how can i disable windows 10 update forever ?

Discussion in 'other software & services' started by mantra, Oct 21, 2015.

  1. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    @amarildojr What "stealthy things" are Microsoft doing, other than installing updates? I've got no problem with MS automatically installing updates.
     
  2. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    6,167
    hi
    now i'm worried about keystrokes !
    what should i install QFX KeyScrambler ?
     
    Last edited: Oct 22, 2015
  3. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,213
    I read all of them. Speculation and unfounded drama. I've never seen Windows Updates happen when WU is off. Hey, it's easier to blame Microsoft than admit ignorance.

    Here you go again, Windows does have - until you PROVE IT, no it does not. Repeating the word does not make it happen.

    Mrk
     
  4. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,811
    Location:
    Kolkata, India
    You are welcome! I update W10 regularly. :)
     
  5. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    6,167
    Mrk , there is a windows 10 forum , where you can read that w10 re-enable the service

    hi sg09
    very cool program , really ,lots of setting to controll windows 10, it can export "default" windows settings ,or your settings , you can go back quickly
    i disabled the automatic update via the O&O ShutUp10
    thanks
     
  6. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,811
    Location:
    Kolkata, India
    I haven't tried it on 32 bit, but I have never run into any problem in any 64 bit installations.
     
  7. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,811
    Location:
    Kolkata, India
  8. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,418
    Location:
    Slovakia
    UpdateOrchestrator and WindowsUpdate tasks fix problems with essential services being disabled, sih and sihboot particularly I believe.
    The simplest way is to set WU to Notify, they will never download by themself or set it to Disabled, they will download automatically once checked.

    Notify before download
    reg add "HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "AUOptions" /t REG_DWORD /d 2 /f

    Disable Auto Checking for Windows Updates
    reg add "HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 1 /f
     
  9. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,213
    I have several test Win10 devices, and I know how they behave.
    Which is why it comes down to what people are doing and how.

    The only thing win10 does:

    Allow background apps to run - ONLY if you're using an online account.
    Re-enable Defender after turning it off temporarily, which it says in the settings menu anyhow.
    Reinstall default apps, if you happen to remove them manually (PowerShell), but only with an online account.

    I'm glad to point out MS doing nonsense - like the GWX thing - but on the same note, I'm willing to defend them when people lay down unbased conspiracies at their feet.

    Mrk
     
  10. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    They removed an old version of Tor from 2 million *infected* people too, which shows that they can do what's in the EULA: add or remove software (via a backdoor). This time it was for a very good cause.
    What I have a problem with is the fact that they installed updates without user consent and are able to add/remove programs as they wish. But Windows users actually agree to this, it's just a matter of actually reading the EULA.

    No problem, that's totally subjective and everyone is entitled to have an opinion :) I, for instance, do mind such stealthy updates. It violates trust completely.

    Is this the "logic" you're going for now? Allow me to do the same: I never saw a man run 100m in 9.58s, therefore I must have been lied to by the media! :argh:

    What ignorance? There are people constantly monitoring what Windows does, and in 2007 they noticed Microsoft silently updated 9 executables without user consent. Many websites and blogs reported it, and Microsoft also talked about it on their blog. I don't suppose you live in a bubble where you defend Microsoft as if everyone who talked about the backdoor and provided hash-sums of the files are lying.

    Microsoft themselves admitted a lot of stuff on their blog http://blogs.technet.com/b/mu/archive/2007/09/13/how-windows-update-keeps-itself-up-to-date.aspx

    What I really like about their blog post is what I'm about to translate:

    "Of course, for enterprise customers who use Windows Server Update Services (WSUS) or Systems Management Server (SMS), all updating (including the WU client) is controlled by the network administrator, who has authority over the download and install experience"
    Meaning: only enterprise customers have that control over WU client. Home users, however, don't have that kind of control over Windows Update client and we can remotely update the client without users' consent.

