[HN Gopher] Windows Update Restored: Fix Windows update on Windo... ___________________________________________________________________ Windows Update Restored: Fix Windows update on Windows 95, 98, ME, 2000, and XP Author : gslin Score : 230 points Date : 2023-07-07 12:25 UTC (10 hours ago) (HTM) web link (windowsupdaterestored.com) (TXT) w3m dump (windowsupdaterestored.com) | nashashmi wrote: | Seems like a centralized repository for a collection of updates | issued by MS to windows computers. Does this bring additional | security updates not issued by MS? | jdwithit wrote: | No, it's just old preexisting patches. In their FAQ and even on | the front page they say continuing to run these operating | systems is a terrible idea as they are highly vulnerable even | after patching. | cbmuser wrote: | What's the advantage over Legacy Update which seems to work | pretty well. | temp51723 wrote: | Legacy Update doesn't support Windows 95, Windows NT 4.0 SP3+ | Windows 98 First and Second Edition, Windows Millenium Edition. | | Windows Update Restored (purportedly) does. | cbmuser wrote: | Thanks, this answers my question. | winterqt wrote: | For context: https://legacyupdate.net | JohnTHaller wrote: | Legacy Update is a better option for Windows 2000 and later as | it uses a proxied Windows Update 6 implementation. Windows | Update Restored uses Windows Update 3.1 and is better for | Windows 95/98/Me and Windows NT4. | neilv wrote: | This seems like a nice altruistic useful thing, but (given some | overly-trusting security practices we still often see) it'd still | be good practice to keep some ideas in mind... | | DECREASING LEVELS OF SECURITY: | | 1. Running Microsoft Windows. | | 2. Running out-of-support Microsoft Windows. | | 3. Running out-of-support Microsoft Windows and having it report | itself to a server of unclear provenance and security (which | could be efficiently indexing such insecure machines, and | possibly even exploiting vulnerabilities during this simple | interaction). | | 4. Running out-of-support Microsoft Windows and updating its | system software from a server of unclear provenance and security | (which could install malware, possibly even defeating any | outdated vendor signing). | | SUGGESTIONS: | | * If your important science/medical/industrial/etc. equipment is | stuck on ancient Microsoft Windows, probably you want to keep it | airgapped and treat it gingerly, while planning to upgrade to | more sustainable equipment (and hopefully it doesn't fail | abruptly before convenient). | | * If you're playing with Microsoft Windows for personal use, | that's fine, but maybe consider whether you'd prefer to spend | your time and energy instead learning and creating atop an open | source software platform. | | * For many business and personal purposes, Debian Stable is a | good OS platform, and this is one installer for it: | https://cdimage.debian.org/debian-cd/current/amd64/iso-dvd/ | housemusicfan wrote: | I'm glad somebody brought this up. I was waiting for the | follow-up article to post on HN about the "Botnet of Windows 98 | Machines" | adamdegas wrote: | Yes, all 48 of them. | MuffinFlavored wrote: | > Running Microsoft Windows. | | Is Windows 11 with all of the _default_ security settings | really that insecure? Like Windows Defender, Windows Firewall, | anything that needs admin needed you to click "yes, elevate to | admin" through UAC | hospitalJail wrote: | I just posted this above, but according to Zerodinium, | Microsoft Zero Clicks are the highest payout for a desktop | OS. Either they are the most secure, or its a popularity | thing. | olyjohn wrote: | Also maybe because Windows is used heavily in enterprise | where there is big money to be stolen from finance | departments. | jodrellblank wrote: | "Be very careful connecting to some random server and running | code from people you've never met, with whom you have no | contract or legal comeback, just because other people are doing | it. Also, download Debian!" | anthk wrote: | You can audit Debian, or rebuild it yourself. Try that with | Windows. | jodrellblank wrote: | Debian had over 324 million lines of code in 2009. How do | you propose to audit that in a lifetime? | | https://unix.stackexchange.com/questions/111281/exploding- | am... | anthk wrote: | So does Guix, and it has reproducibility features and | rollbacks. | p0w3n3d wrote: | What about retro gaming? | ungruntled wrote: | Compared to Windows, I find that most linux desktop distros | have what I would call 'stability vulnerabilities' where the | user has to tread carefully when doing something basic like | updating graphics drivers or applying other updates, or | changing resolution. Otherwise they end up with an OS that wont | start or will just show a blank screen. I wouldn't recommend | linux for general business or personal use unless this kind of | tinkering is enjoyable or you have sufficient IT staff. | ryandrake wrote: | Coincidentally, I ran into one of these this week. I decided | to upgrade my bog-standard Debian installation on a headless | NAS from buster to bookworm. Should have been easy peasy: | Update sources.list and then apt full-upgrade, right? | | Wrong. | | Half way through, Debian seems to have lost[1] libcrypt.so.1, | which everything important in the system relies on. Could no | longer