Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > alt.comp.os.windows-10 > #181327 > unrolled thread

0patch for W10 end-of-life

Back to article view | Back to alt.comp.os.windows-10

Contents

  0patch for W10 end-of-life T <T@invalid.invalid> - 2025-01-13 17:42 -0800
    Re: 0patch for W10 end-of-life VanguardLH <V@nguard.LH> - 2025-01-13 22:09 -0600
      Re: 0patch for W10 end-of-life T <T@invalid.invalid> - 2025-01-13 21:53 -0800
        Re: 0patch for W10 end-of-life VanguardLH <V@nguard.LH> - 2025-01-14 01:56 -0600
          Re: 0patch for W10 end-of-life Paul <nospam@needed.invalid> - 2025-01-14 06:48 -0500
            Re: 0patch for W10 end-of-life VanguardLH <V@nguard.LH> - 2025-01-14 11:36 -0600
          Re: 0patch for W10 end-of-life T <T@invalid.invalid> - 2025-01-15 09:36 -0800
      Re: 0patch for W10 end-of-life ...w¡ñ§±¤ñ  <winstonmvp@gmail.com> - 2025-01-14 04:06 -0700
        Re: 0patch for W10 end-of-life VanguardLH <V@nguard.LH> - 2025-01-14 12:08 -0600

#181327 — 0patch for W10 end-of-life

https://www.pcmag.com/explainers/0patch-explained-how-it-works-and-what-it-means-for-the-end-of-windows

[toc] | [next] | [standalone]

#181331

T <T@invalid.invalid> wrote:

> https://www.pcmag.com/explainers/0patch-explained-how-it-works-and-what-it-means-for-the-end-of-windows

https://0patch.com/

"$28 per year per device for its Pro service".  To clarify this isn't
free.  Also, only covers the most critical security patches, not all
vulnerabilities.  The cost is trivial for a business scenario, but users
will probably decide to let the security patches slide until they get
their next prebuilt with whatever OS is preinstalled.

https://0patch.com/pricing.html

There is a free version, but that only works on a version of Windows
while it is still supported by Microsoft.  Once Microsoft drops support
for a version, this free version ceases to function, and you have to
purchase it.

Also, unlike patches from Microsoft that replace files (and why
sometimes a reboot is required to replace inuse system files), 0patch
does not alter any files.  Instead if modifies the memory image of the
executable files.  Everytime you boot, its agent has to let Windows
load, and then modify the memory image.

"0patch does not replace executable files or modify them in any way. It
corrects them only in memory, which can be done without relaunching
them."

Hmm, I thought Windows had protections against such in-memory
manipulation.  If their "agent" doesn't load, you're back to a pre-patch
scenario.  It needs to phone home to check if there are new
[micro]patches.  Also, since their agent modifies the memory image of
executables, any backups you save will be on the files themselves, not
on the modified in-memory image of them.  So, you won't be backing up a
micropatched version of the OS, just the OS pre-memory alteration.  If
you restore the OS from backups, you'll need their agent to redeploy the
in-memory modifications.  I don't know how they handle when you restore
to a prior state of the OS for which their later micropatches may not be
appropriate.

Arcos Security is headquartered in Maribor, Slovenia, an EU and Nato
member.  The contact page just lists e-mail addresses, but their company
profile page also lists a phone number, and address.  From Google Maps'
street view on the address, I couldn't see where was Arcos Security
(Arco Varnost in Solvenian), but I couldn't see all the way around the
building, and they may be renting an office and don't post a sign on the
building.

https://www.crunchbase.com/organization/acros-security

Not much info there.  They state 1 to 10 employees, but I've found that
count to be inaccurate.

