Was Getting Rid of Norton on Your Weekend To-Do List?

What started off as “fix Norton” became a “get rid of Norton” item on my to-do list this weekend. I am soooooo happy now.

Let me be up front and state that professionals don’t use Microsoft products. Of the six to twelve machines in my office at any given time there is no more than one that has a Microsoft OS on it. Professionals simply don’t use Microsoft products for anything.

Having said that, there is always one client that demands documentation in actual MS Word and on rare occasions one wants something cross compiled for Windows. Because of that, you have seen me blog about this computer before. From time to time when I’m feeling nostalgic I think about setting up a retro computer with XP or Windows 2000 (and no Internet connection) so I could play Lords of the Realm II, but who has that much free time even during a pandemic?

Lords of the Realm II cover

I think that will be for the winter months after I officially retire. I never cared for the first person shooter games. The turn based strategy things captivated my attention for far too long though. The DOS version of World of Warcraft was pretty interesting too.

Warcraft – Orcs & Humans

So, this machine sits here on the other side of the office, idle most of the time. I let it run BOINC to help cure cancer, AIDS, COVID-19, etc. Unless I physically need to actually do something under Windows or feel like playing Windows Solitaire, it helps make the human species better. Because it has an Internet connection and Microsoft products are inherently unsafe, I installed Norton.

Reasons to Get Rid of Norton

You had to understand just how little I use the machine to understand just how annoying the Time-Share Up-Sell pop-ups from Norton really are. In and of themselves it would be enough to justify getting rid of Norton.

This particular machine provided an added incentive. I had installed a second hard drive because on even rarer occasions clients want me to use a Ubuntu/Linux VM to do development under Windows so they can communicate with me using Windows. Don’t try to understand, just cash the checks.

I believe Norton is hiring developers that are “priced right” rather than qualified.

Honestly, I really believe that. It’s like Apple dropping serial port support from CUPS because Apple doesn’t make real computers with serial ports.

Lots of ports including serial and parallel

Got news for you boys and girls, engineers need a lot of ports. This very computer came with both a serial and a parallel port. I recently took out the add-in video card but all else remains.

Bad Design Decisions

In the 1990s laptop era you had one hard drive and one CD/DVD. Many of today’s newer laptops make you buy an external DVD. Many of today’s desktop computers come with one hard drive and one DVD. Even more of those pizza box computers come with one hard drive and no place to add more drives.

Some developer at Norton decided that one hard drive was standard and the second drive must always be the DVD. Any additional drives must be actual drives to be scanned. Adding insult to injury, another developer removed the capability of excluding an entire physical drive from scanning in the settings UI. You can only map a path to a directory. Nice huh? There is no way to tell it Drive E should not be scanned because Drive E doesn’t have any media.

Yeah, you aren’t seeing the problem yet. The problem couldn’t be seen, it had to be heard.

During “idle” time Norton periodically runs it’s little scans and what-not. Once per second it was bumping the DVD to see if media had been inserted or some such thing. When I was head-phoned out the other side of the room this was not an issue. When it was head-phones off deep concentration time this was that dripping faucet in the middle of the night.

Even Worse Support

On Friday I decided to contact support. I endured the automated insult bot to the point it transferred me to someone. That someone had to give me a case number. I could wait an unknown amount of time for a call from a mystery 800 number or I could call a specific 800 number and sit eternally on hold. I opted to sit on hold.

Yee-gads! Norton support sucks! I forget how long I sat on hold. I was debating about plugging my phone in to charge as I watched the battery dwindle. When I finally got someone they weren’t much help. They run you through this gauntlet of things trying to tell you it is a hardware problem. Finally they remote in and claim to fully uninstall Norton.

Once Norton was “removed” they told me to monitor the system to see if the DVD bumping went away. I would get a call back in 2-3 hours. I spent much of the day on another machine and didn’t hear any bumping. When I finally came over to wiggle the mouse I saw a big dialog from Norton (the thing that was supposedly removed). It said “This version of Norton 360 isn’t compatible with Windows 10…”

Okay.

Get Rid of Norton – Last Straw

Early Saturday morning, once AT&T had turned the towers back on in my area, I called back in to the 800 number, sat for quite a bit of time on hold. I finally got someone who was working from home and had no ability to remote in.

