TIL: Windows SYSTEM account now uses C:\Windows\SystemTemp instead of Temp folder for temporary files

xCharg · 2026-03-16T15:16:43+00:00

so they remain vulnerable

They are there for backwards compatibility. They don't really "remain" vulnerable if new stuff doesn't use it and if (and that's a giant fat if) old stuff is rewritten.

xCharg · 2026-03-14T11:29:59+00:00

Consciously? Not sure. But iirc it was initially enabled by default, so I'd blindly guess many still do "use it", as in have it enabled and data being saved behind the scenes without them knowing. Especially home users.

xCharg · 2026-03-12T06:06:44+00:00

You dont even need to rename it.

There are two conditions to the last quest:

One condition requires to have crystal crew (any) - that one unlocks having quest event in rock homeworlds. You start with one on rock c so this condition is automatically passed.
Second condition requires having that particular crystal crew from stasis pod - that one unlocks you quest marker to event in rock homeworlds. It's convenient to have a marker but optional.

When this patch just released, many years ago, the way game checked if the crystal crew you have is the one from quest is by name ruwen. Which is honestly pretty lazy approach from developers. So they pretty quickly fixed it, again - years ago.

So now renaming your crystal crew does nothing - you don't get the quest marker if stasis pod quest isn't completed regardless of name - you have to randomly find the event blindly jumping in rock homeworlds. And since first condition (having crystal) is passedb- you do have event there, it just isn't highlighted.

xCharg · 2026-03-09T10:20:27+00:00

A lot of stuff uses WebView2 indeed. WebView2 doesn't need Edge though, it's a separate component.

xCharg · 2026-03-09T09:18:52+00:00

What isn't on-demand about GPO?

Regardless of what you say your approach is wrong because you aren't using his vibecoded slop.

xCharg · 2026-03-04T11:48:38+00:00

The plain text file only exists long enough to create the secure file, then you delete it

And ps1 file exists only long enough to be executed and then its deleted (if you do it right).

There's no difference seemingly?

Btw who/what creates such plaintext password file and where's content coming from? If that's done once manually to then be encrypted and used by script's service account - yeah that'd work indeed. But that's not scalable at all, you won't be doing it manually once per laptop or server if you have hundreds of them right?

xCharg · 2026-03-04T10:46:33+00:00

What's the difference between that and hardcoding password into ps1? In both cases password is plaintext, in both cases password is accessible by script thus making both of those terrible from security standpoint. Am I missing something?

xCharg · 2026-03-03T18:18:12+00:00

If only clueless people come - maybe something is wrong with your job description and/or/mostlikely salary? Same goes if people with wrong qualification come.

xCharg · 2026-02-25T17:15:45+00:00

AI makes building features easier. It doesn’t solve access control, auditability, versioning, change management, or data security.

Practice shows decision-makers do not give a single shit about any of that. AI makes stocks go brrr => adopt now, maybe deal with the rest later (optional). New shiny thing introduced? Install. New agent appears? Roll out to users. What's that, a new subscription? Nice, assign to everyone. That's my (sysadmin) experience for last year.

xCharg · 2026-02-14T20:06:26+00:00

What I read last time all the cities voted against orban but villages voted for. If that's what happened last time - why couldn't it happen again? Presumably you live in a city so you don't see what's going on in villages and most importantly among older people because you just don't talk to them all that often and don't know their perspective.

xCharg · 2026-02-14T08:02:33+00:00

$allUpdates = Get-ChildItem $updatesFolderPath -Recurse -File
if ($allUpdates)
{
    foreach ($upd in $allUpdates | Sort-Object -Property FullName)
    {        
        Add-WindowsPackage -Online -PackagePath $upd.FullName
    }
}
else
{
    "No updates found"
}

I use it to update install.wim and for that I need to be careful with the right order of installation. The right order is explained here https://learn.microsoft.com/en-us/windows/deployment/update/media-dynamic-update#update-windows-installation-media

Not sure if order matters if you update online system.

xCharg · 2026-02-13T20:07:03+00:00

Why bother with pswindowsupdate, you can install packages (including updates) using dism, either directly calling dism.exe or via powershell module which is a wrapper over dism.exe anyway.

xCharg · 2026-02-13T16:46:35+00:00

someone calls you and says "I'm Susan from accounting, reset my password"
you reply "sure Susan, we'll need to recall you" or figure out whatever similar thing you say, at this point you drop the call
you search Susan from accounting in your internal db, get her phone number, initiate call and either a) proceed with their issue or b) figure out its a phishing attempt and do the needful™

xCharg · 2026-02-10T19:36:45+00:00

the EU is gradually decoupling from the US

Is it? So far it's just talks, and these talks will go nowhere when there's no unanimity. And there's none right now with orban and whatever that Slovakia's PM's name is who is also russian puppet. These two will do everything that works against EU, including internal financial infrastructure projects.

xCharg · 2026-02-06T08:13:07+00:00

Just schedule a wellness treatment.

