Windows 10 End of Life (3 Viewers)

[BlueSpruce]

Windows 10 support ended 10/14/2025 and Windows 11 was made to trash millions of computers, as most users don't need the fancy hardware features Windows 11 demands to install.

Luckily for anyone who just wants email, web browsing, and some word processing, spreadsheets, access apps, and maybe some photo editing, instead of ditching your computer, you can continue using it, or back up your personal files, ditch Windows, and go with one of the many free Linux versions. Pro versions of Windows can have lots of bits of Linux lurking in it anyway, so you can go the whole way and ditch Windows completely.

It's kind of like everyone used to think you had to have a landline, then mobiles came along and had to have a keypad, then iPhones came along...Could phone numbers and Windows be next on the chopping block?

 

[The_Doc_Man]

While eventually some security feature in Windows 10 will become too serious to ignore, you can extend the effective life of your Win10 by having a good Anti-Virus/Internet-Security package installed, one that does automatic updates on a controllable schedule. Several good packages exist out there in the Internet. Those packages will stave off the wolf at the door.

If you search for this string: "What is the highest-rated internet security package for Windows 10?" you can get a list of contemporary packages and can compare them as to cost, complexity, and other factors. To avoid the appearance of advertising, I will tell you that I am running one of the top five packages but I won't name it. I will also not say the name of the package I wish I could still use, but there are contrary issues in using it in the USA. Draw any inferences you wish from that statement.

 

[AccessBlaster]

...ditch Windows, and go with one of the many free Linux versions. Pro versions of Windows can have lots of bits of Linux lurking in it anyway, so you can go the whole way and ditch Windows completely.

How would you run Access or any Office products?

 

[Pat Hartman]

How would you run Access or any Office products?

Using a Windows emulator.

 

[AccessBlaster]

Using a Windows emulator.

That's one way of not dealing with windows 11. Personally, I like windows 11, zero issues.

 

[RonPaii]

Using a Windows emulator.

I believe an emulator like Wine would have problems handling Access BE files.

Installing a virtual machine on Linux would have the same hardware issue as installing W11 on the base machine, unless you know of a VM that can also emulate the hardware requirements of W11.

 

[BlueSpruce]

Using a Windows emulator.

I have Access running with Parallels on MacOS, and on Win10 hosted in a KVM on OpenSuSE Linux. You can have Access FE's talking to db servers on Linux via Samba.

 

[BlueSpruce]

I believe an emulator like Wine would have problems handling Access BE files.

Installing a virtual machine on Linux would have the same hardware issue as installing W11 on the base machine, unless you know of a VM that can also emulate the hardware requirements of W11.

Agreed, I'm not sure if any VM other than Hyper-V will be able to host W11. By design, MS built W11 to be incompatible with pre_existing hardware, and thus pre_existing VM's.

 

[The_Doc_Man]

That's one way of not dealing with windows 11. Personally, I like windows 11, zero issues.

I won't say I outright like it, but I don't hate it either. My wife, however, has a PC that was just peachy for W10 but lacks the TPM needed for W11. We are on borrowed time, I think, but as long as some really fugly hack doesn't come out that our current AV/IS package can't handle, we should be good.

 

[Steve R.]

... but lacks the TPM needed for W11. We are on borrowed time, ...

Linux is the answer. A basic question that everyone needs to ask as W10 sputters out of existence: Do you really need to remain in a Windows environment?

I would say that Linux offers most everything that MS Windows offers. In the majority of cases, you do not need to remain within the MS Windows environment. Yes, there are some things that Linux does not offer, but there are workarounds.

PS: I have a dual boot computer where I had Windows 10 on it. Update time came and I apparently didn't notice that the update was not for Windows 10 but an update to Windows 11. Sneaky by MS, but my fault for not looking. Shock!! The update went well and I have not noticed anything. Even when I am on Windows, I use (to the extent that I can the Windows versions of) my Linux programs. I only use Windows about once a month.

 

[BlueSpruce]

I won't say I outright like it, but I don't hate it either. My wife, however, has a PC that was just peachy for W10 but lacks the TPM needed for W11. We are on borrowed time, I think, but as long as some really fugly hack doesn't come out that our current AV/IS package can't handle, we should be good.

TPM 2.0 has been included in most PC's since year 2015. However, there are additional requirements for installing Win11. TPM 2.0 is not secure. Although the TPM chip itself has some tamper resistance, other endpoints of its communication bus are not. In year 2021, the Dolos Group was able to extract the full-disk-encryption key as it was being transmitted across the motherboard, and used it to decrypt a laptop's SSD. Due to incidents of stolen hard drives containing nuclear secrets from Los Alamos National Laboratories, the US DoD required hardware based storage encryption and in 2009 Microsoft introduced BitLocker when Windows 7 was RTM.

 

[The_Doc_Man]

Regarding BitLocker, when I switched to a Win11 system (because my Win10 machine of quite a few years finally folded up and died hard), I found a lot of articles about the perils of Win11, and about a dozen or so features just didn't sit will for me. Therefore, I implemented a registry key that blocks ALL USE of BitLocker. Win11, if you allowed it, WOULD automatically encrypt your system - except that I told it NO and then HELL NO.

