If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
Windows 7 users: You need SHA-2 support or no Windows updates after July 2019
https://www.zdnet.com/article/window...ter-july-2019/ from
https://tech.slashdot.org/story/19/0...fter-july-2019 W7 4ever. -- Quote of the Week: "As a thinker and planner, the ant is the equal of any savage race of men; as a self-educated specialist in several arts she is the superior of any savage race of men; and in one or two high mental qualities she is above the reach of any man..." --Mark Twain Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly. /\___/\ Ant(Dude) @ http://aqfl.net & http://antfarm.home.dhs.org / / /\ /\ \ http://antfarm.ma.cx. Please nuke ANT if replying by e-mail. | |o o| | \ _ / ( ) |
Ads |
#2
|
|||
|
|||
Windows 7 users: You need SHA-2 support or no Windows updates after July 2019
In message , Ant
writes https://www.zdnet.com/article/window...-2-support-or- no-windows-updates-after-july-2019/ from https://tech.slashdot.org/story/19/0...-users-you-nee d-sha-2-support-or-no-windows-updates-after-july-2019 W7 4ever. I see the article says: "On March 12, Microsoft is planning a standalone update with SHA-2 code sign support for Windows 7 SP1 and Windows Server 2008 R2 SP1." So as long as one has Windows updates enabled, presumably it should happen automatically. -- John Hall "Hegel was right when he said that we learn from history that man can never learn anything from history." George Bernard Shaw (1856-1950) |
#3
|
|||
|
|||
Windows 7 users: You need SHA-2 support or no Windows updates after July 2019
In message , John Hall
writes: In message , Ant writes https://www.zdnet.com/article/window...-2-support-or- no-windows-updates-after-july-2019/ from https://tech.slashdot.org/story/19/0...-users-you-nee d-sha-2-support-or-no-windows-updates-after-july-2019 W7 4ever. I see the article says: "On March 12, Microsoft is planning a standalone update with SHA-2 code sign support for Windows 7 SP1 and Windows Server 2008 R2 SP1." So as long as one has Windows updates enabled, presumably it should happen automatically. For those of us who manually choose when (or if) to implement updates, do we think the relevant update will be easily identifiable? If it's "standalone", it _ought_ to be, but I won't be surprised if it isn't. -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf Imagine a world with no hypothetical situations... |
#4
|
|||
|
|||
Windows 7 users: You need SHA-2 support or no Windows updatesafter July 2019
On 2/18/2019 10:45 PM, Ant wrote:
https://www.zdnet.com/article/window...ter-july-2019/ from https://tech.slashdot.org/story/19/0...fter-july-2019 W7 4ever. So, how is that acquied ? |
#5
|
|||
|
|||
Windows 7 users: You need SHA-2 support or no Windows updates after July 2019
In message , "J. P. Gilliver (John)"
writes In message , John Hall writes: In message , Ant writes https://www.zdnet.com/article/window...-2-support-or- no-windows-updates-after-july-2019/ from https://tech.slashdot.org/story/19/0...-users-you-nee d-sha-2-support-or-no-windows-updates-after-july-2019 W7 4ever. I see the article says: "On March 12, Microsoft is planning a standalone update with SHA-2 code sign support for Windows 7 SP1 and Windows Server 2008 R2 SP1." So as long as one has Windows updates enabled, presumably it should happen automatically. For those of us who manually choose when (or if) to implement updates, do we think the relevant update will be easily identifiable? If it's "standalone", it _ought_ to be, but I won't be surprised if it isn't. I have it set to automatically download security updates only, which I assume that one will be categorised as. -- John Hall "Hegel was right when he said that we learn from history that man can never learn anything from history." George Bernard Shaw (1856-1950) |
#6
|
|||
|
|||
Windows 7 users: You need SHA-2 support or no Windows updatesafter July 2019
Mathedman wrote:
On 2/18/2019 10:45 PM, Ant wrote: https://www.zdnet.com/article/window...ter-july-2019/ from https://tech.slashdot.org/story/19/0...fter-july-2019 W7 4ever. So, how is that acquied ? It looks like, according to this, a couple of patch Tuesday patches will have the support in it. https://support.microsoft.com/en-ca/...ndows-and-wsus "March 12, 2019 Stand Alone updates that introduce SHA-2 code sign support will be released as security updates. April 9, 2019 Stand Alone updates that introduce SHA-2 code sign support will be released as security updates." Looks like they plan to screw up the first one, and fix it on the second one :-/ Almost suggesting that Win7 hasn't been using SHA-2 at all. SHA-2 by the way, is SHA256, the same algorithm as is used in proof-of-work Bitcoins. And while the above suggests the patch will be in a "security only" update, you just know the temptation to pack it in a "feature update" will be overpowering, forcing customers to "swallow some crap". We'll have to wait and see whether they "play ethically" or not. Paul |
#7
|
|||
|
|||
Windows 7 users: You need SHA-2 support or no Windows updates after July 2019
J. P. Gilliver (John) wrote:
