Mostly running Windows 7 Professional with latest patches from Microsoft. Had an HP Laptop with Windows 10 Home Edition where the hard disk failed. So, got another HP, with Windows 11 Home.
I'm a traditional Windows user and am writing software in .NET, IIS, ASP.NET, SQL Server. My most important tools are Rexx for a scripting language and KEdit for my text editor. I don't want Windows to be more like a smartphone.
Microsoft made a lot of changes from 10 to 11, and for my traditional usage made Windows too different to use. Bluntly I have to regard 11 as unacceptable for my traditional usage on 7 and 10 and am eager to replace 11 with 10.
Sooooo, I'm ready to pull hair and scream trying to find a way to install a genuine, 100% authentic, dyed in the wool, DVD, SSD, SEO, whatever, I can use to install 10 on my new HP.
I also do .NET but I went with Linux instead. Something Ubuntu based like POP OS or just plain any of the official Ubuntu flavors did the trick for me.
Heck for fun I migrated a .NET 3.5 project thats been untouched for centuries all the way to the latest all on Linux, and it looks like it worked with barely any issues.
Versions of Linux seem to have a lot of value and are real competition for all the versions of Windows.
But I decided to concentrate on just one operating system and there picked Windows. Otherwise I want to concentrate on my needed software development, the inevitable system management, and, then most of all, the business itself.
I'm guessing that, whatever frustrations, Windows will be able to support the computing for my business.
>I'm guessing that, whatever frustrations, Windows will be able to support the computing for my business.
Azure/.Net SRE/DevOps whatever person here. I wouldn't be that confident in that bet.
Windows Server, if you look at change log for each version, it's not a ton and IIS hasn't seen any love for a while. While Microsoft will continue to offer it, it's mostly in maintenance mode.
.Net (Core) team is clearly over Windows. I've talked to Microsoft developers on this several times, they have been extremely upfront about it. Linux is preferred operating system for running .Net. Performance is much better, testing is better and it's cheaper which is massive positive. .Net powers a ton of Azure and Linux is first choice.
Speaking of other Microsoft Technologies, SQL Server is getting worse and worse and I'm seeing more and more .Net convert to MySQL or PostGres. Proget, the king of .Net Software Packaging is moving to PostGres: https://blog.inedo.com/inedo/so-long-sql-server-thanks-for-a...
I agree, I gave up on Windows since the deployment target for .NET services (web, etc) are now fully Linux, at least in my case. Linux is a known OS and there's thousands of experts. We can see under the covers and get a deep understanding. I highly recommend you install Linux on an older laptop and try it on your time off. As for package management, in terms of .NET its just nuget still, in terms of installing packages, there's UIs for them, but yeah you do need to sit down and read about it so you have some familiarity for when something goes wrong, which in the case of Ubuntu / Debian is only really the case if you're installing packages not maintained by them, Debian has insanely strict rules on what they consider stable, which means you get a slightly "dated" set of packages, but the confidence that your OS will not blow up out of the blue.
What pushed me over the edge to Linux was Windows Defender sends files to Microsoft for analysis, but there's no audit trail for what those files are. It could be my PII for taxes, could be highly proprietary documents for my employer / company. I have no way to know what the heck their heuristics or whatever has seemingly found suspicious and uploaded.
> What pushed me over the edge to Linux was Windows Defender sends files to Microsoft for analysis, but there's no audit trail for what those files are.
Gads. I should look into that. Yup, one more item on my system management TODO list.
Here's some good news: your license for Windows 11 is probably good for Windows 10 as well. Grab a Windows 10 install media from Microsoft and do a clean install on the drive.
That's for the IoT variant, which is further segmented into incrementally expensive editions depending on the CPU you want to use it with.
And good luck finding somewhere to buy a single license of that. And even then, there's a high chance software you use (browser, IDEs, ...) will not keep getting updates after 2025.
Extended support ended in Jan 2020 and the paid ESU support ended in Jan 2023 [1]. Are you sure those updates aren't just defender/AV definition updates rather than actual OS updates?
My understanding from a lot of Google/browsing is that my new HP has will a Windows Product Code in the BIOS (or UEFI) and, from that product code, will permit installing either of Windows 10 Home or Windows 11 Home.
Right.
Thanks for the URL. That is for
"Create Windows 10 installation media"
and
"...download and run the media creation tool."
Believe I did try that. Soooo, tried to run that "tool" on Windows 7 Professional, taking the option to create media for "another computer", but got a message that now that tool won't run on 7.
So, looks like I should try running the "media creation tool" on my new HP with Windows 11. Then use that "media" just created to install 10 on the new HP.
While doing that work, also create install media for Windows 11 just in case at some point would be glad to have it.
I think a more ultimate "just in case" is downloading the ISO image file which is what you would need if you were going to burn a traditional Windows installation DVD-ROM.
The ISO file just sits in a folder like a last resort installation backup, but it can then be used to create a fresh bootable Windows installation USB stick (or DVD) any time from then on without need to access the internet after that.
Well you might want to use a program called Rufus which will more conveniently turn a Windows installation ISO into a bootable USB drive than the Media Creation Tool anyway.
