--
| James E.Thompson | mens |
| Analog Innovations | et |
| Analog/Mixed-Signal ASIC's and Discrete Systems | manus |
| San Tan Valley, AZ 85142 Skype: skypeanalog | |
| Voice:(480)460-2350 Fax: Available upon request | Brass Rat |
| E-mail Icon at http://www.analog-innovations.com | 1962 |
I love to cook with wine. Sometimes I even put it in the food.
That ought to work (if you get the list of allowed sites right) but I'd rather not have to install extra hardware. Another option that should work is to run Windows in a VM, but give the VM very restricted access to the internet.
If the Windows applications need internet access then you could make a "whitelist" of sites that you want it to access and block everything else (presumably the microsoft telemetry and/or update sites). In this case I would be concerned that the Windows OS is not being updated but has some access to the internet so that some malicious file might get in that exploits a bug that I had prevented from being fixed through an update.
Perhaps an easier option would be to do all web browsing, e-mail etc. on the host OS (linux etc.) outside the VM, and don't give any network access at all to the VM that runs windows, except on special occasions when e.g. you need to update LTSpice. You could have a drive that is mounted on both the Windows and host OSs for transferring files. A nice feature of keeping documents on a drive outside the VM is that you can keep a known-good image of the VM, and have a zero-tolerance attitude to any kind of misbehavoiur by Windows. If it steps out of line, it gets overwritten by the working image.
This is the best that I can think of so far. To do this I need to either migrate my existing Win7 install into a VM, or freshly install Win7 onto a VM. I believe that both are allowed under the OEM Win7 licence provided it eventually runs on the same hardware, though I suspect that a phone call may be required to solve activation problems, and MS might stop cooperating with these requests in order to push Win10. Otherwise buying a new-old-stock retail copy of Win7 might be an option if one can find a real one on ebay etc.
I haven't used a hardware firewall in decades. Still have the problem of what to block. If you want to monitor everything, you could probably block what address was used last time. All they have to do is keep changing the web address to evade your blocks. Or even easier, put it at the same address as something you want and can't block. I think the best you can do is use the tools provided by the white-hat-hackers and hope you don't get owned by a black-hat-hacker in disguise. I'm no expert. Better to ask this question in a windows 10 group. My active machines will stay windows 7. My windows 10 machines don't have anything valuable or secret on them. They have nothing to lose.
There's one thing that I did when I had metered internet to keep virus scanners from downloading 200MB signature updates. Normally, your lan setup has a setting that defines your default gateway as your router. That's how you connect to the internet. If you change the default gateway to a non-existent address, any attempts to address the internet get dropped. Communication between computers on your local network is unaffected. That's obviously a problem for computers that need direct internet access. I use only one computer to access the web. If I need something on another computer, I can download it and do file transfer locally. There's an application called fastipchanger that makes it very easy to switch that default gateway setting to access the web. But that may not help if MS sneaks an update while you have internet access. PITA, but can help in some circumstances.
There's a setting that prevents win10 updates if you're on a metered internet connection. But that only works for wireless connections. Recently, I saw a registry hack that makes it work for wired connections. Never tried it. MS could easily defeat that if they wanted. I have all the spyware (that's in the settings tabs) defeated. but MS updates keep turning some of them back on. They OWN us.
Given that Windows 10 comes with a built-in peer-to-peer viral self-replication, I think you'd have a hard time getting any firewall to work... unless there are no peers visible. The only sane way to make that happen is in virtualisation.
No, not really. Our place of business is gearing to switch to linux boxes, as many as possible.
We have experimented with some automation software on Win10, its not acceptable. Latency at random is so bad that we have devices drop out at critical moments and some of the devices we can't even communicate with because there no supported automation driver for it.
I am now using Qubes-OS for some years and it's a wonderful OS with a very consistent security philosophy. And after the last security issue found in Xen it maybe is even safe. ... Until they find the next bug...
If you don't need a lot of fancy hardware connected to your PC, you could try out that Qubes-OS. All internet traffic can be routed through a firewall VM which is using a networking VM for the internet access. Security by isolation. Currently Xen is the hypervisor and they allow you to run windows VMs. For the firewall VM you will chose a linux VM of course.
This is perfectly possible with Qubes-OS (.org), but then the web browsing, e-mail can be done on again different VMs. Even the 'safe' (banking) and 'unsafe' (clicking all kinds of links that might pop up in emails etc.) browsing can be divided over separate VMs, so that your banking browser won't be hijacked when you click a 'dirty' link.
You can install Win7 on 1 VM and linux on the others, including the host.
Also I would do the upgrade on another drive and save the original drive, just because there's a slight chance the image won't work. Drives are cheap and you'll use it for something else later anyway.
The embedded version of XP is still getting upgrades. There's a simple way to fool your's into thinking it is the embedded version but I don't know the links to it off-hand.
Hard to do with a laptop and it was the ancient video accelerator support that broke the updates during installation step. Possible it misidentified it or something since it all locked up good and solid.