John Hall WROTE: Ant WROTE: https://www.zdnet.com/article/window...ter-july-2019/ from https://tech.slashdot.org/story/19/0...fter-july-2019 I see the article says: "On March 12, Microsoft is planning a standalone update with SHA-2 code sign support for Windows 7 SP1 and Windows Server 2008 R2 SP1." So as long as one has Windows updates enabled, presumably it should happen automatically. For those of us who manually choose when (or if) to implement updates, do we think the relevant update will be easily identifiable? If it's "standalone", it _ought_ to be, but I won't be surprised if it isn't. When you do the updates manually, you still don't run the WU client to list the available updates? If not, how do you get them? Use the update catalog? I disable the BITS and WU services until I am prepped for updates by first saving an image backup. I enable those services and run the WU client. It lists the available updates. For each, there is a link to the KB article about the update. I look there first. If there is insufficient information for me to decide, I research what others have experienced with the update, like look over at AskWoody. My reminder to do the manual update check is scheduled for 3 weeks after Patch Tuesday. That way, I can see what others have encountered before downloading and applying an update. After the manual update, if I choose any, I disable the BITS and WU services again. I expect the standalone update to still be listed by the WU client. After all, it should be in the WU catalog and the WSUS server that the WU client will check their manifests. |
#8
|
|||
|
|||
Windows 7 users: You need SHA-2 support or no Windows updates after July 2019
John Hall wrote:
J. P. Gilliver (John) WROTE: John Hall WROTE: Ant WROTE: https://www.zdnet.com/article/window...ter-july-2019/ from https://tech.slashdot.org/story/19/0...fter-july-2019 I see the article says: "On March 12, Microsoft is planning a standalone update with SHA-2 code sign support for Windows 7 SP1 and Windows Server 2008 R2 SP1." So as long as one has Windows updates enabled, presumably it should happen automatically. For those of us who manually choose when (or if) to implement updates, do we think the relevant update will be easily identifiable? If it's "standalone", it _ought_ to be, but I won't be surprised if it isn't. I have it set to automatically download security updates only, which I assume that one will be categorised as. Microsoft doesn't obey that user choice. Users have long reported getting updates even when the WU client was configured to notify only, like for the WU client itself. Users have the WU client configured to notify only but one day when they shutdown Windows there is a long delay waiting to apply some unknown update(s) and on the next boot there is another delay waiting to apply some update(s). With notify only, no updates should have ever been downloaded and installed -- but they do. The only way to guarantee Microsoft does not foist updates to change the state of the OS is to disable the BITS and WU services. I have a WU-enable.bat batch file to enable those services, then I run the WU client to check for updates. A WU-disable.bat batch file disables those services to ensure Microsoft cannot push any updates. How you configure the WU client (notify only, download only, automatic) has proven untrustworthy. Only by disabling the services can you ensure Microsoft won't change the state of your OS whenever they choose. Also, some security updates have proven catastrophic. It is still YOUR responsibility to admin your OS since that is your choice (you don't hire someone else to do that job). |
#9
|
|||
|
|||
Windows 7 users: You need SHA-2 support or no Windows updates after July 2019
In message , VanguardLH
writes: [] I expect the standalone update to still be listed by the WU client. Yes, but _I_ don't expect the one-line description of the update to include "SHA". After all, it should be in the WU catalog and the WSUS server that the WU client will check their manifests. And, like Paul, I doubt they'll resist the temptation to not keep it "standalone". -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf If mankind minus one were of one opinion, then mankind is no more justified in silencing the one than the one - if he had the power - would be justified in silencing mankind. -John Stuart Mill, philosopher and economist (1806-1873) |
#10
|
|||
|
|||
Windows 7 users: You need SHA-2 support or no Windows updates after July 2019
On Tue, 19 Feb 2019 15:22:06 -0500, Paul
wrote: Mathedman wrote: On 2/18/2019 10:45 PM, Ant wrote: https://www.zdnet.com/article/window...ter-july-2019/ from https://tech.slashdot.org/story/19/0...fter-july-2019 W7 4ever. So, how is that acquied ? It looks like, according to this, a couple of patch Tuesday patches will have the support in it. https://support.microsoft.com/en-ca/...ndows-and-wsus "March 12, 2019 Stand Alone updates that introduce SHA-2 code sign support will be released as security updates. April 9, 2019 Stand Alone updates that introduce SHA-2 code sign support will be released as security updates." Looks like they plan to screw up the first one, and fix it on the second one :-/ Almost suggesting that Win7 hasn't been using SHA-2 at all. SHA-2 by the way, is SHA256, the same algorithm as is used in proof-of-work Bitcoins. And while the above suggests the patch will be in a "security only" update, you just know the temptation to pack it in a "feature update" will be overpowering, forcing customers to "swallow some crap". We'll have to wait and see whether they "play ethically" or not. One does not ever need to swallow anything additional in the grand traditional of "riders" added to legislation and other duplicitous and annoying habits, should one utterly disable "updates", ignore this one and not give a general toss about Microsoft's hysterical rantings on the subject of an aging Operating Ssytem. As I did a couple of years back. I won't be updating my "security" to use only SHA-2 as I won't be updating *anything* so I don't *care* how Microsoft signs things. The issue is moot. I may have a peek at the SHA-2 update for Win7 in March to mutter angrily about the riders and sneak-ware Microsoft attach to it but I doubt if it will ever be relevant to me. But thank you to you and everyone else for the very good information on this and other stuff, it is very, very much appreciated. {Hugs} Mand. Paul |
Thread Tools | |
Display Modes | Rate This Thread |
|
|