As previously described, I have a series of Dell Precision M6[3|7|8]00s
running the same builds of W7P (one Ultimate) 64-Bit, W10P 64-Bit
upgraded from the W7, 32-Bit either W7, M6[7|8]00s, or XP, M6300, and
Ubuntu 22. This posts concerns any of these PCs running W10P, and as a comparison one of them running the original W10P build that it came
with, previous history unknown, but can't have been a straight install,
as it came with a weird and lurid dart-board desktop background and
Firefox as the default browser.

The problem is simply this ...

While all of the PCs run Windows Spotlight as the desktop background successfully, complete with the desktop link to provide the information
as to where a given photo was taken, and all of them run Windows
Spotlight as the lock screen, only the one with its original build shows
the "Like what you see?" icon in the top right-hand corner, the clicking
of which correspondingly for the lock screen supplies the information as
to where the photo was taken. In what follows, I shall refer to this as
the Spotlight icon.

This seems to be a common situation, for example ...

There is an unintentionally comical thread in Microsoft's Windows forum
dating from 2016 where one of a number of posters all with the same
problem shows screenshots from two PCs in his household both recently clean-installed with Windows 10 where one shows the icon and even the
photo's title on the lock screen, but the other does not. As the thread
is entitled something like "Where were these pictures taken", the
unintended comedy comes from a number of probable chatbots failing the
Turing Test by telling the various posters 'where' the photos are
located in their user profile! This extends over 8 pages of
increasingly frustrated and angry posts with absolutely no useful reply
ever coming from Microshit.

A common 'solution' touted online, which so far has never worked with
me, is to temporarily disable Windows Spotlight by choosing a fixed
picture in the Personalisation settings, delete the previous Spotlight
images and settings files in the user profile, re-register and
re-install the app, reboot, and re-enable Spotlight.

After trying all, I think, of the various 'solutions' found online
without any success whatsoever, I reloaded the original build of one of
the PCs as described above, and found that it had no problem displaying
the information on the lock screen, so I set about systematically
comparing two builds, that and a fresh upgrade in place from W7U -> W10P
on the Precision M6300. Here's what I have discovered so far ...

1 At least on my own build, Windows Spotlight on the lock screen can be enabled immediately - I mean from straight after performing the
upgrade from Windows 7 - under Personalisation, Lock screen and it
will work in the sense that it will display the images, but it may not,
won't in my case, work completely in that the Spotlight icon may be missing.

2 Again at least on my own build, Spotlight did NOT work immediately as
the Desktop background. You could select it in the Personalisation,
Background setting, but nothing would happen, and if you navigated away
from that setting and then returned to it, it would revert to its former setting. To get Spotlight to work as a Desktop background, I had to
install the Spotlight app from the Windows Store, and sometimes also
install a theme saved from a PC where it was working.

3 Again at least on my own build, Microsoft Edge was not immediately
left in a working state. I had to ensure that Windows Store was
working, then go into Apps, Apps & features, select Microsoft Edge and
click Modify, which reinstalled it. It was then left in a working state.

4 Even when between two PCs the following are identical, or at least
identical in anything apparently remotely relevant, there is no
guarantee that they will both show the Spotlight icon:

- All Personalisation settings, including copying theme from working to non-working PC;

- Privacy, Background apps;

- Services running;

- Tasks shown running in Task Manager.

Yesterday, on my trial upgrade build I allowed Edge to take over as the
default browser, even though on the comparison build, which works,
Firefox is the default browser. That initially seemed to make no
difference, even after a reboot, but ...

Last night I launched GPEdit.msc on the problem build and disabled all settings, then launched SecPol.msc and began to do the same, but got
tired before I'd really got into the latter, hibernated the PC, and went
to bed.

This morning, I powered it up, and lo, the Spotlight icon is there!

So I'm guessing that it's either the default browser or the GPEdit
settings, most probably the latter if I manage to nail it down further,
I'll post back.

--

Fake news kills!

I may be contacted via the contact address given on my website:
www.macfh.co.uk

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, 2/22/2025 11:26 AM, Java Jive wrote:

As previously described, I have a series of Dell Precision M6[3|7|8]00s running the same builds of W7P (one Ultimate) 64-Bit, W10P 64-Bit upgraded from the W7, 32-Bit either W7, M6[7|8]00s, or XP, M6300, and Ubuntu 22.  This posts concerns any of

these PCs running W10P, and as a comparison one of them running the original W10P build that it came with, previous history unknown, but can't have been a straight install, as it came with a weird and lurid dart-board desktop background and Firefox as
the default browser.

The problem is simply this ...

While all of the PCs run Windows Spotlight as the desktop background successfully, complete with the desktop link to provide the information as to where a given photo was taken, and all of them run Windows Spotlight as the lock screen, only the one

with its original build shows the "Like what you see?" icon in the top right-hand corner, the clicking of which correspondingly for the lock screen supplies the information as to where the photo was taken.  In what follows, I shall refer to this as the
Spotlight icon.

This seems to be a common situation, for example ...

There is an unintentionally comical thread in Microsoft's Windows forum dating from 2016 where one of a number of posters all with the same problem shows screenshots from two PCs in his household both recently clean-installed with Windows 10 where one

shows the icon and even the photo's title on the lock screen, but the other does not.  As the thread is entitled something like "Where were these pictures taken", the unintended comedy comes from a number of probable chatbots failing the Turing Test by
telling the various posters 'where' the photos are located in their user profile!  This extends over 8 pages of increasingly frustrated and angry posts with absolutely no useful reply ever coming from Microshit.

A common 'solution' touted online, which so far has never worked with me, is to temporarily disable Windows Spotlight by choosing a fixed picture in the Personalisation settings, delete the previous Spotlight images and settings files in the user

profile, re-register and re-install the app, reboot, and re-enable Spotlight.

