my latest test went through on VBox, using "en-us_windows_10_iot_enterprise_ltsc_2021_x64_dvd_257ad90f.iso" but it still requests activation (LTSC ver). I remember you said, the latest version would automatically activate when LTSC iso install done. am I missing anything? Thanks,
i dont have lot of knowledge with the script. i was basically thiking the same i actually asked in the windows 11 thread are you creating the ISO with the createISO.cmd file.? am new to the script and i was using a ISO that gets created inside the ISO folder. wich its just a regular ISO.
Please check inside the $OEM$\$$\Setup\Scripts folder, which was copied to the DVD\Sources folder, to see if the MAS_AIO.cmd and SetupComplete.cmd scripts exist. It turns out that if you are working with these files and scripts with your antivirus enabled, the antivirus often removes the script because it thinks it is malware, which has nothing to do with it. Even when copying a script or folder to another location, the antivirus interferes. That's probably what happened. In this case, you can copy the scripts from :\24H2_Integrator\OEM\$OEM$\$$\Setup\Scripts to the DVD\Sources\$OEM$\$$\Setup\Scripts folder and test it. Personally, whenever I work with this, I leave my antivirus disabled.
Im testing in VM the creation process .. using "en-us_windows_10_enterprise_ltsc_2021_x64_dvd_d289cf96" as base.. during creation , script finds 2 images ... Index 1 - Win10 Enterprise LTSC and Index 2 - Win10 Enterprise N LTSC My understanding about 'N' versions is that it lacks some media features (Media Player /Skype/Music, Video, Voice Recorder) .. things that i dont use or want in first place. Is it ok to choose Index 2 during creation , i mean does SD script cares about the resulted iso ? Also in another DEFAULT image test (same LTSC ISO as base, and choosing Index 1 - Win10 Enterprise LTSC x64) , and installed "updated iso" in VM i found that it converted to "iot_enterprise_ltsc" ( for activation purposes i guess, because HWID activation with MAS is impossible on LTSC 2021, although MAS v3.0 introduces an alternate "TSforge" method), and i was unable to install/add second DISPLAY Language .. with error 0x0 of some kind Is that normal ? Thank you
Since the original script, by Wkeller, nothing is explicit about this. I understand that the settings can be applied to this image, but there is no guarantee that it will work correctly, as it was not designed for this specific version. Only by testing will you be able to confirm whether it works or not. Nothing is done about this in the script. Neither to block nor to add. I believe that to add a second language it would be necessary to do a specific process for this before using the SD script. abbodi has a script for this: https://forums.mydigitallife.net/th...10-distribution-automated-batch-script.68791/
Thanks for reply, You can be right. It’s noticed that 23H2/24H2 wouldn't disable Windows Defender, no matter what I have tried. I am changing the host PC onto Windows 10. Windows 11 looks NOT user-friendly.
try to disable Windows Defender on Windows10. then re-test. Windows 7 as host, DISM support NOT enough. NOT fully functional. Windows 11 as host, hard to disable Windows Defender. btw, per SunLion the script wouldn't make ISO. you can use Nlite or any tool to make iso (from folder of DVD) when script running done. the iso worked fine for me.
===================== SD10_Renewed_1.4 ===================== Updated to version 1904x.5555 - Removed "Disable Windows Update Default" - Updated the hfixes_all.txt and hfixes_ltsc.txt files - Updated the Appx packages - Other small adjustments were made https://forums.mydigitallife.net/threads/slimdown10_v2-0-2-continued.88599/
Just to point to the replay with quote where privacy between Windows 7 and Windows 11 is compared in video evidences on the pre-continued thread i.e. the original thread, to evade double posting the same thing, so here it is. https://forums.mydigitallife.net/threads/slimdown10-–-turn-windows-10-22h2-or-ltsc-2021-into-classic-legacy-windows.86552/page-119#post-1871855
I never use an antivirus and don’t have any problems with it, because I don’t go to dubious sites. Previously, I used another method for activating IoT LTSC, but after trying your method through MAS_AIO I saw that it was wonderful, now I only use it for activation.
A very laconic and correct meme, very illustrative. Perhaps you can't describe this whole so-called protection from various dirty tricks better. My personal opinion is that after installing the OS, programs and their settings, you should make a backup copy of the system, which in the event of any unforeseen circumstances will allow the user to roll back to the working version of the OS in a couple of minutes.
