|
Khablam posted:Chocolatey is poo poo garbage for nerds who don't want to use Linux properly. They do no sanitation at all on what they pull down from sources, so if something you have it updating gets hit by malware Chocolatey will pull it down and install it for you.
|
# ? Aug 7, 2016 01:14 |
|
|
# ? May 13, 2024 07:44 |
|
baka kaba posted:I suppose the software thread is better for recommends, but is it actually worth installing things from the Microsoft store? I've never even bothered opening it, does it have better versions of anything? Applications that update themselves automatically even if you don't open them, so it acts like a package manager? I found a little program I like called Action Note, which lets you put simple text notes in the action bar. Of course I only found that because I was looking for something useful to do with the action bar!
|
# ? Aug 7, 2016 01:25 |
|
xamphear posted:I like Chocolatey a lot. It's very useful. I don't expect it to protect me from zero-day exploits, because nothing will. It wasn't a 'zero day exploit' is was replacing good_setup.exe with a_virus.exe in the sources (which are basically any 3rd party site) and chocolatey just installs a_virus.exe for you with zero sanity checking.
|
# ? Aug 7, 2016 01:49 |
|
Now that normal desktop apps can be distributed via store packaging, I wouldn't be surprised to see more "install via windows store" buttons popping up for "classic" apps. Time will tell I suppose. Like if you grabbed audacity off of the Windows Store then you wouldn't have got that virus from last week.Klyith posted:Of course I only found that because I was looking for something useful to do with the action bar! It was already useful because that's where the standard windows bubble notifications now go. You ever have one of those situations where you glance at the screen right as a bubble notification is fading out and you were like "hey what was that message???" but then it's gone forever? Not any more, because now it's logged in the action center. Plus now there's actually a decent notification api so notifications don't look like Windows 98. Factor Mystic fucked around with this message at 04:08 on Aug 7, 2016 |
# ? Aug 7, 2016 04:04 |
|
Factor Mystic posted:It was already useful because that's where the standard windows bubble notifications now go. You ever have one of those situations where you glance at the screen right as a bubble notification is fading out and you were like "hey what was that message???" but then it's gone forever? And if it's some program that wants to go "hey listen!" every time a new song starts playing or similar trivial crap, it should be purged with extreme prejudice. The whole toast style notification system was an ok idea, which has gotten progressively abused by attention-deficit users and bad app writers trying to make their program visible. I might be semi-ok with email notifications in the action bar, except for the fact that I already have a program that puts a header / sender list of new mail on the desktop background. It's totally passive and I can see it all the time without clicking anything.
|
# ? Aug 7, 2016 05:09 |
|
Khablam posted:It wasn't a 'zero day exploit' is was replacing good_setup.exe with a_virus.exe in the sources (which are basically any 3rd party site) and chocolatey just installs a_virus.exe for you with zero sanity checking. Weren't those sources the official sources though? Like, had you gone to the official website it would have sent you to the place that was now serving viruses? Because I can't really blame people for downloading those viruses if that's the case, and it doesn't really matter if they have Chrome or Chocolatey download the files for them. To be fair though, it would be trivial for Chocolatey to at least make sure the checksum still matches the file they scanned when it was submitted. I used to use Ninite too, but they only have ~100 programs vs Chocolatey's >4000 (because they aren't as well curated) and the pro version has virus scanning built in now if you don't trust your own.
|
# ? Aug 7, 2016 05:41 |
|
If you downloaded the files directly and paid attention, you might have noticed that the files weren't signed. Chocolatey apparently doesn't check signatures.