Plus IIRC, Rufus would run under Windows 7, but you will need to use last year's version of Rufus, look at this page of current and past versions:
You will see that rufus-3.22.exe from 2023 is the newest thing that was intended to run on W7, so download that, download the W10 ISO from Microsoft, and you can then run Rufus to choose the ISO from your own filesystem that you would like to turn into a bootable USB stick.
That USB stick would then be the Windows 10 installation media like you probably wanted to begin with. It also has some recovery functions and a powerful command line on its own if you need it.
Really still functions this way not much different than the original W7 installation DVDs up to W11 so far.
All you need for an .ISO is fido (from rufus). But since nowadays Windows 10 is too large for a standard DVD, USB is the way (I prefer Ventoy). Not sure the best way to get 'hold of an .ISO from back in the reasonable size days.
The weird thing about rants like this is I tell customers that there are very few business-oriented new features in Windows 11 that justifies the upgrade, but there are quite a few developer-oriented features that are unique to it.
Windows Terminal is a nice example, but proper support for Windows Containers is huge. It was “technically possible” to containerise workloads on Windows 10 but you had to maintain the exact same patch level as the server OS the containers would run on! Windows 11 removed this restriction.
There’s also Dev Drive and a bunch of other small things like HTTP/3 and TLS 1.3 support and whatnot.
At $dayjob I have to hold the hand of helpless devs mired in corporate miasma complete with out-of-date Windows 10 desktops. I regularly have the issue of trying to show them something and failing because I forgot I have Windows 11 and they don’t.
Windows Terminal is not unique to Windows 11. You can install it on Windows 10.
As for containers, you can install Docker or Podman or some other container infrastructure. The Windows versions of them have hooks into the Windows OS too.
TLS 1.3 can be enabled in Windows 10 by toggling a registry key.
> Sooooo, I'm ready to pull hair and scream trying to find a way to install a genuine, 100% authentic, dyed in the wool, DVD, SSD, SEO, whatever, I can use to install 10 on my new HP.
there's a windows 10 build called "LTSC" that cuts out all the "Windows-as-a-Service" products
you still have to run a few debloat/service uninstall powershell scripts after reinstalling, but it's honestly the only thing keeping me from going full linux
Its funny how Microsoft basically hides it from the world, and if you happen to know about it, you still cant buy a single licence to run on your personal PC.
Yes, ARexx was big. A lot of popular software had an ARexx API so you could script across programs. Pretty awesome. I haven't seen anything like that since.
Running an end-of-service OS such as Windows 7 means it's very likely that there are plenty of unpatchable zero-days for it. Being forced to upgrade probably made you safer and reduced your attack surface.
I completely agree with you about Windows 11's unusability. However, Windows 10 will be end-of-service in a year and that really sucks. I have been clinging to Windows 10 and I do not look forward to being forced to upgrade. But it's better than having a system that no longer has security updates and has tons of nation states looking for/already hoarding zero-days.
> Running an end-of-service OS such as Windows 7 means it's very likely that there are plenty of unpatchable zero-days for it. Being forced to upgrade probably made you safer and reduced your attack surface.
What makes you think that ? People usually target the latest Windows version.
But it doesn't have to be a zero day if it's never getting patched at this point. It could be a 400 day that acts like a zero day - even more dangerous due to the potential for more threat actors to know about it and using the exploit doesn't burn it.
I'm curious why you prefer Rexx as a scripting language on Windows over something like Python or even PowerShell. I use it quite a bit for work and find it pretty limiting. With a lack of built in libraries even some simple stuff like parsing JSON can be a huge pain.
Why Rexx? (A) Used it for decades. (B) The latest Object Oriented Rexx has some nice things, e.g., SysFileTree to get a nice file of all the names in a directory tree. (C) Yup, I agree that could use more tools and not have to roll my own. (D) Sure, looked at PowerShell: Looks like it has some nice powerful features but a, uh, goofy syntax -- intend to do more, maybe a lot more, with it. (E) Lots of people are taking Python seriously, and for more than just a scripting language, e.g., maybe all the software for a significant Web site. Intend to devote a weekend to Python.
One little thing I did recently with Rexx was take an email message, all in just text, that had a Web page, as a MIME (multi-media Internet Mail Extensions or some such) Part, get the MIME part with the HTML, fix the email '=' characters used for splitting long lines, replaced some uses of special characters, and did get a Web page that Firefox would read. Worked? Yup. Elegant? Nope.
Msdn should still have isos. I still have my installer archive from 98 till 10 thou as my windows machine is a vm it just exists. I have a backup from just after a fresh install I can restore a new machine from if I need be
I'd honestly give 11 a valid shot, probably with 11 Pro. It's by far my favorite version of the OS over the years, and I've been a user since 3.11 days. These days, Windows 10 feels old to me.
It does take a bit of customization on first start (I like to align left, disable search, tasks button, copilot, etc), but it's been by far the most stable and consistent Windows I've used since probably 7.
It's not that hard to train people in offensive and defensive security ops - it just takes effort and commitment.
