Windows 10. A strange beast.

I need windows?
Depends. Some scenarios you might need it — or not.

* You are a gamer.
Software houses are less interested to port their games on linux/mac.
This don’t mean you won’t find cool games, but you know, win is the “default choice” of any PCs.

* Where you work there are only windows machines.
If you can use something different and you know how it works, just do it.

* Devices which work on windows.
Actually, linux should have a lot of wrappers to make the device working.
If not, you are out of luck.

* You have a Windows 10 OEM licence (laptop often have this).
You could still consider a dual boot. Just try not the remove windows partition or you could lose the licence.
Rare, but could happen. It should be saved on UEFI bios now, but be careful is always a good idea.

I don’t play and I don’t want windows 10!
Then try linux. There are lot of distros, just choose one.
If you are even ready to learn some basic commands, it’s quite probably you never have to reformat the whole thing. Just subscribe to the forum for your distro.

Why I can’t stay to windows XP?!
It would be better to avoid. I like XP, I still have it in a virtual machine, but it was released on 2001.
It’s pretty old and outdated nowadays. Security patches and most modern software dropped it.

But get back to windows… =)
Some infos could be old, as usually latest feature update don’t work on my system. Windows mysteries. o_O


Windows downsides:

  • Commercial product (need money to be legally used);
  • Closed source: any mods could be considered EULA violation and cause headaches;
  • Feature updates often are unstable (scroll to see why);
  • 3rd party softwares often mess with windows/programs (if you don’t know how to fix them);
  • Updates mess hard drive partitions (ignore this if you don’t know what they are);
  • They push their modern apps, even if you don’t use them (cortana, onedrive,..); their removal could lead to strange issues. They come back at any feature update, anyway. So is quite pointless removing them.
  • Interface is confusing if you are used to xp or seven.
  • They removed Aero Glass on titlebar. All is flat and sad now.
  • Explorer still need a lot of optimization (still hasn’t dark theme and good cache for big folders).

Windows updates are changed a lot, so here few tips:

  • Preview updates – when you use the update tool – are not a good idea for a stable system.
  • Feature updates are big and require time to be done, so do any work before restart or you have to wait.
  • Service pack don’t exist anymore. Now are called feature updates (but service packs were more stable).
  • Disabling updates/security features is often a bad idea – if you don’t know why are you doing it — but I saw a lot of machines borked by latest feature updates, so generally is also a good idea delay the latest feature updates to allow MS to fix them for most systems (Note: security updates should be always done).
  • Updates could change boot, so if you have more OS (win/linux), better keep them in different hard drives with different boot sectors, or even better different PCs.

Windows updated are changed a lot on their “windows as a service” schema. I’ll do a quick resume:

  • Skip ahead fast ring: Windows Insider version. You’ll get pre-release versions. Nearly untested and highest chance of severe issues.
  • Fast ring: Windows Insider version. Consider it like a windows alpha version. You’ll encounter a lot of bugs, sometimes really bad. I wouldn’t exclude unbooting machines.
  • Slow ring: Windows insider version. Consider it like a windows beta version. You’ll encounter less bugs, some glitches, and sometimes you have to use workaround to do something (regressions).
  • Release ring (+semi annual targeted): Consider it like a release candidate. Some updates come faster but are clearly even less tested.
  • Semi annual build – targeted (ex Current Branch): Windows update default. Most system are fine with this, but sometimes it’s not true. I hope MS is working here.
  • Semi annual build (ex Current Branch Business): Windows update are tested a little more before you get the update. Good compromise between staying updated/working.
  • Long-Term Servicing Channel (ex Long term branch service):  Only on Win10 Enterprise. Feature updates are delayed a lot (2-3 years). Home and small business don’t need this at all. Is just for enterprises which need to control any update to avoid issues.

If you prefer a stable system, I suggest staying on semi annual (not targeted).

Safety tip on rings/branches: If you change the channel, you are not able to get back to the original one without reinstalling the whole OS. So, choose it wisely. Instead a feature update from your ring/branch can be removed within 10 days, so keep an eye if everything it’s working fine and go to previous version quickly if it doesn’t 🙂

Modify system settings: Windows 10 has (still) two settings apps (which is quite confusing and even annoying, I know). The main is called “settings” and it uses ModernUI – while the other, the “legacy” control panel – the one on win7 – it’s a traditional window program – not an app. But probably you have still to use both. For example, admin tools are only in legacy panel. Try to remember any change you do, there. It will save future headaches. The same for any app or driver installed on windows.

 

Worst bugs I had/seen:

  • Chromium bugs [Win10 1803]: Bug about maximized window (opera fixed before chromium); modern tiles of vivaldi and chrome could be blank at win startup (restart explorer fix this).
  • Gpedit.msc “is closing” [Win10 Pro]: Closing windows require a lot of time, as version 1511 – now obsolete – had this bug.
  • Missing/unworking tiles [start]: Links on start could vanish or stop to work correctly. Remove them and pin again on start. [Windows10 < 1607 ?]
  • Unworking programs: App could stop to work after a major update. Just reinstall it [Windows 10 < 1607 ?]
  • “Faulty” security updates: On rare cases, removing the latest security KB (update) could fix an app. But it should be used as last resource, as is not recommended to remove a security update. [sadly, this is a random – and old – windows issue: last seen on 1511]
  • Modern apps stop to work/are removed: Windows 10 1703. Nasty. And random.
  • Sticky “unused” folder on quick access: This will be on until windows put an option to remove their “user folders”. You can try an hider.