[toc] | [prev] | [next] | [standalone]

#181333

On 1/13/25 8:09 PM, VanguardLH wrote:
> T <T@invalid.invalid> wrote:
> 
>> https://www.pcmag.com/explainers/0patch-explained-how-it-works-and-what-it-means-for-the-end-of-windows
> 
> https://0patch.com/
> 
> "$28 per year per device for its Pro service".  To clarify this isn't
> free.  Also, only covers the most critical security patches, not all
> vulnerabilities.  The cost is trivial for a business scenario, but users
> will probably decide to let the security patches slide until they get
> their next prebuilt with whatever OS is preinstalled.
> 
> https://0patch.com/pricing.html
> 
> There is a free version, but that only works on a version of Windows
> while it is still supported by Microsoft.  Once Microsoft drops support
> for a version, this free version ceases to function, and you have to
> purchase it.
> 
> Also, unlike patches from Microsoft that replace files (and why
> sometimes a reboot is required to replace inuse system files), 0patch
> does not alter any files.  Instead if modifies the memory image of the
> executable files.  Everytime you boot, its agent has to let Windows
> load, and then modify the memory image.
> 
> "0patch does not replace executable files or modify them in any way. It
> corrects them only in memory, which can be done without relaunching
> them."
> 
> Hmm, I thought Windows had protections against such in-memory
> manipulation.  If their "agent" doesn't load, you're back to a pre-patch
> scenario.  It needs to phone home to check if there are new
> [micro]patches.  Also, since their agent modifies the memory image of
> executables, any backups you save will be on the files themselves, not
> on the modified in-memory image of them.  So, you won't be backing up a
> micropatched version of the OS, just the OS pre-memory alteration.  If
> you restore the OS from backups, you'll need their agent to redeploy the
> in-memory modifications.  I don't know how they handle when you restore
> to a prior state of the OS for which their later micropatches may not be
> appropriate.
> 
> Arcos Security is headquartered in Maribor, Slovenia, an EU and Nato
> member.  The contact page just lists e-mail addresses, but their company
> profile page also lists a phone number, and address.  From Google Maps'
> street view on the address, I couldn't see where was Arcos Security
> (Arco Varnost in Solvenian), but I couldn't see all the way around the
> building, and they may be renting an office and don't post a sign on the
> building.
> 
> https://www.crunchbase.com/organization/acros-security
> 
> Not much info there.  They state 1 to 10 employees, but I've found that
> count to be inaccurate.


If there is some reason blocking yo from upgrading
to W11, just get yourself a decent anti virus.  Not
McAfee or Norton.

I also do not know if 0patch would qualify W10 as
a supported OS under Payment Card Industry (PCI)
guideline.

And if you can or are just curious, download a Fedora
Live USB and see if it is worth the transition.  I
recommend KDE, MATE, and Xfce, but NOT gnome as it
is too weird.

https://fedoraproject.org/spins

[toc] | [prev] | [next] | [standalone]

#181335

T <T@invalid.invalid> wrote:

> On 1/13/25 8:09 PM, VanguardLH wrote:
>> T <T@invalid.invalid> wrote:
>> 
>>> https://www.pcmag.com/explainers/0patch-explained-how-it-works-and-what-it-means-for-the-end-of-windows
>> 
>> https://0patch.com/
>> 
>> "$28 per year per device for its Pro service".  To clarify this isn't
>> free.  Also, only covers the most critical security patches, not all
>> vulnerabilities.  The cost is trivial for a business scenario, but users
>> will probably decide to let the security patches slide until they get
>> their next prebuilt with whatever OS is preinstalled.
>> 
>> https://0patch.com/pricing.html
>> 
>> There is a free version, but that only works on a version of Windows
>> while it is still supported by Microsoft.  Once Microsoft drops support
>> for a version, this free version ceases to function, and you have to
>> purchase it.
>> 
>> Also, unlike patches from Microsoft that replace files (and why
>> sometimes a reboot is required to replace inuse system files), 0patch
>> does not alter any files.  Instead if modifies the memory image of the
>> executable files.  Everytime you boot, its agent has to let Windows
>> load, and then modify the memory image.
>> 
>> "0patch does not replace executable files or modify them in any way. It
>> corrects them only in memory, which can be done without relaunching
>> them."
>> 
>> Hmm, I thought Windows had protections against such in-memory
>> manipulation.  If their "agent" doesn't load, you're back to a pre-patch
>> scenario.  It needs to phone home to check if there are new
>> [micro]patches.  Also, since their agent modifies the memory image of
>> executables, any backups you save will be on the files themselves, not
>> on the modified in-memory image of them.  So, you won't be backing up a
>> micropatched version of the OS, just the OS pre-memory alteration.  If
>> you restore the OS from backups, you'll need their agent to redeploy the
>> in-memory modifications.  I don't know how they handle when you restore
>> to a prior state of the OS for which their later micropatches may not be
>> appropriate.
>> 
>> Arcos Security is headquartered in Maribor, Slovenia, an EU and Nato
>> member.  The contact page just lists e-mail addresses, but their company
>> profile page also lists a phone number, and address.  From Google Maps'
>> street view on the address, I couldn't see where was Arcos Security
>> (Arco Varnost in Solvenian), but I couldn't see all the way around the
>> building, and they may be renting an office and don't post a sign on the
>> building.
>> 
>> https://www.crunchbase.com/organization/acros-security
>> 
>> Not much info there.  They state 1 to 10 employees, but I've found that
>> count to be inaccurate.
> 
> If there is some reason blocking yo from upgrading
> to W11, just get yourself a decent anti virus.  Not
> McAfee or Norton.

