FYI A recent bad Windows 7 Update from Microsoft

Started by JohnZeman, March 14, 2015, 05:13:43 PM

Previous topic - Next topic

JohnZeman

This isn't photography related but it's Windows related and very well could affect a number of other Windows 7 IMatch users so I'm posting about it here to hopefully save some time for others in the forum.

Reference Windows Update KB3033939

This issue has had me banging my head against the wall now since last Tuesday when my Windows 7 machine started going into an infinite install Windows update > reboot > fail to install update sequence.  I tried several recommended fixes, all of which failed, then finally I googled to see if perhaps Microsoft had just released a bad update.  And apparently they have.  The following article details my problem and what I did to at least temporarily resolve it.

http://news.softpedia.com/news/Botched-KB3033929-Update-Pushes-Windows-7-PCs-into-Infinite-Reboot-Loop-475631.shtml

Mario

I'm always sweating during the initial 24 hours after I released an update. So many things can go wrong, so many different Windows variants, computers, setups out there... I test on five different combinations of Windows and hardware/software, but that's just the tip of the iceberg.

Shipping Windows updates to several hundred million PC's all over the world must be a nightmare. It's a sign of excellence that not more goes wrong every week. And that we still get updates for Windows versions many years after they have been released. Sh*t happens, and I feel with you, though.

I just had to root my trusted Samsung S3 smart phone after the warranty has run out. Not because I wanted to, because I had to. Samsung decided that a 2 year old smart phone is not worth the effort to get any more security updates. Not because of the Android system, because of the bloat ware Samsung integrates into Android before shipping it to their customers. The bloat causes the latest Android versions to fail to install or makes the S3 so slow that it's not funny anymore. Consider Microsoft would do such a thing...

I run now a free version of Android, and my S3 is without any bloatware. And it's so fast, much faster than it ever was. And I have full control, and can deny apps to phone home or read my contacts, position and tell the ad networks. Niiice.
-- Mario
IMatch Developer
Forum Administrator
http://www.photools.com  -  Contact & Support - Follow me on 𝕏 - Like photools.com on Facebook

Ferdinand

This (rooting my Samsung) is something I might consider.  Are you concerned about making the phone more vulnerable?  I confess that I hadn't researched doing this to my phone, but had the vague impression that it did.

lnh

XDA-Developers.com is one of the forums where you can see loads of information on this topic. It can be very complicated, or simple (i.e. most Nexus devices) to unlock your bootloader and root. The forums are full of people who did crazy stuff or didn't follow directions carefully and ended up bricking their phones. Some phones have automated scripts which make it super easy, and others don't. The firmware level you're starting from also makes a difference. Other than phones which are designed for rooting (Nexus, some Motorola's depending on carrier, and I believe some Sony), the methods of unlocking bootloaders/rooting take advantage of a found vulnerability, and those can be patched from version to version by the vendor sending the techies back to the drawing board to find a new way of getting around the firmware locks.

As far as security and privacy control goes, rooting can be helpful and harmful at the same time. With root access, a misbehaving app could do damage so there is a level of trust you're accepting when you grant an app root access. Of course you can also have apps access things you'd otherwise not be able to do. Some 3rd party firmware builds in a level of app level privacy improvement as Mario was talking about. Sort of similar to how iOS approaches app permissions on a granular basis and I really wish Android would take this sort of thing seriously. Depending on how you do this in those 3rd party Android roms, you can have unexpected crashes. The reason is because Android apps don't have to deal with individual permissions being denied, so they aren't designed to fall back gracefully. The best workaround is installing the Xposed framework and the Xprivacy module. This acts to spoof the apps with nonsense or null data when it asks for it, and you control which apps get what kind of treatment. The more significant issue going forward is Xposed on Android 5 which made huge changes to the underlying runtime of Android. The Xposed developer has recently made progress on this front, but it's still very early alpha type code.

Personally, I rooted my Samsung GS3 (Verizon) the day after warranty expired and flashed Cyanogenmod. It worked OK. Upon switching to AT&T, I got a Moto X (2013) developer edition phone which came with the ability to root and not lose warranty. Fill out a form on the Moto website and they email you directions and the secret codes to unlock your bootloader. After that, rooting is almost trivial. At least with the Moto X, you cannot receive OTA updates if you're rooted, so updates become a pain so unless you're a hard core hacker, you might end up skipping minor updates which could negatively effect things like security bugs. I've since reflashed the stock image to 4.4.4 and remain unrooted waiting for the 5.x OTA update. The Moto X developer edition (now called the pure edition in the 2014 model update) has no carrier bloatware and the several add-ons Moto did are actually minimal and useful.

Many in the 3rd party rom world think Google is evil as they build (or move) functionality which was once a core part of Android (and hence part of the AOSP releases which are the basis for both OEM and 3rd party roms) into Google Play Services. Maybe not entirely good intentions on the part of Google, but it also solves a troubling update problem which has real benefits. As Mario found, either OEMs abandon updating SW on older phones or react to important updates very slowly (think heatbleed and some of the other vulnerabilities found in the past year). This structural change allows Google to update phones directly and bypass the carriers. Apple has always had the advantage of pushing updates direct, and now Google can too as long as the function needing updates is part of Play Services. Play Services code is proprietary to Google.

Mario

What bugs me about Android (and don't get me started about the Apple religion) is how little control you have over your phone.

