For what it's worth, Windows had kernel (and other) rebootless hot patching with Windows Server 2003.

They just, until recently began re-resurrecting it with 2019, discontinued the feature due to low customer adoption.

That is to say, Windows had hotpatching *before it ever existed on linux*. About five years before.

HP Patented a limited version of this "technology" to do this in 2001, Microsoft attempted to patent a generalized software approach (to attack software updates, not hardware functionality missing) in 2002 (Rejected based on HP's prior art, granted on appeal in 2010). Linux hotpatching as we all know it today was only introduced in 2014, with the original ksplice in 2008.

This is one area where Microsoft had the lead, but because they were *too* early, I suppose...... no one really took it up. It's a common theme over there, dropping things invented in house that get re-created elsewhere and become successful, but maybe a decade later, because at the time it wasn't seen as important/useful. When it would have been relevant to me, I did not know it even existed, though it was there, and I've since played around with it in recent years just to see how well it worked (pretty well.....).

As to connecting it directly to the internet? I wouldn't do that with *any* system, be it z/OS, AIX, Solaris, $linux_distro_here, Windows, etc - a competently managed system is just fine until a zero-day arrives, and arrive in plenty for all systems they do. Possibly OpenVMS would be "okay" depending on what it's running..... Really just depends on being currently updated and having a competent administrator, regardless of the platform, and not exposing management interfaces like SSH or RDP (which, is about as secure as SSH, if NLA is turned on, without NLA it exposes all the side channels directly before authentication. With NLA on, it only exposes an authentication interface then opens all the side and main channels after auth, like SSH does). A *properly* administrated network can be just as hardened up, regardless of platform.

iOS 12.4 received an update with iOS 13's release as well for the 5S, patching all current known vulnerabilities.

https://appleinsider.com/artic...

So yea, still somewhat supported, and not "unsupported and unsafe" with "unpatched vulnerabilities"

As well, it had a support lifecycle *far* longer than any android device i'm aware of, being released *6* years ago and still receiving a patch as of last month for known vulnerabilities. And given it was updated yesterday, still seems to be somewhat supported....

I'd wager on the iPhone lifecycle being far longer than any competitor and the value retention still being valid.

Though otherwise, it will still sell for more $ even ignoring the secuurity concerns after it's lifecycle is long and gone.

Nevermind that every model from the X and lower is now an open development platform... ;)

And we can tell the 6S will have a similar lifecycle too, because it's on the current revision of the platform after 4 years, so it's got at least another year, if not two, of support left.

That's a hell of a lot better than most other companies 2 years and forget about you moves. I'm surprised the Galaxy S8+ I have is still getting updates at this point, and dreading when it doesn't so the MDM kicks me off because unsupported....

They've also provided updates to *way* out of "support" devices like iOS 10 devices so that they'll keep functioning (GPS rollover bug in specific is one i'm thinking of that would have killed app store access and other things - https://www.digitaltrends.com/...), even if they're not heavily patching anything else. So that's a 7 year old platform (and even the 4 got a tweak to fix GPS ! ) that's still getting some measure of support, which is *insane* in mobile world terms.

The closest vendor to come nearly there, is microsoft, and I bought my 950 XL in 2015 ..... so that's going to have given me *5* years of support on that platform (Jan 2020 EOL)

It's not emulation though. It's equally as native as Win32 is - a translation layer / environment subsystem on the NT Kernel.

If the linux implementation on windows is 'emulation' then so is the regular Win32 environment. They had to implement special IPC hooks in the NT kernel to allow the two environment subsystems to talk to each other, even!

I mean, if a translation layer is 'emulation' in the fullest sense, then Win32 on NT was NEVER native and has always been emulated, because the win32 layer is translated into NT kernel syscalls, as well.

It's not emulation though. It's equally as native as Win32 is - a translation layer / environment subsystem on the NT Kernel.

If the linux implementation on windows is 'emulation' then so is the regular Win32 environment. They had to implement special IPC hooks in the NT kernel to allow the two environment subsystems to talk to each other, even!

DO NOT DISABLE DEFRAG

"Configure defrag if you have an HDD. Completely disable defrag if you have an SSD. (it should be done by the OEM, but, check nonetheless)"

WINDOWS 7 AND UP HAVE MORE INTELLIGENT DEFRAG THAT DO NOT DO WHAT YOU THINK IT DOES WITH SSD DRIVES

The MFT WILL logically fragment over time, and there is a MAXIMUM level of fragmentation that the NTFS MFT can handle, at which point it will cease functioning properly (read-only, writes fail, etc)

Other OSes solve this in different ways, but all have similar issues.

Also, disabling defrag STOPS TRIM runs!

DO NOT "OPTIMIZE" SSDS

https://www.howtogeek.com/2568...

