Is there something to learn for embedded/IOT from the Crowdstrike disaster?

[SteveThackery]

Hence I use Windows 7, but when it becomes impossible, I have no other choice than using Linux (or possibly Mac).

I think W7 is the best version of Windows by far. I have that running in a virtual machine, too. To me, W7 is the ultimate development of the WIMP concept. I detest the way MS forced a touch-based UI (Metro/Fluent) onto us desktop users. Even now, years later, we have a half-baked UI with Fluent looking after the most common elements, and dropping back to W7-style (Aero) for the more techie stuff. What a horrible kludge.

Trouble is, several of my favourite apps don't work on W7 (or at least they say they don't - maybe I should test that) so I'm currently using W10. It's OK - good, even - but it's still got the schizophrenic UI.

Two of my machines are running W11. When I first saw it, I thought "Microsoft! What the f*** are you doing?". I still think that now: W11 is a major face-palm moment for Microsoft. 

[madires]

This is becoming even more hilarious. Remember how Microsoft tried to blame the EU for the Crowdstrike disaster? Now Talos published an article about Microsoft deliberately circumventing MacOS security measures for their Office applications:
- How multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing permissions (https://blog.talosintelligence.com/how-multiple-vulnerabilities-in-microsoft-apps-for-macos-pave-the-way-to-stealing-permissions/)

We screw up your IT security! No matter which OS!

[SteveThackery]

I think it equally raises questions about macOS's security model.

"This situation points to a key aspect: macOS trusts applications to self-police their permissions. A failure in this responsibility leads to a breach of the entire permission model, with applications inadvertently acting as proxies for unauthorized actions, circumventing TCC and compromising the system's security model. This highlights the importance for applications to implement robust security measures to avoid becoming vectors for exploitation."

It off-loads a significant degree of responsibility to the applications.

[Marco]

No, that just shows you hate freedom Just use an iPad with a keyboard cover.

I like a system where I can install a third party browser without having to beg Apple to certify and cripple it.

[radiolistener]

Windows is a service. You give full access to your computer to Microsoft and they use it to provide OS services. That's how it's been since Windows 10 (2015).

I remember that this thing was started from Windows Vista.
I even remember that I had a talk with fellow, it happens before Windows 7 released, and I said that Windows become a paid service soon. I almost guessed, it happened a little bit later

[SteveThackery]

I remember that this thing was started from Windows Vista.
I even remember that I had a talk with fellow, it happens before Windows 7 released, and I said that Windows become a paid service soon. I almost guessed, it happened a little bit later

Could you explain this a bit more, @radiolistener? I've got machines running W7, W10 and W11 and I've only paid once for any of those licenses.

I have tried the subscription model for MS Office ("Microsoft 365"), but I gave that up and reverted to Office 2010, which I think is the best version of Office ever. And I've only paid once for that license, too.

[NorthGuy]

I remember that this thing was started from Windows Vista.
I even remember that I had a talk with fellow, it happens before Windows 7 released, and I said that Windows become a paid service soon. I almost guessed, it happened a little bit later

I didn't see that coming. I only figured that out when Microsoft released an update with forced upgrade to Windows 10.

It wouldn't be that bad if the service was paid - many people would drift away. But it was free, so nobody fought back. Never mind that free cheese can only be found in a mousetrap.

[radiolistener]

Could you explain this a bit more, @radiolistener? I've got machines running W7, W10 and W11 and I've only paid once for any of those licenses.

I don't remember details, just remember this talk when I said that they will change their business to paid services. Probably I had this thoughts after using their libraries like .net remoting or something like that. Don't remember exactly why I had such impression, but this talk happens just after Windows Vista release...

and I am still surprised at how accurately I predicted what would happen next, although I myself did not fully believe it at that time.

If I remember correctly, I had these thoughts when they rolled their online credential serivice, .net password or something like that, don't remember exactly...

[SteveThackery]

Hmmm... OK, well I'm a Windows user primarily, because it has the second best apps after Apple, and I object strongly to Apple's "walled garden" business model.

I can say with complete certainty that there are no recurring charges with any version of Windows. If you opt in, you can get MS Office as an ongoing subscription (now known as Microsoft 365), but you can also get it as a one-off payment and no ongoing updates.  Also, Windows users have had free updates to the latest version for ages now - I can't remember when I last paid to upgrade, but it was many years ago.

So there is nothing to complain about, really. Until we get to W11. This is the first version where MS seems blatantly to be monetising Windows. Not with a subscription, but with adverts. Can you imagine? - an OS with actual adverts! Of course they are presented as "suggestions", and you can turn most of them off. But even so, pretty bloody naff.

The two best versions in recent years are W7 and W10. W7 was the peak development of the WIMP model user interface, and it was a fine OS to use. It remains my favourite. W10 had a half-baked, half-touch, half-WIMP UI, but was very well sorted, stable and with really good security and stability.

I'll soon be building a new workstation, and I'm going to try to install W10 on it, not W11.

EDIT: I forgot to say that I have no idea what the charging model is for Windows when it is deployed into a commercial organisation. I suspect there has been a subscription model for many years.

[Marco]

I think having a rock solid bootloader which can do network updates of later stages is more important. It allows you to remotely recover from anything but the bootloader update going disastrously wrong, and wiping out the AB update mechanism ... in which case you should have a proper factory reset too.

Now we have Apple proving my point, in a slightly different situation.