After trying all, I think, of the various 'solutions' found online without any success whatsoever, I reloaded the original build of one of the PCs as described above, and found that it had no problem displaying the information on the lock screen, so I

set about systematically comparing two builds, that and a fresh upgrade in place from W7U -> W10P on the Precision M6300.  Here's what I have discovered so far ...

1  At least on my own build, Windows Spotlight on the lock screen can be enabled immediately  -  I mean from straight after performing the upgrade from Windows 7  -  under Personalisation, Lock screen and it will work in the sense that it will

display the images, but it may not, won't in my case, work completely in that the Spotlight icon may be missing.

2  Again at least on my own build, Spotlight did NOT work immediately as the Desktop background.  You could select it in the Personalisation, Background setting, but nothing would happen, and if you navigated away from that setting and then returned

to it, it would revert to its former setting.  To get Spotlight to work as a Desktop background, I had to install the Spotlight app from the Windows Store, and sometimes also install a theme saved from a PC where it was working.

3  Again at least on my own build, Microsoft Edge was not immediately left in a working state.  I had to ensure that Windows Store was working, then go into Apps, Apps & features, select Microsoft Edge and click Modify, which reinstalled it.  It was

then left in a working state.

4  Even when between two PCs the following are identical, or at least identical in anything apparently remotely relevant, there is no guarantee that they will both show the Spotlight icon:

-  All Personalisation settings, including copying theme from working to non-working PC;

-  Privacy, Background apps;

-  Services running;

-  Tasks shown running in Task Manager.

Yesterday, on my trial upgrade build I allowed Edge to take over as the default browser, even though on the comparison build, which works, Firefox is the default browser.  That initially seemed to make no difference, even after a reboot, but ...

Last night I launched GPEdit.msc on the problem build and disabled all settings, then launched SecPol.msc and began to do the same, but got tired before I'd really got into the latter, hibernated the PC, and went to bed.

This morning, I powered it up, and lo, the Spotlight icon is there!

So I'm guessing that it's either the default browser or the GPEdit settings, most probably the latter if I manage to nail it down further, I'll post back.

There are *endless* dependencies for Windows Spotlight to work.

You cannot expect even a Brink article, to guarantee you have hit
all the high points.

https://www.tenforums.com/tutorials/82156-reset-re-register-windows-spotlight-windows-10-a.html

For example, some of the Notification options at the bottom, may need to be enabled to make it work. It leaves the OS open to abuse by Microsoft, to be doing that. You'll get your pictures all right, but you'll also be seeing
XBox Pass adverts when trying to get some work done.

Paul

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2025-02-22 17:19, Paul wrote:

On Sat, 2/22/2025 11:26 AM, Java Jive wrote:

As previously described, I have a series of Dell Precision M6[3|7|8]00s running the same builds of W7P (one Ultimate) 64-Bit, W10P 64-Bit upgraded from the W7, 32-Bit either W7, M6[7|8]00s, or XP, M6300, and Ubuntu 22.  This posts concerns any of

these PCs running W10P, and as a comparison one of them running the original W10P build that it came with, previous history unknown, but can't have been a straight install, as it came with a weird and lurid dart-board desktop background and Firefox as
the default browser.

The problem is simply this ...

While all of the PCs run Windows Spotlight as the desktop background successfully, complete with the desktop link to provide the information as to where a given photo was taken, and all of them run Windows Spotlight as the lock screen, only the one

with its original build shows the "Like what you see?" icon in the top right-hand corner, the clicking of which correspondingly for the lock screen supplies the information as to where the photo was taken.  In what follows, I shall refer to this as the
Spotlight icon.

This seems to be a common situation, for example ...

There is an unintentionally comical thread in Microsoft's Windows forum dating from 2016 where one of a number of posters all with the same problem shows screenshots from two PCs in his household both recently clean-installed with Windows 10 where one

shows the icon and even the photo's title on the lock screen, but the other does not.  As the thread is entitled something like "Where were these pictures taken", the unintended comedy comes from a number of probable chatbots failing the Turing Test by
telling the various posters 'where' the photos are located in their user profile!  This extends over 8 pages of increasingly frustrated and angry posts with absolutely no useful reply ever coming from Microshit.

A common 'solution' touted online, which so far has never worked with me, is to temporarily disable Windows Spotlight by choosing a fixed picture in the Personalisation settings, delete the previous Spotlight images and settings files in the user

profile, re-register and re-install the app, reboot, and re-enable Spotlight. >>

After trying all, I think, of the various 'solutions' found online without any success whatsoever, I reloaded the original build of one of the PCs as described above, and found that it had no problem displaying the information on the lock screen, so I

set about systematically comparing two builds, that and a fresh upgrade in place from W7U -> W10P on the Precision M6300.  Here's what I have discovered so far ...

1  At least on my own build, Windows Spotlight on the lock screen can be enabled immediately  -  I mean from straight after performing the upgrade from Windows 7  -  under Personalisation, Lock screen and it will work in the sense that it will

display the images, but it may not, won't in my case, work completely in that the Spotlight icon may be missing.

2  Again at least on my own build, Spotlight did NOT work immediately as the Desktop background.  You could select it in the Personalisation, Background setting, but nothing would happen, and if you navigated away from that setting and then returned

to it, it would revert to its former setting.  To get Spotlight to work as a Desktop background, I had to install the Spotlight app from the Windows Store, and sometimes also install a theme saved from a PC where it was working.

3  Again at least on my own build, Microsoft Edge was not immediately left in a working state.  I had to ensure that Windows Store was working, then go into Apps, Apps & features, select Microsoft Edge and click Modify, which reinstalled it.  It

was then left in a working state.

4  Even when between two PCs the following are identical, or at least identical in anything apparently remotely relevant, there is no guarantee that they will both show the Spotlight icon:

-  All Personalisation settings, including copying theme from working to non-working PC;

-  Privacy, Background apps;

-  Services running;

-  Tasks shown running in Task Manager.

