Parent was modded funny, but this is what your passwords should look like -- long and random, and typing them is a PITA. Any web site that disables pasting or prevents your browser or extensions from auto-filling passwords is broken. The sad thing is that most sites that do this (other than those that do it by accident because the devs are clueless) do it because they think they're increasing the security of their users' accounts. They're not.

Solutions like LastPass et al are the best, but honestly just using your browser's password database is better than reusing passwords everywhere. And Chrome and Firefox (at least, perhaps others) offer the option of keeping your passwords synced to all of the devices you use, optionally protected with a master password. Browsers need to offer password generation as well. I think some are working on it.

Of course, the real solution is to get rid of passwords. Web sites should switch to using OpenID authentication. Yes this means that most users will use their Facebook or Google logins, which means that, essentially, the site has outsourced its account security to those other entities. So what? If the developers of random web sites think they can do a better job of account security than Google or Facebook -- they're wrong . I work for Google and previously spent a decade as a security consultant in the financial industry and after seeing how they all work from the inside, I would feel much more secure about my bank account if I could use my Google account (with 2FA, plus all of the analytics and monitoring Google does) to log into it rather than trusting the bank to do a decent job with password-based security. I haven't seen Facebook's infrastructure, but I know people who work there, and they're good. Far better than you'll find at a typical bank, much less J. Random Web Developer.

What else did you mean by the following, exactly?

Do you know a lot of organisations that have an IT department and run Windows Enterprise but don't have dedicated IT staff?

Moving on...

And which part of this from my last post was unclear?

The point here isn't specifically that it was a driver update that screwed up, it's that an update was screwed up and that's a compelling argument for not having compulsory updates. Whether or not this particular one could have been avoided (though obviously for many people it wasn't) it is clear that there are other kinds of update that can also compromise a previously working system and that it will not be possible to turn them all off according to Microsoft's current stated policy. Apparently plenty of people are more concerned about that than you are.

Where do all the people replying to me keep finding all these IT staff? A small CAD studio or indie game development shop of the kind I mentioned doesn't have a dedicated IT staff. It doesn't run a corporate network on Windows Enterprise managed by full-time professional sysadmins. A small business like that has a few people doing the creative work, a few people doing sales, and a couple of admin/accounts people. Probably one or two of those people double as the "IT dept" when it comes to setting up the office network and maybe installing a standard set of software on a new starter's machine before they arrive, but they're taking time out from their real job to do it.

This is what happens in the real world for almost any small business up to, say, a few dozen staff. No company with 10 people has a full-time sysadmin, unless it works in some particularly tech-heavy niche and has exceptional requirements. No company that size is running Windows Enterprise either, with the same caveat. But those companies are still going to get screwed by this sort of driver update if they can't figure out how to block it. Even if they can, they're still going to be vulnerable to other forced system updates that could break stuff, and they're probably at relatively high risk given that a lot of their staff will have high-end workstations running very demanding software.

Do you understand that at many small businesses there aren't any dedicated IT staff at all? And that even with Windows 10 Pro you can only defer updates for a while by effectively tracking a different branch, not actually block them if they interfere with your work and you don't want them? This isn't just a concern with the Home edition.

In reality? No. However, it looks like we would have under the conditions we're talking about.

I've got glitching driver issues that have never been fixed on multiple machines I deal with, for example. Usually we just roll them back to whatever was installed initially, so it's not actually causing a critical problem today, but of course that's exactly the option we're concerned about losing.

Even if:

(a) that is true in the final RTM, which we haven't seen yet,

(b) it remains true in light of future updates, which of course you'll be required to install, and

(c) the user is aware of the risk and turns it off, which apparently plenty of people clued up enough to be trying Win10 early weren't,

presumably that will still only protects you if it's a driver update that goes wrong, as opposed to say, a kernel patch, or a security update.

No, they're probably using Pro, which has exactly the same fundamental problem just deferrable by a few months.

(a) No-one is talking about just Home. This affects Pro as well, which is what most power users and small businesses have.