Upgrading from 10 to 11: no bang for the buck.  Simply plastering on a
different desktop GUI is insufficient cause for me to change.  Yes,
there are improvements in 11, but not enough for me to bother with the
change, and yet another learning curve.

AI is the new infatuation which I detest.  Windows 12 will get even
worse.  Plus, to support the higher level of processing needed for the
increased AI will require getting a new box with an NPU with a minimum
of 40 TOPS.  With Windows 11, we saw TPM forced on us.  With Windows 12,
another new hardware (NPU) is required.  Microsoft is just not going in
a direction I care for.  Require more hardware for unneeded functions.

> I also do not know if 0patch would qualify W10 as
> a supported OS under Payment Card Industry (PCI)
> guideline.
> 
> And if you can or are just curious, download a Fedora
> Live USB and see if it is worth the transition.  I
> recommend KDE, MATE, and Xfce, but NOT gnome as it
> is too weird.
> 
> https://fedoraproject.org/spins

Fedora is better for Windows converts than, say, Mint?

[toc] | [prev] | [next] | [standalone]

#181339

On Tue, 1/14/2025 2:56 AM, VanguardLH wrote:
> T <T@invalid.invalid> wrote:
> 
>> On 1/13/25 8:09 PM, VanguardLH wrote:
>>> T <T@invalid.invalid> wrote:
>>>
>>>> https://www.pcmag.com/explainers/0patch-explained-how-it-works-and-what-it-means-for-the-end-of-windows
>>>
>>> https://0patch.com/
>>>
>>> "$28 per year per device for its Pro service".  To clarify this isn't
>>> free.  Also, only covers the most critical security patches, not all
>>> vulnerabilities.  The cost is trivial for a business scenario, but users
>>> will probably decide to let the security patches slide until they get
>>> their next prebuilt with whatever OS is preinstalled.
>>>
>>> https://0patch.com/pricing.html
>>>
>>> There is a free version, but that only works on a version of Windows
>>> while it is still supported by Microsoft.  Once Microsoft drops support
>>> for a version, this free version ceases to function, and you have to
>>> purchase it.
>>>
>>> Also, unlike patches from Microsoft that replace files (and why
>>> sometimes a reboot is required to replace inuse system files), 0patch
>>> does not alter any files.  Instead if modifies the memory image of the
>>> executable files.  Everytime you boot, its agent has to let Windows
>>> load, and then modify the memory image.
>>>
>>> "0patch does not replace executable files or modify them in any way. It
>>> corrects them only in memory, which can be done without relaunching
>>> them."
>>>
>>> Hmm, I thought Windows had protections against such in-memory
>>> manipulation.  If their "agent" doesn't load, you're back to a pre-patch
>>> scenario.  It needs to phone home to check if there are new
>>> [micro]patches.  Also, since their agent modifies the memory image of
>>> executables, any backups you save will be on the files themselves, not
>>> on the modified in-memory image of them.  So, you won't be backing up a
>>> micropatched version of the OS, just the OS pre-memory alteration.  If
>>> you restore the OS from backups, you'll need their agent to redeploy the
>>> in-memory modifications.  I don't know how they handle when you restore
>>> to a prior state of the OS for which their later micropatches may not be
>>> appropriate.
>>>
>>> Arcos Security is headquartered in Maribor, Slovenia, an EU and Nato
>>> member.  The contact page just lists e-mail addresses, but their company
>>> profile page also lists a phone number, and address.  From Google Maps'