I decided to download everything to a USB stick since my internet connection is potentially unstable (indeed failed during the second installation but was easily resurrected).
Had the same issues with it not being able to cope with the video driver and initially had a default 800x600 screen stretched to 1280x720 but at least it booted this time. Updates with a bit of manual intervention managed to find the right drivers but didn't prompt me to reboot after they had been installed. Which seems a bit odd considering how many reboots it had done during the original installation.
I'm only doing it to test running some code through the latest free version of their compiler. This was my testing on Win7 when it was a brand new sacrificial laptop getting a new lease of life as a Win10 test platform. I am a bit surprised that the upgrade worked at all. There are several legacy chipsets that have limited support in it. (I don't care about that so long as it runs the right OS version)
I would be even more leery of doing this to a PC I was fond of now!
But to be fair it did work (eventually) and the compiler would download.
I cannot believe he is so far behind the curve that he cannot even update his system because he wants his 'uptime' number to be high. He is beyond childish in so many ways. And a stupid and lazy f*****ad too.
On a sunny day (Fri, 5 Feb 2016 00:51:46 -0800 (PST)) it happened snipped-for-privacy@gmail.com wrote in :
I do not get it, people want 'speed improvements', just some idea what often runs here at the same time:
2 security cam recordings
1 satellite recording
1 recording from cable from some movie. a http server web browser, youtube videos (some in HD), subtitle control (to add stuff to picture). news reader, email, sound (music), compilations, editors (program source), pdf documents (data sheets), etc
Not much memory, only using one core (this processor has more cores that can be enabled), only run a 32 bit Linux on this box (compatibility), and guess what: I have plenty of computah power left.
There is a big misunderstanding in the world, people want quad cores, some want even more, and all they do is browse the web and read email. and then they over-clock, what not. Maybe it is brain-wash by the sellers and manufacturers of hardware.
Tell you what, I bought a Russian Huawei G4 stick (was many times cheaper on ebay than locally), put it in a raspberry pi, and configured the raspi as a 4G router. Set my PC to use it as gateway, and hey, online...
The world is flooded with little Linux things, everything here runs Linux, my cable modem, my vacuum robot cleaner, my WiFi access points, my Samsung TV, my DVB-S transmitter, my laptops, my PCs... and none of all these things has a 'speed' problem, except for the DVB-S raspi that is topped out for FEC 1/2.
I do understand that there are people running slimulations of I dunno what to find solutions to I dunno what in I dunno how short a time, NASA being a typical example, while most of these things use incomplete equations and give unreliable results. Glow ball worming comes to mind, and, if you look into history you will find the Club of Rome who predicted the end of fossil fuels and the global death of humanity due to over-population running a half witted BASIC program on one of the first IBM PCs, and were 100% wrong if not 1000%. Sure, when paging through pdf files I COULD use a better speed, but that is likely because my AMD build in graphics on this PC sucks rescaling. Could be Linux drivers too, on the other Linux PC with Nvidia hardware and Nvidia drivers it flies.
As to Linux 3 the club changed things again IIR the DVB API, and for sure the drivers for some of my webcams. And hell for them Raspis I do not even know what Linux version it is, I grabbed the image (Debian based) years ago, and have changed everything since then so my PCs and raspis have the same window manager, apt-get update gets completely confused and writes books full of error messages, but..; everything works! Because I KNOW how it works and I wrote most of the soft I use.
I strongly recommend not doing kernel upgrades on an existing system unless you know exactly why and how. This now runs Slackware (no idea what version, old version), and does all I need. I compiled that kernel and many things broke. I know more fun things to do, just rewrote and improved some old program I wrote, added features. BUT if I buy a new PC (unlikely like this, will go for a Pipo perhaps) I will do the fight rewriting all my stuff to get it working . After doing that 4 or 10 times it is _NOT_ what I am interested in (since running Linux 1998). Again, OS is part of the hardware, it is an INTERFACE between the hardware and the application programs, it should NOT change all the time, and in should not be more than that, BUT sales are sales, new hardware needs to be sold... the software manufacturers are in bed with the hardware manufacturers. Every thing needs a GUI, preferable with touch screen.
I know, I spend 6 hours coding to make a GUI for some program that I can do with 1 line of code in bash and a few entries in crontab. Soon people will no longer be able to write, only to point at things, like in the supermarket, endlessly walk along shelves looking for what you want, getting what you do not want as a bonus, while in the old store you could ask the shopkeeper and he would give it to you. No command line is a disaster, so I run 8 rxvts on this box in 9 virtual screens with one virtual screen with also a web browser, and one with a few pictures you can click on if you forgot the program name. Thank you for your attention.