|
# ? Aug 7, 2016 09:03 |
|
I have Windows 10 N and upgraded to the anniversary edition yesterday. On reboot Plex Media Server complained about missing a mfplat.dll library so it couldn't start up. I did some googling and from what I saw the problem is that the N versions of Windows needs an additional Windows Media Feature pack so I downloaded this one which from what I can tell is the latest one. Installed it and rebooted my computer for good measure but Plex still complained about the missing library. I checked in "turn on Windows features" to see if any media related stuff was added that I need to turn on but there's nothing there about media stuff. For example I found this picture on the Internet: And the "Media Features" boxes are just simply not there at all. I was able to find the mfplat.dll in the /Windows.old directory somewhere and just copied that over to the same location in /Windows which fixed the Plex issue. But now when I try to stream video on the Plex website in Firefox it tells me that streaming isn't supported (but I can watch the videos directly with VLC). If I go to youtube.com/html5 the middle column for "h264" and "h264 and mse" are in red. I've done some other searching and I've seen some references to the h264 codec being available only with Windows Media Player which I don't have and can't manage to install with that feature pack I added. If I go to my installed programs and/or installed updates then I don't even see the "Windows Media Features" thing installed. It's not in programs and in system updates I only see security updates and nothing mentions "media" or the kbxxx article. If I double click the thing I downloaded it tells me that it's already installed. What do I do
|
# ? Aug 7, 2016 11:12 |
|
Boris Galerkin posted:I have Windows 10 N and upgraded to the anniversary edition yesterday. Seems that Media pack for 1607 is not released yet. When it is it will probably be here https://support.microsoft.com/en-us/kb/3133719 EDIT: Found it https://www.microsoft.com/en-us/download/details.aspx?id=53356 Craptacular! posted:Well, gently caress. I sure miss System Restore! It's still there. Search for recovery. CatHorse fucked around with this message at 11:31 on Aug 7, 2016 |
# ? Aug 7, 2016 11:26 |
|
MikusR posted:Seems that Media pack for 1607 is not released yet. When it is it will probably be here https://support.microsoft.com/en-us/kb/3133719 Thanks I'll give this a shot when I get home later. In the meantime how do I uninstall the thing I installed wrong yesterday? Like I said it doesn't show up in installed programs/updates but double clicking on the file tells me it's installed. e: this fixed it right up thanks Boris Galerkin fucked around with this message at 18:24 on Aug 7, 2016 |
# ? Aug 7, 2016 13:15 |
|
Boris Galerkin posted:Thanks I'll give this a shot when I get home later. In the meantime how do I uninstall the thing I installed wrong yesterday? Like I said it doesn't show up in installed programs/updates but double clicking on the file tells me it's installed. Probably safe to leave it alone. Just install the Anniversary Version.
|
# ? Aug 7, 2016 14:20 |
|
dpbjinc posted:If you downloaded the files directly and paid attention, you might have noticed that the files weren't signed. Chocolatey apparently doesn't check signatures. You explicitly get warned they are not signed by Windows, and yeah it'll have different checksums if you look. If you have it enabled, smartscreen will also flip out about it. That chocolately just assumes setup.exe from site.com is exactly what it is meant to be running (with admin privs) is a loving stupid design; their anti-malware solution is virustotal, and it's a paid-only feature. Ninite/patchmypc/secunia all serve files from verified sources/their own hosted version.
|
# ? Aug 7, 2016 14:51 |
|
Factor Mystic posted:It was already useful because that's where the standard windows bubble notifications now go. You ever have one of those situations where you glance at the screen right as a bubble notification is fading out and you were like "hey what was that message???" but then it's gone forever? Not any more, because now it's logged in the action center. Plus now there's actually a decent notification api so notifications don't look like Windows 98. Weirdly, most of the native 10 toast messages I get never actually end up there. Most of what does is basically noise. I appreciate that it's there, for the rare time that something important pops up, but otherwise it just lurks in the taskbar for weeks at a time.
|
# ? Aug 7, 2016 16:26 |
|
I think Chocolatey is super handy and doesn't increase or add any risks on top of the ones already extant in downloading and executing anything that requires local admin rights. If the exploit used in the recent Classic Shell/Audacity fosshub attack hadn't been zero-day, then Defender or other local AV would have caught it. Choco's virus protection is "just" VirusTotal, but that's one more layer than you get from just typing "audacity" into Google and downloading the first thing you find. Which in this case, could absolutely have been the same fosshub hosted installer. If you don't want to use chocolatey, or would prefer to use another tool, that's cool, everyone has their personal preferences. But it's not like Ninite's caching of installers makes them invunlerable or their users perfectly protected.
|
# ? Aug 7, 2016 16:32 |
|
If Chocolatey updates the installed software automatically when it notices new installers available, then it does increase the risk of infection. The Classic Shell incident only affected people who for some reason needed to install or update it during the hacked website. I doubt an installed Classic Shell would have notified the users about an available update when only one of the distribution website had an exploited version. But if Chocolatey checked the signatures of the installer and HTTPS website certificate, and only allowed an update without manual intervention if they matched with the signatures of older installers, then they could improve security on average. Since we can assume that most people never check the signatures of the installers.