Yesterday, on my trial upgrade build I allowed Edge to take over as the default browser, even though on the comparison build, which works, Firefox is the default browser.  That initially seemed to make no difference, even after a reboot, but ...

Last night I launched GPEdit.msc on the problem build and disabled all settings, then launched SecPol.msc and began to do the same, but got tired before I'd really got into the latter, hibernated the PC, and went to bed.

This morning, I powered it up, and lo, the Spotlight icon is there!

So I'm guessing that it's either the default browser or the GPEdit settings, most probably the latter if I manage to nail it down further, I'll post back.

There are *endless* dependencies for Windows Spotlight to work.

You cannot expect even a Brink article, to guarantee you have hit
all the high points.

https://www.tenforums.com/tutorials/82156-reset-re-register-windows-spotlight-windows-10-a.html

That was one of the pages I looked at early on, but it didn't help. Particularly, just now on the comparison PC where the Spotlight icon has
always been shown, I've just disabled all background apps and rebooted
- which still leaves 5 Microsoft Edge and 1 Edge Update processes still running :-( - yet the Spotlight icon is still there. Of course, the
photo hasn't changed yet, so it will be interesting to see if the
information updates when the photo next changes, but the fact that the
icon is still there at all suggests that it will and therefore that most
of the advice on that page, which I've seem also posted in Microsoft
Windows Forums, is urban myth.

This is the sort of mess that seems increasingly to happen these days
... no-one has sufficient scientific understanding to understand the
importance of the scientific method, that you change ONE thing at a time
and then test the result. I used to see this at work, support staff
would get desperate, and try the blunderbuss approach of changing loads
of things that they thought might be relevant, quite possibly breaking
other things along the way, then, even if they did cure the problem,
they had no idea which of the many things that they had tried had
actually done the trick, and the PC might have been buggered in other
ways by their efforts.

For example, some of the Notification options at the bottom, may need to be enabled to make it work. It leaves the OS open to abuse by Microsoft, to be doing that. You'll get your pictures all right, but you'll also be seeing XBox Pass adverts when trying to get some work done.

Yes, and I don't even have an XBox in the household, so that's just rank ignorant stupidity on Microshit's part.

--

Fake news kills!

I may be contacted via the contact address given on my website:
www.macfh.co.uk

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Java Jive <java@evij.com.invalid> wrote:
[...]

Nailed it. For my builds, it's the following policy setting in
GPEdit.msc ...

Computer Configuration
Windows Settings
Security Settings
Local Policies
Security Options
Interactive Logon: Do not require CTRL-ALT-DEL

... which in my case was

Disabled

... meaning (after parsing out the confusing double negative) ...

Require CTRL-ALT-DEL

Setting this to ...

Enabled

... meaning (after parsing out the confusing double negative) ...

Do NOT require CTRL-ALT-DEL

... allows the Spotlight icon ...

Like what you see?

... to appear on the lock screen.

As Paul suggests, this is, or at least used to be, something of a
security issue, as described here ...

https://www.manageengine.com/vulnerability-management/misconfiguration/logon-security/how-to-enable-secure-login-ctrl-alt-delete-logon-via-group-policy.html

... and accordingly I've always previously disabled this policy on my
builds, so that <Ctrl-Alt-Delete> is required to log on. How much of an issue this is still, or whether more recent versions of Windows are more secure against logon window spoofing rendering the policy redundant, I'm
no longer sufficiently in the know to be able to comment further.

Be aware that 'Require CTRL-ALT-DEL' [1] might be turned on again
behind your back. At least that happened to me (on Windows 11) when I (temporarily) set the lock screen timeout ('If you've been away, when
should Windows require you to sign in again?') to 'Never'.

That seemed to be a temporary change, because after a reboot,
CTRL-ALT-DEL was no longer needed to sign-in.

[1] There is an applet (netplwiz) where you can tick/untick 'Require
users to press Ctrl+Alt+Delete' ("Secure sign-in"), but (at least in my experience) it doesn't work, i.e. after unticking the setting,
Ctrl+Alt+Delete is still required.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2025-02-22 16:26, Java Jive wrote:

Last night I launched GPEdit.msc on the problem build and disabled all settings, then launched SecPol.msc and began to do the same, but got
tired before I'd really got into the latter, hibernated the PC, and went
to bed.

This morning, I powered it up, and lo, the Spotlight icon is there!

So I'm guessing that it's either the default browser or the GPEdit
settings, most probably the latter if I manage to nail it down further,
I'll post back.

Nailed it. For my builds, it's the following policy setting in
GPEdit.msc ...

Computer Configuration
Windows Settings
Security Settings
Local Policies
Security Options
Interactive Logon: Do not require CTRL-ALT-DEL

... which in my case was

Disabled

... meaning (after parsing out the confusing double negative) ...

Require CTRL-ALT-DEL

Setting this to ...

Enabled

... meaning (after parsing out the confusing double negative) ...

Do NOT require CTRL-ALT-DEL

... allows the Spotlight icon ...

Like what you see?

... to appear on the lock screen.

As Paul suggests, this is, or at least used to be, something of a
security issue, as described here ...

https://www.manageengine.com/vulnerability-management/misconfiguration/logon-security/how-to-enable-secure-login-ctrl-alt-delete-logon-via-group-policy.html

... and accordingly I've always previously disabled this policy on my
builds, so that <Ctrl-Alt-Delete> is required to log on. How much of an
issue this is still, or whether more recent versions of Windows are more
secure against logon window spoofing rendering the policy redundant, I'm
no longer sufficiently in the know to be able to comment further.

--

Fake news kills!