I’m all for letting people work remotely, but dammit, make sure they have the tools they need to do their job. He had an Internet connection which means you didn’t send him home with a properly configured company laptop. One has to go to a Web site Norton has to let them in. Norton didn’t properly set up a VPN for their own workers. Gotta wonder how good their VPN really is, don’t you?

I physically wanted them to look at the dialog so they could file a bug that the Norton Remove & Re-install tool they were using didn’t ()*&)(*&U)(*ing work. If Norton really was removed that dialog wouldn’t show.

Ultimately I had him sit on the phone while I searched for and nuked every file that had “norton” anywhere in its name. He said he could escalate my call to some supervisor that might have remote-in capability but I wouldn’t get the call back for 48 hours. Again, it would be a mystery 800 number.

Your manufacturer vehicle warranty is about to expire.

If you life in America and have a telephone, you recognize that line or one very much like it from “Auto Warranty Center.” The current scourge of robo-calls.

48-hour Callback is Not Support

I politely pointed out “48-hour callback is not support.” Not by any definition is that support. If Norton has too many customers to adequately support them then I could help with that problem.

McAfee had a 10 machine special going on. While I’m a professional, I have family members who are “just users.”

I spent Saturday getting rid of Norton from just about everyone’s machine. Just have to drive to my Uncle’s place to get rid of Norton on the last one.

Lousy Software Policies of Microsoft Windows 10

Been a long time since I had Windows as a primary OS on any machine I cared about. I had forgotten Microsoft’s lousy software policies. Nobody could really forget the lousy software or why <ALT><CTRL><DEL> became ingrained in the mind of generations. You can forget the really bad design when you only let Windows run in a VM.

Well, one has to be more specific when talking about bad design and Microsoft. In this particular case it is forced updates with forced reboots. Microsoft ASS-U-MEs that it is the only OS on your machine and that it controls the boot sequence.

Silly Microsoft! Trix are for kids!

The Trix rabbit

What Happened?

I left the office last night with Windows 10 started and BOINC running. Yes, if you are reading in sequence this post is one day after my previous post. I came out to find a Ubuntu 20.04 LTS login screen. Even after applying all of those updates that got applied yesterday Microsoft decided to push out yet another update forcing a reboot.

Forced reboots are why many corporations don’t allow developers to run Microsoft operating systems as a primary on their desktop. This is especially true in the medical device world where you can leave a long build of Qt or CopperSpice from source running when you go home. Having the host OS reboot and take out the Linux VM running the build really jacks things up.

Microsoft Defensive Strategy #1 – Fix Grub

sudo nano -B /etc/default/grub
Grub configuration

You want to change GRUB_DEFAULT=0 to be GRUB_DEFAULT=saved. At the end you want to add GRUB_SAVEDEFAULT=true. Exit and save the file.

sudo update-grub

That will generate new Grub menu for boot. It tells Grub to default to whatever the last selection was. If you have ten different operating systems installed when some kind of power issue causes your system to reboot, it will reboot to the last chosen OS.

Microsoft Defensive Strategy #2 – Try to configure Windows properly

You can find Windows users complaining to Microsoft directly that this “automatic reboot feature is a cancer.” There are many really long winded less than effective “work arounds” listed on official forums. Most of them seem to center around completely removing the ability to restart. Not just removed for updates, your ability to restart gets disabled as well. There are even some advertisement pumping sites like this one with information that might have been right at some point.

Here’s what I did.

This only works for Windows Pro. You shouldn’t be using “Home” for work anyway. Especially not if you need to leave tasks running overnight or for days.

You have to start by hitting the “Windows Key” and R.

Windows key

Hold down the Windows key and hit R then release both. In the run box that pops up you need to type the following:

gpedit.msc

When that application starts go to full screen mode. On the left navigate your way down:

Computer Configuration
    Administrative Templates
       Windows Components
          Windows Update
Navigate to Windows Update on left side of screen
You will then see a lot of settings on the right side

What people tend to do here is look for a “one & done.” Microsoft deliberately made this difficult. If you try that approach as many have, you still end up with the occasional update reboot happening. I took a more deliberate and measured approach.

