• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.
  • The forums have been upgraded with support for dark mode. By default it will follow the setting on your system/browser. You may override it by scrolling to the end of the page and clicking the gears icon.

Critical Flaw in Windows 10 Could Corrupt Your Hard Drive

lexluthermiester said:
As long as you don't use the built-in Windows Firewall, that's not really a problem.
Click to expand...
Yet. But someday it will be. Hopefully by the time that comes around though most users will have migrated.

lexluthermiester said:
Write-buffering actually completes the writes as some point.
Click to expand...
True. At least, usually true. There are some exceptions but not generally worth mentioning. JFS on linux for example, has the amazing property of a write buffer that won't flush until it's full: that's right, no timeout.

No one really uses that anymore though.
 
trparky said:
I still wouldn't trust it. If I knew that a file was corrupt, I'd wouldn't trust any repair of it. Replace it from a known good source.
Click to expand...
Now there's the rub. Without a checksum, how are you going to know that data become corrupted in the first place if you don't have a signature to check it against? You won't until you try to use it and if (and only if,) the application using it throws an error due to the corruption as opposed to still continuing to operate with the bad data.
lexluthermiester said:
Write-buffering actually completes the writes as some point.
Click to expand...
So does CoW. Metadata gets copied, but why copy the data when it doesn't change? The data is already there and it's not going to change. If you as the consumer of data get your data when you ask for it, why do you care if under the hood there is structural sharing to save on space along with all the other benefits of going that route? You shouldn't. You should however care about things like snapshotting and disk space optimization because it enables you to have more control over your data without having to do all of this yourself and things like optimizing disk usage gets you more out of your drive. That's definitely not a bad thing.
 
Last edited:
R-T-B said:
has the amazing property of a write buffer that won't flush until it's full: that's right, no timeout.
Click to expand...
I'm not sure I like that concept. We've already had discussions in other parts of these forums where people have complained about how SSDs (except for those expensive enterprise drives) don't have some form of onboard power device to complete the write transactions in case of a power failure. Or am I barking up the wrong tree here?
Aquinus said:
Now there's the rub. Without a checksum, how are you going to know that data become corrupted in the first place if you don't have a signature to check it against? You won't until you try to use it and if (and only if,) the application using it throws an error due to the corruption as opposed to still continuing to operate with the bad data.
Click to expand...
For my most important data, I make my own checksums. Do I wish I didn't have to do that? Yes. But I only do that for about 1 to 2% of the data that I store, mostly ripped DVD ISO files (yes, I own them). As for the rest of the six or seven terabytes of data that I have, oh well... it's not a big deal.

If you guys must know, I have a TV series set that is really old and the DVD set is experiencing bit-rot. Some of the disks are physically delaminating. Needless to say, I have all the disks ripped to ISO files on my drives and store them in multiple locations with manually created SHA512 checksums.
 
trparky said:
I'm not sure I like that concept. We've already had discussions in other parts of these forums where people have complained about how SSDs (except for those expensive enterprise drives) don't have some form of onboard power device to complete the write transactions in case of a power failure. Or am I barking up the wrong tree here?
Click to expand...
No, you are completely correct.
 
I thought so. Any write buffer that doesn't start spooling the data to the disk as fast as possible opens the door for data corruption the likes of which... yeah, I really don't want to think about it.
 
R-T-B said:
Yet. But someday it will be.
Click to expand...
If you really think that, you need to brush up on how firewalls work. If a person using a third party firewall that is currently being maintained and continuing to support Win7, if properly configured, that user will not be exposed to anything that will put them at risk.
R-T-B said:
Hopefully by the time that comes around though most users will have migrated.
Click to expand...
Time will tell.
R-T-B said:
No one really uses that anymore though.
Click to expand...
Likely because it's not very useful.
trparky said:
I thought so. Any write buffer that doesn't start spooling the data to the disk as fast as possible opens the door for data corruption the likes of which... yeah, I really don't want to think about it.
Click to expand...
Exactly.
 
lexluthermiester said:
If you really think that, you need to brush up on how firewalls work.
Click to expand...
No, I don't. a firewall can't supersede the TCP/IP stack that accepts the incoming connection in the first place. Find a hole in that and you've got the keys to the kingdom.

It'll take time. It took A REAL LONG TIME for 2000 to get there. I don't think XP is even there yet. But it'll happen, because software isn't perfect. As I said, I doubt it'll be a real issue because by then, the install base will be gone. We hope anyways.

lexluthermiester said:
Likely because it's not very useful.
Click to expand...
It's fast and has low cpu cycles, but it's largerly from IBM datacenter land and doesn't care if you lose power, screw you in that situation lol. You also should be using ECC according to them. Yeah. Old school IBM exec logic... lol.

NTFS as far as a filesystem has it's lineage in HPFS from OS/2. It's a very old design. That doesn't mean it's bad though. It's decently vetted and proven. But Microsoft is aware it is aging, and is working on a replacement already. That's why I mentioned ReFS. It's already available in Server, but it doesn't support extended attributes yet, so you can't install to it.
 