    In fact, Adrian, from ZDNET, also confirmed that some of his Windows Update clients were updated without consent https://web.archive.org/web/20071009091830/http://blogs.zdnet.com/hardware/?p=779
    He did state "
    this stealth update was applied to systems where Windows Update was set to “Download updates but let me choose whether to install them” and “for updates but let me choose whether to download and install them” but not on systems set to “Never check for updates"", but this could be a by-product of many factors such as firewall configuration or network administration from ZDNET.
    Nevertheless, it's still a backdoor. If the user sets his/her update settings to "LET ME F-ING CHOSE WHEN TO INSTALL THEM", and that control is taken from them and put into someone else's hands, this is still a backdoor, though not as agressive.

    Also, as an example that happens on my own machine when I install Windows, the system is somehow installing updates without my consent. My DVD is from 2010, and right after install I chose "Let me chose later" when Windows prompts me to chose the Windows Update behavior. Then I set Windows updates to off, and go check the history: there's an update installed that dates from 2015.

    Another golden quote from their blog:

    "One question we have been asked is why do we update the client code for Windows Update automatically if the customer did not opt into automatically installing updates without further notice? The answer is simple: any user who chooses to use Windows Update either expected updates to be installed or to at least be notified that updates were available. Had we failed to update the service automatically, users would not have been able to successfully check for updates and, in turn, users would not have had updates installed automatically or received expected notifications"
    Meaning: It doesn't matter if you opted to chose to install updates, we can do that remotely.

    Another quote I like:


    "To avoid creating such a false impression, the Windows Update client is configured to automatically check for updates anytime a system uses the WU service, independent of the selected settings for handling updates (for example, “check for updates but let me choose whether to download or install them”)."
    Meaning: it doesn't matter which settings you chose, you don't fully control Windows updates unless you disable the WU service.

    Then they say:


    "Before closing, I would like to address another misconception that I have seen publically reported. WU does not automatically update itself when Automatic Updates is turned off, this only happens when the customer is using WU to automatically install upgrades or to be notified of updates"

    Again stating that the user doesn't have full control over the updates, but Microsoft. Still a backdoor.

    Now, obviously that case turned out to be benign. However, I never stated the opposite; my objections are only that Microsoft controls the software, not the user, specially when considering Widnows 10.
    If the user doesn't have full control over a program, than someone else does, via backdoor (an alternative way of gaining full control over a program).


    And to finish, even though there is strong indication that this Windows Update backdoor can act on systems that set updates to "let me chose" and also on systems that have completely disabled updates, this isn't the only demonstration of how Microsoft have backdoors into Windows. As shown, in 2013 Microsoft removed Tor from 2 million infected people, without user consent as well.

    Again, just go and read a little about what a backdoor is.
     
    Last edited: Oct 22, 2015
  11. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    I don't know (I'll never use W10), but it seems like you're trying to dry Ice on a hot day. It's too much effort and not very effective.

    If you use Windows 10, you're agreeing to bend over for Microsoft, so what's the point of doing hackish things to avoid their violations? I can't think of one scenario where a user MUST use Windows 10 or he/she will lose his/her job; however, I could imagine Microsoft imposing restrictions to users with regards to software compatibility, so it could be possible that one must use Windows 10.

    Even when opening a local photo, you're making connections to Microsoft. There are ways of locking Windows 10 down, but in my opinion the effort is not worth it and there is no guarantee that Windows will be completely shut. Windows 7 and 8 require less effort to silence and are, as far as I know, less intrusive than Windows 10.

    Remember, Microsoft's goals with Windows 10 are to make money not only when you buy a computer or Windows license, but by using your data too. And you can see in the EULA that they will collect a ton of information about the system, the files you open locally, websites that you visit, programs that you have installed, your voice input; everything... And even though the masses are ignorant and most people don't care about this stuff, Micrisoft will most likely find ways of rendering these privacy tools, that a percentage of people are using, unusable at some point.

    Would you consider at least using Windows 7?
     
    Last edited: Oct 22, 2015
  12. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    Old versions of Tor were removed via the Malicious Software Removal Tool which is downloaded via Windows Update. There was a actually a very good reason to remove them.
    It's important to note, that only old versions which were affected were removed. It was done to prevent the spread of a botnet, not specifically to target Tor.
     