|
# ? Aug 7, 2016 17:57 |
|
Saukkis posted:If Chocolatey updates the installed software automatically when it notices new installers available, then it does increase the risk of infection. The Classic Shell incident only affected people who for some reason needed to install or update it during the hacked website. I doubt an installed Classic Shell would have notified the users about an available update when only one of the distribution website had an exploited version. I also don't think Chocolately does any automatic update checking, it's always something I have to kick off manually at a command prompt.
|
# ? Aug 7, 2016 20:32 |
|
xamphear posted:If the exploit used in the recent Classic Shell/Audacity fosshub attack hadn't been zero-day, then Defender or other local AV would have caught it. xamphear posted:and doesn't increase or add any risks
|
# ? Aug 7, 2016 21:38 |
|
Khablam posted:You don't seem to know what a 'zero day' is despite using it constantly. New malware isn't a 'zero day' it's just a new malware sample. Khablam posted:It can take hours to weeks for some AVs to get signature updates. Relying on AV detection rates to block malware as your one and only 'check' is a bad, bad idea. xamphear fucked around with this message at 22:23 on Aug 7, 2016 |
# ? Aug 7, 2016 22:20 |
|
Is there a function in Groove Music that mirrors iTunes Genius playlists or Google Play Music's Instant Mix?
|
# ? Aug 7, 2016 22:28 |
|
WattsvilleBlues posted:Is there a function in Groove Music that mirrors iTunes Genius playlists or Google Play Music's Instant Mix? kinda, only works for songs that are either, on your Onedrive, purchased off Groove, or added to your collection with the Groove Music pass. Apparently the web server builds random playlists out of your music rather than the Groove program itself. But since I exploit the hell out of Onedrive streaming, it works rather well for me. Only problem is that it decides the criteria for you. Please don't judge my music tastes
|
# ? Aug 7, 2016 23:00 |
|
Any way to get the loving Netflix app to not pause if I alt tab? I pretty much never watch Netflix and just use it for background noise.
|
# ? Aug 7, 2016 23:48 |
|
Robo Reagan posted:Any way to get the loving Netflix app to not pause if I alt tab? I pretty much never watch Netflix and just use it for background noise.
|
# ? Aug 7, 2016 23:49 |
|
xamphear posted:I still think you're being silly. Arguing it doesn't increase the risk of infection when we know about this dumb limitation BECAUSE people were getting their systems hosed by chocolately is just 'being silly.' I can't be bothered to reply to this anymore. If you can't see the issue with a package manager hiding verification methods and installing known malware automatically, after having that conceptual nightmare pointed out twice, you won't a third.
|
# ? Aug 8, 2016 01:24 |
|
Khablam posted:Relying on an AV to protect you when they're so riddled with exploits they may be the target of the malware is dumb.
|
# ? Aug 8, 2016 01:35 |
|
How do i change my user directory? I did the anniversary update, and it created a new user directory for my account for some insane reason. Now I have C:\Users\MyUser and C:\Users\MyUser.MY-PC the one with the PC name has all my documents and settings, but when I log in to my account I get the MyUser directory, and it doesn't have any of my things
|
# ? Aug 8, 2016 02:07 |
|
So the icons on the search bar...just moved to the top, and got reduced from ~8 to 3. No software update occurred since this change which just happened this morning, I assume it's server-side then. WTF? This basically means 2 more clicks for common file types (which I have to do frequently as my Onedrive folder is redirected to another volume)
|
# ? Aug 8, 2016 04:55 |
|
Khablam posted:I think you don't see the issue. e.g. 24hours after the news broke the infected installer had about 30% hit rate on VirusTotal. So a whole day with the problem sample around and you have a ~70% chance of your AV being completely useless and letting known malware install. During the actual threat window it would be completely useless. Relying on an AV to protect you when they're so riddled with exploits they may be the target of the malware is dumb. "I will let this program basically install whatever it wants" is dumb. I think you're overestimating how many people use chocolatey. For most people the process probably went:
(Seriously though, I wish Chocolatey had better/mandated security features and had the option of using Ninite as a source, but I'm too lazy to stop using it and fully admit that if I used Classic Shell I probably would have infected myself the old fashioned way if necessary)
|
# ? Aug 8, 2016 06:19 |
|
Combat Pretzel posted:Uh, don't run it fullscreen? I don't run the Netflix app in fullscreen.
