5 fatal flaws that dog the new Windows 10

Microsoft's forthcoming Creators Update offers a mixed bag of fixes for Win10's biggest knocks

Windows 10 will get better in the forthcoming Creators Update. That isn’t a hollow promise or more marketing drivel. It’s a straightforward observation, comparing the most egregious parts of the current version, Win10 1607 Anniversary Update, with near-final betas of the next version, 1703. While it’s too early to gauge 1703’s stability, the feature improvements are very real.

Windows 10 beta build 15031, which appeared on Feb. 8, was the first Win10 build in the rs2_release branch. That’s the point where a fork in the Win10 beta process started honing in on the “final” release of Windows 10 Version 1703, the Creators Update. The last major change we’ve seen came in build 15042, on Feb. 24, with the unveiling of a new disappearing Pause Updates pane in the Settings app. Since that point the changes have been largely cosmetic, with bug fixes taking center stage.

Of course we’ll be talking about the Creators Update in the coming weeks and months as the bugs get ironed out. But there’s a big picture lurking that’s crucial for many admins, Win10 owners, and Win10 maybe-wannabes.

As Eric Knorr notes in “Which Windows 10 should your business install?,” if you’re thinking of moving to Windows 10, now’s the time to do it. The current version, the 1607 Anniversary Update, is the most stable and obvious choice, and it will remain so for many months. But real improvements lurk in 1703. You should know about them.

Here are the five complaints about Windows 10 Anniversary Update 1607 that I hear most often. Let’s take a look at how things stand now and how Windows will evolve in 1703. Keep in mind that 1703 won’t be “business ready” when it’s first available (likely in May). If you need Windows to work all the time, it’s much smarter to wait until 1703 matures sufficiently to enter prime time (what Microsoft calls Current Branch for Business), which will likely occur in August or September.

Here’s where we stand with the biggest complaints—and where we’re headed, sooner or later.

Flaw No. 1: Patch control

The top complaint among experienced Windows users? The way Win10 pushes updates. You have no choice in which updates to apply: They’re all cumulative, and you get everything Microsoft wants to push. More damning, unless your PCs are attached to an update server, you have very little control over when the updates appear.

I’m talking about the security and nonsecurity patches—the bread-and-butter cumulative updates that appear every week or every month. I’m also talking about “feature updates,” which are entirely new versions of Win10 that roll out every eight months or so.

As long as all of Microsoft’s patches are good, it’s a moot point. Patch away, Microsoft, and raise our computers to a better level. But no matter how rosy your glasses, the patches aren’t always all good. It’s wise to sit back and wait to see if any real stinkers appear in the cumulative update rollouts. Right now, very few tools enable you to wait, unless you’re attached to an update server. You generally get the patches when Microsoft decides to send them out.

Current Version 1607: Windows 10 Pro has poorly documented control over updates buried in a Group Policy setting.

Current Version 1607: Windows 10 Pro has poorly documented control over updates buried in a Group Po InfoWorld

Right now, you can tell Win10 to ignore cumulative updates for up to 35 days by doing this:

Step 1. In the Cortana search box, type gpedit and press Enter. Note that this only works in Win10 Pro and Enterprise; Win10 Home doesn’t have the Group Policy Editor.

Step 2. On the left, navigate to Computer Configuration > Administrative Templates > Windows Components > Windows Update > Defer Windows Updates. On the right, double-click on Select When Quality Updates Are Received.

Step 3. In the resulting Group Policy panel (see screenshot), click the radio button marked Enabled, then check the box marked Pause Quality Updates. Click OK.

Based on the latest documentation, dated Jan. 30, it looks like Pause Quality Updates will stop the clock for 35 days, but the docs don’t say if the number in the numeric box in the Group Policy overrides the pause, if the pause overrides the number, or some combination of the two. Bottom line: You can delay cumulative updates for a month or so. Beyond that, the documentation isn’t clear.

To reset the clock, you need to disable the policy, click Apply, then enable it again. I explain the Allow Telemetry policy mentioned in the Group Policy in my November article on blocking forced Win10 updates.