sudo (needs libcrypt) from the session I was logged | into. Couldn't re-log in at all either over the network (ssh | needs libcrypt) or locally (local authentication needs it | too). Could not even get to single-user mode because | init=/bin/bash didn't even work. I ended up having to boot | from a liveCD, re-assemble the raid partition containing my | root filesystem, and manually copy libcrypt into | /lib/x86_64-linux-gnu/ | | All because I tried to upgrade Debian from 10 to 12, skipping | a version, which, apparently you can't do anymore. | | As much as I can't stand Windows and I grin-and-bear macOS, | I've never had an experience even close to as bad as that on | those systems. | | 1: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993755 | laserdancepony wrote: | It was unsupported to jump releases while upgrading twenty | years ago when upgrading woody to sarge as is now. Don't | spread rumours. I've been there and the READMEs are still | online for reference [1]. And unsupported does not mean | impossible. One just can't blame the distro for a failed | install. | | And if you had bothered to read the Release Notes for | bookworm: It's in there [2]. Also you are instructed that | only upgrades from bullseye are supported, and to upgrade | to bullseye first if you are running an older version. | | Nobody else to blame for your fall. | | [1] https://www.debian.org/releases/sarge/i386/release- | notes/ch-... [2] | https://www.debian.org/releases/stable/amd64/release- | notes/c... | ryandrake wrote: | I've been using Debian since before woody, and am well | aware of the usual caution against jumping versions. I | have jumped versions in the past with very little pain | despite it being officially unsupported. Obviously this | time I gambled and lost as it clearly breaks your system | more severely than usual. | | None of that changes the user-experience comparison with | mainstream OS's or parent's point about Linux's | "'stability vulnerabilities' where the user has to tread | carefully". Linux is well known for being a sharp tool | without safety guards. That, and the "RTFM" tone of the | typical response to trouble, are some reasons why the | Year Of The Linux Desktop is perpetually stuck somewhere | in the future. | Propelloni wrote: | I respect your individual experience but this hasn't been the | mainstream situation for many years now. | | Back in 2012 I was the Head of IT for an A series start-up | with about 80 people and we ran almost all machines on Linux | (mostly Ubuntu) and it worked like a charm. We scaled to | about 400 people before switching to Chromebooks in 2015 for | the vast majority of users. Our IT operations team never had | more than 4 FTE at any point in time, which compares very | favorably with any other company. This was possible because | Linux environments are extremely easy to maintain for a | trained IT staff and, obviously, because we mostly avoided | the MS Office crapware (which was less crappy back then than | it is today). Google Suite served us fine and the rest was | custom web-based software. | | Today I'm at a different company, no longer in the trenches, | and use MS Windows machines for my work and there is not a | single week going by without need to call tech support. | Adding the counter-productive helpfulness of MS Office | applications I sometimes think MS is paid by our competitors | to destroy our productivity. That's a "stability | vulnerability". | yjftsjthsd-h wrote: | > changing resolution. | | Er, this decade? How would setting resolution go badly today? | (The closest thing I can think of is that once upon a time | you could mess up _CRTs_ with bad settings.) | kdklol wrote: | There are the same exact problems on Windows though. | Microsoft nowadays basically treats it's install base as beta | testers and you regularly hear about breaking updates. There | are devices out there with funky drivers, most notably Nvidia | cards, but if you can avoid those (I know many people can't, | me included) and choose a stable distro, I genuinely fail to | observe these supposed instabilities on Linux. Personally, I | think the real reason why companies are not switching is | familiarity. Think of all that money spent on MS product | training over X employees. Billions are spent yearly in this | industry I'm sure. | emodendroket wrote: | True but the older your hardware is the less you encounter | it... so I guess the best use for it is giving life to old | hardware. | xslvrxslwt wrote: | I'm sorry but this is all but true. I've a 13700K and a | 4090 and it's more reliable than 2 of my old hardware | machines..this is slowly becoming a myth unfortunately as | new versions of either DEs or desktop protocol (s) are | slowly deprecating tons of stuff.. | emodendroket wrote: | I've had good luck with Xubuntu on a couple older | machines so far but I'm not trying to run it on anything | modern. My experience trying to do desktop Linux on a | recent machine is quite old so maybe things are | different. | Sohcahtoa82 wrote: | I would imagine this is only true to a certain point. | | Like, I would not be surprised if there were issues trying | to run an AGP or PCI video card. | | There's probably a sweet spot where some hardware is old | enough to have had all the major bugs worked out, but not | so old that nobody