(b) You choose your OS because of the software you need to run. Across my various businesses, the number of areas where the software available on Windows is significantly better than the alternatives available on other platforms is quite large.

The most promising alternative platform would be OS X, which has the same kinds of server and development platforms available as Linux or BSD but far better options for some kinds of desktop software. Unfortunately, Apple is currently probably the only company on the planet I trust less than Microsoft and Google not to shaft their users with built-in obsolescence, so I have little interest in switching to them for professional systems for now. If they get around to committing to real long-term support for their desktop/laptop OS one day, that view may change.

That only applies to the poor. Trump has (or used to have, no idea what he uses now) a hotel room as his "permanent" address. Many other politicians have had the same. And they were allowed to vote for themselves. It's only the poor and minorities that the system targets.

I feel your pain. :-)

Actually, the most recent system-crippling screw-up I had was installing the latest AMD drivers for a FirePro series card on one of our older machines. You know, the ones where you pay a fortune to have roughly the same hardware as a much cheaper gaming card, because of the quality and capabilities of the drivers? Except that this completely routine update, which we were hoping might finally fix the frequency glitches that have plagued the card from day one, took out the whole machine and even made it difficult to recover using the system restore feature.

Fortunately, this was a Windows 7 machine, so once we did have it up and running again, we just made a note not to install that update, and the user of the computer got on with their work the next day as normal. I'm not sure what the answer to that is supposed to be with Win10, if drivers are going to be pushed out via the same compulsory update mechanism. Presumably you're supposed to defer the driver update on every machine that might be affected (or via WSUS if you're big enough to use it) and hope that someone fixes the problem before the ticking time bomb goes off when you can't defer any longer...

With the diversity of systems running Windows, no realistic amount of testing will ever completely guarantee security updates are good. You still need a mechanism to decline known-flawed ones, and a mechanism for recovery and uninstallation the first time you get hit without warning.

In any case, the way Microsoft is going under Nadella, sadly it seems very unlikely they would do as you suggest. They are literally giving Windows 10 away free to huge numbers of people, and presumably they're going it because they want to be more like an Apple or a Google, picking up the revenues on the surrounding ecosystem, not just whatever they can find from the platform itself.

Those automatic updates would be the perfect way to show unavoidable nag messages to sign up for other Microsoft software and services, or those of their selected partners who they believe may be of interest to you, or to install spyware to feed back extra data, or to disable existing Windows feature that used to be free because some commercial interest makes getting you to pay for it a more promising option for them.

Not that I'm suggesting they'd ever do that sort of thing deliberately, of course. Maybe the Windows 7 update that has been nagging users about updating to Windows 10 itself was just an oversight.

Or stick with an OS that works without needing to develop a whole new set of sysadmins skills, like... any previous version of Windows, say.

And what shall we do when AMD drivers have a problem at the same time?

Perhaps you'd like businesses that paying their staff thousands per week to do CAD work or design game assets to just shut down for a few days until the drivers get sorted out? As far as I'm aware, no-one has yet developed a business model where complaining at a big business that screwed up is an effective strategy for recovering lost revenues from downtime, but if they ever do, it looks like it will be very lucrative in a Windows 10 world.

I surely don't know what you mean!

/glances at KB3079904, which was installed the other day to replace a different update that they got wrong just days earlier, and notes that this is what happened even with patching a serious security vulnerability

But defer is the word, and they're still forced on you within a few months if you want to keep security updates, even if they are potentially hostile, non-security updates.

I'm not going to say I told everyone so. Oh, no, wait, I did. And so did a lot of other people. Shifting to Windows 10 is a one-way trip to losing control of your own computer, possibly unless you're on Enterprise, because presumably the people with real money won't let Microsoft get away with this.

I did. You suggested UK, and I accepted that. My complaint about the UK was your lies that I was somehow personally vested in that system, as yet another of you ad hominem attacks.

I don't know why you bother to lie. I can look it up in the replies and see your lies. Plain as day.