I may be contacted via the contact address given on my website:
www.macfh.co.uk

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2025-02-22 19:52, Frank Slootweg wrote:

Java Jive <java@evij.com.invalid> wrote:

As Paul suggests, this is, or at least used to be, something of a
security issue, as described here ...

https://www.manageengine.com/vulnerability-management/misconfiguration/logon-security/how-to-enable-secure-login-ctrl-alt-delete-logon-via-group-policy.html

... and accordingly I've always previously disabled this policy on my
builds, so that <Ctrl-Alt-Delete> is required to log on. How much of an
issue this is still, or whether more recent versions of Windows are more
secure against logon window spoofing rendering the policy redundant, I'm
no longer sufficiently in the know to be able to comment further.

Be aware that 'Require CTRL-ALT-DEL' [1] might be turned on again
behind your back. At least that happened to me (on Windows 11) when I (temporarily) set the lock screen timeout ('If you've been away, when
should Windows require you to sign in again?') to 'Never'.

That seemed to be a temporary change, because after a reboot,
CTRL-ALT-DEL was no longer needed to sign-in.

[1] There is an applet (netplwiz) where you can tick/untick 'Require
users to press Ctrl+Alt+Delete' ("Secure sign-in"), but (at least in my experience) it doesn't work, i.e. after unticking the setting, Ctrl+Alt+Delete is still required.

Thanks for the warning.

Looking at your experience described above, depending on how it was
changed, I suspect a reboot can be required to pick up a permanent
change to this setting. To be exact, I'm guessing:
Legacy method, such as netplwiz or gpedit:
Changes policy, reboot required for new policy to be copied to
current run settings;
Settings app:
Changes only current run settings, not underlying policy, so
lost on reboot.

Does this make sense? Frank or anyone else care to comment?

--

Fake news kills!

I may be contacted via the contact address given on my website:
www.macfh.co.uk

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Java Jive <java@evij.com.invalid> wrote:

On 2025-02-22 19:52, Frank Slootweg wrote:

Java Jive <java@evij.com.invalid> wrote:

As Paul suggests, this is, or at least used to be, something of a
security issue, as described here ...

https://www.manageengine.com/vulnerability-management/misconfiguration/logon-security/how-to-enable-secure-login-ctrl-alt-delete-logon-via-group-policy.html

... and accordingly I've always previously disabled this policy on my
builds, so that <Ctrl-Alt-Delete> is required to log on. How much of an >> issue this is still, or whether more recent versions of Windows are more >> secure against logon window spoofing rendering the policy redundant, I'm >> no longer sufficiently in the know to be able to comment further.

Be aware that 'Require CTRL-ALT-DEL' [1] might be turned on again
behind your back. At least that happened to me (on Windows 11) when I (temporarily) set the lock screen timeout ('If you've been away, when should Windows require you to sign in again?') to 'Never'.

That seemed to be a temporary change, because after a reboot, CTRL-ALT-DEL was no longer needed to sign-in.

[1] There is an applet (netplwiz) where you can tick/untick 'Require
users to press Ctrl+Alt+Delete' ("Secure sign-in"), but (at least in my experience) it doesn't work, i.e. after unticking the setting, Ctrl+Alt+Delete is still required.

Thanks for the warning.

Looking at your experience described above, depending on how it was
changed, I suspect a reboot can be required to pick up a permanent
change to this setting. To be exact, I'm guessing:
Legacy method, such as netplwiz or gpedit:
Changes policy, reboot required for new policy to be copied to current run settings;

Yes, that matches with my experience with netplwiz (don't have
gpedit), or at least does not contradict it.

Settings app:
Changes only current run settings, not underlying policy, so
lost on reboot.

I could not find a 'Require CTRL-ALT-DEL' type setting in (Windows 11) Settings. Is there?

If you're asking in general, then I think most (all?) Settings
settings stick accross reboots.

Does this make sense? Frank or anyone else care to comment?

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2025-02-23 10:39, Frank Slootweg wrote:

Java Jive <java@evij.com.invalid> wrote:

On 2025-02-22 19:52, Frank Slootweg wrote:

Java Jive <java@evij.com.invalid> wrote:

As Paul suggests, this is, or at least used to be, something of a
security issue, as described here ...

https://www.manageengine.com/vulnerability-management/misconfiguration/logon-security/how-to-enable-secure-login-ctrl-alt-delete-logon-via-group-policy.html

... and accordingly I've always previously disabled this policy on my
builds, so that <Ctrl-Alt-Delete> is required to log on. How much of an >>>> issue this is still, or whether more recent versions of Windows are more >>>> secure against logon window spoofing rendering the policy redundant, I'm >>>> no longer sufficiently in the know to be able to comment further.

Be aware that 'Require CTRL-ALT-DEL' [1] might be turned on again
behind your back. At least that happened to me (on Windows 11) when I
(temporarily) set the lock screen timeout ('If you've been away, when
should Windows require you to sign in again?') to 'Never'.

That seemed to be a temporary change, because after a reboot,
CTRL-ALT-DEL was no longer needed to sign-in.

[1] There is an applet (netplwiz) where you can tick/untick 'Require
users to press Ctrl+Alt+Delete' ("Secure sign-in"), but (at least in my
experience) it doesn't work, i.e. after unticking the setting,
Ctrl+Alt+Delete is still required.

Thanks for the warning.

Looking at your experience described above, depending on how it was
changed, I suspect a reboot can be required to pick up a permanent
change to this setting. To be exact, I'm guessing:
Legacy method, such as netplwiz or gpedit:
Changes policy, reboot required for new policy to be copied to
current run settings;

Yes, that matches with my experience with netplwiz (don't have
gpedit), or at least does not contradict it.

Settings app:
Changes only current run settings, not underlying policy, so
lost on reboot.

I could not find a 'Require CTRL-ALT-DEL' type setting in (Windows 11) Settings. Is there?

Can't check in Win 11 ATM, but I'm happy to take your word for it.