Turn off auto-restart for updates during active hours
You are limited to an 18 hour window for “active hours”
Configure auto-restart reminder notifications for updates
240 minutes is as high as you can go
Configure Automatic Updates

Most people miss this rather obvious step. You can limit the damage to one day per week or month here.

Update settings

I changed it to every Thursday at 7am. I also told it to install updates for other products because this machine had word pre-loaded. Some people can remember useless things so they can get buy with one week per month. I always get way to involved in a project and forget little things like “Hey, my PC is going to screw me on the third week of the month.”

If I’m changing settings at a client site, (some allow us to do that, some don’t) I tend to choose 11:30am on Friday. Why? I usually find someone to go get fish and chips with on Friday.

Allow Automatic Updates immediate installation
Automatic installation

If Microsoft does not lie to you, this should be enabled. Why not let them automatically install things that aren’t going to bounce the computer or take down a service?

Turn on recommended updates via Automatic Updates

Recommended updates is a double edged sword. You should get a better experience but you increase the chances of needing a reboot.

Be Careful Here

No auto-restart with logged on users for scheduled automatic updates installations

This is the one and only setting people tend to reach for. It is also the most misleading. Many things you want to leave running uninterrupted don’t require an active login. A good example would be backup software where you schedule a task. On this day at this time it backs up your computer whether you are logged in or not.

Enable this

You need to control this setting along with the day and time. You can’t avoid the reboot, but you can mitigate the damage. Just how good do you think your automatic backup is going to be if updates try to apply while it is running? How about when the computer reboots half way through?

Re-prompt for restart with scheduled installations
Enable this and set it to at least 60 minutes

What we are doing here is assuming some restart will slip through so make Microsoft drag a plow. You can keep postponing while you are there. This is one reason you probably want to set the day and time for when you will be in the office. Yes, it is annoying if there are a lot of updates to apply, but you can personally stop any significant damage.

Should look like this when done

Linux Distros That Suck at Multiple Hard Drives

Some Linux distros really suck at dealing with multiple hard drives. Too many “maintainers” only have a laptop.

Background

You need a wee bit of background before we jump in. Hopefully you can see the featured image. Recently picked up this Lenovo M93p ThinkCentre from eBay. I specifically bought an M93p instead of M83 because I wanted two hard drives. I had a 480 GB SSD I wanted to transfer the Windows 10 over to and I had a 6TB Western Digital Black I wanted to use for the other operating systems.

Why did I buy this particular M93p?

Lenovo M93p Ports

I actually added the PS/2 ports today. The little cable showed up to do that. It already had both serial ports, wifi, and the NVIDIA add-on video card. If your eyes are real good you will notice that on the other side of that Wifi antenna is a parallel port.

Software engineers need a lot of ports. If book sales start picking up I may even have to break down and buy another dot matrix printer to print shipping labels with. Yes, parallel port dot matrix printers are still made. You can buy them from newegg.com today. There are lots of legal requirements to print with impact printers on multi-part forms in various shipping and transport industries. They also do a more economic and reliable job on mailing labels . . . if you buy the right one . . . and you have the proper printer stand.

Printer stand back

The best ones from days of old have both a center feed slot and a rear feed slot to accommodate either type of printer. Long time readers of this blog will remember I started work on a Qt and USB series and then life got in the way. That was all USB serial ports talking to real serial ports. My Raspberry Qt series also involved quite a bit of serial port work. My How Far We’ve Come series also involved quite a bit of serial port stuff as well.

Putting it mildly, I still do a fair bit of serial port work from time to time. If I get done with RedDiamond and RedBug without life getting in the way I’m going to start a new post series using CopperSpice and serial ports. The makers of Qt have honked off their installed base with the new “subscription licensing” for Qt 6.x and beyond. Even more honkable, if that is possible, is the chatter that they are trying to license the OpenSource QtCreator as well. Yeah, people are making a hasty exit from the Qt world and many are headed to CopperSpice.

Sadly Needed Windows

Unlike every other machine in this office, I needed to have Windows on this machine. There is some stuff coming up that will require it. There is no way in Hell I was going to try writing my serial port code using Linux in a VM. I may edit it there, but testing is a completely different story.