Win10 Home 1607 has no Group Policy editor and, as best I can tell, no access to a registry setting that would provide a similar delay. That means Home users have to dig deeper to prevent cumulative updates from installing as soon as they’re released.

There are several alternatives, including the “cut yer nose off” approach of disabling the Windows Update service. The method I’ve found that works reasonably well is to designate your Win10 Home Wi-Fi setting as a metered connection. As I warn in my Nov. 2016 article explaining the metered connection trick:

The “metered connection” setting tells Windows that you have to pay for your internet by the bit. Windows won’t automatically download any updates—Windows updates, app updates, Office updates—when you’re on a metered connection. Other apps may or may not use a metered connection.

OneDrive may request permission to sync over a metered connection. That may or may not be a showstopper on your machine.

OneDrive may request permission to sync over a metered connection. InfoWorld

To set a Wi-Fi connection as metered:

Step 1. Click Start > Settings > Network & Internet.

Step 2. On the left, click Wi-Fi. Click Manage Known Networks.

Step 3. Click on your current Wi-Fi connection and click Properties. You see the dialog box in the screenshot.

Win10 wi-fi connection properties InfoWorld

Step 4. Shift the Set as Metered Connection slider to On.

The metered connection trick to disable forced cumulative updates is a kludge at best, but it’s the best compromise I’ve found.

For Win10 Home customers with wired internet connections, you have few choices. Feasible alternatives: Upgrade to Win10 Pro ($100); install a Wi-Fi adapter ($30, but slows down your connection); hack your Ethernet connection so that Win10 will let you convert it to “metered”; or turn off the Windows Update service, which I don’t recommend.

Future Version 1703: Microsoft heard the loud complaints from those of us who don’t trust forced patching and has made delaying cumulative updates much simpler for Win10 Pro customers. Starting with Version 1703, you will be able to pause updates from the Windows Settings app (see screenshot). If the feature makes it all the way to the final version of 1703, you’ll also be able to tell Windows Update to wait for “Current branch for business” status, pause all updates, and/or wait a specified number of days before applying Feature (version) or Quality (cumulative) updates.

Pausing updates in Win10 Version 1703 InfoWorld

To get to the setting, you don’t need to use the Group Policy editor. Instead, you click Settings > Update & Security > Windows Update > Advanced Options. In some situations, the Choose When Updates Are Installed part of the dialog disappears. You can usually bring it back by manually checking for updates, then sliding Pause Updates to off, with a possible reboot in between.

Details for this disappearing Settings pane are rather complex, and the interaction between this Settings pane and the associated Group Policies isn’t well documented. There’s a detailed discussion of what we know—and what we don’t—in the article “How to block automatic updates in the next version of Windows 10.”

Although Microsoft still won’t provide a cumulative update “pause” switch for Win10 Home users, they do get a sop: Effective with 1703, wired (Ethernet) internet connections can be designated as metered.

Flaw No. 2: Snooping

We don’t know what information Microsoft collects on Windows 10 machines, and it’s highly unlikely we’ll ever find out. Microsoft collects telemetry, as it readily admits, and it has for decades. We have no way to know what kinds of telemetry are being gathered and whether that telemetry is being used for purposes you or I might find objectionable. If you trust in Microsoft, skip this section—move along, folks, there’s nothing to see. Personally, I prefer to cut the cards.

Microsoft has a very long privacy statement, which you can read on the Microsoft site. I have no doubt that Microsoft follows every syllable of every word in that statement and has legions of lawyers watching to make sure. But last month, Microsoft rewrote the section on product use data:

We collect data about the features you use, the items you purchase, and the web pages you visit. This data includes your voice and text search queries or commands to Bing, Cortana, and our chat bots.

Microsoft has a more detailed view of what kind of data it collects in Brian Lich’s TechNet post “Configure Windows telemetry in your organization.” There, you can see the diagram of the kinds of data Microsoft collects (see screenshot).

