Comment by tbrownaw
19 hours ago
> shown they don't respect the user when they force shutdown for system updates
Are you familiar with the prior state of things that explicitly motivated this change?
19 hours ago
> shown they don't respect the user when they force shutdown for system updates
Are you familiar with the prior state of things that explicitly motivated this change?
Yes. Since 199x.
macOS does the same thing. When I actually sleep, when my laptop's lid is closed. I wake up. My Mac wants a password instead of a fingerprint. It says it has updated the OS when I was snoring. What's the difference?
Every app, every window, everything is the way I left before closing the lid. My computer is updated, rebooted and ready for the day. Like nothing happened.
Linux is the same deal. If the desktop environment is upgraded a logout and login is necessary (and KDE restores session as well as macOS for the last decade, at least), and if I updated the kernel, I reboot. I'm back in 30 seconds, to the exact point that I left.
Only Windows takes 2 hours, 4 reboots, 3 blood sacrifices and countless frustration sounds to upgrade. While saturating the processor and the storage subsystem at the same time, which makes my computer create the same sounds of the said blood sacrifices.
My experience with Mac is iterm prevents Mac from shutting down so instead some days I wake up and everything on my machine has been closed and the update hasn’t been performed. Lovely.
I don't use iTerm, and close everything that I don't use for the night, which is a habit I have since the beginning of time.
Are you aware that MS already sells an operating system that can install patches without rebooting? Are you also aware that Linux can do the same? Why can't a supposedly mature 40 year old operating system do the same? Do you have any concept of the number of man-hours it would save globally? The amount of lost work? The impact on patching compliance and security?
My guess is they don't actually believe they have any competition, and therefore don't care to improve anything that doesn't also improve their bottom line.
every week when I login into my Ubuntu with unattended updates enabled I see this: "system restart required".
the hot patch feature you mentioned is paid
On Ubuntu, when this message is shown, most of the updates except the kernel are already applied so you are mostly pretty secure. And you can choose when that will happen. And it’s just a normal reboot.
On Windows, IIRC, you are blocked during the whole update process which can take several minutes.
7 replies →
Not to derail but there are issues with kernel patching. If it does work you start building a very large matrix of various levels of hot patches and then sometimes it just doesn’t.
1 reply →
It is also paid for windows. It shouldn't be.
Off topic, but I'm pretty sure that Ubuntu's livepatching is just kpatch under the hood,
https://ubuntu.com/blog/an-overview-of-live-kernel-patching
Note, that you can also keep the userspace unchanged by hibernating and then choosing the new kernel on boot. It is not truly live patching, since you have still downtime, but pretty close.
I'd wager further, is they've by this point long since bled out their top talent. Pretty soon that motor is going to run out of oil.
> Are you aware that MS already sells an operating system that can install patches without rebooting?
No. Which OS is that ? Even to update Office they throw an annoying popup and then another one to start the update and a dark pattern (close button accesible with a hidden scrollbar and no window controls) one to tell you it is finished.
Server 2025. They upsell it as a subscription because they can. Before that it was also available in Azure.
https://www.microsoft.com/en-us/windows-server/blog/2025/04/...
2 replies →
Why does that matter? I should be allowed to explicitly chose the risks I want to take. Not microsoft. Especially not for microsoft to decide, no matter what I'm doing, or what I have open and unsaved on my computer, now is the time they think my risk is too great and tuesday has passed, so reboot reboot reboot.
The automatic reboot has made the world a better place, because too many people were incredibly bad at making this risk tradeoff.
It might still be bad thing for taking away agency. But it was also a massive improvement to society.
That's quiet a bit of stretch to equate forced update reboots to massive societal benefits
Well... this is similar to COVID. As long as your computer is disconnected from any network, yes you should be able to do whatever you want and decide. But as soon as your computer can be a danger for others, then your risk taking decisions can harm others, and then what?
Masks during covid were a matter of public health.
Regular updates are also a similar matter.
Masks were necessary to save lives at a stage where risks were unknown and pressure on health systems was high.
Missing Windows updates does not kill anyone.
Plus, installing Windows updates may cause high frustration because "feature" updates are mixed with them and may alter the OS behavior in unexpected and undesired ways. If Microsoft cares so much about security, they should allow people to stay on fixed Windows stable versions that only get security updates without pestering them. Basically, sell LTSC to normal people.