The problem is the Windows insidious attempt to get you to create a Microsoft account with them when there is no need for such overhead. Sadly, I finally came to a point where I had to get my MS account to play certain games. But I've implemented steps to block a lot of "Personalization" feedback. I've disabled the CoPilot screen-capture stuff. I've also disabled most of CoPilot itself. A LOT of stuff that Win11 tries to do includes sending feedback to MS. They don't need it unless you are insanely enamored of having MS make suggestions every time you turn around.

 

[AccessBlaster]

Rufus, a thumb drive, and the latest Microsoft ISO solved all those issues for me.
No MS account, no BitLocker, no TPM requirements, and no personal questions during setup. The only drawback is that a fresh install is required, but for me its totally worth it.

 

[BlueSpruce]

Regarding BitLocker, when I switched to a Win11 system (because my Win10 machine of quite a few years finally folded up and died hard), I found a lot of articles about the perils of Win11, and about a dozen or so features just didn't sit will for me. Therefore, I implemented a registry key that blocks ALL USE of BitLocker. Win11, if you allowed it, WOULD automatically encrypt your system - except that I told it NO and then HELL NO.

The problem is the Windows insidious attempt to get you to create a Microsoft account with them when there is no need for such overhead. Sadly, I finally came to a point where I had to get my MS account to play certain games. But I've implemented steps to block a lot of "Personalization" feedback. I've disabled the CoPilot screen-capture stuff. I've also disabled most of CoPilot itself. A LOT of stuff that Win11 tries to do includes sending feedback to MS. They don't need it unless you are insanely enamored of having MS make suggestions every time you turn around.

BitLocker "protects" storage devices in case they are stolen, but not when they're unlocked while being used. TPM detects if any changes to the BIOS setup have been made when booting up devices, and you'll need to enter the decryption key to get to the Windows login.

As for disabling copilot, telemetry, and other invasive daemons, I think MS embedded those features into the Windows kernel and the registry key, group policy, and powershell remedies are placebos that don't totally disable them, rather they're hidden in the background. Monitoring CPU, memory, storage, and networking usage in task manager>performance shows similar metrics whether they're activated or "turned off".

 

[RonPaii]

I have Access running with Parallels on MacOS, and on Win10 hosted in a KVM on OpenSuSE Linux. You can have Access FE's talking to db servers on Linux via Samba.

Are the OpenSuSE Access FEs using Access BEs on the server or a SQL server? If Access BE's what type of server, Windows or Linux? Does Samba now fully support NTFS and allow login to Active Directory?

 

[BlueSpruce]

Are the OpenSuSE Access FEs using Access BEs on the server or a SQL server?

No, Access BE's don't run natively in Linux. You would have to put them in a Windows hosted KVM. However, SQL Server runs natively in Linux, although I've never tried the Linux version.

If [not] Access BE's what type of server, Windows or Linux?

There are plenty of db servers that run natively in Linux, e.g. Oracle, MySQL, MariaDB, PostgreSQL, Informix, ... I have linked Access FE's to all of those. On Linux, you typically want to isolate db servers in a KVM. That's the recommended config for hybrid Access/Web applications. Web server also has its own KVM. It's a lot easier to backup/restore KVM's, plus that isolation provides increased security. The Linux server essentially acts as VM hypervisor.

Does Samba now fully support NTFS and allow login to Active Directory?

Yes

 

[The_Doc_Man]

As for disabling copilot, telemetry, and other invasive daemons, I think MS embedded those features into the Windows kernel and the registry key, group policy, and powershell remedies are placebos that don't totally disable them, rather they're hidden in the background.

The articles I found online seemed to indicate otherwise. I.e. they were not described as benign, but rather quite invasive, and the remedies suggested for each "data grab" pointed out that some things needed registry whacking to truly get rid of them, and their solutions included that step.

 

[cheekybuddha]

I.e. they were not described as benign, but rather quite invasive, and the remedies suggested for each "data grab" pointed out that some things needed registry whacking to truly get rid of them, and their solutions included that step.

I think you may have mis-read BlueSpruce's response.

I read it as he agreed that the MS stuff IS invasive, and it's the remedies which are placebos (ie pretend to fix, when actually they don't)

As usual, I my well have the wrong end of the stick!

 

[The_Doc_Man]

OK, I see that interpretation. The bit about the preventative measures is whether you believe the person who posted the relevant video. Is the author credible or a crock? I decided they were credible, but heck, I could be the one with the wrong end of the stick too.

 

[Jason Lee Hayes]

TPM 2.0 has been included in most PC's since year 2015. However, there are additional requirements for installing Win11. TPM 2.0 is not secure. Although the TPM chip itself has some tamper resistance, other endpoints of its communication bus are not. In year 2021, the Dolos Group was able to extract the full-disk-encryption key as it was being transmitted across the motherboard, and used it to decrypt a laptop's SSD. Due to incidents of stolen hard drives containing nuclear secrets from Los Alamos National Laboratories, the US DoD required hardware based storage encryption and in 2009 Microsoft introduced BitLocker when Windows 7 was RTM.

BitLocker's reliance on a TPM for security is its own downfall.
TPM Bus sniffing is the approach.
Defeated in minutes with a Raspberry Pie……