For those of you who are still using Windows 7, but, considering an upgrade to Windows 8, 8.1 or 10, a word of caution. Microsoft has a new feature that they push in these versions of the OS. They push it very hard. In fact they push it so hard you must go through contortions to avoid using this new feature. For those of you who are not computer systems engineers, it may seem innocuous. It appears to make the system easier to use. Allowing integration of many things which often required entering passwords. You will no longer need to enter a password for your email, or things like that. Those of you who use programs such as Windows 360 where many of the components are online, this may seem to be a great idea.
The integration of needing a Microsoft Account, and needing to log into a Microsoft Account using your email address even extends to Solitaire. You will not be able to get to Solitaire without going through contortions. If you are only partially computer literate, you will not be able to get to the game without using a Microsoft Account, period.
The extreme downside of using a Microsoft Account is that you must obtain permission from Microsoft to use your own computer. If you are not connected to the internet, your out of luck. You will not be permitted to use your own computer because you can not reach Microsoft's server to log in. And if Microsoft's server becomes loaded down, well I think you see the problem. Also, this type of account will make you susceptible to cyber attack. While I can not be sure they may have hooks which will place the account in a hidden area on your computer. Keep in mind that, Microsoft convinced the government to pass a law making it a felony to reverse engineer any of their software. As they have not, and will not, publish their source code, there is simply no way to check.
Now, Before you think this is an improvement, let me explain something. Because we are starting to use Windows 8.1 systems on our companies network, I tried a Microsoft Account on my computer just to see what it did. I did make sure that there were multiple firewalls between the computer I tried this on, and our companies network domain. Here is the result of this.
Converting from a normal account to a Microsoft Account is extremely easy. All I had to do was tell the computer that I wanted to play Solitaire. Sure enough, the program came up to the point that it demanded a Microsoft Account and instead of going into contortions to avoid this, I simply clicked on create a Microsoft account. The computer then informed me that I already had a Microsoft Account using that email address. This set me back for a couple of seconds until I realized they could be talking about an account that I have as an Insider. I have access to pre-release software and various other things that require logging on a Microsoft server to download. I used the password for this account and the system was happy as a clam. Next, it asked me for my Administrative password on the local computer so it could update the system. With severe trepidation, I entered it.
Within seconds, everything was working easily. I could get into everything without going through contortions. All seemed to be great. That is when I hit the first of the snags. Like many of you, I use different login accounts on my computer to separate different types of work. For example, I don't like to surf the Internet on an administrative account. Also, I generally do my writing on one account and my work-related computer work on a separate account.
Thinking to get a little writing done, I logged out of the account I had been using. I should tell you at this point, two days ago I upgraded a Windows 8.1 system to Windows 10. I had done this because we have computers on our work network which have free upgrades to Windows 10. So some of the inconvenience of changing accounts is introduced by Windows 10. Still, when I finally pulled up the login to my other account and logged in, I found my first major problem.
I have a directory on my computer which has been downloaded from our business network. It contains files which are used across multiple computers. I often update this directory to the server to make sure that a backup of this information is kept in a safe location. I do have a backup drive attached to this computer, as well as an entire backup computer attached to our computer network. But I have learned in the last forty years that there is no such thing as too safe on data replication. Yes, I said forty years. In fact, it is more than that. My first training with a computer was learning Fortran in 1965. I've gone from cards to paper tape to Univac storage drums to modern systems. One of the things I have learned over the years, big companies such as Microsoft, do stupid things from time to time. Some of these stupid things are accidents. Unfortunately, some of them are malicious intended to give them an advantage. I'm not fully sure which of these two camps Microsoft Accounts falls into. While it does on the surface give Microsoft an advantage, it does open them up to the possibility of a massive number of lawsuits. If our government had not already been paid off by Microsoft, it would open them to anti-trust risk as well.
Before I finish, I think I had better explain that statement. During the Bush the second administration, antitrust prosecution of Microsoft was dropped by the government due to the government's statement that insufficient evidence exist of wrongdoing on the part of Microsoft. However, on the same evidence that our government found inconclusive, Microsoft was convicted on every count in the European Union. If you do a little research, you will discover that for the crimes that Microsoft was accused of in Europe, the standard of evidence is higher than it is in the United States. While I can not prove it, lacking access to the documents hidden by our government, the only reasonable explanation available is that some high ranking political figure was paid off by Microsoft. I wonder who that person could have been? Do the initials George Bush ring a bell? Before you go off, I'm registered as a Republican. The thing is, crooked dealings are crooked dealings, regardless of the party.