>>> street view on the address, I couldn't see where was Arcos Security
>>> (Arco Varnost in Solvenian), but I couldn't see all the way around the
>>> building, and they may be renting an office and don't post a sign on the
>>> building.
>>>
>>> https://www.crunchbase.com/organization/acros-security
>>>
>>> Not much info there.  They state 1 to 10 employees, but I've found that
>>> count to be inaccurate.
>>
>> If there is some reason blocking yo from upgrading
>> to W11, just get yourself a decent anti virus.  Not
>> McAfee or Norton.
> 
> Upgrading from 10 to 11: no bang for the buck.  Simply plastering on a
> different desktop GUI is insufficient cause for me to change.  Yes,
> there are improvements in 11, but not enough for me to bother with the
> change, and yet another learning curve.
> 
> AI is the new infatuation which I detest.  Windows 12 will get even
> worse.  Plus, to support the higher level of processing needed for the
> increased AI will require getting a new box with an NPU with a minimum
> of 40 TOPS.  With Windows 11, we saw TPM forced on us.  With Windows 12,
> another new hardware (NPU) is required.  Microsoft is just not going in
> a direction I care for.  Require more hardware for unneeded functions.
> 
>> I also do not know if 0patch would qualify W10 as
>> a supported OS under Payment Card Industry (PCI)
>> guideline.
>>
>> And if you can or are just curious, download a Fedora
>> Live USB and see if it is worth the transition.  I
>> recommend KDE, MATE, and Xfce, but NOT gnome as it
>> is too weird.
>>
>> https://fedoraproject.org/spins
> 
> Fedora is better for Windows converts than, say, Mint?
> 

No.

Let's try an example. You put Fedora and windows 11 on the same
disk. Windows 11 updates some boot materials. Grub is damaged.
Fedora won't boot. Now, go Google your ass off and what
do you notice ? "There is no escape".

On Linux Mint, I get a copy of the Rescue CD (currently based
on some Ubuntu variant for the disc), and the Rescue CD puts
grub back after it chroots in. People also try chrooting in
with Fedora, and it doesn't work. There is some grub-mkconfig
issue and some kind of messing around, which apparently noobs
cannot manage.

Sure, Fedora is fun to play with. For about ten minutes.
Can I shoot video of the fucking screen ? No! (rpm-fusion
not available for 41, so I can't get simplescreenrecorder,
and FFMPEG won't work). The gnome screenshot tool sucks.
The OS is running Wayland, which is part of the problem.

So yes, I have it loaded. But I'm not really in control of
it, and if something creaks and breaks, I won't be able to fix it.

Fedora is more of a Level 39 Wizard OS. The Wizards love it.

*******

If you look at the Linux map

https://en.wikipedia.org/wiki/List_of_Linux_distributions#/media/File:Linux_Distribution_Timeline.svg

the Linux Mint is on this branch...

   Debian --- Ubuntu --- LinuxMint                       .deb

fedora is RedHat and RedHat is owned by IBM now.

   RedHat (RHEL) ---- Fedora                             .rpm

Some companies, when they claim "we are Linux compatible",
when you check further, they are only compatible with
Red Hat Enterprise Linux (RHEL). Similarly, if you were
logging in some where, and you inquired of tech support
whether they handled Linux users, you might get a similarly
deceptive answer, where at first "yes, we handle Linux" and
then "what version of RHEL are you running?".

There is a difference between the general "open ecosystem",
and the fixated individuals. The ones who believe there is
only RedHat and all the rest are invisible.