You’ve never spent days trying to track down why some characters don’t get through. Worse yet, the serial port just “stops working.” After you do a bunch of digging you find that someone baked in some super secret control strings to do special things in the interface driver of the VM. Nothing nefarious. Usually to support “remoting in” via cable connection.

Boot Managers

In the days of DOS and GUI DOS that Microsoft insisted on calling Windows, this was no big deal. BootMagic and about a dozen other competitors existed to help Noobies and seasoned pros alike install multiple operating systems onto the same computer. Honestly, I can’t even remember all of the different products that had a brief life helping with this very task.

OS/2 had Boot Manager backed in. Those of us needing to develop for multiple operating systems usually ran OS/2 as our primary. It just made life so much easier.

Early floppy based Linux distributions came with Lilo. It was generally pretty good at realizing Linux wasn’t going to be on the primary disk. SCSI controllers could support six drives and distributions were different enough you had to boot and build on each.

Grub

Later many distros went with Grub. To this day Grub has issues. The biggest issue is that each Linux distro adopts new versions of Grub at their own pace and Grub has a bit of history when it comes to releasing incompatible versions.

Adding insult to injury is the fact many Linux distros like to hide files Grub needs in different places. When you run your distros version of “update-grub” (as it is called in Ubuntu) it has to be a real good guesser when it wants to add a Grub menu line for a different distro.

Your second fatal injury happens during updates. Say you have an RPM based distro but have Ubuntu as the primary Grub OS. When your RPM based distro updates and changes the boot options for its own Grub menu entry in its own little world it has no way of informing the Grub that is actually going to attempt booting. Sometimes an “update-grub” will fix it and sometimes it won’t. A bit heavier on won’t that will.

Drives got too big

That’s the real problem. During the SCSI days when 80MEG was a whopper we put each OS on its own disk and just changed the boot device. That was our “boot manager.” Every OS existed in its own little universe.

As drives got bigger various “boot manager” type products could play games with MBR based partitions. Only one partition could be “active” so a tiny little boot manager got stuff into the MBR and it changed the active partition to match the requested OS.

Cheap but effective trick as long as you didn’t need more than four partitions. Only a primary partition could be flagged for active booting. Lilo and the other Linux boot managers started allowing Linux distros to boot from Extended partitions.

Today we have GPT and UEFI

I’m not intimate with how these work. The Unified Extensible Firmware Interface (UEFI) created the spec for GUID Partition Table (GPT). {A GUID is a Globally Unique Identifier for those who don’t know. That’s really more than you need to know.}

Theoretically we can have an unlimited number of partitions but Microsoft and Windows have capped support at 128. The UEFI should be replacing Grub, Lilo, and all of these other “boot manager” type techniques.

We shouldn’t have all of these problems

As you install each OS it should obtain its partition GUID then find the boot device and locate the UEFI partition on it. Then it should look for a matching GUID to update and if not found, create an entry. There is a spec so every entry should be following the same rules.

(If you read up on the OS/2 boot manager you will see that from the 10,000 foot level UEFI and the OS/2 boot manager conceptually have a lot in common.)

When any computer boots from UEFI and there are multiple operating systems in the UEFI partition, UEFI should show the menu and let the user select. This should all be in hardware and firmware now. We shouldn’t have Microsoft trying to lock us into their buggy insecure OS and Linux distros shouldn’t be trying to ham-fist Grub into UEFI.

The Split

I wanted all Linux distros to boot from the 6TB drive. I wanted Windows and UEFI to stay on the tiny SSD. This isn’t unreasonable. As all of the background should tell you, I’ve been doing things like this for decades. I did not want to try and stuff everything on the 6TB.

Each Linux distro would get 500 GB – 800 GB depending on how much I thought I would be doing in them. This means I should be able to put up to 12 different distros on the drive.

That may sound like a lot, but it’s not. You’ve never written code that worked perfectly on a Ubuntu LTS and failed rather bad on some of the YABUs supposedly using that LTS as their base . . . I have. The only way to know things for certain is to have a bunch of test systems. When you are testing serial port (or other device stuff) you need to be running on hardware, not in a VM.

Manjaro was the first failure

Manjaro kernel 5.9.16-1 was actually a double failure. I have this distro running on a pair of machines, but it is the only OS on them. Rather like what they’ve done with the KDE desktop. I rather hate the fact PostgreSQL cannot access the /tmp directory bulk import to restore a database doesn’t work on that platform. There are a few other odd Manjaro bugs as well.

