[chillacy]

I'd be good with less corporate governance on the machine they issued me, more in line with what google does. The windows machines are unusable with all the forced updating, antivirus inefficiencies, and basically spyware. The Macbooks are on their way there, though you can at least still unload the kexts today

[blauditore]

> The windows machines are unusable with all the forced updating, antivirus inefficiencies, and basically spyware.

Hardly ever had such problems on machines I was able to manage myself.

I'm not sure what you're referring to by "forced updating"; the W10 upgrade or just regular updates?

[cptskippy]

My company uses a product called LanDesk to manage updates on machines instead of WSUS. It pops up at least once a week if not once a day and says that I have to reboot. It gives me 60 seconds to choose to reboot now or postpone the reboot boot for 4 hours but you can only postpone 3 times before it automatically reboots. If you don't act in those 60 seconds, the system reboots. It doesn't matter if you were getting coffee or having a bio break.

It doesn't initiate the system shutdown command or at least doesn't wait long enough to allow programs like Outlook to safely shutdown so I've had corrupted mail files that needed to be rebuilt because of it.

Further more, LanDesk has a vulnerability scanner and remote administration utility that are both always running. On top of that we use McAfee's virus and malware scanner and firewall. Cisco's Web Security Agent that monitors all network traffic. And a product called WebSense which as near as I can tell logs everything you do in browser.

We deal with PCI, PII, and HIPPA related information though and they pretty much require this kind of nonsense.

Idk, the whole Windows 10 "spying" and "forced" update policies seems insignificant by comparison.

[blauditore]

Yeah, I've seen such stuff too, and I hate it. Such setups are part of the reason for Windows' bad reputation. IMO, too strong security measures tend to reduce security at some point, because users get annoyed and try to circumvent them.

A blank W10 installation with Avast is blazingly fast and quite reasonable with update handling. A lot has changed since Vista, or even 7 and 8.

[module0000]

You listed the exact set of crap installed on our workstations when I worked for Blue Cross & Blue Shield...then you threw HIPPA out there and really sent it home. Do you work for a medical insurance company?

[cptskippy]

Nope, a non profit charity.

[johnward]

Are they referring to corporate policies/software forcing updates?

[chillacy]

Yes. Corporate IT will install extra software on the machine which does this kind of thing.

On the macs, there's an auto-updater which forces a restart with a countdown, no way to stop it. Its not by Apple for sure, based on how jankey it looks, but terminating the process will prevent the restart. The worst is spyware which randomly spins up one of the CPUs to 100% for 10 mins every few hours while it runs du.

[johnward]

We get updates through a corporate AppStore and they function like normal Apple updates. I can choose when to install, etc. I found the software underneath (https://www.jamf.com/solutions/technologies/mac-management/). Sounds like a better UX than what you got stuck with.

The spyware on my personal phone so that I can read corporate email is pretty asinine though.