bothers developing and testing it | anymore. | userbinator wrote: | That's pure fearmongering FUD. | | Recommending Debian to the retrocomputing community is possibly | the most tone-deaf thing I've seen today. | mike_hock wrote: | > That's pure fearmongering FUD. | | It is. It's a community project that you can trust, or not. | Debian also reports to servers of "unknown provenance" and | updates itself from there. | | Now, Debian has probably a lot more eyes on it than some | Windows Update revival project, but some more niche distros | have essentially the same problem. | | > Recommending Debian to the retrocomputing community is | possibly the most tone-deaf thing I've seen today. | | archive.debian.org might be right up their alley | ketralnis wrote: | I'm with you that they could have stopped talking after the | word "instead" but the rest is not fearmongering nor FUD: | installing operating system patches from a random server on | the internet just isn't a great idea | ckozlowski wrote: | This. I suppose it can't be helped given the link was posted | without context. But yours is the only post here that seems | to get it. | | For everyone else: This project exists for the joy of the | retro-computing community. No one in their right mind - | retro-computing enthusiasts included - would ever recommend | using any of these versions of Windows for anything other | than amusement. | | No, DOSBox is not always an alternative. | | Retro enthusiasts are quite excited by this project. And for | anyone wanting to rebuild an old PC running Win95 for fun, | this is going to be a very helpful tool. | | Michael MJD (YouTube) covered this yesterday in fact: | https://www.youtube.com/watch?v=xbeqLmSVqvs | boomboomsubban wrote: | >If you're playing with Microsoft Windows for personal use, | _that 's fine,_ | | Saying you're free to have your hobby isn't tone-deaf. | hospitalJail wrote: | I hate windows, like I'm trying to get off it because of the | ads/ragebait news. I hate edge. Microsoft is basically a never | buy anymore, but according to this: | | https://zerodium.com/program.html | | Getting a Windows exploit is higher value than any linux | exploit. Given how many servers use Linux, it makes me wonder | if Linux 0 click are easier than windows. | | There are a bunch of counters like 'there are too many | distros', or 'a personal computer of a VIP is higher value than | some corporations'. But I'm not sure its fair to include your | point number 1. | | I like to give people credit where its due, I imagine it took | lots of work to make windows as secure as it is. (Giving | Android OS the most credit for their 2.5M payout) | MuffinFlavored wrote: | > I hate edge. | | It's a thin wrapper around Blink just like Chrome/Chromium. | What is there to "hate"? | hospitalJail wrote: | So many ads on the home page. | | 'turn it off' | | I did. But its not intuitive, its some settings button that | is semi-transparent. I literally had to google/bing it. | | The inital setup was awful. | | Then it opening all my links in edge was not okay. I'm | signed in on firefox, I don't want things opening in edge. | | I can't remember, I gave up after the whole BingGPT thing | was a let down. | WarOnPrivacy wrote: | > What is there to "hate"? | | The endless fluff and clutter to clean up (Search bar | appearing on desktop, sidebar foistware). The relentless | marketing and push of adjacent services (Bing AI). | | The passive-aggressive IE compatibility mode (unremovable | nag banner to stop using IECM, your Legacy App URLs expire | after 30 days for no good reason). | yjftsjthsd-h wrote: | Edge allegedly manages to be worse at privacy than Chrome: | https://apple.slashdot.org/story/20/03/07/0054219/edge- | brows... | morpheuskafka wrote: | It's strange to me that Thunderbird is even on their chart. | Surely only a few free software enthusiasts use that anymore? | Most of the population doesn't even use a desktop email | client and if they do its work-provided Outlook to connect to | Exchange/Office365. | delfinom wrote: | https://zerodium.com/faq.html | | >Zerodium reviews, tests, validates, and documents all | acquired vulnerability research then provides it to | institutional clients as part of the | | Zerodium only cares about shit their own customers want to | target. They aren't trying to fund the entire world of | software security. | | Their customers in particular are select governments | wanting exploits for their own use. You can sure as shit | bet they already have specific targets in mind and what | they use. | | EDIT: For example, the forum software noted on Zerodium's | list are popular for "blackhat" and "darkweb" forums from | everything from card dump selling to malware. Many | governments would love to get themselves a database dump | with some user IPs. Conversely, this is why Discourse which | is a major BB these days is missing as it's not popular in | those circles. | Dwedit wrote: | Desktop Email Clients are good for downloading all your | Gmail before Google randomly decides to nuke your account. | laserdancepony wrote: | I'm sure 99% of the population does not use email | personally anymore, except for delivery of their Amazon | invoices. | bdavbdav wrote: | Yep. Receipts and notifications. It's a bad means for | communications. | weare138 wrote: | Linux is