Given the opportunity to plan these upgrades, its easy to prevent this by uninstalling SSDR/DAX/CAT prior to the upgrade then reinstalling it after the environment has stabilized (allowing MS time to fix whatever problems they introduce in the upgrade).
Attached is a link to an article that offers a couple of ideas on how to prevent the upgrades from happening.
http://www.computerworld.com/article/3182846/microsoft-windows/how-to-fix-five-windows-10-headaches....
73
Neal
Neal - K3NC, Elmer
- 563 Posts
- 192 Reply Likes
Posted 3 years ago
- 93 Posts
- 19 Reply Likes
- 25 Posts
- 2 Reply Likes
Don, 73 de PE3DON
- 947 Posts
- 259 Reply Likes
Anyhow, the WannaCry decryptor works via phishing, with the EternalBlue and DoublePulsar exploits. It attacks SMB, and the most vulnerable systems are those still running XP and Windows 8 and Windows Server 2003. Even though these systems are no longer supported, Microsoft pushed out a patch for these systems as well.
Why on earth SMB is turned on if not needed remains a question for the ages. It is outdated, and by it's very nature, an exceptionally attractive and easy to access attack surface, once you accidentally hand the phishermen the keys to the kindom. This is as far as I am concerned, criminal.
Basically folks, don't click on any file you get in an email, the macro attacks have returned. Don't click on any links you get in an email, either.
Back up, with multiple copies, and not in the cloud.
And remember the thing about these patches? They come out after a whole lot of damage is done.
Peter K1PGV, Elmer
- 553 Posts
- 323 Reply Likes
Seriously? What are you TALKING about?
SMB is the file sharing protocol on any Windows network. It's used among Windows machines, and between Windows and lots of file servers... from little Synology boxes to big boy NetApp systems. Its also super common for interacting with Linux-based servers (Samba or CIFS anyone?)
It's far from outdated, it's regularly revised. The SMB protocol itself is in... what... it's third major revision in Windows 8 and later? It's high performance and provides some very complex features such as opportunistic locking (to facilitate client-side write-back caching).
I don't understand what issue you claim to know about with SMB.
"And remember the thing about these patches? They come out after a whole lot of damage is done. "
Again, not accurate. The vulnerability used by WannaCry was patched in March, before it was exploited.
Whine if you must about the constant updates or the technical inferiority of Windows. But please let's keep the comments technically accurate.
Peter
K1PGV
Ria - N2RJ, Elmer
- 2317 Posts
- 960 Reply Likes
- 947 Posts
- 259 Reply Likes
Anyhow, what I am talking about might better be illustrated if you look up what the components of the of the WannaCry ransomware are. Specifically EthernetBlue and DoublePulsar, they have been used long before before Friday 12 May, 2017. If they were patched previously, Wannacry wouldn't work.
As well. I agree with what the people who wrote on Wikipedia that:
"Over the years, there have been many security vulnerabilities in Microsoft's implementation of the (smb) protocol or components on which it directly relies. Other vendors' security vulnerabilities lie primarily in a lack of support for newer like NTLMv2 and Kerberos in favor of protocols like NTLMv1, LanMan, or plaintext passwords. Real-time attack tracking shows that SMB is one of the primary attack vectors for intrusion attempts, for example the 2014 Sony Pictures attack and the Wannacry ransomware attack of 2017."
You can take it up with them, or you can edit the Wikipedia page if you are certain it is as innacurate as you believe. https://en.wikipedia.org/wiki/Server_Message_Block
All apologies for upsetting you, but seriously, I am not making this stuff up, and it is not anything new.
I won't make another posting about PC security matters.
Ria - N2RJ, Elmer
- 2317 Posts
- 960 Reply Likes
That brings us back to people who disabled Windows 10 updates or stayed on XP because they found Windows 10 updates annoying or "it just works and I don't wanna touch it."
KY6LA - Howard, Elmer
- 3789 Posts
- 1638 Reply Likes
Why because XP and W7 work reliably and need no hand holding.
W10 causes too many issues and needs far too much support especially after updates.
Peter K1PGV, Elmer
- 553 Posts
- 323 Reply Likes
If you have concrete information about the NSA toolkits being widely deployed in the wild prior to Windows being patched, as you seem to indicate, please contact me off list. I know people who will want this information.
Peter
K1PGV
Ria - N2RJ, Elmer
- 2317 Posts
- 960 Reply Likes
As for the issues, I really haven't had a problem, except for one time when my DAX drivers had to be reinstalled.
- 555 Posts
- 97 Reply Likes
Please tell us you PC H/W config. Seems some H/W runs Win10 without issues and others have major problems running Win10 and SSDR.
Ria - N2RJ, Elmer
- 2317 Posts
- 960 Reply Likes
- 555 Posts
- 97 Reply Likes
Ria - N2RJ, Elmer
- 2317 Posts
- 960 Reply Likes
I also typically keep PCs for 10 years. In fact this PC was a gift. I wasn't even thinking of replacing my old Dell Dimension which used RDRAM, but my SO took pity on me...
However to be totally fair the SSD and RAM are not stock (thank you micro center!) It also came with Vista from the factory and a free upgrade to Win 7.
- 116 Posts
- 16 Reply Likes
Go to Control Panel\Administrative Tools\Services\Windows Update
Left click to change the Windows Update and change the Startup Type to suite your needs, setting the Startup Type to Disabled will prevent any updates or you can choose one of the other options.