If you're asking in general, then I think most (all?) Settings
settings stick accross reboots.

I think that's right except perhaps where a Settings change contradicts
a policy, as potentially in this case, then I think, if the change is
allowed to occur at all, then it may well be lost on reboot, but I admit
that I'm not sure and am guessing about this. I was rather hoping that
my previous post, especially if my guess was wrong, might prompt someone
with greater knowledge to explain exactly how the relationship between
policies and settings works.

--

Fake news kills!

I may be contacted via the contact address given on my website:
www.macfh.co.uk

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Java Jive <java@evij.com.invalid> wrote:

I've just disabled all background apps and rebooted
- which still leaves 5 Microsoft Edge and 1 Edge Update processes still running :-(

Did you [leave] enable the startup boost option in Edge-C? That
preloads Edge-C, so it is already loaded whenever you decide later to
open yourself.

edge://settings/system -> Startup boost

I don't remember if the default is on or off, plus I do so many tweaks
on web browsers that I can't be sure the setting I have is the default.

https://support.microsoft.com/en-us/topic/get-help-with-startup-boost-ebef73ed-5c72-462f-8726-512782c5e442

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Java Jive <java@evij.com.invalid> wrote:

On 2025-02-22 16:26, Java Jive wrote:

Last night I launched GPEdit.msc on the problem build and disabled all
settings, then launched SecPol.msc and began to do the same, but got
tired before I'd really got into the latter, hibernated the PC, and went
to bed.

This morning, I powered it up, and lo, the Spotlight icon is there!

So I'm guessing that it's either the default browser or the GPEdit
settings, most probably the latter if I manage to nail it down further,
I'll post back.

Nailed it. For my builds, it's the following policy setting in
GPEdit.msc ...

Computer Configuration
Windows Settings
Security Settings
Local Policies
Security Options
Interactive Logon: Do not require CTRL-ALT-DEL

... which in my case was

Disabled

... meaning (after parsing out the confusing double negative) ...

Require CTRL-ALT-DEL

Setting this to ...

Enabled

... meaning (after parsing out the confusing double negative) ...

Do NOT require CTRL-ALT-DEL

... allows the Spotlight icon ...

Like what you see?

... to appear on the lock screen.

As Paul suggests, this is, or at least used to be, something of a
security issue, as described here ...

https://www.manageengine.com/vulnerability-management/misconfiguration/logon-security/how-to-enable-secure-login-ctrl-alt-delete-logon-via-group-policy.html

... and accordingly I've always previously disabled this policy on my
builds, so that <Ctrl-Alt-Delete> is required to log on. How much of an issue this is still, or whether more recent versions of Windows are more secure against logon window spoofing rendering the policy redundant, I'm
no longer sufficiently in the know to be able to comment further.

I never cared for Spotlight. More glitz and fluff on wasted effort than Microsoft engaging those resources on bug fixes and truly important
features.

I have my Win boxes configured to require Ctrl+Alt+Del. I've never
encountered the Spotlight issue, because, well, I never use it. I'd
eradicate the glitz crap if there was a way.

To me, sounds like Microsoft decided to add more security if more login security were employed. That is, you sure "Like what you see?" would
not reveal something about yourself if you clicked on the icon? After
all, if you chose to enable Ctrl+Alt+Del then you probably don't want
something on the lockscreen to bypass that security measure.

Disabling the requirement for Ctrl+Alt+Del is a tweak used by those that
don't give a gnat's fart about securing their host, and the same folks
that configure Windows to automatically login, so they don't ever have
to bother with entering their login credentials (and later they forget
what they were since they never use them).

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

VanguardLH <V@nguard.lh> wrote:
[...]

Disabling the requirement for Ctrl+Alt+Del is a tweak used by those that don't give a gnat's fart about securing their host, and the same folks
that configure Windows to automatically login, so they don't ever have
to bother with entering their login credentials (and later they forget
what they were since they never use them).

Lighten up, will you!? There *is* no "Disabling the requirement for Ctrl+Alt+Del", it's off by default.

So if your advice would be to enable it, that would be fine. But your condescending "those that don't give a gnat's fart about securing their
host" (and the equally insulting rest), is both uncalled for and
incorrect.

And no, I do *not* use 'Secure sign-in' and yes, I *do* use Windows Spotlight.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Frank Slootweg <this@ddress.is.invalid> wrote:

VanguardLH <V@nguard.lh> wrote:

Disabling the requirement for Ctrl+Alt+Del is a tweak used by those
that don't give a gnat's fart about securing their host, and the
same folks that configure Windows to automatically login, so they
don't ever have to bother with entering their login credentials (and
later they forget what they were since they never use them).

Lighten up, will you!? There *is* no "Disabling the requirement for Ctrl+Alt+Del", it's off by default.

Confused by that statement. You mention how to use a policy to change
the Ctrl+Alt+Default requirement, you mention there is a "default"
(which means other choices exist), yet you now say say there is no
disable. There is, there is, but there isn't?

You mentioned using the security policy editor, but not all editions of
Windows have that. For those without gpedit.msc, the policy is exposed
by using netplwiz.exe (Control Panel "User Accounts" applet).
Thankfully that setting does not incorporate a double negative.

So if your advice would be to enable it, that would be fine. But your condescending "those that don't give a gnat's fart about securing
their host" (and the equally insulting rest), is both uncalled for
and incorrect.

Those points identify users that REDUCE security. They don't want the inconvenience (having to login) of a secure host hence my equal but
derogatory they "don't give a gnat's fart about securing their host". I could've said "they don't want the inconvenience of a secure host", but obviously you and I have opinions about their choices, and I expressed
mine with a berating tone.

And no, I do *not* use 'Secure sign-in' and yes, I *do* use Windows Spotlight.

So, you're condemning Microsoft for making required sign-ins more secure
by not providing a workaround via Spotlight. Seems Microsoft did use
your scientific method: not requiring sign-in is insecure, so no point
in securing Spotlight, either.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

VanguardLH <V@nguard.lh> wrote:

Frank Slootweg <this@ddress.is.invalid> wrote:

VanguardLH <V@nguard.lh> wrote:

Disabling the requirement for Ctrl+Alt+Del is a tweak used by those
that don't give a gnat's fart about securing their host, and the
same folks that configure Windows to automatically login, so they
don't ever have to bother with entering their login credentials (and
later they forget what they were since they never use them).

Lighten up, will you!? There *is* no "Disabling the requirement for Ctrl+Alt+Del", it's off by default.

Confused by that statement. You mention how to use a policy to change
the Ctrl+Alt+Default requirement, you mention there is a "default"
(which means other choices exist), yet you now say say there is no
disable. There is, there is, but there isn't?

Sigh! Again you're mixing up posters. Java Jive mentioned how to use a policy. I mentioned netplwiz and the 'Secure sign-in' tick-mark
("Require users to press Ctrl+Alt+Delete") in that applet is off by
default. So your condescending comment "Disabling the requirement for Ctrl+Alt+Del" does not apply (You can't 'disable' something which is
off, you can only enable it.).

You mentioned using the security policy editor, but not all editions of Windows have that. For those without gpedit.msc, the policy is exposed
by using netplwiz.exe (Control Panel "User Accounts" applet).
Thankfully that setting does not incorporate a double negative.

You're still confusing me with Java Jive and 'telling' me things
(netplwiz), which *I* brought up.

So if your advice would be to enable it, that would be fine. But your condescending "those that don't give a gnat's fart about securing
their host" (and the equally insulting rest), is both uncalled for
and incorrect.

Those points identify users that REDUCE security.

Nope, it doesn't, because your premise - users disabling the need for Ctrl+Alt+Delete - is invalid. So you're belittling users which don't
exist for doing things that they can't do.

They don't want the
inconvenience (having to login) of a secure host hence my equal but derogatory they "don't give a gnat's fart about securing their host". I could've said "they don't want the inconvenience of a secure host", but obviously you and I have opinions about their choices, and I expressed
mine with a berating tone.

Derogatory, berating, but most importantly *wrong*, i.e. based on a
false premise.

And no, I do *not* use 'Secure sign-in' and yes, I *do* use Windows Spotlight.

So, you're condemning Microsoft for making required sign-ins more secure
by not providing a workaround via Spotlight.

Huh!? How on earth do you come up with these inane conclusions/
assumptions? I'm not using 'Secure sign-in', Java Jive is.

Seems Microsoft did use
your scientific method: not requiring sign-in is insecure, so no point
in securing Spotlight, either.

You got that one wrong as well. Congratulations!

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2025-02-23 18:35, VanguardLH wrote:

Java Jive <java@evij.com.invalid> wrote:

On 2025-02-22 16:26, Java Jive wrote:

Last night I launched GPEdit.msc on the problem build and disabled all
settings, then launched SecPol.msc and began to do the same, but got
tired before I'd really got into the latter, hibernated the PC, and went >>> to bed.

This morning, I powered it up, and lo, the Spotlight icon is there!

So I'm guessing that it's either the default browser or the GPEdit
settings, most probably the latter if I manage to nail it down further,
I'll post back.

Nailed it. For my builds, it's the following policy setting in
GPEdit.msc ...

Computer Configuration
Windows Settings
Security Settings
Local Policies
Security Options
Interactive Logon: Do not require CTRL-ALT-DEL

... which in my case was

Disabled

... meaning (after parsing out the confusing double negative) ...

Require CTRL-ALT-DEL

Setting this to ...

Enabled

... meaning (after parsing out the confusing double negative) ...

Do NOT require CTRL-ALT-DEL

... allows the Spotlight icon ...

Like what you see?

... to appear on the lock screen.

As Paul suggests, this is, or at least used to be, something of a
security issue, as described here ...

https://www.manageengine.com/vulnerability-management/misconfiguration/logon-security/how-to-enable-secure-login-ctrl-alt-delete-logon-via-group-policy.html

... and accordingly I've always previously disabled this policy on my
builds, so that <Ctrl-Alt-Delete> is required to log on. How much of an
issue this is still, or whether more recent versions of Windows are more
secure against logon window spoofing rendering the policy redundant, I'm
no longer sufficiently in the know to be able to comment further.

I never cared for Spotlight. More glitz and fluff on wasted effort than Microsoft engaging those resources on bug fixes and truly important
features.

Each to his own, but, whether you care to acknowledge so or not, in many people's opinion, including my own, some of the pictures are very beautiful.

I have my Win boxes configured to require Ctrl+Alt+Del. I've never encountered the Spotlight issue, because, well, I never use it. I'd eradicate the glitz crap if there was a way.

As I have done up til now, but now I have to decide whether being able
to find out the location of the most beautiful Spotlight pictures easily
- there is a tedious and more involved way of using reverse image
search - is worth a slight reduction in security. I have yet to make
that decision, mainly because, while I was still working I used to
receive copies of all the security bulletins that the firm received, but
having not worked for over a decade and having moved far away to a
remote part of the country, I am no longer able to keep abreast of the
latest security stories.

--

Fake news kills!

I may be contacted via the contact address given on my website:
www.macfh.co.uk

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Java Jive <java@evij.com.invalid> wrote:

On 2025-02-23 18:35, VanguardLH wrote:

Java Jive <java@evij.com.invalid> wrote:

On 2025-02-22 16:26, Java Jive wrote:

Last night I launched GPEdit.msc on the problem build and disabled all >>>> settings, then launched SecPol.msc and began to do the same, but got
tired before I'd really got into the latter, hibernated the PC, and went >>>> to bed.

This morning, I powered it up, and lo, the Spotlight icon is there!

So I'm guessing that it's either the default browser or the GPEdit
settings, most probably the latter if I manage to nail it down further, >>>> I'll post back.

Nailed it. For my builds, it's the following policy setting in
GPEdit.msc ...

Computer Configuration
Windows Settings
Security Settings
Local Policies
Security Options
Interactive Logon: Do not require CTRL-ALT-DEL

... which in my case was

Disabled

... meaning (after parsing out the confusing double negative) ...

Require CTRL-ALT-DEL

Setting this to ...

Enabled

... meaning (after parsing out the confusing double negative) ...

Do NOT require CTRL-ALT-DEL

... allows the Spotlight icon ...

Like what you see?

... to appear on the lock screen.

As Paul suggests, this is, or at least used to be, something of a
security issue, as described here ...

https://www.manageengine.com/vulnerability-management/misconfiguration/logon-security/how-to-enable-secure-login-ctrl-alt-delete-logon-via-group-policy.html

... and accordingly I've always previously disabled this policy on my
builds, so that <Ctrl-Alt-Delete> is required to log on. How much of an >>> issue this is still, or whether more recent versions of Windows are more >>> secure against logon window spoofing rendering the policy redundant, I'm >>> no longer sufficiently in the know to be able to comment further.

I never cared for Spotlight. More glitz and fluff on wasted effort than
Microsoft engaging those resources on bug fixes and truly important
features.

Each to his own, but, whether you care to acknowledge so or not, in many people's opinion, including my own, some of the pictures are very beautiful.

I have my Win boxes configured to require Ctrl+Alt+Del. I've never
encountered the Spotlight issue, because, well, I never use it. I'd
eradicate the glitz crap if there was a way.

As I have done up til now, but now I have to decide whether being able
to find out the location of the most beautiful Spotlight pictures easily
- there is a tedious and more involved way of using reverse image
search - is worth a slight reduction in security. I have yet to make
that decision, mainly because, while I was still working I used to
receive copies of all the security bulletins that the firm received, but having not worked for over a decade and having moved far away to a
remote part of the country, I am no longer able to keep abreast of the
latest security stories.

The choices are apparently:
(1) Require Ctrl+Alt+Del to login. The "like what you see" element will
be missing from the Spotlight content.
Presumption: Login is more secure, and Spotlight follows the same
security model.
(2) Do NOT require Ctrl+Alt+Del to login. The "like what you see"
element will be present in Spotlight.
Presumption: Login is insecure (absent), and Spotlight follows the
same [lack of] security model.

I've not found an option to have "Like what you see" absent if you
choose (2). Seems this is a feature of Spotlight when login security is
lax. When login is less secure, so is Spotlight. The only option seems
to be not to use Spotlight, but then you lose that particular wallpaper selector; however, there is another choice - SlideShow.

- Wallpapers: Windows spotlight displays a new image on the lock screen
every day
- Suggestions, fun facts, tips: recommendations on how to enhance the
user's productivity of Microsoft products. They're displayed in
different locations, such as the lock screen, the background, the
taskbar, or the Get Started app
- Organizational messages: messages from your organization, which can be
displayed in the lock screen, taskbar, the notification area, or the
Get Started app

Getting wallpapers means having to go online. Suggestions also means
going online. Displaying org messages is of no current concern to you.

Instead of using Spotlight, you could select Slideshow for background
images. The MS description above says you get a new image once per day. Slideshow lets you pick intervals of 1 minute, 10 minutes, 30 minutes, 1
hour, 6 hours, or 1 day. So, you could get Slideshow to show a new
message once per day as does Spotlight. For Slideshow, there is a
Shuffle option which presumably randomizes which images are shown from
where you browse to pick a folder for where to find image files.

Slideshow would have you storing the images on your computer instead of
letting Spotlight download them. Spotlight downloads the .jpg image
files to a hidden "Assets" folder under your profile folder. For me, C:\Users\<me>\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\LocalState\Assets.
When selecting Slideshow, you get to pick the folder to look for image
files.

For Spotlight to work (get images) means it uses the Content Delivery
Manager (Microsoft.Windows.ContentDeliveryManager) which is used for
other client-server data sync, like Bing News or Weather, app
suggestions, and silent installs of advertised/promoted apps. I think
CDM is also involved with update delivery optimization (disabled for me: Settings -> Update & Security -> Delivery Optimization). With
Slideshow, you are the delivery agent (you select what to put into which folder).

I found:

HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager

in the registry, but haven't bothered to investigate what all its
subkeys and data items are used for. I wasn't putzing with CDM's config
in the registry mostly because documentation on it is poor, or
inconsistent.

https://en.wikipedia.org/wiki/Windows_Spotlight
Windows Spotlight images are provided by Windows' Content Delivery
Manager. New ones are shown every 1–2 days. Downloaded images are
stored in JPEG format on the computer. If the Content Delivery Manager
has no new picture to display, a default image is used. This default
fallback image can be changed.

That article has a link to:

https://cyberblogforu.com/how-to-download-windows-spotlight-wallpapers/

which mentions the download folder for caching the image files retrieved
by Spotlight is:

%localappdata%\Packages\Microsoft.Windows.ContentDeliveryManager_<ID>\LocalState\Assets

The ID mentioned in the article is the same one used on my Win10 setup. However, when you go there with File Explorer, you'll find several
rather randomly long-named files with no extension. I followed the instructions to copy the non-extensioned files to elsewhere (D:\Temp, in
my case), and used "ren *.* *.jpg" to give them all the JPG extension.
I then looked at the renamed files, and, yep, they're image files. No
idea why Microsoft chose to omit the extension to hide they are images.