the just kernel. Everything else in a distro is | software running on top of it. Kernel bugs are generally hard | to exploit remotely and typically have to be chained with | other exploits. That's why there's so many specific payouts | for common enterprise apps. Windows is a complete, highly | integrated OS with a wide array of attack vectors baked right | into it. | | Plus sketchy companies like Zerodium major customers are | nation-state actors who are primarily interested in data | exfiltration and the application data stores themselves. | hospitalJail wrote: | >Kernel bugs are generally hard to exploit remotely and | typically have to be chained with other exploits. | | This is why its so valuable though. | weare138 wrote: | The payouts are based on what their 'clients' are willing | to pay in turn for the exploits. There's just less of a | market for Linux kernel exploits. If nation-state actors | are involved in deep APT style attacks where they would | leverage low level kernel exploits they are going to | either develop the exploits themselves or acquire them | through their own clandestine channels. Purchasing that | stuff from a publicly facing company that could | potentially be compromised themselves is high risk and | leaves too obvious of a trail. | unilynx wrote: | But what's the point ? Most vulnerable Linux servers are | hosting blogs or dns servers. They're only useful to run | a crypto miner or host a phishing page, and for that you | probably don't need to go further than exploit a | wordpress bug. No need to go for the kernel or even root. | | Whereas a desktop often has users on it who enter banking | details or corporate login credentials. Much juicier | targets. | mnahkies wrote: | Linux servers generally aren't being used interactively | though and expose a fairly limited attack surface to the | internet, and so I feel like the value in Linux server | exploits is more in the openssl/Apache/etc vulnerabilities | RobotToaster wrote: | People always say this but | | 1) doesn't even a domestic router block all inbound | connections? | | 2) is there any evidence of unpatched remote vulnerabilities | for windows 98? | userbinator wrote: | Yes, and probably not (and even if there were, I suspect no | one has a huge incentive to go looking for them anyway.) | jabroni_salad wrote: | I'll never accuse old Windows of being bulletproof, but I've | gotten some considerable reliability out of old appliances by | adding SSDs, a passively cooled chassis, and a weekly reboot | scheduled task. Basically, just get rid of the moving parts and | plan for state drift. | | Old OT is actually pretty easy to take care of aside from | sourcing replacements for some secret sauce PCI card that is no | longer made. New OT blurs the line with IT in a really | difficult way however, you can no longer rely on a dead simple | airgap to solve your security concerns because everything and | its mother wants to be on the internet. | fires10 wrote: | You can not just rely on air gapped either. You have other | avenues for attack as well. I actually virtualize most of my | legacy OSes when possible. Just maintaining adequate serial | connections when a USB to serial connector will not work with | your legacy OS and a VM can't maintain a stable serial | connection through the host OS. It's been a nightmare. | majjam wrote: | Does anyone have any experience with 0patch? I use it to keep a | couple of old Win7 systems patched but it makes me nervous... | klaussilveira wrote: | Is ReactOS stable enough to replace an old Windows 95 | installation? | jaclaz wrote: | No matter if stable enough or not, ReactOS is aimed to | replicate a NT based system, as such it can be very different | from DOS/Win9x. | | Quite a lot of (DOS based but not only) tools and programs | (particularly any low-level one and - generally speaking - | games) that run just fine in Windows 95 won't work on NT | 4.00/2000 and later, and they as well won't in ReactOS. | sneed_chucker wrote: | No. | Paianni wrote: | PSA: Security updates for 2000 and XP are still available from | Microsoft at https://www.catalog.update.microsoft.com/ | add-sub-mul-div wrote: | What I'd love is a project for Windows 11 that gives me back full | control of which updates I download and when I reboot. I've been | living with vague registry hacks and the "pause for 5 weeks" | button but they're getting less effective. | dmitrygr wrote: | Use registry editor to export And then delete wupdsvc and | waasMedicSvc services. (HKLM/system/currentControlSet/Services) | Reboot. Enjoy. Whenever you want updates, double click exported | "reg" file and reboot. Allow updates to install. Delete | services again. | npteljes wrote: | I'm solving this for myself with Windows 10 LTSC, which I keep | activated with an activation emulator I host. For a | professional, it was super easy to setup, virtually zero | maintenance, and I get a pass on at least a good chunk of the | bullshit that goes on in the MS-verse. Functionality doesn't | seem to be lost, but I just use it to play my multiplayer games | because of their Windows-only rootkit, I mean, anti-cheat. | rwaksmunski wrote: | Lookup Windows 10 LTSC | stalfosknight wrote: | This should go without saying but this flagrant disregard for | what users want is going to continue and get worse as