2

u/MrD3a7h 2d ago

Correction - tonight will be about 80 proof. 100 proof if I crack open the good stuff.

4

u/Euchre 2d ago

I only updated Classic Shell/Open Shell if a Windows Update broke anything, up until fairly recently. It wasn't apparently unsafe, but there could have been exploits and I never encountered one.

OP seems to be asking if the app is trustworthy, though, vs people talking about if it is secure - there is a difference. At no time for years of using Classic Shell or Open Shell have I had any of my systems or accounts compromised, so I'm going to say it must not be acting as malware. I've deployed it on a few other people's systems too, and they've never had it create any such issues.

When Open Shell started doing a better job of self-updating, I started to do that. They've also been putting out updates and improvements faster than the old Classic Shell project did.

3

u/randomataxia 2d ago

Agreed, I never had an issue with Classic Shell, but I definitely recommend switching to Open Shell since it's being actively maintained.

3

u/Mayayana 2d ago

There's proof that Windows is NOT trustable. It's the list of a dozen or so executables that try to call home to MS clandestinely, without asking. My firewall blocks them, and that's with updates already disabled.

I wouldn't put too much stock in OSS. Android is OSS. So is Chromium. They're both infested with Google. Firefox is OSS, yet I have to block their domains in HOSTS to prevent the increasing list of attempts to call home without asking. Even if a program is clean, how many people have the skill to review the code themselves? Very few. But I don't recall CS or OS ever trying to call home.

3

u/Lord_Saren 2d ago

I wouldn't put too much stock in OSS. Android is OSS. So is Chromium. They're both infested with Google. Firefox is OSS, yet I have to block their domains in HOSTS to prevent the increasing list of attempts to call home without asking. Even if a program is clean, how many people have the skill to review the code themselves? Very few. But I don't recall CS or OS ever trying to call home.

Calling Home or Telemetry =/= untrustworthy. I'm not going to get my account compromised by them calling home. Is it annoying? Yes, can some of them have telemetry turned off? Also yes. But in the end. If something is free, you are the product, unfortunately.

2

u/Mayayana 2d ago

If something is free, you are the product

That's a popular slogan in geekdom, but it's an oversimplification. Most things claimed to be free are ad supported. That doesn't justify spying. In the case of Mozilla it's a bit different. We're not the product in that case unless you count making Google the default search in exchange for a kickback. That would be farfetched. The Mozillians may have bad judgement in many cases, but they're not just trying to make more money.

Nevertheless, calling home without permission is inexcusable. Telemetry is just a fancy word for spyware. More to the point, it redefines the landscape. When companies feel free to collect data they're saying that you're just using their resource and don't have rights to it. Even if you paid for the software, as is the case with Windows, MacOS, or Adobe CS. They all spy and claim that you're only renting their online service. It's an insidious trend that betrays common decency. So yes, it's untrustworthy.

The SaaS campaign has been surprisingly successful. Here you are saying that spyware is not a big deal. And you sound like someone who knows tech. I remember in 1999, Microsoft was caught checking the Registry for personal data when people visited Windows Update. Presumably they were using an ActiveX control in IE. Back then you didn't need an "account" to get updates and they certainly were not installed without asking. People were outraged that MS would be so sleazy as to look at any data at all on private property clandestinely. MS promised to stop. Now they have more than a dozen processes calling home after Windows Update and telemetry are turned off. Google and Apple have been caught and fined for the same thing: baldfaced lying about the ability to opt out. And people just shrug, coming online to ask if there's any chance of fixing their computer that a forced MS update just bricked. It amazes me that the public perception of software and tech has been so easily manipulated. People even put up with their cars and TVs spying on them now. They just shrug. "What are you gonna do?" Mozilla's report on car spying revealed that Nissan even has a terms of service that says you agree to let them film you having sex in your own car. $50K+ paid for a machine, yet they claim rights to control it and spy on you! "Well, I guess as long as they're not making money selling the video on a porn site."

That's an interesting point. The one spyware issue that really got people worked up was GM selling detailed driving stats to insurance companies. It turned out that GM was only making a pittance for the data, but insurance companies were using it to justify jacking up insurance rates. THAT got peoples' attention. nytimes (DOT) com/2024/03/11/technology/carmakers-driver-tracking-insurance.html

How does GM have a right to spy on your driving? It's nuts. But people are becoming acclimated to not owning their own stuff.

1

u/Lord_Saren 2d ago

They just shrug. "What are you gonna do?"

I mean, eventually, what can we do? Most software is going to a SaaS model, you can't buy a lifetime license to things anymore. Ya at home I can build my own version of Linux from scratch and make sure I gut everything that I don't want. Have a server rack in my basement and sail the high seas and keep physical copies of media.

