stolen from linux memes at Deltachat

    • smileyhead@discuss.tchncs.de
      link
      fedilink
      arrow-up
      52
      arrow-down
      1
      ·
      11 months ago

      Just use some unknown program in binary form downloaded from random site that require adminstration access and God knows what it does, because Windows don’t have an option or config file to change simple thing👌.

      • kautau@lemmy.world
        link
        fedilink
        arrow-up
        10
        ·
        11 months ago

        The thing that annoys me the most with this is powershell “modules.” Like the most recommended module to use powershell to update windows… just has a raw DLL in its repo

        https://github.com/mgajda83/PSWindowsUpdate

        The source code is just “run routines from this binary file, that you will never see the source code of”

      • evatronic@lemm.ee
        link
        fedilink
        English
        arrow-up
        5
        ·
        11 months ago

        You can, in Windows, boot into a no network safe mode and set various registry and group policies to stop Windows updates.

        If you’re particularly frisky, there are alternatives to the WSUS, Windows Server Update Service you could deploy on your local network.

        It’s a lot of work, though.

        • 0x4E4F@infosec.pub
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          11 months ago

          It’s a lot of work, though.

          Exactly. I have tried them all before and it is a lot of work and that’s why I opted for this one click solution. Sure, it’s not open source, but I’ve been using it for years, it’s never done something malicious. I’ve also done some RCE on it, and I came to the conclusion that this thing is most probably legit and has no malicious intents.

      • 0x4E4F@infosec.pub
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        3
        ·
        11 months ago

        Have been using it for a while, does nothing malicios, plus I’ve done some RCE on it, as far as I’m aware, there is no malicious code in it.

        And I would love to know how I can stop automatic updates in Windows with a config file… cuz… you know, Windows never uses the registry for those kinds of things.

        • smileyhead@discuss.tchncs.de
          link
          fedilink
          arrow-up
          4
          ·
          11 months ago

          As far as you are aware. Only author knows what code is in it.

          It’s basically like giving computer to a random guy on the street for a day as he promise to disable Windows update for you. Maybe he do it, maybe not, for you it worked, would it work for me? Will there be anything additional in the background running after, I don’t know.

          • 0x4E4F@infosec.pub
            link
            fedilink
            English
            arrow-up
            0
            ·
            edit-2
            11 months ago

            That is true, yes, I do agree.

            But, on the other hand Windows is not open source as well and I have to use it for work or an oddball proogram here and there that just doesn’t run on Wine.

            Hell, people also use a lot of closed source code in their Linux installs as well. Let’s strat with drivers and firmware binary blobs, printer drivers (binary blobs as well, depends on manufacturer) and end with NLE software like DaVinci Resolve… we use binary blobs all the time, including our phones, and even though none of us asked for that, but instead was shoved down our throat in order to be able to live in a modern society, no one seems to complain about that… but, when a random stranger suggest using something, oh no, that thing most definitely is something malicious 😒.

            Run it in a sandbox for a while, see if it calls home. If it does try to call, block it with a firewall, is that so hard 😒… though I’ve never seen it even try to call home or do something malicious, and as I said, I’ve been using it for years. Also, people use a lot of their products, I have yet to see one complaint regarding any of their products doing something malcious.

      • 0x4E4F@infosec.pub
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        2
        ·
        edit-2
        11 months ago

        There is nothing better out there, trust me, I’ve searched. I would love to use something open source, but short of me writing it myself, there is no better solution at the moment… well, at least not for my needs.

    • Pantherina@feddit.deOP
      link
      fedilink
      arrow-up
      1
      ·
      11 months ago

      ChrisTitus Winutil setting updates to “security only” is a solution. This is dangerous, even more as Windows is a malware target

      • 0x4E4F@infosec.pub
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        11 months ago

        Did you have windows updates enabled by default (automatic) in versions prior to Win10?

        And you get security only with LTSC. Plus, it has no apps, so it’s a double win.

      • 0x4E4F@infosec.pub
        link
        fedilink
        English
        arrow-up
        1
        ·
        11 months ago

        Yeah… this doesn’t stop automatic updates… or at least it wasn’t mentioned in the description.