But back to the problem of a Microsoft Account. Remember that directory I told you about. I no longer had access to it. I was asked for the administrative accounts password. I entered it and was told that it was not the correct password. Thinking I had mistyped the password, I entered it several more times. Each time the computer told me that I was entering the wrong password.
At this point, I decided to check the directory from the account which nominally owned the directory. I logged off and tried to log back into the account I had previously been using. The computer told me I was entering the wrong password. I was locked out of my own computer. That was when I thought, Microsoft Account, Microsoft password. Instead of using the password which I had set on this account, I entered the password from my Microsoft Insider account. What do you know. I could use my own computer again.
The bad thing is, this was a password which I personally considered at risk because it was used over the Internet. This at risk password had become the master password for my computer. The very first thing I did was try to regain control of my computer. Now, if you have made the mistake of allowing Microsoft to get a toe hold on your computer with a Microsoft Account, and you are not computer literate; either live with it, or take your computer to someone who is computer literate and pay them to restore your computer to it's normal operation using local control of passwords.
Going into system settings, then going to user accounts, I changed the account back to a local account, with Microsoft griping and complaining at every step. I had to enter the Microsoft Insider Account password several times as this was now the Administrative password for the machine, then I had to rebuild, from scratch, the user account I had been using. Microsoft had thrown away things like the password for the account, remember it was no longer needed as I was to use THEIR password, even the login name of the account. As for the login name, who need it if you are using the email address as your account name. However, this presents several other problems which may be even worse than what I have encountered so far. Some of these problems definitely do exist. I have not risked testing too far to see just how bad things can get. After all, I don't want to have to dispose of a brand new computer and purchase a new one. The unfortunate thing about Microsoft Windows is, it is possible to introduce so much damage into the registry that it is not possible to remove it. Yes, some programs claim to clean the registry. However, I have found that almost all of them are either noneffective or dangerous. Some of them do more damage to the point that even with a restore point your computer is not usable. If you use one of them, I hope you have access to the install disks for Windows and all the other software on your computer and a VERY good set of data backups.
But back to the problems of a Microsoft Account. At this point, I have changed the computer account back from a Microsoft Account to a local user account. Still, the ride is not over. All modern operating systems use the account login name as a security tag in every file created on your computer. Not only does this tell the system, who created and updated the file, the security information, meaning who can see, touch, change, or delete the file is tied back to that name. Fortunately, Windows does not attempt to rewrite the account login name of every file on the computer when the account login name changes. Unfortunately, Windows does not attempt to rewrite the account login name for every file on the computer when the login name changes. I just saw the giant question marks pop up over the heads of everyone who read the above statements.
Think about it this way. All of the files which had been created using the old, original, login name (which I have reinstated) had that name on their security data. All files created while a Microsoft Account was in use have the login name of that account in their security data. Once the original account data is reinstated, any file created under the Microsoft Account login will have the incorrect login name. This means that you must use administrative access just to touch that file. Worse yet, this seems to apply to any file which was modified by Microsoft when the Microsoft Account was implemented. Also, the login name, which no longer exists once the Microsoft Account login is disabled, will never go away until you DELETE the file.
It's now time to go back to that other login account and see if I can gain access to the directory that I had used extensively from this account before Microsoft changed things with their Microsoft Account. When I got back to trying to look at the directory, I still did not have the proper privilege to look at it. However, the computer did accept the proper administrative password this time to reattach the directory so it was usable from this account. Still, there is one more thing to consider at this point. This is a very large directory. The first time I linked this directory so it was usable from this user login, it took five minutes. This time, it took over twenty minutes for the exact same directory. Obviously Microsoft did something that I have not yet found. This is making me very nervous and I will keep looking. When I find it, I'll let you know. I'm hoping that it is only some spurious entries in the registry. Anything else definitely implies malicious intent on the part of Microsoft.
Good luck!
No comments:
Post a Comment