After this weekend mine is now set to Delayed Start and updates will be installed.
Have fun.
Rob
- 698 Posts
- 91 Reply Likes
I just stopped DAX and CAT from auto starting and make sure I shut them off when not using the Radio and have had no issues... I've also upgraded to Windows 10 pro
Paul Christensen, W9AC, Elmer
- 325 Posts
- 138 Reply Likes
Highly recommended for those of us who have our remote sites tethered to 4G/LTE cellular service where there is no viable alternative. A complete stop to the data push requires more than a simple change in the Win10 update menu. Neal's link addresses the right way to shut it down and involves changing the system registry.
Automatically-pushed major Win10 updates, Defender and miscellaneous in-the-background updates can consume a large portion of monthly cellular data.
For 4G/LTE remote site operation, many ops do not need the latest software updates just because they're available. My plan is to bring back the remote PC on an annual basis for updating and maintenance. Hopefully, SSDR 2.0 and later won't always require the latest Windows install to function properly.
Paul, W9AC
- 510 Posts
- 128 Reply Likes
Ria - N2RJ, Elmer
- 2317 Posts
- 960 Reply Likes
If you lived through slammer and code red you know how much of a pain in the neck these worms can be.
Paul Christensen, W9AC, Elmer
- 325 Posts
- 138 Reply Likes
For most installations, it probably is irresponsible to disable updates. But where I have a PC installed in a communications shelter at the edge of the Okefenokee Swamp that runs on a 4G/LTE network, I would rather take my chances. The risk isn't eliminated but it's certainly reduced with no user-induced outbound web traffic there.
On the issue of hacking, if I've left the network vulnerable to an attack in front of the firewall then a Windows update isn't going to help mitigate a lot of potential damage created by someone who just accessed the LAN side of the network.
If the worst attack occurs at my remote site, I would rather have a back-up PC and router pre-provisioned and ready to roll in on a moment's notice.
Paul, W9AC
Ria - N2RJ, Elmer
- 2317 Posts
- 960 Reply Likes
- 131 Posts
- 75 Reply Likes
- 510 Posts
- 128 Reply Likes
Peter K1PGV, Elmer
- 553 Posts
- 323 Reply Likes
UWF is used a lot on thin clients and in corporate environments like call centers. The disadvantage is you need to explicit,ymdisable UWF when you want to upgrade any of the programs on your system. But for a system dedicated to one particular use, UWF can be very cool.
Peter
K1PGV
- 137 Posts
- 24 Reply Likes
As I say, I'm just providing this for info. I need to do more investigation, but it just happened on a completely 'clean' install of Win10 and nothing else installed on the computer except for SmartSDR 10.16.1. I wasn't even actually running the 6500 at that point -- Just reinstalling software.
FYI...
Don VE7ATJ
- 137 Posts
- 24 Reply Likes
Unfortunately, Windows Update doesn't know anything about updated drivers, so you have to go directly to Intel's support website, download their driver update application, then let it decide the new driver package for you and install it. I just completed that now, so we'll see if it stabilizes the situation. I'm not quite wiling to put this baby back into 'Production' mode just yet, but at least the problem and solution make sense.
Peter K1PGV, Elmer
- 553 Posts
- 323 Reply Likes
Sorry to hear that, Don. The crash would be "IRQL not less than or equal" (believe it or not, that's the entire message). This usually indicates a fatal flaw in a driver.
If you have the crash dump file (memory.dmp) feel free to email it to me at my call sign at ARRL dot net and I'll take a look and at least let you know what happened and which driver is at fault.
Peter
K1PGV
- 137 Posts
- 24 Reply Likes
I'll be playing a bit more tonight tomorrow and will let you know what I find. Thanks for the offer of help.
- 137 Posts
- 24 Reply Likes
- 356 Posts
- 65 Reply Likes
Ria - N2RJ, Elmer
- 2317 Posts
- 960 Reply Likes
Pentagon has us all beat.
When I did *ahem* government work I remember dealing with 8 inch disks and 9 track tape.
- 947 Posts
- 259 Reply Likes
Before that, it was punch cards.
I was lucky enough in school to see some old core memory drums that were donated to the school. Fortunately we didn't have to save any of the drums.
- 154 Posts
- 17 Reply Likes
- 947 Posts
- 259 Reply Likes
- 12 Posts
- 6 Reply Likes
Neal - K3NC, Elmer
- 563 Posts
- 192 Reply Likes
73
Ria - N2RJ, Elmer
- 2317 Posts
- 960 Reply Likes
- 947 Posts
- 259 Reply Likes
Also folks, remember that Wannacry is a social engineering malware. So don't go clicking on links that you aren't certain about that you get in your email.
Ria - N2RJ, Elmer
- 2317 Posts
- 960 Reply Likes
Peter K1PGV, Elmer
- 553 Posts
- 323 Reply Likes
But note that there are something like four times more systems running Windows 7 than running Windows 10.
Peter
K1PGV
Related Categories
-
SmartSDR for Windows
- 5304 Conversations
- 1626 Followers
-
Third Party Applications and Products
- 987 Conversations
- 255 Followers
Bill Turner
For what it's worth: I've been running Windows 10 since it came out, allowing all updates and never a minute's trouble with my 6300.
73, Bill W6WRT
Ria - N2RJ, Elmer