<rqou>
why the fuck does Windows still suck so much at updating
<rqou>
is it just me or has every Google search having to do with Windows not doing what you want SEO'd to hell with stupid pc fixing scams nowadays?
<mtp>
optimize teh yu0r pc!!1
<rqou>
yeah
<rqou>
hey, anybody understand how windows versions work nowadays? I'm on version 1607, how behind am i?
<lain>
rqou: pretty far
<rqou>
how do i make it not behind?
<lain>
run windows update??
<Zorix>
lol
<rqou>
yeah, I'm doing that right now
<rqou>
it's got a bunch of cumulative updates only
<lain>
rqou: what edition is it? (home, pro, enterprise, ...)
<rqou>
is this the usual windows "install updates to install updates" thing?
<rqou>
it's Pro
<lain>
yeah
<rqou>
why is Windows update just so ridiculously slow?
<lain>
Settings -> Updates & Security -> scroll down to Advanced options
<lain>
I think this exists on 1607, there should be something in there about deferring feature upgrades
<rqou>
that's unchecked
<lain>
hm
<lain>
neat!
<lain>
yeah I think the progression is 1607 -> 1703 (creator's update // redstone 2) -> 1709 (fall creator's update // redstone 3)
<lain>
I could be misremembering though
<lain>
but 1703 and 1709 have been clusterfucks, so if you're ok on 1607 I'd say just leave it :x
<rqou>
lol ok
<rqou>
will i get pwned if i connect to the ccc network with 1607?
<lain>
I think they're still backporting security patches
<lain>
as long as you're seeing the occasional security update in WU, I'd say it's probably fine
<rqou>
ok
<lain>
image the system beforehand? :P
<rqou>
yeah I'm doing that next
<rqou>
windows: the operating system used only for updating itself :P
<lain>
yep
<rqou>
seriously, why does it suck so much?
<lain>
1607 was pretty alright tbh
<lain>
but yeah windows has issue
<lain>
s
<rqou>
like updating?
<lain>
yeah the WU team is clearly on drugs
<lain>
freaking 1703 had a memory leak in Storage Spaces in non-paged kernel memory that they didn't bother fixing until 1709
<rqou>
linux distros can update the entire userspace in an order of magnitude less time than WU updates just windows
<lain>
1709 has a bug in the group policy object that lets you disable new DMA devices while the machine is locked
<lain>
if you enable that GPO on 1709, your machine will just.. not boot depending on your GPU
<lain>
or other devices
<lain>
because they broke it horribly
* cr1901_modern
remembers when DMA was done centrally with a single chip
<lain>
and they're not planning a hotfix
<cr1901_modern>
get off my lawn
<lain>
they're planning to fix it in the next feature upgrade
<rqou>
wtf is GPO exactly?
<lain>
group policy object
<rqou>
other than "twiddle secret knobs here"
<gruetzkopf>
rqou: when will you arrive
<lain>
it's not really secret, they're all enumerated in gpedit.msc :3
<lain>
but yeah GPO is to windows as sysctl's are to freebsd
<lain>
it's just a pile of values you can poke to change how the OS behaves
<lain>
what's amazing is that "no new DMA devices when locked" GPO is mandatory in lots of companies for security (because the most obvious attack against FDE is DMA while unattended), and MS just... doesn't see the point in fixing it quickly
<lain>
so companies are having to just stop using it, or roll back to 1703
* lain
</rant>
<gruetzkopf>
also, most GPOs don't work on non-enterprise windows anymore :(
<rqou>
gruetzkopf: the 26th
<lain>
many work on Pro afaik, but yeah
<gruetzkopf>
i'll be there at approx 0200 local time, on the 26th
<rqou>
that early?
<rqou>
also, why is "plz 2 iommu" so difficult
<rqou>
even linux defaults to not doing it
<lain>
windows iommu's by default but it'll enumerate new DMA devices while locked by default too
<lain>
the problem is a device can present a different identifier to the IOMMU, and the IOMMU doesn't know it isn't that device
<cr1901_modern>
Why does "plz 2" irritate me so much (this is not specific to you rqou, don't worry)
<rqou>
wait wait what
<rqou>
you can spoof yourself to the iommu?
<lain>
yes
<lain>
it's great
<lain>
security is dead, long live security
<rqou>
wtf how is this useful?
<lain>
(security was an illusion all along)
<rqou>
how and why is this possible?
<lain>
afaik they have to be on the same pcie switch for that to work, but uhhh
<lain>
yeah
<jn>
is that a problem in the hardware iommu protocol or in windows being stupid?