long as | people keep buying and using Windows. I wonder pretty often why | people put themselves through this crap to use Windows. | add-sub-mul-div wrote: | Because I'm an adult who knows how to weigh all the pros and | cons of a situation and make decisions based on the sum of | that reasoning rather than the emotion raised by one pain | point. (My own or someone else's.) | stalfosknight wrote: | Enjoy not having control over when or how your OS gets | updated then. | pessimizer wrote: | Because that's what comes on computers, and that's what the | software they need runs on. The obvious reasons. If you want | to fix that, work in antitrust, work on getting at least | governments and public schools to choose FOSS solutions, work | on improving FOSS solutions, work on Debian installers... | stalfosknight wrote: | Windows didn't come preinstalled on my Mac. | runesofdoom wrote: | A possibly illustrative example: | | A year or three ago, my uncle (mid-50s, telco IT manager, | started on a Commodore in the 80s) decided he'd try Mint | instead of upgrading from Windows 7. He got it installed and | running, and decided he wanted to burn an audio CD. | | His install of Mint didn't come with any application to | accomplish this. He got something recommended installed | easily enough, but it only supported FLAC, not his MP3s. So | he removed that and got some different CD burning software | that did support his MP3s, but was set to Finnish by default. | He got enough Finnish translated to get it changed to | English, and then ran into some sort of driver/support issue | for his particular CD burner. | | At that point, he did the free upgrade to Windows 10 and then | burned his CD in less total time than he'd spent not burning | a CD via Mint. | vel0city wrote: | It has been a while for me since I last ran Mint, but back | in the day it used to come with Brasero which can burn | audio CDs. It would have supported mp3's, but he would of | had to install the non-free codecs which was an option at | install time or would have been installable from the | settings. | | https://wiki.gnome.org/Apps/Brasero | | https://linuxmint-installation- | guide.readthedocs.io/en/lates... | stalfosknight wrote: | And this is why the "Year of the Linux Desktop" will never | come. | olddustytrail wrote: | Because of quite possibly the dumbest anecdote I've ever | heard? I'm not sure morons anonymous has much influence | in the real world. | nikanj wrote: | Just buy a pro/enterprise version, they support the GPOs to | block updates | Joeri wrote: | Windows pro managed through intune should give you that | control, though it is a bit of an awkward path for a single | user. | jonathantf2 wrote: | Not sure if this is because I run the Pro version but I've | never ever ever once had Windows 10 or 11 reboot to install | updates on it's own. | Dwedit wrote: | Windows Update Blocker works as a nuclear option to disable all | updates. | ailurooo wrote: | The genuine answer is that you won't get this functionality | unless you use windows enterprise. Which of course you can't | purchase.. This functionality is locked to just the enterprise | and will likely never change.. | TheSkyHasEyes wrote: | Tiny11 is a thing but I've no experience with it. | https://duckduckgo.com/?t=ffab&q=tiny11 | londons_explore wrote: | > can't purchase | | There are certain high seas where such things are plentiful. | bruce343434 wrote: | With all that risk and effort, seriously why not just use | linux? | Sohcahtoa82 wrote: | https://www.protondb.com/explore | | Because most of this list is not Native or Platinum. | | Games on Windows _just work_. | | Also, how well does VR work in Linux these days? | kobalsky wrote: | > Also, how well does VR work in Linux these days? | | this loaded question should be directed towards the | developers. | | that any Windows game works on Linux at all, given | Microsoft's record regarding interoperability, seems like | a miracle. | | If I had to make an equally loaded question I'd say, what | OS are they using to host their game servers? | londons_explore wrote: | Game servers are fairly frequently hosted on Windows, | simply because the game server often shares a lot of code | with the client (including libraries which may not be | cross platform), and game developers are often most | familiar with Windows. | stOneskull wrote: | i don't know anymore. i'm getting really annoyed by | background processes interfering with my counter-strike | ping. like microsoft is checking my mail or uploading | some telemetry bs or something. i can't wait to get back | on linux. | hospitalJail wrote: | This is equally as dangerous. | windowspiracy wrote: | Eh, not really. You can download a windows pro ISO | straight from microsoft [0], install it, and then upgrade | it to enterprise using the kms client key [1]. That can | then be activated using an open source kms server | emulator [2] that has a reasonable amount of code you can | audit if you're extremely paranoid. | | If you don't want to go through the hassle of installing | and then upgrading I'm also pretty sure you can upgrade | one of the images in the wim offline using dism. | | 0: https://www.microsoft.com/en-us/software- | download/windows10 (will serve you an iso directly | instead of the media creation tool if you give it a linux | user