I did some biking this morning, just a 3 city tour, to stay in condition, there was a bit of wind too, so the extra energy now goes into finger exercises hitting these keys, pay no attention to it, it may be dangerous to read these ideas. It may lead to the demise of the US economy and collapse of civilization as we know it. If you upgrade kernel of course, eh I mean upgrade to win10. Oh wtf, now take for example my old tube color TV, it booted faster (if booted is a usable word) than my 3D HD LCD. And the colors were better, angle you could view it was better, and even used less power. And in the same way US now uses a Russian taxi to just a few hundred miles up, the ISS, while in the past they routinely could do a moon return. So tech NO... logic is moving backwards. Transistors ? No. Back to the Flintstones and carve in stone, start all over again. that will happen anyways once the nukes rain. And then what do you have, all EMPed semiconductors. Maybe better stop here, but be careful upgrading that box.
Did you see how many lines of text I wrote in how short a time? (Never mind how long it took you to read though). See, no need for faster, just cheaper and better will do, I did not have much to say as you probably noticed. But the essence of it is very true.
It means you get more with the same HW just installing a newer piece of SW.
And you can have 2 or more kernel sitting around in the HD. When you boot you choose the kernel you want to use.
In my linuxbox (an Alix 1c from pcengines.ch) I have at least 2 kernel inst alled: one relatively old that I know for sure that works, a newer one that is updated from times to times automatically by the distro, and now and th en I try the newest to see if there are improvements. The Alix started with a 2.6.x kernel. At a certain point I decided to upgra de to the 3.x: improvement were huge. Unfortunately for reason I'm yet to understand Ihave a panic booting with a 4.x kernel, so I'm stuck with the 3.x.
Point is: trying a new kernel is easy and the fallback in case of problem e asier.
On a sunny day (Fri, 5 Feb 2016 05:49:42 -0800 (PST)) it happened snipped-for-privacy@gmail.com wrote in :
Sure trying is easy, I have 2 kernels on this one, in fact 2 completely different distros, from /mnt/sda1/boot/grub/grub.cfg :
set default ='0' set timeout=60
menuentry 'slackware linux kernel 2.6.37.6-smp 32 bit on sda8'{ set root='(hd0,8)' linux /boot/vmlinuz-huge-smp-2.6.37.6-smp root=/dev/sda8
#legacy_kernel '/boot/vmlinuz-huge-smp-2.6.37.6-smp' 'root=/dev/sda8' } menuentry 'grml linux kernel 2.6.21 32 bit on sda5'{ set root='(hd0,5)' linux /boot/vmlinuz-2.6.21 root=/dev/sda5 }
The old one is simple a ported partition from an older PC. use a rescue disk, tar it, and untar it in some partition on the new PC. Both a backup and a way to run the old programs, assuming the hardware supports it.
It is not true that a newer kernel is by definition faster, or even works. I had a bad argument (and my last) with the kernel developers when one kernel completely sucked. Had to point out that thousands of people wasted thousands of hours trying that crap (google was full of the problem), and that they should really test things before a release, and not moan if somebody gave feedback directly like I did,
So YMM.
My laptop has Ubuntu in the first partition (64 bit) and 3 Slackware kernels including 3.x so I know about it. I never run the 3.x kernel as there were way too many incompatibilities. Even the 64 bit normal kernel has issues.
OTOH we should not complain. the only distro I ever financially contributes to was Debian, Debian runs on my raspis. But even then when I got Debian disks send to me it did not work, did not take long to find the boot disk was the data disk and the data disk the boot disk, but God help a newcomer.
And I make mistakes too, being a neural net,
Your ALIX 1c seems to be a nice little computah, have you seen this box?
A lot of commercial product development takes place within the context of fairly strict nondisclosure agreements, where one party agrees to take proper measures to ensure the security of information belonging to another party, and to not release this information to a third party without explicit authorization.
The Windows 10 EULA allows Microsoft to monitor a great deal of a PC's usage and behavior, including what applications are used, what files are opened, what keystrokes are entered on the keyboard, what words are spoken to Cortana (or perhaps even within Cortana's hearing), etc.
Question: what are the chances that somebody is going to decide that using Windows 10 for a project under NDA is an unacceptable legal risk, because the party using Windows 10 has already granted Microsoft the right to collect information that would be forbidden from any disclosure under the NDA?
What are the implications for the DoD, for defense contractors, and for any health-care organization operating under Federal HIPPA rules?
On a sunny day (Fri, 5 Feb 2016 10:03:54 -0800) it happened snipped-for-privacy@coop.radagast.org (Dave Platt) wrote in :
What *I* do not understand is why in a country with so many class action lawsuits, there is no large group of people who ask microsoft to replace that crap OS. Again, if I had a car that behaved like that, rented or leased or bought, I would want a good working replacement. And having your car towed away while driving for an 'update' would be a well, unimaginable.
So where are those lawyers now that REALLY can save 10 million users 10 million hours of irritation, say save the economy, give back to teh economy 10e7 * 10e7 work hours, or as free time to the users, depending on what they do. Automation was supposed to HELP people and make things go faster, computers are part of that.
So MY recommendation is start a website, get a couple of good lawyers, get people to sign up for a class action lawsuit and get rid of the Dictator and crap programmers for profit in Redmond. Close it, compensate the people. Justice :-)
ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.