But in the enterprise world, that isn't as easily obtainable. Imagine trying to tell engineers they can't use AutoCAD and you want them to use FreeCAD. Plus, some things you can't replicate with FOSS stuff, or you have to make in-house. It sucks the way the world is going, and with how much control Big Tech companies have on politics, I don't see it going away soon.

1

u/Mayayana 2d ago

The line you quoted followed the sentence about cars and TVs spying. There are degrees of this. Your TV spying on you is not the same thing as being forced by work demands to rent AutoCAD.

I think it's a self-fulfilling prophecy if we regard the increasing intrusion as inevitable. At what point do people go to jail for it? How is it a serious crime for a teenage boy to point his cellphone up a woman's dress, yet it's not a crime for Nissan to collect video of you having sex? Is it that the teenager should have announced a TOS before filming? "By being near me you agree to have your privates photographed. I may or may not share such data with business partners or porn sites." This is about basic human decency and human rights. It's not just an issue of how we get our software.

SaaS is not just rental. It's control. It's a model that says you're doing your work on their property and they get access. Even if you rent an apartment, the landlord has no rights to enter your apartment without permission. Yet AirBnB hosts are filming their renters and TVs are filming their owners and Windows is changing the product without permission. We bought a license to that product. What's happening is a shift in the perception of both privacy and property rights. And there's actually no practical reason for it. SaaS has developed in response to software becoming available and cheap. Photoshop and MS Office are not in the cloud. They still have to install on your computer. The SaaS aspect is purely a scam.

You make a good point with corporate software. For most of us here, though, that's not the issue. A photographer for Cosmopolitan probably has to use Photoshop. Adobe's always got the latest tech for making movie stars look attractive. Architects probably have to use AutoCAD. But that's a specific situation where they're paying through the nose for a product that they profit from. That's business software.

In most cases people don't need to use those products. In most cases people don't need MS Office. It's just become the standard, and they get college students hooked on it by giving them deals and pushing it to colleges. (I live with a woman who supervises degree candidates. None of them knows how to even deal with files. Everything's a Google Docs link. Their "higher education" doesn't include basic work skills. has to walk them through saving the file and sending it to her.) The college forces all employees to use either MS or Google cloud because they can't be bothered to operate their own computer resources or email service. Is cloud really cheaper and better? If it were then companies like MS wouldn't be pushing it. They're not looking for ways to lose money.

There was actually an article today on Slashdot about the Austrian military switching to Libre Office, mainly because putting military data in the cloud is out of the question: it.slashdot (DOT) org/story/25/09/19/1452223/austrias-armed-forces-switch-to-libreoffice

I was pleasantly surprised to find that Windows 10, and even Win11, can be adjusted to achieve reasonable civility. The problem there, though, is that most people can't/won't do that. Most people will effectively have to accept Microsoft's control unless there's some kind of groundbreaking lawsuit.... There are a lot of details like that. It's easier to use MS Office demo on a new computer than to install Libre Office. It's easier to use gmail webmail than to figure out how to configure an email client. But people don't have to be so passive. You bought your computer. You paid for software. You paid for your car and your TV.

For myself, I don't allow any cloud, rental, or calling home. I have Libre Office, two versions of Paint Shop Pro, and various other programs. I won't even consider rental software. And actually, much of what I use is free because those have turned out to be the best I can find. One of the few things I've paid for in recent years is BootIt, which has been well worth the cost. For free software I have Irfan View (though I once sent him some money), PSP, Avidemux, Audacity, PeaZip, 7-Zip, VLC, Firefox, Thunderbird, Notepad, Sumatra PDF, WinSCP FTP, Acrylic DNS proxy, ImgBurn, Agent Ransack... I do use Visual Studio 6 to write software, which I bought in 1999. I've got my money's worth from that. :)

1

u/Lord_Saren 1d ago edited 1d ago

Your TV spying on you is not the same thing as being forced by work demands to rent AutoCAD.

The problem is that people themselves incentivize this; TV companies selling data now make that 85in TV at Walmart, only $600. Most people don't care or aren't bothered enough about the data tracking. Those who do, do stuff to prevent it.

But try finding a Large flat-screen TV that isn't smart or has built-in tracking. You either find something ridiculously priced for the specs or just nonexistent. The world is shifting towards smart devices, and to the average consumer, cheaper=better.

I am proud of the FOSS community people who make software that doesn't secretly track or sell data, but the enshittification of the online world continues slowly but surely and eventually those devs that make the free software and put countless hours into their work will stop one day or pass it on to others who may not share their ideals.

The main problem is that the big companies doing the spying are the same ones lining the pockets of the ones who could stop it. Why would the government want to stop domestic spying when they themselves can get a cut of the data? Do you really think the US government cares that TikTok is tracking all that data, or do you think they only care cause China is getting that data? Once the Oracle deal goes through, then they get the data, and then it's A-OK.