  13. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    I'm not against this case where it turned out to be "for the commong good" :) I just stated that Windows have built-in backdoors. Microsoft used Windows' Malicious Software Removal Tool to remove a particular version of Tor from Windows machines; this power, which is granted via backdoor/EULA, could be used for good (as it was this time) or for bad.

    They have the power, that's my point all along.

    Cheers.
     
  14. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    By posting about Tor being removed without giving any details, it certainly sounded like Microsoft was specifically tageting and removing Tor, which was not the case. Also, I'm another one who does not believes the term backdoors applies.
    Well it portentially could be used for bad, but at this point in time it isn't being used that way. Until such time (if ever) it happens, I have no problem at all with Windows Updates being installed.
     
  15. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    Weird. What was the case, then?

    But this isn't good practice. It seems you're not agreeing with the term "backdoor" just because you don't mind them existing in the first place. I can imagine the caos if more poeple did the same :p

    This article on Wire has a perfect explanation:

    Well, not that we know of. But lack of evidence doesn't mean lack of existence, and when dealing with close-source OS's I advise people to assume the worse because there are many cases where proprietary vendors willingly harmed the users.

    I understand.
     
  16. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    They were only removing old versions of Tor. It's not like Microsoft decided, we don't want people using Tor, so we'll remove it. They removed old versions of Tor which could have been infected by a botnot, but did not touch the newer versions which did not have the vulnerability.

    With regards, to Windows Update being a backdoor, it's not.
    It's not used for remote administration, tt's used to deliver updates, and that's all
     
  17. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    I don't know where you got that, but I never said such a thing hehehehe.

    That is your definition. And with all due respect, I prefer to agree with unbiased opinions that exist long before I was even born.

    EDIT: Again, windows update itself isn't a backdoor. Read a few posts back, please.

    It (the backdoor) is used for remote administration of Windows Update.
     
    Last edited: Oct 22, 2015
  18. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    No, you never said that. But, I assumed that from reading what you posted, since you did not clarify it.
     
  19. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    Oh.. I apologize for it. It wasn't my intention :thumb:

    I edited the post.
     
  20. dogfish666

    dogfish666 Registered Member

    Joined:
    Oct 21, 2015
    Posts:
    15
    hi Mantra may be dual boot system keep windows for those programes you need if they do not need to go on line
    and calling home to microsoft and linux for internet and privacy if this is a option you could look at
     
  21. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    6,167
    hi
    yes it's what i'm thinking about it right now
    i will install ubuntu or kubuntu in this week end
    thanks
     
  22. dogfish666

    dogfish666 Registered Member

    Joined:
    Oct 21, 2015
    Posts:
    15
    Good stuff run linux first off live disk or usb to check sound and wifi etc then if that
    works out ok then go for the install on partition along side windows enjoy
     
  23. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    7,982
  24. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,793
    Location:
    .
    I feel quite a bit distrust for a "freeware" 4.2MB app when the same goal can be achieved using a few small script lines:
    Code:
    reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\Gwx /f /v DisableGwx /t REG_DWORD /d 1
    
    reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /f /v DisableOSUpgrade /t REG_DWORD /d 1
    
    schtasks /Change /TN "\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" /DISABLE
    schtasks /Change /TN "\Microsoft\Windows\Application Experience\ProgramDataUpdater" /DISABLE
    schtasks /Change /TN "\Microsoft\Windows\Application Experience\AitAgent" /DISABLE
    
    schtasks /Change /TN "\Microsoft\Windows\Setup\gwx\launchtrayprocess" /DISABLE
    schtasks /Change /TN "\Microsoft\Windows\Setup\gwx\refreshgwxconfig" /DISABLE
    schtasks /Change /TN "\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" /DISABLE
    schtasks /Change /TN "\Microsoft\Windows\Setup\gwx\refreshgwxcontent" /DISABLE
    
    sc config DiagTrack start= disabled
    net stop DiagTrack
    https://www.wilderssecurity.com/threads/no-ms-updates-for-a-year.379798/#post-2525340
     
  25. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    6,167
    hi
    is there a way to block it ?
    thanks
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.