For example, I was in need for new a QR code app. The last app I used (Barcoo) now entirely consists of display ads, and somewhere a very small button which in fact allows you to scan a QR code. Then more adds, and somewhere below the scanned text. Totally unusable. Nothing against some ads in an otherwise free app, but too much is too much.

So I set out to find a new QR code app. There are plenty. But apparently most of these apps need access to your position, your contact list, your microphone (!) and your GPS, full Internet access (for calling home) and whatnot just in order to scan a barcode. Mhm. Nonsense. But you have to either trust the app vendor and grant all the rights, or you cannot install the app. I had a real hard time to find a usable QR code app which only needs access to the camera...

The (intentionally) messed up rights management in Android is not going to change, because smart phones get dumbed down more and more, and user are slowly (slide-by-slice) accustomed to less and less privacy. The business model of most free apps (and even many of the apps with in-app purchases) is to collect as much data from your smart phone and about you and then sell this data to monetize it. Oh, and to display ads, of course.
For an app developer, this is easy to do. They just link in a toolkit from a 3rd party, and then money rolls in, depending on how often the app is installed and how much ads it serves and how much data it pulls from the phones.

This business model is hushed up and most smart phone users are only barely aware of that. Recent 'simplifications' done to the Androids rights model (arranging rights in even larger right groups which you can only grant or deny as a whole, apps who can grant themselves more rights from the group they have been granted without asking the user) has been added of course only to make things simpler for the smart phone user. Booshite.

Installing a custom ROM (aka "open source / free Android") system gives you a lot of control back. And you get frequent updates, including security updates, even for smart phones older than 2 years. It might be a bit more work than just relying on your smart phone company or phone company to get things right. But you don't need to wait 3 to 6 (!) months for an update after a severe security hole has been revealed in Android. And open source Androids support older phones much longer than the smart phone companies, which is good for your wallet, conscience and the environment...

-- Mario
IMatch Developer
Forum Administrator
http://www.photools.com  -  Contact & Support - Follow me on 𝕏 - Like photools.com on Facebook

Carlo Didier

Mario, may I ask which ROM you put on your S3? My old S3 only serves as a GPS with maps now (because I added a big battery) and I would like to slim it down (software-wise) to the strict minimum that I need.

Mario

-- Mario
IMatch Developer
Forum Administrator
http://www.photools.com  -  Contact & Support - Follow me on 𝕏 - Like photools.com on Facebook


Ferdinand

Quote from: Mario on March 16, 2015, 09:16:23 AM
What bugs me about Android (and don't get me started about the Apple religion) is how little control you have over your phone.

But apparently most of these apps need access to your position, your contact list, your microphone (!) and your GPS, full Internet access (for calling home) and whatnot just in order to scan a barcode. Mhm. Nonsense. But you have to either trust the app vendor and grant all the rights, or you cannot install the app.

My views also.  So I have installed very few and there are several pieces of bloatware that I won't use, and can't remove.  I think I'll do a little research and may follow you.  Perhaps you could let us know how you find it over time.

lnh

I agree the permission thing is messed up and Google made it worse as Mario describes. It's difficult to have any trust in an app as you have no idea what is happening with intra-group permission escalation. Given Google's business model, they have no incentive to improve your privacy. My favorite recently was seeing a keyboard theme asking for all sorts of new permissions in an update. I wrote to the vendor and asked them to explain why a keyboard theme needed those permissions. No response (or not liking the rational explained in a response) = uninstall app. My other strategy is to not install an app and use mobile web if possible. This works surprisingly well for things like Facebook. I've gone through my phone and deleted a number of apps after seeing their mobile web setup working well enough for my occasional use. A number of 3rd party Twitter clients are much better behaved regarding permissions than the official one from Twitter. Facebook messaging seems to be forcing people to use their permission glutinous app given they are shutting down XMPP support for Fb Chat in a little over a month. Been using the Ghostery browser a bunch, and Firefox with the Ghostery plug-in as they can be configured to suppress web trackers which is eye opening to see how you get tracked by 3rd parties. Since starting to test BitTorrent Sync, haven't used Dropbox once and now testing the open source Syncthing to replace BTSync. All this feels like a battle.

Mario

QuoteThis works surprisingly well for things like Facebook. I've gone through my phone and deleted a number of apps after seeing their mobile web setup working well enough

That's the trick, using a proper browser (Firefox) on the smart phone / tablet instead of custom apps. Very often only reason for companies to provide custom apps is to take control over if and which advertisements you have to see - no ad blocker possible in an app. But in a browser, with neat tools like AdBlock Plus and Ghostery you are in control.

Nothing against ads pe-sé (somehow all the content we consume needs to be paid for) but I like control over which sites I allow to serve me ads. If I 'use' a site or gain something from it, I explicitly allow ads to the site can make some money. For all the sites which try to flood my PC with 20, 30 or more ad cookies - no, thank you.
-- Mario
IMatch Developer
Forum Administrator
http://www.photools.com  -  Contact & Support - Follow me on 𝕏 - Like photools.com on Facebook

Ferdinand

I had been thinking about doing this, only to find that there isn't a build for my Galaxy tablet.  Close, as there is one for the wi-fi version but not for the GSM version.  Is there an alternative to cyanogenmod?

Mario

There are many 'ports' of Android to various devices. I only know cyanogenmod, sorry. I don't spend much time with smart phones, I need bigger computers  ;)
-- Mario
IMatch Developer
Forum Administrator
http://www.photools.com  -  Contact & Support - Follow me on 𝕏 - Like photools.com on Facebook