When I was working for a Vendor, we'd often train Jarheads, Squids, etc in IOW MOSes technolgies and techniques for offensive and defensive capabilities.
Most other regional powers have built out a similar talent pipeline - it's very doable now that computing has diffused globally.
Heck, LE in plenty of countries now has capabilities comparable to the Five Eyes circa 10-15 years ago.
Except most branches are having an extremely difficult time filling those roles. They're even considering things as drastic as bringing civilians into those roles at an O5 grade. Pretty desperate.
> Except most branches are having an extremely difficult time filling those roles
Most of the issues with recruitment tend to be less skilled MOSes like Infantry.
IOW, Intel, and Cyber MOSes are given a fast track to NCO and very good post-military careers, along with a decent entry pipeline via ROTC or Training Schools for enlistees like JCAC.
Most vendors and large tech companies (eg. GCP, MS Azure and Security, PANW, Cisco, AWS, etc) will often hire ex-Intel and Cyber trainees in lieu of a bachelors degree, so it's often a very affordable path to high paying tech jobs (Sales Engineering, Systems Engineering, Support Engineering, etc).
> bringing civilians into those roles at an O5 grade
Pardon my French, but that's bullshit. Only the newly created Cyber Warfare Officer in the Marines is at O-5 (largely due to budget and staffing issues w/ the Marines because it's competing for the same pot of money as the Navy), and they have to go through Officer Training School in VA.
Most entry level cyber roles are WO level (primarily W-1) or E1-3 if you are going to JCAC at NIOC Pensacola, and most Cybersecurity work was historically done by the Navy because Sigint was historically under the Navy, as all the IT and Cyber MOSes would get trained at NIOC Pensacola (none of this is classified btw)
IOW and Cyber are desk jobs - doing the whole shebang of military training is unnecessary, and competitors like China, Russia, etc exempt their equivalents in these MOSes from bootcamp, and they tend to require a degree or a civilian career for those same roles as well.
Also, these roles tend to require at minimum an Associates degree in Computers/Networking/IT, so plenty of grunts do upskill and get that via online programs like the AFIT, AMU, etc and then upskill after a couple years via Grants or get hired as Sales or Field Engineers at vendors.
> Lol is it bullshit if you're acknowledging that it's happening
Army, Navy, and Air Force all train their versions of CWO from enlistee all the way to civilian hire - they all send their enlistees to JCAC in Augusta GA or Penascola FL.
The USMC has a fraction of the budget of the big 3 forces because it's from the same bucket as the Navy, and as such limits recruitment to those who need minimal training.
Most hiring is still done at the enlistee level with 170a [0].
The direct commission was added in 2019-early 2020s because there were a decent number of enlistees with Bachelors degrees but no direct path to a full officer position in a Cyber MOS.
Well the cve noted in the article requires local access so either stacking exploits, having access to the machine or dropping usbs and hoping someone plugs it in.
Okay, and apart from "two advesary countries collaborating on what the rest of the world is doing", is your claim (or support of) of China being involved in this specific case based on capability, it getting caught, or just abstract vibes and speculation?
I find it fascinating they are able to detect these things and report them to Microsoft. The security companies obviously have to be on the endpoints to see any of this. However, it doesn’t seem like this depth of detection extends to protecting customers.
If you control the network, you could observe a machine behaving in a compromised manner, without being able to find anything while accessing the compromised machine itself.
the purpose of having engineers write software is that they can transparently prove that it works reliably, and they can be professionally held accountable and learn if it fails.
You're suggesting that reliability should be improved by being obfuscating the code through transpilation or by merit of being generated by a black box (LLM).
I really suspect that simply transpiling code to rust or ada or some other "safe" language largely wouldn't improve its security. The whole point of these "safe" languages is that they encourage safer practices by design, and that in porting the code to rust you have to restructure the program to conform to the new practices (as opposed to just directly re-implementing it).
I haven't seen a LLM that is reliably capable of logic/reasoning or can even reliably answer technical questions, much less synthesize source code that isn't some trivial modification of something it has been trained on. And it's not clear that future models will necessarily be capable of doing that.
No, but you can transpile (incredibly trivial) Rust programs into Coq that can be than formally verified to give a defined output for all possible inputs.
Mostly running Windows 7 Professional with latest patches from Microsoft. Had an HP Laptop with Windows 10 Home Edition where the hard disk failed. So, got another HP, with Windows 11 Home.
I'm a traditional Windows user and am writing software in .NET, IIS, ASP.NET, SQL Server. My most important tools are Rexx for a scripting language and KEdit for my text editor. I don't want Windows to be more like a smartphone.
Microsoft made a lot of changes from 10 to 11, and for my traditional usage made Windows too different to use. Bluntly I have to regard 11 as unacceptable for my traditional usage on 7 and 10 and am eager to replace 11 with 10.
Sooooo, I'm ready to pull hair and scream trying to find a way to install a genuine, 100% authentic, dyed in the wool, DVD, SSD, SEO, whatever, I can use to install 10 on my new HP.
HELP!!!!!