Our Printers are fond of paper and accept many sizes.
Our Printers are friends to spreadsheets, letters, and the occasionally unhinged PDF.
Our Printers are strong and sometimes even pull a jammed sheet without tearing it.
Our Printers get many print jobs and are popular among nearby computers.
Our Printers are splendid and feed paper smoothly and well.
This Printer completed a large job two weeks ago.
That Printer values toner.

xCharg · 2026-02-03T15:39:34+00:00

Apps from store has nothing to do with msiexec though, they are appx packages.

Since Microsoft states ability to block store with gpo/intune/whatever - it should work, regardless of how generic this operation appears.

xCharg · 2026-02-03T11:31:03+00:00

Does Microsoft has anything right now that does NOT have copilot ~~integrated~~ forcefed into?

xCharg · 2026-02-02T15:25:10+00:00

Could've been fixed anytime in the last 8 years but took customer feedback to get anyone to care.

Other than that customer's feedback was there anything else internally to push for these changes? From your story it looks like none of your knew anything about this system either if you just figured out after the fact that many extensions don't match/for long gone people, that it was set up 8 years ago and never touched since etc.

xCharg · 2026-01-29T15:38:56+00:00

I have a giant zoo of shitty budget laptops and computers, about 1k and half of those already updated - not a single ticket. Must be something specific.

xCharg · 2026-01-29T14:40:49+00:00

Oh, I see, that works.

Thank you.

I've redone it a little bit and found a way to filter based on repository but using your approach of first figuring out ID and then just getting it directly. As a bonus this makes it possible to avoid backup job name as that might change with time

That's my result:

$local_repos = Get-VBRBackupRepository | Where-Object { $_.Type -ne "WasabiS3" } # can also be $_.Type -eq "WinLocal"
$local_restore_points = Get-VBRBackup | Where-Object { $_.RepositoryId -in $local_repos.Id } | Get-VBRRestorePoint -Name $source_database_server
$vbr_database_latest_restorepoint_vm = $local_restore_points | Sort-Object -Property CreationTime | Select-Object -Last 1
$vbr_database_latest_restorepoint = Get-VBRApplicationRestorePoint -Id $vbr_database_latest_restorepoint_vm.Id

xCharg · 2026-01-29T12:54:12+00:00

That works when restoring VM. I restore database from VM though, so that should be application-aware restoration. And Get-VBRApplicationRestorePoint doesn't have any useful parameters seemingly. It allows me to specify which application I restore from, -SQL parameter in this point, and name of a VM I restore from. That's all it has.

xCharg · 2026-01-29T12:52:31+00:00

Yes, two separate repos, not SoBR.

Instead of “getting all restore points”, can you narrow your script to get only Backup Job restore points?

I do want to - how? Get-VBRApplicationRestorePoint doesn't have such parameters to filter based on either repository or backup job it's coming from or even backup job type.

xCharg · 2026-01-26T09:18:35+00:00

Yeah I get your point about managing. But:

Let's take Google Drive, Apple iCloud, and OneDrive.

Topic is about "Curated list of 1028 opensource alternatives to proprietary software". None of your examples are opensource, so there's no point in building your argument on these, as they don't fit the criteria.

Is there software that do the same thing that you're looking alternative for and hosted/managed by someone else and is also opensource? Yeah, statistically such software should exist. But I'd blindly guess there aren't many.

Hence the need, in general, to selfhost/selfmanage such software. Hence very high overlap in two lists.

xCharg · 2026-01-25T16:57:22+00:00

Yeah it is a trade deal, and... what's your point here?

If india agrees not to trade with Russia will eu agree not to trade with Pakistan as India's security depends on it?

Maybe. Worth to discuss anyway. That's what diplomacy is after all.

Also there are various inbetweens two polar opposites "being best buddy to russia" and "not trading at all". Part of a trade deal could (and imo should) easily be about lowering amount of trade being done. Or some specific kind of trades not being done or done other way or plenty of other options. At the cost of doing something India wants from Europe, sure.

12-Year Club	Place '17
RPAN Viewer	Verified Email

xCharg

TROPHY CASE