For a person with some ratty old Windows box, I recommend
Linux Mint 21.3 at the moment. It is kernel 5.15 and seems to
support old hardware pretty well. A box from 2008-2023 is
likely to come up OK. If you use Linux Mint 22. that might
work for a year 2021-2024 machine, or roughly a Win11 kind
of machine maybe. I don't think the graphics card coverage
is as good.

The following is just to demonstrate that the releases
are out there, if you need an older one.

https://mirror.csclub.uwaterloo.ca/linuxmint/stable/21.3/
    linuxmint-21.3-cinnamon-64bit.iso     09-Jan-2024 12:59   3G   <=== a range of moderately old machines

https://mirror.csclub.uwaterloo.ca/linuxmint/stable/22/
    linuxmint-22-cinnamon-64bit.iso       21-Jul-2024 12:46   3G   <=== newer (w11-compat) machines maybe

Fedora 41 is running newer kernels, like LM22.

   Paul

[toc] | [prev] | [next] | [standalone]

#181346

Paul <nospam@needed.invalid> wrote:

> VanguardLH wrote:
>
>> T <T@invalid.invalid> wrote:
>> 
>>> I also do not know if 0patch would qualify W10 as a supported OS
>>> under Payment Card Industry (PCI) guideline. 
>>> 
>>> And if you can or are just curious, download a Fedora Live USB and
>>> see if it is worth the transition.  I recommend KDE, MATE, and
>>> Xfce, but NOT gnome as it is too weird.
>>>
>>> https://fedoraproject.org/spins
>> 
>> Fedora is better for Windows converts than, say, Mint?
> 
> No.
> ...
> Sure, Fedora is fun to play with. For about ten minutes.
> ...
> Fedora is more of a Level 39 Wizard OS. The Wizards love it.
> ...
> Some companies, when they claim "we are Linux compatible",
> when you check further, they are only compatible with
> Red Hat Enterprise Linux (RHEL). Similarly, if you were
> logging in some where, and you inquired of tech support
> whether they handled Linux users, you might get a similarly
> deceptive answer, where at first "yes, we handle Linux" and
> then "what version of RHEL are you running?".
> ...
> Fedora 41 is running newer kernels, like LM22.

So, Mint is better, but then Redhat is better.  Walking in the middle of
the road is the worse place to be on a highway.  At this point, and not
inclined to have 2 separate computers on which to test (on real hardware
instead of simulated hardware in a VM, and to completely eradicate any
fuckups by Windows install and its updates), I'd have to look into which
one, and hopefully just one, to which I would migrate.

As for update schedules, Redhat gets updated sooner.  However, sometimes
I would prefer a more stable OS than one updating on every fix which
often does not apply to my setup.  Despite the long-lived sales mantra
that "newer is better", that isn't always true.  New code means some
fixes, often just means some changes, but also means new bugs.  

With Win7, I didn't update it until *I* was ready: got motivated, had
the time, saved a backup image of all OS partitions, did the update,
reboot even if Microsoft didn't trigger one, save another backup image,
and then test if any of the reported issues with the updates had
affected me.  That's a week of evenings, or longer.  I waited until
another Patch Tuesday before installing the prior Patch Tuesday updates
to let others be Microsoft's involuntary alpha testers finding what went
wrong, and give Microsoft another month to issue a new version of an old
update to fix it.  Back then, I could even elect to hide updates that
weren't applicable to me until Microsoft later pushed out a new version
of the same update.

With Win10, I use WinAero to turn off updates until, again, *I* am
ready, but that is not without punishment from Microsoft in some aspects
of the OS, its wizards, or some apps getting crippled (can't do those
with WU disabled).  For example, forget about looking at the update
history when WU is disabled.  I'm not really concerned that there will
no new security updates after Oct 2025 for Win10.  If Microsoft ceases
to update Defender on Win10 after Oct 205, I'll simply move to a
3rd-party AV.  I don't care for Win11: no bang for the buck (which
includes any expense, and my time in a learning curve, and all the
tweaks needed to tame the beast).  Win12 looks to add more bloat, and
ups hardware requirements with an NPU (although it may be optional yet
will slow all their embedded AI processing).  Other than gaming, pretty
much everything I do under Windows is doable under Linux, and without
resorting to WINE.  I didn't pick Firefox as my web browser because it
was the most popular, either.