agent) | | 1: https://learn.microsoft.com/en-us/windows-server/get- | started... | | 2: https://github.com/Wind4/vlmcsd/tree/master | hospitalJail wrote: | Interesting. | | I do work on my windows machine, so doing anything | illegal just gives me the opportunity to lose 1000x more | money than if I just upgraded legally. | nobody9999 wrote: | >The genuine answer is that you won't get this functionality | unless you use windows enterprise. Which of course you can't | purchase.. This functionality is locked to just the | enterprise and will likely never change.. | | Of course you can purchase "enterprise" versions of Windows | 11[0]. | | What's more, _anyone_ can purchase most of Microsoft 's | offerings for ~USD$1000[1]. | | [0] https://www.microsoft.com/en- | us/d/windows-11-pro/dg7gmgf0d8h... | | [1] https://visualstudio.microsoft.com/vs/pricing-details/ | incomplete wrote: | why no https on this site? | Eric_WVGG wrote: | > This website requires a minimum of Internet Explorer 5.0 or | above, but we recommend Internet Explorer 5.5. | | that's the bit that left me gobsmacked | wvenable wrote: | Does modern HTTPS even work on Windows 95? | anthk wrote: | Under Retrozilla, TLS 1.3 | samtheprogram wrote: | Older web browsers like those on Windows XP don't support newer | versions of SSL. | Dwedit wrote: | There are newer web browsers that will run on Windows XP, see | New Moon http://matejhorvat.si/en/unfiled/pmxp/index.htm | | Even the final official build of Firefox that supported | Windows XP will break on websites like Github, where a | Releases page will never finish loading, and never let you | download any files. But the New Moon build on that website | (28.10) will work. | | (Don't forget to install uBlock Origin and a current fork of | uMatrix) | ogurechny wrote: | See http://rtfreesoft.blogspot.com/ and | https://github.com/Feodor2/Mypal68 | | Discussions of those builds can be found in relevant | threads on relevant forums. | vbezhenar wrote: | Last time I tried to tinker with Windows XP few years ago: you | couldn't just update it after installation, but if you let it | work for a few days, eventually it'd download and install updates | automatically. And after those updates are installed, you can | actually use Windows Update UI to install optional updates and | other things. | | It definitely was after 2011. | FredPret wrote: | Windows Update did a better job over the years selling me on the | Mac platform than Apple ever could | Sohcahtoa82 wrote: | The sad thing is that IMO, Windows users brought the shitty | Windows Update implementation on themselves. | | It was common in the Windows XP days for many users to _never_ | install updates and it really contributed to Windows 's | reputation for being incredibly insecure. Forcing updates | became the only option to ensure Windows users remain secure. | metaltyphoon wrote: | Funny enough, windows updates are infinitely better than macOS | updates, which takes 30-60 mins each time. | laserdancepony wrote: | I still don't know why both are so slow. Upgrading my mostly | vanilla Devuan boxes costs me a few seconds to minutes and | restarts are only to switch kernels. | jshier wrote: | They're getting faster in Ventura. Moving to the sealed | system volume in macOS 11 made them huge and slow to apply, | but they're getting better. On my M1 Ultra machine even large | updates don't take more than 5 or 10 minutes in the restart | stage, and that can include firmware updates for the Mac and | monitor (Apple Studio Display). And now with the rapid | security patches there are some updates you don't even have | to restart to apply (mostly). | FredPret wrote: | But they don't pop up a million times and then restart your | system for you while you have a long compute job running | overnight... | hospitalJail wrote: | This was one of many gripes when I went from Android to | iPhone. Holy crap, every day there was some necessary update | and I had to sign into my apple ID + be plugged in at 2am or | something. | | Every time I unlocked that phone it would bother me. | | That, a slower response time(might have been due to | animations), not having widgets, and some buggy official apps | like the podcast app, and I bailed from iPhone pretty quick. | | I admittedly was so excited to unbox and give Apple all my | personal information. Weird. | delfinom wrote: | Yea I own a iPhone for giggles and use a Pixel daily. HOLY | CRAP, the update experience is so ridiculously slow on | iPhones, I really don't Apple could not even try it fix it. | How are iPhones not capable of having A/B partitions for | the system to handle updates behind the scenes faster? | kdklol wrote: | This is exactly what I was looking for. Thanks. | | (Sent from a ThinkPad x41 running Windows XP) | WarOnPrivacy wrote: | My most recent use-case for XP (in VMs) is to deploy IE as a | remote app, to access old DVRs that require ActiveX for web view. | ck2 wrote: | I saw an ATM reboot into XP kiosk mode the other week. | | Struck me as a bit unsafe? | | BTW this also exists or did exist for "Fix Windows Update on | Windows XP, Vista, Server 2008, 2003, and 2000" | | https://github.com/kirb/LegacyUpdate | giobox wrote: | It was pretty crazy how long IBM's OS/2 survived as an OS on | tons of ATMs throughout the world, there will probably still be | an