<lain>
jn: hw
<rqou>
doesn't the switch know you're presenting it the wrong id?
<lain>
afaik pcie switches don't keep a table associating ids to ports
<rqou>
WHAT?!
<lain>
yeah that was my reaction too
<rqou>
does the root complex?
<lain>
sgstair: have I got this right? :P
<rqou>
lain: isn't this what "ACS" is supposed to fix?
<sgstair>
part of the RID is verifiable,but I don't know for sure whether switches actually verify these things - It's not mandated by the spec iirc
<sgstair>
it's mostly a problem with SRIOV, because then you have RIDs for host devices (NIC) alongside supposedly isolated devices (vNICs)
<lain>
ahh ok
<sgstair>
if you did manage to spoof the RID in a way other than to map to a different function on the device, it would probably cause a PCI system error (though not sure)
<sgstair>
though that's a fun denial of service the IOMMU wouldn't block
<lain>
so it's not as bad as I thought :3
<azonenberg_work>
inb4 antikernel
<sgstair>
at some point I promise to break antikernel :)
<azonenberg_work>
sgstair: i would love for someone to publish a paper on attacks against the architecture
<rqou>
fib :P
<rqou>
doesn't count? :P
<azonenberg_work>
rqou: yes i explicitly exclude physical attacks from my threat model
<azonenberg_work>
my correctness proofs are valid down to the RTL level and not beyond
<rqou>
damn i swear windows has now hit 2 orders of magnitude slower for updating
<rqou>
why is this so f*cking hard?!
<rqou>
you literally just delete some files and write some new files
<rqou>
azonenberg_work: for april fools we should make an underhanded tarball exploding contest and see if anybody can beat WU
<lain>
if it's doing a feature upgrade, it's doing a full system image
<lain>
well not full system, but you know, the system stuff, not like.. ALL your files
<rqou>
it says it's 25% downloading a cumulative update
<lain>
lol
<lain>
weird
<lain>
the download part has never been slow for me
<rqou>
but in the background "TiWorker.exe" is burning cpu but not actually opening any files
<lain>
though sometimes it will just... stop for a while
<lain>
like it's taking a little nap
<rqou>
yeah
<lain>
it might be hashing all the things, or some other silly thing
<lain>
there's a lot of tiny files
<rqou>
is this an example of "ntfs is also slow as shit?"
<rqou>
alright, i tried to force a reboot and now it's"getting Windows ready" _again_
<rqou>
what a garbage os
<rqou>
great, i rebooted and now it's "preparing" to install updates
<rqou>
wtf does that mean?
<lain>
:3
<lain>
it means it's mocking you
<rqou>
I'm tempted to just give up updating windows and just temporarily remove it from the boot menu so i don't accidentally boot it at ccc
<rqou>
since i likely don't need it
<rqou>
ok, I just killed TiWorker.exe and the "preparation" to install updates jumped many percent
<rqou>
so apparently the solution to windows being retarded is to just kill the process :P
<cr1901_modern>
lain apparently enjoys your pain, rqou
<rqou>
I'm pretty sure that at this point windows is the slowest operating system
<lain>
windows has truly embraced linux, including the rolling alpha-quality releases and stability issues :P
<rqou>
except that linux is where i had no problems updating
<rqou>
also, the author of the windows file copy dialog has apparently transferred to the WU team
pie__ has joined ##openfpga
<azonenberg_work>
rqou: yeah if only windows had a sane package manager
<azonenberg_work>
(that was actually used)
<azonenberg_work>
instead of everyone rolling their own installer
<rqou>
it's not even about that
<rqou>
windows update is the shittiest unzip tool in existence
<cr1901_modern>
Chocolatey is the Windoze package manager
<rqou>
being slower than windows update would be an achievement
<rqou>
I've been at it for hours now
<rqou>
whereas linux is usually done in 30 minutes
<pie__>
i think windows does some fancy backup/component database stuff/something but that still cant be that goddamn slow no matter how bad you do it...
<pie__>
well apparently it can
<rqou>
apparently it can because my computer is _still_ working on updates
<rqou>
hence the competition to see who can decompress a tarball slowest
<pie__>
mumble mumble its porbably not the compression
<awygle>
They do transactional stuff to keep the system consistent if you reboot in the middle
<rqou>
i do that too on linux and it doesn't take multiple hours
<pie__>
"In these days, Sun had all the binary. He was in the sky during the day, and gone at night. Sun was either there or not there, and he was the only thing that could do this. "