Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

In Win11 as admin, take ownership of the following files, and remove all permissions for the system user. This prevents any updates and can be easily undone at any time. I turned off updates, and life is much better. I no longer feel guilty about having my system "at risk". It's no longer worth the pain of updates.

C:\Windows\System32\WaaSMedicSvc.dll C:\Windows\System32\usosvc.dll C:\Windows\System32\wuaueng.dll



Yea at this point updating stuff is just almost more pain than pleasure, since new features are very limited nowadays and most of the time things end up being more broken.

For example, the latest MacOS sequoia security update broke the touch id reader when logging in, i need to type my password now everytime. And lets not forget about the new glass design and UI changes in the latest iOS.

Im pretty tired of updates at this point and will push them out unless absolutely necessary.


Yep the recent Windows update broke a videogame that I was playing.

Windows used to be about backwards compatibility. Microsoft was proud of it. Twenty year old software ran on it.

Now it is all about AI stuff that I do not give a fuck about.


> Now it is all about AI stuff that I do not give a fuck about.

Copilot is now a hardware key on the keyboard. The audacity, messing around with people's muscle memory just to push more slop.

Microsoft truly has gotten too large to exist and needs to be broken up finally and permanently. In fact that holds true for any company found to abuse their existing financial power to push through slop or other unprofitable shit to outcompete others by sheer user count.


> Copilot is now a hardware key on the keyboard.

Fun fact: It is actually doing the same as the Office key, meaning it is actually a key combo (Left-Shift + Windows + F23). Office key instead is Left-Shift + Left-Alt + Left-Ctrl + Windows, which opens Office on release and if you press W, P, X, O, T, D, N, L or Y while holding it you open Word, PowerPoint, Excel, Outlook, Teams, OneDrive, One Note, LinkedIn and Yammer (actually opens MS365 Enterprise) respectively.


> Im pretty tired of updates at this point and will push them out unless absolutely necessary.

As a systems guy by trade and now a security guy by role, that scares the every living fuck out of me.


That's the result of (maliciously) bundling security updates with feature upgrades. Security and feature updates should be entirely orthogonal, so that you can install security updates without affecting the functionality.


...Or the fact that virtually all updates reset a lot of modifications done (incl. disable real-time antivirus nonsense)


That is actually done for a reason. If you are old enough you'll understand why.

A combination of terrible antivirus software combined with really dumb ideas on the internet created a situation where a whole bunch of folks were disabling antivirus and other security features, which was leading to huge security issues across billions of devices. That, and malicious software figured out how to disable security measures as well, so Microsoft went nuclear and they do everything possible to reset things to defaults.

Of course, other teams saw this and Microsoft sometimes resets settings to things it unrelated to security, which just pisses everyone off.

Overall, they are doing a horrible job. They actually pushed me back onto Linux (likely for good, since all my software now works without compromises), and I've seen quite an uptick of folks who've done the same. Valve has made this easier by all their hard work getting games to "just work".

I'm under no illusion that Linux will gain significant market share overnight, however, things are shifting.


Maybe, but that is again not necessary. dpkg essentially shows you a three way merge, when you changed a setting which default has changed and asks you what you want to do.


That is why desired state configuration should be used more between updates, but it isn't user friendly at all.


Same boat here, but I'm not surprised in the slightest.

I'd also argue that the inevitable fallout from large numbers of people making a similar decision is on Microsoft, not the individuals.


I'd rather use a non broken operating system than disable updates.


I can't wait to try this. Long have I feuded with the Task Scheduler and its slippery ability to reenable the update services when I look away. Thanks!


> I no longer feel guilty about having my system "at risk".

The risk of not updating your desktop OS every week is vastly overstated, and I believe this is at least in part due to fear mongering by companies like Microsoft who use said fear as a tool to keep people on the latest version with the latest tracking and ads.


I've encountered a lot more grief from ill-managed updates - and abuse of their delivery mechanism as a perverse means to shove unwanted software down my throat - than from the impact of any security incidents arising out of missing, delaying or contravening one.

The first issue is you don't meaningfully control the timing (ie. defer until you have time to deal with any fallout, which may be >30 days), and that you can't manage your risk by reviewing what's in them and selectively picking the ones you want (ie. true security fixes with limited surface area to bork things).

Once upon a time both those things were easy (eg. meaningful descriptions) and under your control.


I pinned the system version on 23H2. It does get other updates still.


Our update trust has been abused




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: