so i'm using my computer thursday night
when i get a notification that updates have been applied that require a
reboot. ok, whatever, i've mostly come to terms with the fact that
Windows 10 updates itself without asking me, at least it asks me when is
a good time to reboot. that wasn't a good time so i said later.
well,
later came in the wee hours of the morning when i was done working and
ready to head to bed. i go to shut off the computer and the new options
in the shutdown menu remind me that there was an update to take care of,
so i choose the update and reboot option.
i chose that
option rather than update and shut down because, from past experience,
the update process has not actually completed by the time the system
shuts down. there's a bunch of stuff it needs to do on the next restart
and that takes up time i could be doing something else, so no shutdown
just yet, just an update and reboot and i head off to take care of my
evening oral hygiene routine thinking that the process would be done by
the time i get back.
when i come back the computer is still
in the process of rebooting? what the heck? oh no, i've seen this
before (or at least i think i have). is the computer stuck in a reboot
loop? powering off for a few moments usually breaks out of the loop, but
this time i discover it wasn't a reboot loop at all. when i let it
power up again i see a screen saying that it's applying updates and that
several reboots will be required.
are you kidding me?
this is not what i want to deal with in the wee hours of the morning
when i still have to go to work the next day. this is not convenient,
and frankly "several reboots" for an update is bullshit. i understand
the need to perform a reboot during an update; files and other resources
that need to be changed may be locked by running processes and
rebooting eliminates that impediment, but several reboots? Microsoft has
been at this update business for decades now, you'd think their little
minions would have figured out how to coordinate their efforts so that
each part of the update could make use of the same reboot, but no,
apparently that kind of unified effort is beyond them and in fact they
seem to be moving in the opposite direction where every bit and piece of
their updates (and the operating system itself) is becoming more
separate and isolated from the others.
so i did what i
hate doing. i left the computer on completely unattended overnight so
that hopefully by morning the update would be done. and it was, but
that's not the end of the update related problems. you see, Microsoft's
updates aren't just for security fixes. those are important, yes, and
the fact that people were taking too long to apply them and leaving
their systems to become part of massive
botnets is part of the reason
the user's control over updates was taken away from them. however,
Microsoft has re-imagined how versioning of their operating system will
work so those updates now also come with feature changes, which (due to
the increasingly isolated approach units within Microsoft are taking nowadays) means new binaries with new behaviours.
how the
hell is anyone supposed to develop a behavioural baseline for their
system with this never ending parade of new binaries and new behaviours?
this morning's culprit? BackgroundTransferHost.exe. what does it do?
who the hell knows? not only does Microsoft give us less agency now that
we can't control if/when updates occur, but there's also less
transparency now too because the number of separate/isolated binaries
they're introducing to the system has far, far outpaced anyone's efforts
to document them.
maybe BackgroundTransferHost.exe isn't even
Microsoft's. maybe it's
malware. if i were going to make a downloader trojan, that sounds like just the sort of name i'd use - but what do i
know, i'm not a
malware writer. i suppose they expect me to trust it
because it's signed, but that's not how that works. being signed (and
passing the signature validation procedure) just means it hasn't been
modified after getting signed, not that it's legitimate, not that it's
safe, not that it's trustworthy. signing certificates get stolen.
there's plenty of signed malware out there.
oh, and the cherry on top is now VMware is non-functional.
what the actual f#$% Microsoft.
stop making alternative security approaches so much harder than they
have to be. i'm regretting moving on from Window XP. at least there i could
perform application and behavioural
whitelisting with relative ease.