|
# ? Aug 8, 2016 06:25 |
|
Robo Reagan posted:I don't run the Netflix app in fullscreen. I usually use Edge for Netflix, but I just checked and the Netflix app doesn't pause for me when I alt-tab - is there something specific you're alt-tabbing to when this happens? My netflix App version: 6.11.33 according to its settings. Does it also happen if you use Edge or IE11 for playback instead?
|
# ? Aug 8, 2016 06:53 |
|
It works for me in Edge just fine. I was just surprised that the exe was crap when every review I saw said it was great.
|
# ? Aug 8, 2016 07:19 |
|
Make sure it isn't minimizing when you alt-tab from it. Most of the apps I use will mute or pause when minimized but work fine while doing stuff otherwise.
|
# ? Aug 8, 2016 07:57 |
Flagrama posted:Make sure it isn't minimizing when you alt-tab from it. Most of the apps I use will mute or pause when minimized but work fine while doing stuff otherwise. And maybe if you're in Tablet Mode, try switching that off.
|
|
# ? Aug 8, 2016 09:50 |
|
I'm watching Netflix using Edge and when I run it in full screen mode clicking on anything in my second monitor un-fullscreens Edge. How do make it keep being full screen? Downloading the Netflix app is not an option because I don't want to make a stupid Microsoft/Windows account.
|
# ? Aug 8, 2016 11:45 |
|
How can I convince Windows to let go of the past and stop trying to update the drivers for the GeForce 8800GT that was replaced about 6 months ago? I ran DDU (in Safe Mode, with the old card in the system, shut down and swapped cards, then restarted and installed the new card's - a Quadro - drivers). I noticed the continued attempts at updating the old drivers, and ran DDU again (the old card is long gone at this point). Still have the same issue. I think this is keeping the anniversary update at bay. If I can avoid a complete reinstall that would be nice. This is my update screen.
|
# ? Aug 8, 2016 14:51 |
sirbeefalot posted:How can I convince Windows to let go of the past and stop trying to update the drivers for the GeForce 8800GT that was replaced about 6 months ago? I ran DDU (in Safe Mode, with the old card in the system, shut down and swapped cards, then restarted and installed the new card's - a Quadro - drivers). I noticed the continued attempts at updating the old drivers, and ran DDU again (the old card is long gone at this point). Still have the same issue. I think this is keeping the anniversary update at bay. If I can avoid a complete reinstall that would be nice. Tried this tool? https://support.microsoft.com/en-us/kb/3073930
|
|
# ? Aug 8, 2016 14:57 |
|
Just finished the Windows 10 Anniversary Update and my password doesn't work anymore. I have work stuff on here that I need access to ASAP and I'm flipping out. Google isn't helping me. It's not caps lock or anything like that. Anyone?
|
# ? Aug 8, 2016 15:22 |
|
Why does installing the Anniversary Update redo file associations to Microsoft apps, set Edge as the default browser and turn all the privacy settings to wide open? I'm just installing an update I'm not rethinking my setup here.
|
# ? Aug 8, 2016 15:28 |
|
FistEnergy posted:Just finished the Windows 10 Anniversary Update and my password doesn't work anymore. I have work stuff on here that I need access to ASAP and I'm flipping out. Google isn't helping me. It's not caps lock or anything like that. Anyone? Reboot to safe mode with command prompt, net user username newpassword? If you log on using Microsoft credentials then I dunno.
|
# ? Aug 8, 2016 15:29 |
|
Icept posted:Why does installing the Anniversary Update redo file associations to Microsoft apps, set Edge as the default browser and turn all the privacy settings to wide open? I'm just installing an update I'm not rethinking my setup here. Did none of this to me. I'm on Pro.
|
# ? Aug 8, 2016 15:30 |
|
|
# ? May 13, 2024 07:44 |
|
I'm on Pro and it didn't mess with privacy or associations but it did set Edge to default and re-add some garbage to my taskbar and systray, along with losing my folder view preferences. My favorite part was when I tried to change my default browser back and it pleaded for me to give Edge a shot because they promise it's really good.
|
# ? Aug 8, 2016 15:31 |