, so what does having a 'supported' version even mean?
"support" in this context refers to security patches, not ability to submit support tickets.
there is no source for TPM 2.0 no longer being a requirement - it looks made up.
If your CPU is not on the compatibility list [1], like the i7 7820HK in my laptop, you will not be able to automatically upgrade to Windows 11, TPM or not.

Unless you use a tool like Rufus to patch the Windows 11 installer and remove all (artificial) checks, because then suddenly Windows 11 will even install on 10 year old PCs with a in place upgrade.

[1] https://learn.microsoft.com/en-us/windows-hardware/design/mi...

Except that forcing Windows 11 on to unsupported PC's carries the caveat that once they upgrade chunks of the OS with newer compiler flags (such as the NT kernel) the system is rendered unbootable

https://www.tomshardware.com/software/windows/microsoft-upda...

Granted x86-64-v2 includes the original 2008 Intel Nehalem ("Core" series) and AMD Bulldozer (2011) but it's not unreasonable to assume that they'll slowly "ratchet" up the requirements over time

Please note that the 24H2 update will remove the Mixed Reality Portal and Windows Mixed Reality support. If you have a VR headset it might not work after the update. There are articles that claim that steamvr is still supported but it didn’t work for me.
Take a look at Monado, I just read about it the other day as a WMR replacement; it's early in development and doesn't support controllers yet for some headsets, but could use some more attention. I'm excited that my G2 isn't E-waste just yet

https://monado.dev/

If they force my gaming pc to Windows 11, that is fine. I will set up dual-boot with a linux distro (linux mint or whatever steamOS like option I will have). I will only launch windows to play games, and NOTHING else unless I have to.
I made the jump a couple years ago, and only use GNU/Linux. I scud along the bottom of the game-time graph but I still do play, and only games that I can easily run thanks to Steam and Proton. Eventually I'll unplug completely and just play MeatspaceOS games like Cribbage and Nertz.
The perfect setup for me has been to have my iMac for home work, browsing, design et al, and I have another two laptops, a dedicated Ubuntu for development but not work related stuff, personal that I also use for anything Linux, and a gaming laptop with Windows (latest) just for gaming. That way I don't mess up with anybody else's workloads and I don't crowd the systems with mixed concerns... but I do find that there are things I do super comfortably on each one of these OSs and I cannot just find a way to do them all on the same box
I dual boot currently. If the windows experience degrades too much (I'm still on 10, so idk what I'll think of 11) I might just stop playing games at all. I have had bad experiences with proton, so I wouldn't go that route. Maybe I'd look into console gaming.
A while ago people were still in favor of forced updates for muggles in the name of security.

At some cross-over point of course mircosoft becomes the larger threat actor.

I still have a single windows laptop for VR. Steam VR games don't quite seem to work ok for me on proton yet, sadly. (Most other games do, fortunately). Since that particular laptop only makes very limited network connections, an update is plausibly a net negative for me already.

I'm sort of surprised there's no straight-forward "block windows updates" firewall for the raspberry pi or so, or is that what pi-hole is for?

See also: https://news.ycombinator.com/item?id=42795954

>I'm sort of surprised there's no straight-forward "block windows updates" firewall for the raspberry pi or so,

At least for Windows 11 Pro and above, this is as simple as disabling automatic updates in Group Policy.

Yes, it does work. And it should continue to work because Group Policy is an enterprise feature that Microsoft does not want to violate.

Home users are SOL, though.

2025 is shaping up to be the year of the Linux Desktop, for a good segment of Windows Pro users.

I prefer convenience over the hoops of dual boots and Linux, but even I spent a half-day setting up a dual boot and configuring it with my Steam games.

Far easier next step: Wiping the Windows drive and make it my work and experiment Linux instance.

Side benefit: Building and fiddling with Llama.cpp will be infinitely easier.

I don't think it will be the year of the Linux Desktop, the tale is old as time
At this stage I don’t even know what version I’m on. It just does whatever the f it wants anyway.

Need to find a spare weekend to transition to Linux at some point