ATM somewhere running XP in the 2050s. | mschuster91 wrote: | > Struck me as a bit unsafe? | | Usually ATMs run in their completely own network with heavy | access controls limiting access even if the physical location | is compromised. | fredoralive wrote: | It's not the greatest to be still using XP. Although hopefully | an ATM would be on a real private network, or at least a VPN | provided by some more up to date external box (though the | latter could have its own bugs I guess). If you pair that with | the fact you don't have externally accessible general IO[1] | there probably isn't much opportunity to gain access. | | [1] If you can get into the innards you can probably just, you | know, grab the cash (beware of dye bombs though). | jaclaz wrote: | >I saw an ATM reboot into XP kiosk mode the other week. | | JFYI, there is a dedicated thread on MSFN.ORG for these | sightings: | | https://msfn.org/board/topic/176692-windows-xp-spotter-the-c... | | Atm's and public signage (airports, metro and similar) are | still common enough. | TheRealPomax wrote: | Safer than card skimmers though. | londons_explore wrote: | DOS is easy to emulate - and dosbox does a great job of it, even | in a web browser. | | Windows 3.1, 95, 98, Me are less easy to emulate. | | Note that that seems to have impacted the preservation of old | games and programs. Plenty of dos games are all over the web and | still quite popular, yet most stuff from the Win 9x era has | almost entirely vanished due to the difficulty of running it on | modern hardware. | | Archivists take note - if you want something to live for a long | time, it needs to be easy to emulate. And in turn, that means it | needs to be both very common, and have simple API's so someone in | the future can be bothered to make and maintain an emulator. | neckro23 wrote: | > most stuff from the Win 9x era has almost entirely vanished | due to the difficulty of running it on modern hardware. | | The tricky part is that this applies even if you're using a VM. | I learned the hard way that Windows 98 isn't compatible with | Ryzen CPUs, even through VirtualBox. I had to try again on | another PC with an older Intel CPU. | accrual wrote: | A patch is available [0] to allow Windows 98 to be | virtualized on more modern CPUs including Ryzen CPUs. It | patches the "TLB Invalidation Bug". [1] | | [0] https://github.com/JHRobotics/patcher9x | | [1] https://blog.stuffedcow.net/2015/08/win9x-tlb- | invalidation-b... | gattilorenz wrote: | For early-ish windows 98 era machines, 86Box is a very good | option. | TillE wrote: | I wanted to play certain games from that era (Spiderweb's Exile | series), and the best solution I found was to just play the | MacOS versions with SheepShaver. | | You can technically get Windows 9x software running in a VM, | but not without laggy video/audio in my experience. | ogurechny wrote: | DOS may be easy to emulate and re-implement because it's a | single task operating system that does not do much. Most of | hardware is accessed directly, and needs to be emulated | instead. We enjoy great compatibility because of the enormous | leap in performance since then (the slower the system the | easier it is to simulate correctly on a modern one), and the | combined knowledge of all the ins and outs collected during the | PC boom by software authors and hardware makers implementing | and re-implementing compatible devices. | mminer237 wrote: | I've had great success running Win 95 games on modern hardware. | I just had to do it in Wine, amusingly enough. | londons_explore wrote: | Frustratingly, wine for windows isn't a thing... | sedatk wrote: | > Archivists take note - if you want something to live for a | long time, it needs to be easy to emulate | | how do archivists have a say in this? | londons_explore wrote: | Some archivists make decisions about what to archive. | Something that isn't going to be runnable in the future would | be a poor choice if you only have limited resources. | | Also, some archivists have the choice to convert media. For | example, rather than storing a Wordperfect document, perhaps | it is best to convert to PDF. Rather than storing the ROM of | an 80's arcade machine, or the whole machine, perhaps it is | best to store an MPEG video of a playthrough. Rather than | storing the data on a floppy disk in a filing cabinet, | perhaps it is best to store the data on a server which will | be kept up to date? Well resourced archives might be able to | implement emulators - but then the question remains how | should that be done - Is it okay to have a PDP11 emulator | that runs on dos, emulated by dosbox in windows XP, emulated | again by virtualbox on Windows 11? | | A big part of being an archivist is making decisions of what | to keep, what not to keep, what form to keep it in, and when | to convert it. | | There is no consensus - some archives knowingly keep data and | software that they have no way to open/run, in the hope | someone might bother in the future. Others keep dependency | tables to ensure that they always have some combination of | hardware and software to run/open any stored material. | londons_explore wrote: | Personally I'm of the opinion that we should focus on | storing as many bytes of data of human endeavors as | possible, and not worry about emulation/search/cataloging. | | Future