R-T-B said:
No, I don't. a firewall can't supersede the TCP/IP stack that accepts the incoming connection in the first place. Find a hole in that and you've got the keys to the kingdom.
Click to expand...
Oh yes you do. Most good firewalls use kernel level implementations to regulate network traffic coming into and out of a system being firewalled. I'm aware that IT security is your line of work, however that doesn't mean you have nothing to learn.
R-T-B said:
But Microsoft is aware it is aging, and is working on a replacement already.
Click to expand...
NTFS doesn't need replacement, it needs refinement. Nothing more. You don't fix something that isn't broken.
 
lexluthermiester said:
Oh yes you do. Most good firewalls use kernel level implementations to regulate network traffic coming into and out of a system being firewalled. I'm aware that IT security is your line of work, however that doesn't mean you have nothing to learn.
Click to expand...
Your saying they use their own TCP stack? I really doubt that. Mind you stack level exploits are really rare. Like I said the last I'm aware of is in Windows 2000... or maybe it's even NT, I forget. They aren't common, is the point.
Regardless, I basically agree with you.
lexluthermiester said:
NTFS doesn't need replacement, it needs refinement. Nothing more. You don't fix something that isn't broken.
Click to expand...
In the same sense that FAT32 doesn't need replacement, yes (I'm aware they are not in the same league but they both fill roles, so bear with me). See, it's good at what it does but having a newer flashier "heir to the throne" would not hurt the PR people. That's what MS is after, honestly. ReFS is slowly being retrofitted for that, I feel.
 
R-T-B said:
Your saying they use their own TCP stack? I really doubt that.
Click to expand...
Exactly. The firewall still needs to insert itself into the networking stack. If at any stage of the networking stack there is a vulnerability below that of where the firewall is loaded, as @R-T-B has said before... you have the keys to the kingdom.
 
trparky said:
Exactly. The firewall still needs to insert itself into the networking stack. If at any stage of the networking stack there is a vulnerability, as @R-T-B has said before... you have the keys to the kingdom.
Click to expand...
But again, these kind of exploits are rare, because the best coders are hired for that sort of stuff. Because they know that's entry point #1.

Not impossible, but pretty far out.

So we both have points here.
 
R-T-B said:
But again, these kind of exploits are rare, because the best coders are hired for that sort of stuff. Because they know that's entry point #1.
Click to expand...
Ah but I still remember the days of using punters back in the old Windows 9x days. Oh those were the days. Losing an online game? Load the punter and sit back as your opponent dropped out of the game. I believe it used a malformed ICMP packet that crashed the old Windows 9x TCP/IP stack.
 
trparky said:
Ah but I still remember the days of using punters back in the old Windows 9x days. Oh those were the days. Losing an online game? Load the punter and sit back as your opponent dropped out of the game. I believe it used a malformed ICMP packet that crashed the old Windows 9x TCP/IP stack.
Click to expand...
9x was kind of an abomination in that regard, lol.

I think it's the last one Bill Gates actually had lines of code in too. Makes me wonder how competent he really was...
 
R-T-B said:
9x was kind of an abomination in that regard, lol.

I think it's the last one Bill Gates actually had lines of code in too. Makes me wonder how competent he really was...
Click to expand...
Oh yeah, it was only when Windows XP came out that the consumer world graduated to using a real OS. Everything before Windows XP was an absolute dumpster fire.
 
trparky said:
Everything before Windows XP was an absolute dumpster fire.
Click to expand...
Hey, my Windows 2000 nostalgia is insulted by that comment! :laugh:

I do agree, though. I would go even further and say XP before SP2 was garbage.
 
lemonadesoda said:
Yep. I have another unwanted forced update last night.

And YES I have done all the registry policy and O&O shut ups to stop forced update. But somehow, MS, automagically does it anyway.
Click to expand...

You can COMPLETELY disable Windows updates on Windows 10. Tested on 1903,

First go to Services and shut off Windows Update and disable it. Refresh Services to make sure it isn't running.

Now navigate to \windows\system32\ and find files wuaueng.dll and wuauclt.exe. If you can find the former, then look for wuauserv.dll.

For each, go to properties, security, advanced.
Click change owner and type in your user name, Click Check Names to select your user name and Click ok. Then Click Apply or Ok on the main window and close it and reopen it.
Now, you can change permissions for all users.
Delete/Remove permissions from all users and Click Ok.

If that doesn't work, then change owner to Administrator, close the window and try again.

That's it.
To re-enable, add "Read/Execute" permissions to System on wuaueng.dll or whichever dll you have. Doesn't need it on wuauclt.exe for some reason.
 
...we need an update script, to allow permissions, force manual update, then deny permissions.
 
RTB, thanks for the tip. Installed. Looks nifty. But look at this screenshot:

winup.png


Please tell me what i am doing wrong. Look, the screenshot shows that "Disable Automatic Update" was ALREADY set. But guess what, Windows autoupdates, auto reboots. Can you lot even begin to understand my frustration!
 
lemonadesoda said:
RTB, thanks for the tip. Installed. Looks nifty. But look at this screenshot:

View attachment 187436

Please tell me what i am doing wrong. Look, the screenshot shows that "Disable Automatic Update" was ALREADY set. But guess what, Windows autoupdates, auto reboots. Can you lot even begin to understand my frustration!
Click to expand...
Try running as Administrator? Maybe it'll unlock other checkboxes there, I usually use "Disable Update Facilities."
 
Is this specific to the C:/ drive only or any drive!?!? Curious if you can use this to corrupt then reformat a bitlocker encrypted drive.
 
Last edited:
You must log in or register to reply here.
Back
Top