Barney's Blog

Blog archive

Mailbag: Thoughts on Patches, Windows 7 Upgrades, More

One reader shares his thoughts about the impact of malware writers taking shots at Windows, while another wonders what can be done to stop them in the first place:

Regarding patches, at some point, it could be that Windows might just end up the most secure. When everyone is taking shots, Windows will either die from the wounds, or strengthen the armor. But who knows?

I would love to help nab some of the malware promoters, or at least divert some of their energies. But running a honeypot properly takes a bunch of time and energy, both of which are in short supply in most IT shops.

Here are more of your thoughts on upgrading to Windows 7 from XP:

This whole XP ugprade in the enterprise thing is ridiculous! If an enterprise is moving to Windows 7, there's no way it's going to do individual upgrades on thousands of PCs. Every large company that I've worked at uses images. They'll dump a new working Windows 7 image on the existing hardware if that's the route they're going, or they'll just phase Windows 7 in with the hardware replacements over time. I've had some experience with companies in the 100,000-plus desktop range. Problems with a desktop? Step 1: reimage it.

Other thoughts: Why would you want to carry over all the junk that accumulated in your XP box over the years when you try to "upgrade" the OS to Win 7? For how many years have the "experts" been telling us to do clean installs? Why upgrade to Win 7 if you've got a working system?

Many of your readers are complaining that they will not be able to upgrade to Windows 7 from XP. This is causing them to move to Mac. There are many reasons to move to Mac -- but this is not one of them. OS X didn't work on older Macs. Older Mac software didn't work on OS X. Where was the uproar about this? Weren't there enough users to care about the problem? What will they say when Apple does this again? Mac makes an excellent machine and it is very stable because they control the entire process. This prevents users from using incompatible hardware and software. That is the biggest advantage to using a Mac. It is not enough to make me overpay for the privilege.

I supply computer support for Windows, Linux and Macs. There are not many people who support Macs and if my clients' experiences with Mac tech support are an indication, even they don't do a very good job. I saw a blog from one arrogant Mac user that said, "I can use my Mac to do anything you can do on your PC and I'll do it better." He is wrong. There is not as much software or hardware available for Macs as there is for PCs. Further, I can do anything on my PC that he can do on his Mac. I can do it just as well -- and it will cost me much less to do it.

And Bill calls out a couple of readers for their criticism of Microsoft:

I normally don't let commenters get under my skin, but the constant bashing of Vista/Windows 7 has finally made me snap. First of all, to Jeff talking about the implementation rate: I'm the IT director for a small business. I haven't upgraded operating systems in a long time; it just makes sense to do a full install. With Windows Deployment Services (free) and the Microsoft Deployment Toolkit (also free), I am able to install a full OS, including driver injection, in 60 minutes. In addition, I can deploy apps through GPO or as part of the MDT, and let their user profile propogate. It takes me an hour to install a full system! Why would I upgrade?

Secondly, David has me confused: Microsoft doesn't just "push" updates. Of course, if you set your machine to automatically download and install then reboot, it will. Three or four clicks and you can just have them download and notify for installation (no reboot required). For that matter, use Group Policies (part of the Active Directory that he apparently despises) to set it for you. Also, I'm curious as to what RAID controller he was using; I have never seen one that doesn't continue rebuilding after a reboot. For that matter, Windows itself will work through reboots (if using Disk Management to create your array, but that is servers only). Additionally, the fact that it was taking three days to rebuild an array tells me that he wasn't using best practices, anyway. The comment about AD is confusing and technically inaccurate. Active Directory is a huge asset to any IT person -- I can't imagine NOT centrally managing all of my users, groups, permissions, etc.

I just don't get so-called "IT pros" who don't do the basics and then blame Microsoft (often spelled with a childish $ instead of an "s") when their poor planning is really at fault. It seems that most of the negative comments come from users who don't really understand basic networking. It can bring job security to blame Microsoft -- but it certainly isn't honest.

More letters coming on Wednesday. Meanwhile, join the fray! Leave a comment below or send an e-mail to [email protected]

Posted by Doug Barney on 04/20/2009 at 1:16 PM


  • Surface and ARM: Why Microsoft Shouldn't Follow Apple's Lead and Dump Intel

    Microsoft's current Surface flagship, the Surface Pro X, already runs on ARM. But as the ill-fated Surface RT showed, going all-in on ARM never did Microsoft many favors.

  • IT Security Isn't Supposed To Be Easy

    Joey explains why it's worth it to endure a little inconvenience for the long-term benefits of a password manager and multifactor authentication.

  • Microsoft Makes It Easier To Self-Provision PCs via Windows Autopilot When VPNs Are Used

    Microsoft announced this week that the Windows Autopilot service used with Microsoft Intune now supports enrolling devices, even in cases where virtual private networks (VPNs) might get in the way.

  • Most Microsoft Retail Locations To Shut Down

    Microsoft is pivoting its retail operations to focus more on online sales, a plan that would mean the closing of most physical Microsoft Store locations.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.