I wanted to do some pacman packaging and some testing of the future serial port code in CopperSpice on Manjaro so it was first on the list. It booted fast and seemed to install clean. Rebooted the computer and boom, Windows came up. Navigated to the Advanced Settings under Settings in Control panel and tried to switch the boot OS. Boom! Windows is the only entry.

(*&^)(*&)(*

Let’s Install Ubuntu!

I had real dread when I reached for Ubuntu. That installer has had a lot of assumptions baked into it over the years. I was pleasantly surprised and slightly disturbed.

Installation went smooth and when I rebooted I was greeted with a Grub menu. Both Windows and Manjaro were on the Grub menu, but, should we really be seeing Grub on a UEFI system with multiple operating systems? Shouldn’t there be a UEFI menu that just has an entry for Ubuntu and when you select Ubuntu shouldn’t that be when you see a Ubuntu Grub menu?

Let’s See if Manjaro Boots Now!

Once I verified Ubuntu could boot and apply updates I rebooted and selected Manjaro. That’s as far as you get. The Lenovo logo stays on the screen and nothing else happens. HP owners have the same problem according to Reddit.

Fedora 33 Was Next

The Fedora installer was the worst of the lot. If you chose the second drive via one of the manual methods, it looked for a UEFI partition on that drive. It wasn’t smart enough to determine what the boot device was and go look there. You couldn’t get out of the screen either. There was no back or cancel, you had to power down.

Summary

Manjaro at least tried to install. It failed to create anything in the UEFI partition of the boot disk and it failed to show any error with respect to UEFI creation failure. It refuses to boot from the entry Ubuntu created for it in Grub. Double failure. I suspect this is due to a combination of super secret stuff needed on the menu entry, Manjaro using a different version of Grub, and Manjaro potentially hiding the files in a place Ubuntu doesn’t know to look.

Fedora failed to get out of the starting blocks. That graphical installer needs a whole lot of work!

Ubuntu worked despite my expectations of abject failure.

Just because Ubuntu worked doesn’t mean every YABU will. Most tend to write their own installers. If the developer working on the installer only has a laptop, they are going to take unreasonable shortcuts.

Related posts:

Fedora 33 Black Screen Again

How to Install PostgreSQL on Fedora 33

Fedora 32 – Black Screen After Login

Question From a Reader

The following question came in from a reader who happened to catch one of my posts on a programming email list.

====

As usual, I quite enjoy your detailed analysis coupled with historical contexts, since I learned my trade through those days (Sun SPARC workstations, VAX minicomputers running VMS, etc.).  They are always entertaining, usually edifying, and sometimes nostalgic for me.  :)

I’m curious, though, about one particular point you made:

Windows isn’t even going to be Windows 2 years from now. It is going to be a Microsoft front end on top of what used to be Ubuntu Linux. They’ve already started the process with Windows 10.

Is this just prescience on your part, or is this based on some published road map from Microsoft?  I abhor Windows 10 along with the direction the operating system has taken, but if they are planning to truly run on a UN*X-based foundation, as Apple decided to do with OS X, then there might be some interesting times ahead that would keep me from jumping fully to Linux and sandboxing Windows into a VM.

====

Well dear reader,

Lots of little things published by Microsoft and Windows 10 itself __AND__ the fact OpenSource projects don’t get sued over data breaches.

Microsoft has publicly stated it is creating DOT-NOT Anywhere (don’t remember the exact name) as well as C# anywhere in an attempt to make their obsolete sh*t usable on the current desktop. Windows 10 is the first step (integration) at putting a Windows looking desktop on top of Linux.

You may recall Microsoft paid Novell lots of money to create the first draft of this many years ago. It was called Mono and it yielded one OpenSource product, Evolution. While Evolution was pretty good early on, it was soooooo tied to the Gnome desktop it never got a real following.

Keep in mind Windows started out as a task switching GUI on top of DOS which was criminally marketed and sold as “Windows Operating System.” You typed “win” at the C: prompt and when you exited Windows you were right back to the C: prompt.