More in depth technical info about what windows defrag actually does on SSDs: https://www.hanselman.com/blog...

it's just like disabling services on modern windows - 99.9999999999% time, it hurts perf, doesn't increase it

Also, from a security perspective, for 20k workstations at a federal contractor, we use Edge as the default and only have it invoke IE for compat modes (we also provide chrome and firefox, but due to the extra exploit mitigation technologies in Edge we're forcing any links spawned from email/applications to open in edge first)

example of exploits mitigated by edge/win10 : https://blogs.technet.microsof...

Nope.

Northern VA endpoint here - guess what doesn't work? ... Netflix!

Works fine on java 8 here. Just has to be run as administrator.

Crufty old proprietary, 20 years ago? I'll give you proprietary, but a lot of technological advancement goes on in the unix world. Unless Solaris, AIX, and HP-UX are non-existant. And let's not forget about the huge entrenched VMS userbase....

i wouldn't be so sure about that - my floppy copies of MacOS 6 and 7 worked well on my classics and such. even my powerbook 140, and this was only 5-6 years ago. worked perfectly, original factory disk sets.

http://www.hardwaresecrets.com/printpage/How-to-Generate-Floppy-Disks-for-Old-Macintosh-Computers/1713

anyway, for the curious, a rundown on writing old mac floppies.

(note: if you do them as 1.44MB floppies, they read/write at the same speed, so no special hardware needed as long as you have macs that can read 1.44s. easy way to avoid the hassle if you have the option.)

Never released, YES.

Never shown and proven to be working alibet slowly and inefficiently? FALSE.

WinHEC 2003 developers saw, recieved first hand, and got to work with longhorn alphas that showed WORKING WinFS (as slow and inefficient as it was, it did what was described). Not vaporware, they actually proved it. then realized that, at the time, with computer power and legacy trappings, at the time, they couldn't deliver. Along with a /ton/ of other issues, they decided to do a full code reset and start again from the 2k3 (not XP like they had started from on longhorn!) base.

Shit happens, but it wasn't vapor ware. it was delivered to developers, shown, proven, and canceled. That's a far sight different than vaporware (shown/faked, but never proven or letting developers have the bits.)

Re the others mentioning WinFS:

The tech demos were not "pre-rendered" -

You can find longhorn alphas floating around with WinFS implementations that perform as described (alibet slowly).

They will work as described in the docs.

Vaporware.....

That I had alpha bits in my hands?

That I could develop for, link against, compile against, and work with?

That blew my mind when the whole project was scrapped?

THAT -worked- in longhorn alphas?!

I don't consider that vaporware - they delivered bits. It worked, it was horrendously slow and inefficient due to legacy trappings - but WinFS worked to it's design specs.

"Not to mention its as much vaporware as the 2002 DNF demo. What he is talking about is the Longhorn tech demo which showed off a metadata based file system called WinFS but we don't know how it actually ran because it was never released. Every. single. thing. we know about how WinFS supposedly "worked" is based on MSFT tech demos which frankly could have been pre-rendered BS for all we know and what they showed off in 2004 as WinFS never ended up in the hands of the public."

That's the only statement in your entire comment I take exception with. It wasn't pre-rendered demos, it wasn't BS, it was bits we acquired and worked with. Bits that actually did what was described. Bits that actually did what was in the *hardcopy* developer manuals I was given at WinHEC. ReFS is now, I believe, a beginning to re-implement WinFS in an achivable timeframe, without huge overhead, and without extolling insane goals beforehand without any idea of how the development process will go. While they may have scrapped the initial WinFS, the idea still lives on. Libraries live on in a basic form, ReFS is some core principals outlined in my WinFS dev guides (not the relational aspects, but some architecture sides that'll make the relational parts possible!)

So, yes, it was never "released", yet, it was in developer hands and was shown to work, even if horribly inefficiently, it /worked/.

Really? I've installed Win8 hundreds of times across VMs, bare metal, etc, and not ONCE has it mentioned secure boot to me.

I do like all the new views and features the new task manager has though. I spend 99.9% of my time inside the desktop instead of metro. Metro's an awesome application launcher. It's like using quicksilver on OS X ... MS finally caught up to that ... 7+ years later

That's for the ... Volume Upgrade License.... not regular volume license / open license / etc.

You can get volume copies of full editions of 8/2012 /etc etc that are full bare metal installations from VLSC etc. otherwise, there'd be a lot of issues with some customers...

  The table below lists the qualifying editionns of Windows eligible for the "Volume Licensing upgrade" under each Volume Licensing program.

If your OS license qualifies, "you can purchase the Windows 8 Pro Upgrade license", under your Volume Licensing agreement.

AKA: You can get cheaper upgrade via volume, though I've never messed with upgrade licenses under vol. I suppose that'd be for people without Software Assurance (free exchanges to full copies of the new version in volume license land)

Again: "The following conditions must be met for a licensed PC to be eligible for a Volume Licensing upgrade license:" - VOLUME LICENSEING UPGRADE - not /ALL/ volume licensing. there's a lot more to it than just upgrade licenses.....