people will have better solutions to all these | problems, and every bit of effort we put into organising | our archives today is effort taken away from collecting | more bytes. | ogurechny wrote: | This means that you care about byte counter instead of | actual content. | | For some hardware, the number of people who can make it | work has already diminished a lot. You can gather some of | the knowledge today, "future people" won't be able to. | What's the use of collections of data that can't be used? | jxramos wrote: | I have to say this is awesome | | > This website requires a minimum of Internet Explorer 5.0 or | above, but we recommend Internet Explorer 5.5. To download | Internet Explorer 5.5, Click Here | m000 wrote: | How about adding some instructions on how to use it? Just | saying... | capableweb wrote: | > To find out more about the Windows Update Website and what it | does, Click Here | | > | http://windowsupdaterestored.com/en/aboutwindowsupdaterestor... | | The submission is the literal website used for the updates. You | use it by browsing the website like any other website. | | You figured out how to use HN without much hand-holding, I'm | sure you can figure out how to use this website as well :) | | Edit: There is even a video explaining how to use the website, | not sure what more you could ask for? | https://www.youtube.com/watch?v=pbWa_tlC-3I | mcpackieh wrote: | Huh, I never realized that 95/98/ME ever had online updates in | the first place. | mattl wrote: | Me neither. | | Wikipedia: | | > Windows Update was introduced as a web app with the launch of | Windows 98 and offered additional desktop themes, games, device | driver updates, and optional components such as NetMeeting. | Windows 95 and Windows NT 4.0 were retroactively given the | ability to access the Windows Update website and download | updates designed for those operating systems, starting with the | release of Internet Explorer 4. | kotaKat wrote: | It all started in Windows 98 with the launch of Windows Update; | they then released the Critical Update Notification Tool (later | renamed to Utility, for obvious reasons) which would query the | website and just tell you when a critical update was available | to go check the site. | | Otherwise, in the 95 era, I believe you'd likely be finding out | through a software vendor or otherwise that a certain fixpack | from Microsoft might fix an issue and you should go grab an | update then. | xattt wrote: | Um... what? You would trigger online updates in Windows 95 | OSR 2 by using IE and navigating to the Windows Update | website. This would then would trigger the updater. | code_duck wrote: | This is supported by the wikipedia page for Windows Update: | | "Critical Update Notification Utility (initially Critical | Update Notification Tool) is a background process that | checks the Windows Update web site on a regular schedule | for new updates that have been marked as "Critical". It was | released shortly after Windows 98." | | Unfortunately, the citation for that is no longer active on | MS's site, and the archive.org version no longer works | either. | xenadu02 wrote: | That was all after the fact. For its initial release and | even much of OSR 2 the only updates you got came with a new | computer via the OEM updates of which OSR 2 was the big | one. If you were lucky you might see a Service Pack on CD | though that was more of an NT/2000 thing. | kotaKat wrote: | Yeah -- OSR 1 (95 A), 2/2.1 (95 B), and 2.5 (95 C) were | just that - OEM Service Releases. | | Anything else would have been a direct fix package - such | as the _DCOM95 OLE Update_ , _DUN 1.4_ , or _Winsock 2_ | -- things that you only installed if you needed something | that used those functions, and often would become bundled | with the software anyways because users might not have | been given those updates out of the box. | | There was at least _one_ XP-era update CD that I do | recall - the _Windows Security Update 2004_ contained | patches for 98 through XP and was available by mail from | Microsoft. | | http://vogonsdrivers.com/getfile.php?fileid=873&menustate | = | coldpie wrote: | > they then released the Critical Update Notification Tool | (later renamed to Utility, for obvious reasons) | | Oofda. That can't have been an accident. | n6h6 wrote: | I thought you were joking, but no, the CUNT is real | | https://en.m.wikipedia.org/wiki/Windows_Update#Critical_Upda. | .. | coldpie wrote: | I guess now we know why Windows patches will see you next | Tuesday. | | https://en.wikipedia.org/wiki/Patch_Tuesday | ogurechny wrote: | -- Software could not expect internet connection (or any | network at all) to be available, and would be considered really | arrogant if it tried to dial or spend user's traffic by | default. | | -- Those who knew how to enable those features probably checked | update sites and news sites manually often enough. | | -- Almost all software had to bundle required components and | updates anyway. Games came with DirectX version 5/6/7/8/9 | installers, IE version 4/5/6 installers provided important | system components, acting as semi-service-packs for 9x | systems... and, of course, Visual Studio library dependencies. ___________________________________________________________________ (page generated 2023-07-07 23:00 UTC)