I agree with what you have said, and say further on in your post; I think AV, and firewalls in Windows are a dubious proposition at best to depend on as there's more performance liability than actual security offered. With a closed code base of over 50 million lines of code, much of it developed by 3rd parties that have abandoned their contributions, where over 95% of the Developers that worked on internally developed code have left the company, been fired, or laid off, and there is a preponderance of reports of how poorly Windows source is documented -- this is just too onerous for just software firewall and AV 'products' to secure where there are only a few thousand people working on the the entire range of Windows SKUs including testers. I agree with this approach, but would add a few caveats, like make sure the tools you use to do the install and the backup are maintained FOSS tools (there are many), so any exploit involving them can be avoided or in the worst case will be discovered, documented and dealt with... Another caveat, 'The Elephant In The Room' -- a very negative English colloquialism that is I think is almost the opposite of the Russian 'Our Elephant' (which is more positive & charming with historic meaning), in English this means a thing so big and profoundly bad, right in front of everyone, that no one wants to talk about it. In this case it's Ring 0 and BIOS exploits, they are beyond awful, in most cases you'll never know you've been rooted unless there's a ransom, and that may never happen as more money gets made via other exploits once a PC is rooted in this manner. Worse there are now BIOS exploits on both Intel and AMD platforms that are unrecoverable -- short of de-soldering and replacing the BIOS chip, as the exploits can not be FLASHed away. These exploits don't get talked about much because of the enormous legal and financial liability that's spread across the industry, if, or rather when this gets out of hand. Worse the malicious code injections for this have already happened on what would normally be considered benign websites you would normally visit like OEM's, big search, product manufactures etc. (not naming any because of liability), and you don't have to download anything but what is automatically downloaded when you view a webpage and be running an OS (there's only one, guess which one?) that has permissions to run Ring 0 code. You've probably heard of one of these exploits already called 'Logo Fail', because there's a BIOS patch available for most PCs with currently maintained BIOSs. But just to get an idea of how bad this is, if you've already been rooted with Logo Fail, the patch won't fix it, and are at least six other (that I'm aware of) exploits of this kind that there's as yet no known fix for, but running an OS on your system that doesn't allow RIng O permissions from get-go... Ultimately, I believe (and I could be wrong) we're at a crossroads for the Microsoft's Monolithic Kernel OS Monopoly: the OS is too big & bloated, too unmaintainable, the liability is too enormous, and a epic exploits of epic scale are likely if not inevitable. For personal use I believe an approach similar to what you're doing now, just don't run anything life critical on a Windows PC. Anything where you want to have at least a modicum of control over your privacy regarding personal information, online banking, any kind of text exchange with friends in a country that has may have a government that is antagonistic to your own etc. -- have a second PC that has never booted Windows. This could a cheap laptop or mini PC that has a currently maintained BIOS or FOSS BIOS option, and run Linux, BSD, or any one of a few thousand FOSS alt operating systems that have audited code, and don't allow Ring 0 permissions. The easiest here is usually a Linux distro popular in your country that has a Window Manager you like. The other option is to completely air-gap everything you consider life and/or privacy critical -- and don't do any of it online on any PC or phone, ever...
You're all making a good point, no one's arguing. It's just that everyone has the right to do what they think is right. Personally, I think so, and I do so according to my personal beliefs. If you look so deeply into this topic, it is hard to think of a bigger virus for the user than Windows itself. I even find it difficult to say what virus can so unceremoniously climb about all your data and control literally everything and your actions and contacts and communications. That's why we try to disable telemetry and everything related to it. How successful are we in doing that is the question? To me, the best option for the user is the “G” edition. Which, as it seems, is devoid of all this tracking of the user. But unfortunately it's only in English and Chinese, but neither of those is my native language. People say they localize it to their language. I have a good experience of localization, but nevertheless I have not managed to localize the version “G” in ru-RU. Or rather localization itself is successful, but after it the OS does not start - blue screen of death. About Linux: about twenty years ago I tried installing it. I don't know what it was like for some people, but I wasn't personally impressed with it, so I'm “sitting” on Windows. Regarding the text presented here: since I am not an English speaker I use an online translator. What it translates there I can hardly say, but I hope that people still understand what I tried to convey to them in my speech. Translated with DeepL.com (free version)
It is worth noting that I'm recommending a DNS firewall which requires to set only DNS ips in the network adapters and/or domain/url in your browser privacy/security settings that you can do manually. NextDNS is not a Windows firewall app.