The driver trouble
Windows – and any redmond product – updates itself. Same for most drivers in your machine.

So.. should I update drivers with windows update?
I won’t. Do it only if vendor hasn’t the right driver or if you unsure to what is the right one.

Why?
As usually the driver which windows update has, is older than the one you can found on the site of the vendor.

Should I install a driver from windows update if I installed it via vendor site?
No. But Windows will do and you’ll end on a mix of old (from windows update) and new (from site) driver.
In this case, just lock the driver update with this.
If windows update stop to work, try this instead.


Security features
:
Windows has several security measures. And you should always keep them on. Keep in mind some viruses don’t need admin rights, or can exploit OS to grab them. So you need to be careful always and everywhere 😛

  • Administrator account: Any app can change vital OS parts. And viruses too. Usually only experienced users should use this – but some use people uses standard account, which is slightly more secure.
  • Run as admin: Allow an app/installer to perform admin tasks (often need for an install/upgrade)
  • Standard account: You’re not allowed to change OS vital parts. Or perform any admin task if you don’t use run as admin.
  • Guest account: Similiar to standard, but slightly more restricted. For guests.
  • User account Control(UAC): Every time an action need admin rights, you have to choose allow/unallow. Note: it could be useful only if you read what it says.
  • Windows firewall: Basic protection against intrusion. Keep it on if you haven’t any firewall installed.
  • Windows defender: Protection against viruses. Keep it on if you don’t use third parties antivirus.
  • Secure boot: Prevent using unsigned driver and even some(most) boot sector changes. If you don’t know what it is, keep it on. Some devices – as WindowsRT (arm) – can’t disable it.
  • Smartscreen: Unallow some low level changes. If you don’t know what it is, keep it on.

 

3rd party security softwares:

Usually, Win10 protection is fine, but if you need more layers of security, you probably are using some of these. These need to be configurated manually to avoid issues with other apps.

Listed from “core security” to “advanced security”. If you are cautious person, you probably won’t need mos of these.

  • Antivirus: Same as Windows Defender, prevent infection.
  • Standalone scanning tools: Best if it has cloud scan (newest engine signature) and multiengine scan (so more chance to detect viruses). Some can scan also browser extensions.
  • Sandbox: Allow to launch an app in a kind of “virtual machine”. So most infections won’t reach your PC.
  • VPN (paid) service: It routes your traffic to stay anonymous, prevent censorship, bypass geolocks and so on. Free services, while they can work, could log you. So they are not really “safe” after all. Some even share IP between users, which is even more insecure.
  • Virtual machine: Virtual OS in your OS. But you’ll be infected if you don’t disable the network on it or if you use sharing folders. So be careful when testing there.
  • Adblocker: Some adblockers can be used system wide. So you need to correctly set it up.
  • Software Firewall: Same as Windows Firewall. It handles incoming/outcoming network traffic.
  • HIPS module: Often called proactive defense. It handles any os process – a kind of superUAC (but often more effective). It’s pointless to use it, if you don’t understand what are saying or their behaviour.
  • Hardware firewall: An hardware firewall to protect your pc. Usually, only need on business or very expert users.
  • Advanced ones: Software or hardware tools which can mitigate with new menaces. Mainly for business.

 

Risky users habits or “best ways to get an infection on Windows” (most viruses works only here after all).

  • Disabling OS security features without a valid reason;
  • Opening strange attachments in mails. These often has cryptovirus, really bad guys. So always do a scan before opening any attachment and don’t keep them if infected.
  • Install doubt browser extensions/unpacked extensions from untrusty sites (adwares/hijackers viruses).
  • Even some store extensions are infected, so always read their feedback before installing.
  • Install browser plugins from scam sites. Use only real plugin site or your browser addons page to find it.
  • Clicking on scam pages which offer discounts, free things, xxx services or pirated content.
  • Always scan anything which come from p2p platform (torrent/emule) as  it could have nasty things inside.
  • Always scan installers from download sites. Or even better download the product from the actual dev homepage if possible.
  • Toolbars/companions bundled in softwares – are usually a good way to get an adware/hijacker. So, never click next > next > next > accept all > when installing things 😉
  • Always scan memory cards/flash drives you put in your pc avoiding to get infected from there.
  • Social login: when you access somewhere with your social credentials. Probably you won’t be infected, but your data could be used for ads, tracking or spam on your email (which is annoying).

2 comments Write a comment

  1. “Sometimes (not often on stable release), some app icons in start menu vanish or stop to work correctly.”
    I sometimes wish some apps would not be there at all or not install new with every windows update …

Lascia un commento