This is really bad advice—don't follow it. Zero day vulnerabilities are a thing, and you intentionally prevent yourself from getting those fixed quickly. Running critical software without updating may have been possible in some distant past, but it isn't any longer: You will catch an exploit or crypto locker at some point.
Microsoft abusing its update mechanism to pushing crap is nothing new, but downright refusing updates ins't the answer either.
When a windows update destroys your install, is it really any different from actual malware? I consider it one and protect myself accordingly.
At least you can be careful about the rest with adblocking, sandboxing and being irrelevant enough to not make your machine a target for anyone competent, which gives you a pretty great chance at avoiding them. If you keep built-in malware (and in recent versions, also spyware) running, then getting screwed by it is a certainty. Personally, I'll take my chances and I think the average HN user would not have any problems doing this, but I wouldn't really recommend this approach to someone that's not tech savvy. I'd give them a Chromebook instead.
> At least you can be careful about the rest with adblocking, sandboxing and being irrelevant enough to not make your machine a target for anyone competent, which gives you a pretty great chance at avoiding them.
That maybe used to be a thing, but isn't anymore really: There only needs to be a single, unpatched vulnerability in your network stack, the multitude of devices around you, whether at home, work, or in a cafe, none of which you control, might exploit.
And one more little piece of trivia; high levels of expertise usually come with increased negligence on the basics, because you're less careful. This affects pilots and nerds alike; just think of Ross Ulbricht.
Windows updates are too dangerous to trust automatically. I've been burned to various degrees too many times to think otherwise. If Windows is too dangerous to use without automatic updates, then it's just too dangerous to use, period.
Yeah all it takes for to drop dead is a single blood vessel bursting in one's head, one careless driver, one wrong thing eaten, one wrong step and you fall and break your neck.
It's always one unlikely thing. I don't think living in such paranoia is a life worth living tbh. Some small risks you just accept to live normally, and 99.9% of the time it'll be alright. With 2FA and other multi device safeguards the risk is acceptable. Frankly authentication for things has gotten so bloated that even the actual user has a hard time logging into things these days.
Frankly I'm more worried about losing or damaging my phone, if that happens then I'm far more screwed and it's a risk we all accept every day. I keep it in aluminium armour to de-risk :)
> I thought flatpak would fix this on linux, but every time I flatpak itself updates half of its apps break with mysterious error messages and refuse to launch until they're also updated.
Linux oldheads could've told you this would happen before the project was even created. We solved package management and dependencies in the 90s and no one has improved on it since. Just stick with stuff in your distro's repos. If it's not in the repos, don't use it. Problems gone.
Going for a windows build with wine instead of the Linux build sounds completely crazy, but then again Proton works exceptionally well on Steam so this might genuinely be the more long term stable option. I'll have to try that out lmao.