It's truly absurd to compare "my computer might be hacked and used by baddies" to "I don't want to wear a mask during a pandemic"
It's not a comparison that bears a response.
The amount of money lost when millions of small restaurants and other retail shops suddenly become unable to accept customer payments for an unknown amount of time because Microsoft thinks Windows should force update during rush hour rather than allowing the computer owner to wait until closing time, would seem to be far greater than the amount of money lost with once-in-10-years WannaCry attacks
Don't you get out of forced updates if you set yourself regural update point ? (e.g. every Sunday night)
Most users, for better or worse, don't want any update ever, unless they wish for a specific feature. We're at a state where there's only once-in-10-years massive attacks exactly because of mandatory security updates that will be forced on the user if they have no intention to install it ever.
Maybe the 3rd largest tech company in the entire world could spend a little time figuring out how to hot patch their OS. Heaven forbid they actually innovate on something.
You can update without locking the computer. You know... like is done in Linux for a very long time. I have a nice memory of doing a full update of Kubuntu to the next version at the same time that I was playing a AAA game without issues or interruptions.
3 replies →
Yes the security of every Windows computer was much better then, any software that automatically updates itself without user consent is obviously a massive security risk because the user is no longer in control of what software they run.
This is why I still prefer to install programs as root, since then they are unable to update themself. (And also other users can't do that.)
Security is the catchall excuse for every bad big tech behavior because they know "security" professionals will defend every f-the-user move they pull [1]. Is it improved security when I lost days of work because microsoft (and you apparently) think their patch is more important then my data? Notice, by the way, that security incidents can cost big tech a lot of money but my lost data is no skin off their back.
[1] It reminds me of dermatologists, so hyperfocused on skin cancer that they tell everybody to hide from the sun, completely oblivious to all the harm their advice causes to the rest of our health.
The other angle is that if annoying enough it gets people to make their own workarounds so it works as they want. The real trouble is when it escalates as each side wants to have authority over the other as they each think they know best, and you get things like laptops on standby waking to try and update themselves in a bag. I've been thinking for a while that windows has been going away from a 'personal computer' OS in that it isn't "mine", it's at the mercy of someone else and efforts to fight that aren't worth it long term.
i dont want a device to tell me when i need to restart it, thats my decission.
Same on boot. Usually when I boot a computer I am not ready to wait for it to install several updates, unasked.
Not really. Maybe I'm jinxing it, but I've never had a problem caused by failure to update my PC.
Servers I understand because they're exposed to the Internet at all times. Not PCs
> Servers I understand because they're exposed to the Internet at all times. Not PCs
And, for reference, updates are not forcefully installed on Windows Server.
Well, forcefully restarting a server without asking its owner does sound like a bad idea. And disrespecting the users in that way when the competitor OS for servers is free, has significant market share and is known for letting the user to what they want and getting out of the way should probably also be avoided from a market perspective.
Lest one remembers Win 9x or even XP w/ no firewall on residential networks.
It's interesting how much different the landscape was in that era: single-device residential environments would have no firewall at all (just a PC with a publicly-routable IP address) and dial-up kind of fueled this due to PCI slot modems, but as the outboard nature of DSL and DOCSIS modems made it easier to build multiple-device residential environments by adding a router, suddenly everyone had a firewall (as a byproduct of NAT). Then you've got malware, which was far more prevalent on PCs through that transition relative to today, but now we've got IoT stuff probably not being updated as it ought to be, potentially hosting malware that serves as a proxy to sidestep an in-router firewall.
Yeah, I remember formatting the HD on a PC back then to do a fresh install of Windows XP.
The CD-ROM I had was pre-SP2 (so no firewall), and our internet setup was basic modem + switch. No router with “drop invalid state” or fancy things like that.
So, installed Windows and plugged in Ethernet to fetch Windows updates.
2 minutes later, with no user interaction whatsoever, the PC was infected with malware.
Behind a NAT.
Can't remember a single problem with the described setup and I've been using the internet since dial-up was the only option available.
Getting hacked when you don't have any open ports (thanks to NAT) is and was pretty unlikely - what was more likely is some kind of drive-by exploit in Flash or IE. The biggest problem I experienced with old Windows was general instability in the form of BSODs and driver compatibility problems.
1 reply →
> Servers I understand because they're exposed to the Internet at all times. Not PCs
Gates, is that you ? They have telemetry in PCs those days, you know. /s