Telemetry data Microsoft collects in Win10 Microsoft

As Microsoft supporters are quick to point out, Microsoft claims it anonymizes personally identifiable information, and only the anonymous info is retained. Much hinges on the method of anonymization, of course, and how Microsoft uses the presumably discarded original telemetry reports. There’s an enormous body of scholarly research on anonymization and an equally voluminous body of articles showing skepticism about its implementation and effectiveness.

Current Version 1607: Turning off all the privacy settings in Windows 10 is notoriously complex, and that includes only the settings you can get to in the Windows user interface. If you want to go down that rabbit hole, start with Ed Bott’s lengthy (and frequently changing) “Take control of your privacy in Windows 10 guide” at ZDNet. If you want to burrow into the hole even deeper, try Rob VandenBrink’s “Making Windows 10 a bit less ‘creepy’” at the SANS Internet Storm Center.

Short version: Nobody knows how to turn off Windows 10 snooping, but with a lot of work and diligence you can put a dent in it.

One universal source of scorn: The 1607 installation sequence includes a Get Going Fast page (see screenshot) that encourages Win10 users to accept Microsoft’s preferred privacy predilections and select Use Express Settings.

Win10 “Get going fast” screen for privacy settings InfoWorld

If you choose the link to Customize settings (on the left), you’re presented with five additional screens that let you adjust a wide range of privacy settings: 16 in all. Few people bothered.

The approach (and Microsoft’s data collection in general) was so egregious that the Electronic Frontier Foundation, the Swiss Data Protection Commission (FDPIC), and the French National Data Protection Commission (CNIL) all raised questions about it.

Future Version 1703: In mid-January, Windows honcho Terry Myerson announced “a new privacy set up experience, simplifying diagnostic data levels and further reducing the data collected at the Basic level.” The web-based privacy dashboard Myerson promised has been implemented; it’s available today.

I talked about the changes in “Reality check: How Windows 10’s new privacy controls stack up.” The EFF, FDPIC, and CNIL all backed off a bit.

The old User Express settings brushoff in the initial setup has disappeared. The setup routine for build 15025 (the latest official build that can be set up from scratch) now contains a screen for privacy settings (see screenshot), and they can’t be bypassed with a Default Settings button.

Win10 build 15025 privacy settings InfoWorld

That’s a significant difference, although it isn’t clear at this point if everyone upgrading from 1607 to 1703 will have the opportunity or requirement to re-examine their privacy settings. I’m waiting for the final version of 1703 to connect the dots. We’ll see how the settings on the new setup screen maps onto the Windows Settings panel and to see if Microsoft provides a way to rerun the Choose Privacy Settings wizard for your PC’s setup routine.

Flaw No. 3: Advertising

Microsoft’s advertising has become much more aggressive. This no longer is just puffery for Microsoft products in limited locations, like a nag balloon that says “Switch to Microsoft Edge for up to 32% better battery life” or advertising for OneDrive in File Explorer (see screenshot).

Win10 advertising for OneDrive in File Explorer InfoWorld

The advertising changes are coming across the board, in many on-screen locations and covering plenty of non-Microsoft products. We aren’t yet to the point of ceding huge hunks of screen real estate to the highest bidder, but the wheels are in motion.

Current Version 1607: Ads are springing up all over the place.

Win10 Version 1607 advertising InfoWorld

Version 1607 clean install Win10 Pro

In addition to the obnoxious “Switch to Edge” and “Earn Microsoft Rewards with Edge” pop-ups that appear on machines with Chrome installed, the “Edge is safer than Firefox—it blocks 21 percent more socially engineered malware” pop-ups, and the relatively new OneDrive ad that’s in File Explorer, we also have the following:

  • Advertising on the lock screen.
  • Start menu app “suggestions,” including Candy Crush Soda Saga on Win10 Pro PCs.
  • Unwanted Start tiles, including Food & Drink, Groove Music, Flipboard, and a plethora of other seemingly random tiles (see screenshot).
  • Other Windows tips that appear in Toast notifications and pop-ups, with “helpful” information about how Microsoft’s products are better than rivals’.

None of the offensive applications are installed, mind you. The tiles you see are advertising links that connect to downloads for the products in question.

1 2 Page 1
Page 1 of 2