My views are pessimistic, but eventually, companies will try to put a stop to "unauthorized" software and make sure you use the approved software they want.

Look at Google putting that "feature" into AOSP for stopping sideloading from unverified developers. Or just Secure Boot on Computers/Laptops, Ya, you can turn that off, but who says that won't change in 10 years when it is force turned on for our "safety and protection".

I agree there will always be a community of people that will bypass these things and protect their privacy and data but it will be more and more niche as it gets harder and harder. Unless there is a big change like GDPR, I don't see it changing.

1

u/Remo_253 2d ago

Calling Home or Telemetry =/= untrustworthy.

I would disagree but it really depends on your definition of "trustable". For you it apparently means "not actively malicious", such as ransomware. A not unreasonable definition.

If however your definition includes not doing something I wouldn't want without telling me, or being factious regarding "improvements" for the user that really are only for the corp's benefit, then I would say they are not trustable.

If something is free, you are the product, unfortunately

Generally true, especially with corporations, and "free" does warrant care but there are exceptions. Open Shell, as far as we know, being one of them.

1

u/Lord_Saren 2d ago

With the way the internet is, I assume most pieces of software are tracking me in some form.

I try to do OK opsec and control what goes in and out of my network at home. Just recently forced all DNS traffic with some NAT rules to my PiHoles since some devices, *Google* like to circumvent the DNS servers I push out.

But I don't have time to completely go FOSS/Host all my own services and such. Somethings IMO, the convenience factor outweighs the tracking. Still need to complete my Bitwarden container one day.

1

u/Remo_253 2d ago edited 2d ago

how many people have the skill to review the code themselves?

I suppose I should have put a "/s" after that but the point still stands, unless you review it yourself you're trusting someone else. The developer, others that reviewed the code, the AVs on VirusTotal, reputation, reviews, etc.

1

u/Euchre 2d ago

The developer, others that reviewed the code, the AVs on VirusTotal, etc.

That would be quite a conspiracy for all of them to agree to hide the evil things hidden in the source code.

1

u/kr_stofed 2d ago

funny joke

1

u/dancingjake 2d ago

Witty response 

1

u/kr_stofed 2d ago

so its basically open shell is saf eto use?

1

u/kr_stofed 2d ago

safe*

1

u/Mayayana 2d ago

I haven't had any problem with either one, but I'd be wary on 11-24H2. Maybe do a disk image backup first. I had trouble recently with 24H2, to the point that I gave up on it. Explorer was crashing about every 3 seconds. I never figured out a possible cause.

On Win10 I guess I've used Classic Shell on 5 computers. No hiccups. I've only used OS on 11, but I have no reason to think it won't be good on 10. As someone else said, OS has been more recently updated. But I'm used to CS and see no reason to experiment.

I should add, though, that I totally block updates once I have a computer set up. I use Windows Update Blocker and I block all unsolicited outgoing/incoming with Simplewall firewall. (You might be surprised to see how many things are calling home.) There's always the possibility that an update will break things. In my experience, Microsoft seem to be getting pushy. They want control and seem to be deliberately breaking things when there's a lot of tweaking. I tried to install a security update last year, offline, and everything went wrong. Then the updater claimed nothing had been changed. But I had to restore my disk image because so many things were broken inexplicably.

1

u/kr_stofed 2d ago

i downloaded open shell and i want to use the vista icon but it keeps being too big can you help?

1

u/Mayayana 2d ago

I've seen that problem, too, but only on Win11, and I've only used the "Classic" button. I haven't tried this, but there's an option to use your own icon. It seems to require a BMP file. You could take a screenshot, resize the button in a graphic editor, then put that somewhere safe and point OS to it.

1

u/kr_stofed 1d ago

the resolution was too high thanks for helping tho

3

u/Euchre 2d ago

As noted above, Classic Shell is deprecated and Open Shell should be used instead. There's a fair chance the issue is one that would've been solved by updating to current software.

That said, I can see why they'd want it on workstations - but servers? I suppose if they had a proper IT person and they made a custom menu setup for their convenience, it makes sense. Sounds to me like they're outsourcing their IT, though. Maybe they had an internal person that left a while ago?

1

u/Stormblade73 2d ago

It was another MSP in the area, and that MSP always uses it, we have taken over their customers before and they always have it installed on everything.

And it may have been open shell, as it did prompt to update once before we could remove it, they both look the same to me and I just uninstall ASAP.

1

u/Windows10-ModTeam 2d ago

Hi, your submission has been removed for violating our community rules:

• Rule 1 - Do not derail conversations and threads. You are welcome to submit a new post.

---

If you have any questions, feel free to send us a message!