I read about some users removing the CDM component from Windows, but
it's used for a lot of content delivery mechanisms, so I would not
suggest removing it. I didn't look into its removal, because I'm not
doing it nor that interested, especially since I don't use Spotlight,
delivery optimization is disabled. Another reason not to use Spotlight
is it can show ads for recommended apps, as Paul mentioned. Under
Settings -> Personalization, Lock screen, I disabled the the "Get fun
facts, tricks, and more on your lock screen" option. Several other
anti-ad settings mentioned at:

https://www.majorgeeks.com/content/page/how_to_disable_all_advertising_and_sponsored_apps_in_windows_10.html

None of these were new to me. I had disabled most [known] advertising
in Windows 10. Soon after its install, I tweak the shit out of it,
including eliminating as much of Microsoft's advertising in Windows 10.

Apparently you have to wait 1 to 2 days before Spotlight get another
image download using CDM. With Slideshow, it would change the
background image at the rate you select (from 1 minute to 1 day), and
shows the images in the folder you specify, so you have to get the
images. I suppose you could grab them from the CDM assets folder, but
you could get them from anywhere.

https://windows10spotlight.com/

That has an archive of Spotlight images. Seems they are at 1920x1080 or 1920x1920. I suspect scaling is used if your monitor uses a different
screen size. Of course, you can search on images you can download from elsewhere to save locally in a folder of your choosing. Then use
Slideshow to show those images.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2025-02-24 03:22, VanguardLH wrote:

Java Jive <java@evij.com.invalid> wrote:

On 2025-02-23 18:35, VanguardLH wrote:

I have my Win boxes configured to require Ctrl+Alt+Del. I've never
encountered the Spotlight issue, because, well, I never use it. I'd
eradicate the glitz crap if there was a way.

As I have done up til now, but now I have to decide whether being able
to find out the location of the most beautiful Spotlight pictures easily
- there is a tedious and more involved way of using reverse image
search - is worth a slight reduction in security. I have yet to make
that decision, mainly because, while I was still working I used to
receive copies of all the security bulletins that the firm received, but
having not worked for over a decade and having moved far away to a
remote part of the country, I am no longer able to keep abreast of the
latest security stories.

The choices are apparently:
(1) Require Ctrl+Alt+Del to login. The "like what you see" element will
be missing from the Spotlight content.
Presumption: Login is more secure, and Spotlight follows the same
security model.
(2) Do NOT require Ctrl+Alt+Del to login. The "like what you see"
element will be present in Spotlight.
Presumption: Login is insecure (absent), and Spotlight follows the
same [lack of] security model.

That's the trouble, too many presumptions, not enough actual knowledge.

[Snip a great deal of effort, for which normally I would thank you, but
all of which I already knew]

--

Fake news kills!

I may be contacted via the contact address given on my website:
www.macfh.co.uk

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2025-02-23 18:25, VanguardLH wrote:

Did you [leave] enable the startup boost option in Edge-C? That
preloads Edge-C, so it is already loaded whenever you decide later to
open yourself.

edge://settings/system -> Startup boost

I don't remember if the default is on or off, plus I do so many tweaks
on web browsers that I can't be sure the setting I have is the default.

https://support.microsoft.com/en-us/topic/get-help-with-startup-boost-ebef73ed-5c72-462f-8726-512782c5e442

Yes thanks, that's removed the surfeit of Edge processes. There's still
the one Edge update process, but I'm probably going to leave that, at
least for now.

--

Fake news kills!

I may be contacted via the contact address given on my website:
www.macfh.co.uk

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Java Jive <java@evij.com.invalid> wrote:

On 2025-02-24 03:22, VanguardLH wrote:

Java Jive <java@evij.com.invalid> wrote:

On 2025-02-23 18:35, VanguardLH wrote:

I have my Win boxes configured to require Ctrl+Alt+Del. I've never
encountered the Spotlight issue, because, well, I never use it. I'd
eradicate the glitz crap if there was a way.

As I have done up til now, but now I have to decide whether being able
to find out the location of the most beautiful Spotlight pictures easily >>> - there is a tedious and more involved way of using reverse image
search - is worth a slight reduction in security. I have yet to make
that decision, mainly because, while I was still working I used to
receive copies of all the security bulletins that the firm received, but >>> having not worked for over a decade and having moved far away to a
remote part of the country, I am no longer able to keep abreast of the
latest security stories.

The choices are apparently:
(1) Require Ctrl+Alt+Del to login. The "like what you see" element will
be missing from the Spotlight content.
Presumption: Login is more secure, and Spotlight follows the same
security model.
(2) Do NOT require Ctrl+Alt+Del to login. The "like what you see"
element will be present in Spotlight.
Presumption: Login is insecure (absent), and Spotlight follows the
same [lack of] security model.

That's the trouble, too many presumptions, not enough actual knowledge.

[Snip a great deal of effort, for which normally I would thank you, but
all of which I already knew]

I'm confused. If you knew you could substitute Slideshow for Spotlight,
why start this thread?

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2025-02-25 05:04, VanguardLH wrote:

Java Jive <java@evij.com.invalid> wrote:

On 2025-02-24 03:22, VanguardLH wrote:

The choices are apparently:
(1) Require Ctrl+Alt+Del to login. The "like what you see" element will >>> be missing from the Spotlight content.
Presumption: Login is more secure, and Spotlight follows the same
security model.
(2) Do NOT require Ctrl+Alt+Del to login. The "like what you see"
element will be present in Spotlight.
Presumption: Login is insecure (absent), and Spotlight follows the >>> same [lack of] security model.

That's the trouble, too many presumptions, not enough actual knowledge.

[Snip a great deal of effort, for which normally I would thank you, but
all of which I already knew]

I'm confused. If you knew you could substitute Slideshow for Spotlight,
why start this thread?

Because that wasn't what I wanted to do.

--

Fake news kills!

I may be contacted via the contact address given on my website:
www.macfh.co.uk

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)