Eric is grumbling about installing software on Windows. Well, he didn’t hit the real point of pain with Windows yet: upgrading applications. As I’ve mentioned before Window’s package management is broken. Yes, it’s that simple, and the worst thing is that there seems to be no solution in sight. At least not unless every Windows software provider agrees to chip in and create a central repository for upgrades… I don’t see that happening any time soon though.
A few weeks ago I bit the bullet and spent an afternoon to hunt down upgrades for the software I’ve got on my Windows machine at work… What a pain! It only becomes more painful when one knows that apt-get update; apt-get upgrade works so well.
Triggered by the email I wrote about yesterday (One of the main reasons I’m not running Windows) I went to Micro$oft’s update site to see if there were any non-essential updates for my windows system. Given the name of the service—”Microsoft Update”—I assumed what I’d be presented with would be updates of components I already had installed. I didn’t bother reading all the text, I just chose all the available updates. What a giant mistake!
Had I read all the I would have avoided spending 30 minutes trying to recover my Windows box. I performed the update through TS (Terminal Services), as I have done many a time before. I clicked OK when I was told the system needed to reboot to perform the last steps of the update. I waited a few minutes before connecting to the machine again, the login screen came up, I entered my credentials, then nothing. Nothing! Until the TS session died. Another attempt, the same outcome. (Computing is an exception to the rule that repeating the same action and expecting different outcomes is a sign of insanity.) I dived under my desk and started re-connecting monitors and mouse so that I would stand a better chance of fixing the system. Wow, did my Windows look ugly. 640×400 resolution and hardly any colours at all! Try to log in, so far so good. A dialogue pops up telling me that the resolution is VERY low, do I want to auto-configure the display? Yes, please! Blue screen of death! Hmm, somewhat puzzled I booted into failsafe mode. That worked just fine. Reboot! Blue screen again. Reboot. We continued the dancing for a while. No improvement.
The culprit, you ask? The driver for the graphics card (of course). “Microsoft Update” had urged me to upgrade the graphics card. Not reading the text I didn’t realise that this “upgrade” was to an earlier version than what I already had! Rolling back to the later version seemed to work at first. Another Blue screen later I simply uninstalled the driver alltogether. I haven’t had any problems since.
Need I say that what confidence remained now is gone? I have absolutely no trust in Microsoft anymore!
This is a wonderful example of just how broken the Windows platform is when it comes to security updates. Am I, as a regular user, really supposed to monitor the site of every application I’ve installed for security updates? I simply don’t have the time! I’ve decided to say “thanks, but no thanks”, instead I avoid proprietary applications and run apt-get update; apt-get upgrade to keep up-to-date on security.
According to an article on ElReg there will be support for Windows in Xen later this year. I am already dreaming of migrating my work desktop to Xen, running Windows in one ‘machine’ and a real OS in another. The few things I need Windows for can all be done through RDP… Ahh, I can’t wait!
Today I ran into another case where Windows just isn’t very friendly. I’ve
been using a Windows box as a CA for a while now. Mostly because it was so
easy to set up, I was off in just minutes granting certificates to my hearts
content. Great! Or so I thought.
Today I wanted to look at the traffic comming from a server I have installed.
I’m using an SSL cert signed with my own CA. The problem is that I need to get
the secret key out of Windows’ tight grip. I’m admitting, this is not
something that should be easy, but the question is where to put the hurdles.
using the Certificates Snap-in in MMC I can’t export the secret key. My next
step was of course to check if I couldn’t get my CA to create a new cert,
where the key was exportable. Oh, no! That shouldn’t be allowed when the cert
is for a server! The tick box is taunting me with its disabled presence!
Bloody hell!
Well, I’ve always thought it might be a good idea to explore the dark
side–OpenSSL. Here’s my chance. I get to use Linux while doing it as well,
that’s always a plus. Just pray that I can get the results back onto my
Windows server in the end!
I guess it’s true, Windows my be user friendly, but it shure as hell isn’t
admin/developer freindly!
![[Digg]](http://therning.org/magnus/wp-content/plugins/bookmarkify/digg.png)
![[Reddit]](http://therning.org/magnus/wp-content/plugins/bookmarkify/reddit.png)