[toc] | [prev] | [next] | [standalone]

#181379

On 1/13/25 11:56 PM, VanguardLH wrote:
>> https://fedoraproject.org/spins
> Fedora is better for Windows converts than, say, Mint?


Hi Vanguard,

Fedroa is the best maintained Linux distro.  It
is the second most used and gaining fast.

As for Mist, and I second it, a colleague wrote me this
over on the Fedora Mailing list:

> 
>> Take a look at MATE
>> https://fedoraproject.org/spins/mate
>> Just simple.  And gets the job done


> Yes, it's what I've been using for many years.  It's so close to being
> the old Gnome, that it's virtually the same.  And it's not just the
> simpleness of how it looks, it doesn't place big demands on the OS.  
> 
> The fancier ones were too much of a drain on resources.  And if you
> were trying to break into the office desktop market, having a release
> that requires an expensive graphic card just ain't gonna fly.
> 
> I've put Mint on a few people's PCs when I've been asked to replace
> Windows with something that doesn't drive them nuts.  They'd heard of
> it, heard good things, so I've done that.  I've shown them my system,
> with Fedora or CentOS running Mate and asked if they'd like something
> the same, and set Mint up with the same kind of desktop.
> 
> I can't stand the usual Ubuntu install.  I can't find where they've
> hidden things.  A friend using it can't multitask, he can't swap
> between browser and something else (he closes the browser to find the
> desktop to start something, then closes that to find the desktop to
> restart the browser), so I wouldn't call it idiot-friendly.  And if you
> went looking for answers on their forum, it was always the blind
> leading the blind.  Trying to do updates was confusing.  Which program
> was the updater?  What's this package manager do?  Why won't it update
> Firefox?  (They, Ubuntu, had blocked Firefox from being updated, you
> had to force it, and had to find out how to do that.)
> 
> So just about any OS has its stupidities in design

I have a VM of both,if you need me look something up
for you.  Ping me on the subject line.

Cut yourself a live USB of Fedroa MATE and check it out.
Fly before you buy:

https://fedoraproject.org/spins/mate

[toc] | [prev] | [next] | [standalone]

#181338

VanguardLH wrote on 1/13/25 9:09 PM:

> Arcos Security is headquartered in Maribor, Slovenia, an EU and Nato
> member.  The contact page just lists e-mail addresses, but their company
> profile page also lists a phone number, and address.  From Google Maps'
> street view on the address, I couldn't see where was Arcos Security
> (Arco Varnost in Solvenian), but I couldn't see all the way around the
> building, and they may be renting an office and don't post a sign on the
> building.
> 
> https://www.crunchbase.com/organization/acros-security
> 
> Not much info there.  They state 1 to 10 employees, but I've found that
> count to be inaccurate.
> 

<g> i sown
Dig deeper.  While located as a Slovenian company, the parent(real) owner 
is a quite a bit further east.

-- 
...w¡ñ§±¤ñ

[toc] | [prev] | [next] | [standalone]

#181348

winston <winstonmvp@gmail.com> wrote:

> VanguardLH wrote on 1/13/25 9:09 PM:
> 
>> Arcos Security is headquartered in Maribor, Slovenia, an EU and Nato
>> member.  
> 
> Dig deeper.  While located as a Slovenian company, the parent(real) owner 
> is a quite a bit further east.

Arcos Security is the parent of 0patch.  Arcos is HQ'ed in Slovenia, but
have offices elsewhere, too.  So, who do you think is the parent of
0patch, or the parent of Arcos?  Rather than innuendo, please supply
trustworthy evidence.  It would be appreciated.  I did not find a
publicly listed parent company for Arcos Security.

[toc] | [prev] | [standalone]

Back to top | Article view | alt.comp.os.windows-10

csiph-web