• Magnetic_dud@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    0
    ·
    23 hours ago

    The manager who approved this need to be fired. Programs need to ask permission to the user before installing, especially when they’re not device drivers.

    This is literal malware and there’s also a chance that it might be exploited (example: a mitm Attack exchanges the file that armory crate is downloading)

    This kind of Easter egg is not funny at all, developers must avoid undocumented time bombs. I still remember that day 15 years ago when I turned on my Wii and it said that the system files were corrupted. After hours of reverting a full nand backup via bootmii (and losing 2 years of game saves) it turned out that it was a funny April’s fool by crediar, which put a fake system corruption message when you run his program on April 1st. Problem is that his program was a loader for the system menu so it was unavoidable if you didn’t know that.

    Like me, there must be someone paranoid that saw that black bar on the screen, saw a weird Christmas.exe running on their system, and starting wiping or restoring old images to “clean” that.

    • Terrasque@infosec.pub
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 day ago

      More like old app design. It’s much harder (but of course fully doable) to have a memory leak in modern languages.

      • Alph4d0g@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        0
        ·
        1 day ago

        Nothing to do with Windows? Are we sure about that? Asus is a Windows OEM that pre installs Windows and has enough privileged access to insert a surreptitious executable compiled specifically for Windows.

        Yes, agreed, if they chose a *nix like OS and they had root, they could do the same thing and that would be equally shitty. It is Windows OEMs that exhibit this kind of fsckery and yes we do have a choice.

  • Phoenixz@lemmy.ca
    link
    fedilink
    English
    arrow-up
    0
    ·
    2 days ago

    And again, don’t have to deal with this corporate nonsense on my Linux machine. Maybe at work just ask IT to switch your machine to Linux. They likely won’t, but if enough people complain and ask, they might actually start thinking about using sane systems

    • IHawkMike@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 day ago

      Linux on enterprise user endpoints is an insane proposition for most organizations.

      You clearly have no experience managing thousands of endpoints securely.

    • Toes♀@ani.social
      link
      fedilink
      English
      arrow-up
      0
      ·
      2 days ago

      Can confirm, from the IT side of things my hands are tied until the people talk management into it.

      But good luck getting them to give up on Microsoft 365. 🤢

        • Toes♀@ani.social
          link
          fedilink
          English
          arrow-up
          0
          ·
          1 day ago

          Microsoft rebadged their cloud stuff from office 365 to Microsoft 365. This was to harmonize their offerings for enterprise customers. But it also incorporates all of the desktop software too.

    • reksas@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      0
      ·
      2 days ago

      if someone not you installing crap you dont want isn’t compromised then i dont what is

    • zerofk@lemm.ee
      link
      fedilink
      English
      arrow-up
      0
      ·
      2 days ago

      There is nothing wrong with your device. Do not attempt to adjust the picture. We control the horizontal. We control the vertical.

        • Yttra@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          2 days ago

          If you think the zoomers don’t know about Zero Wing you got another thing coming, buster 😎

  • Shimitar@feddit.it
    link
    fedilink
    English
    arrow-up
    0
    ·
    2 days ago

    Somebody should create a windows executable to be placed in the WPBT that silently install Linux on first windows boot…

      • finitebanjo@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        edit-2
        2 days ago

        We blame dog owners when their dog mauls them.

        But yes, I meant it when I said ASUS was bad for doing this.

    • pivot_root@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      2 days ago

      The feature that allows manufacturers to push software onto clean installs has existed since Windows 8. If you’re advertising for Windows 10, you might want to try again.

      • finitebanjo@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        2 days ago

        According to the article, this particular issue is only on Windows 11. Sure, they COULD push to other OS, but they’re currently pushing it only on Windows 11. One temporary workaround for this particular problem is to not use Windows 11.

        • pivot_root@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          edit-2
          2 days ago

          As of last year, they were doing it with Windows 10. Either they stopped pushing it for Windows 10, or the article just doesn’t bother listing the older Windows version.

          They also auto-install their malware software update delivery software automatically on both Windows 10 and 11.

          If you are a new user of a ROG, ROG Strix, TUF Gaming or Prime motherboard and using Windows 10 (Creators Update/ 1903 or later) or Windows 11, you will see a pop-up dialog that invites you to install Armoury Crate during the initial boot of your PC. To install, simply click ‘OK’ and the software will be automatically downloaded and installed.

          There’s plenty of reasons to hate Windows 11, but this Christmas banner debacle isn’t one of them unless you’re also willing to concede that Windows 8, 8.1, and 10 are also all garbage for including the same mechanism which allows vendors to provide run-on-boot executables that bypass clean reinstalls.

          • smokebuddy [he/him]@lemmy.today
            link
            fedilink
            English
            arrow-up
            0
            ·
            1 day ago

            I got it this year on Windows 10, I only realized it was ASUS because it also changed the RGB theme of my ROG Keyboard. Was annoying and confusing but I didn’t assume malware, just stupidity.

    • JustARegularNerd@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      2 days ago

      This might be an unpopular take here on Lemmy but macOS, Linux or Windows 10 Enterprise LTSC IoT 2021 aren’t for everyone… Hell, I wouldn’t expect typical users to even know how to reinstall their operating system at all.

      • GHiLA@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        0
        ·
        edit-2
        2 days ago

        That’s kinda on the list of things that aren’t my problem.

        I hate to be that blunt, but seriously. It’s 2024. If you want fairness, you’re making it yourself. We’re in the cyberpunk dystopia. Learn Linux or, send Microsoft a few disapproving letters and hope.

        If Windows is a part of your job, at least write off any expense on your taxes so you don’t pay for the pain.

        Is it right? No. Everyone should have fair and equal software that is as useful as my tinkering makes mine, but life ain’t fair.

      • finitebanjo@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        2 days ago

        I just can’t bring myself to believe that Windows 11 is or ever will be right for somebody. It’s going to cause more frustration to use it than to figure out an alternative.

        • thermal_shock@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          2 days ago

          fortunately you don’t get decide what’s best for everyone. you do you, not everyone else. don’t be a dick here.

        • OfficerBribe@lemm.ee
          link
          fedilink
          English
          arrow-up
          0
          ·
          2 days ago

          It is almost the same as Windows 8 underneath. W11 for almost everyone should feel just like a new skin with couple more features. There are some annoyances, but I have not seen anything yet that I would consider dealbreaking.

          • finitebanjo@lemmy.world
            link
            fedilink
            English
            arrow-up
            0
            ·
            2 days ago

            They put ads in the startmenu and take “snapshots” of your machine every few seconds to train AI to replace office workers.

            • OfficerBribe@lemm.ee
              link
              fedilink
              English
              arrow-up
              0
              ·
              2 days ago

              At least on Pro / Enterprise / Education edition there are no ads. Maybe I have disabled them, no idea. It could be that this is a thing in Home edition that cannot be easily disabled, have never used Home edition in my life to be honest.

              Recall is an optional feature that will run on specific CPUs and it will be local unless something recently changed. Would I use it even if I could? No, I don’t see a need, but it probably will be useful to many.

  • tabular@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    2 days ago

    I find it difficult to choose a motherboard because they all look shady. aSUS should be criticized for creating a bad app and installing it without consent but I feel like this could have been any other motherboard manufacture.