While Windows NT, when it was on the Alpha, really was an actual OS because Cutler based it on an improved VMS, the tiny minds at Microsoft could not understand logikals, RMS, file versionning, passing via descriptor and the host of other improvements (I was actually doing a project at DEC when the Alpha was being built) so, the Microsoft weenies stripped it back to DOS. While they keep adamantly telling those too lazy to look that Windows 7, 8, 10 (what happened to 9?) “are completely different from DOS” few who ever worked at that level believed them because the bootstrap was pretty much the same. Different file names, but not really that different of code.

Somewhere on-line you can pull down a free copy of MSDOS if you feel like doing some hardware debugging. At some point many years ago MS released a version of DOS for download to kill the OpenDOS, FreeDOS and half a dozen other DOS projects which were gaining steam. Each project was having trouble with one of the Microsoft memory managers needed to run Windows 3.x cleanly. I forget their names. One got loaded in CONFIG.SYS and the other in AUTOEXEC.BAT. I just did a quick search and stumbled onto this discussion where everyone claims until they are blue in the face that such a release never happened, but I distinctly remember reading that very thing on more than one DOS project Web site. Pretty much when all forward effort stopped on most projects. FreeDOS suddenly seems to be quite active again though.

Ah yes, and there is this “MSDOS 7.1” from some group in China, but I digress.

For more than two decades now when you dropped to the command line you dropped to DOS. They kept telling everyone it was running in a VM and not letting you out to the base OS, but, dropping to a VM does not prove it is not still the base OS. Even when 98 and 2000 were released MS was telling the public they weren’t DOS booted, but now the “official” word seems to be:

MS-DOS 6.22 (1994, last standalone version)
MS-DOS 7.0   (1995, Windows 95A)
MS-DOS 7.10 (1996, Windows 95 OSR 2, Windows 95 OSR 2.5, Windows 98, and Windows 98 SE)
MS-DOS 8.0   (2000, Windows Me)

Ah yes, PowerShell has had some pretty massive security breaches as well.

Why? Because Microsoft never could create business class software they just did a __lot__ of marketing to dupe people into buying it and, more importantly, duped people into reporting far more sales than actually occurred.

Officials from Equifax are going to spend the next month, if not longer, being hauled in front of Congress. Beating up executives from corporations which cause massive consumer identity theft is about the only Bipartisan thing to occur in Washington. You may remember Bill Gates got this same pleasure when Janet Reno was screwing the human race not putting him in prison at the behest of the Clintons? Well, guess who is going to be behind yet another breach at some point? Some company will be using Microsoft Windows on a server which gets breached without a pre-existing patch from Microsoft and they too will get a return trip before Congress. If it is a wide enough breach they will also get to appear before the EU and get yet another round of sanctions along with the peepee whacking.

The ONLY way to sidestep this is to make the kernel and terminal all OpenSource Linux projects. “The Community” won’t be prosecuted because they are volunteer. This means all of the networking and other security are completely out of Microsoft’s hands. This also means that the beyond wretched “Windows Registry,” a source of countless attacks as well as system stability issues, goes away. Whatever Linux uses to keep track of things is what Windows will use now.

In order to make Windows more stable and secure, Microsoft has to abandon Windows.

So yes, to answer your question, within two years Windows will be just like OSX. A task switching GUI layered on top of an actual operating system. Windows 3.1 is back in vogue.

Blocking Windows 10

I’m basically recording this because I know at some point some relative will visit an antiques shop and while buying steel irons you had to heat on the stove to iron clothes with they will also purchase a computer so old it runs Windows. Talk about obsolete!

Windows 10 is now being called Ransomware in many circles because Microsoft is forcing it out as an “update” and some things get trashed. What most vehemently offends is the fact Microsoft ASS-U-MEs you don’t have something like a 5 or 10 Gig data plan when they force out this 2.something gig virus. If people actually wanted it they would click on the nag-o-gram.

I stole the 2 files needed from here. I have copied them to my site in case Internet link rot kicks in.

DisableOSUpgrade

http://theminimumyouneedtoknow.com/send/DisableGWX.reg

You basically need to open a terminal window as administrator. Navigate to where you downloaded these files, then run them. Once done, reboot. The Windows 10 virus will now be prevented and the nag-o-gram “should” be gone.

windows_10_block