Strange things are happening: I wanted to try Windows 11 IoT Enterprise LTSC (which is still horrendous, because it’s Win11), and I learned about Windows 10 Enterprise LTSC 2021. As it happens, the latter is a decent fix for most people through 2032. Quick information.

Piracy-wise…

I learned about the Microsoft Activation Scripts (MAS) a couple of weeks ago. On the same site, one can read about many more Windows activation methods than I ever knew of, such as: HWID Activation; TSforge Activation; KMS38 Activation; Online KMS Activation. Only the last one was familiar to me, so to speak. Maybe the previous one two, I can’t be sure. Have an Activation Methods Chart. Oh, boy, so much crap for such crappy Microsoft products! (This being said, Win7 was rock-solid.)

Having my curiosity awakened, I went to Download / How to use it?, then I tried the non-PowerShell way, which is to download this master.zip or this master.zip, then run MAS_AIO.cmd from within All-In-One-Version.

Oh, boy, this is truly pr0n!

Wait, how would this be of any use these days? After October 14, 2025, we’re all supposed to be running Win11, which is designed to completely kill our zest for life!

Not so fast!

Windows LTSC Download comes with some ideas, both bad and good. You will find there links such as:

  • Windows 11 IoT Enterprise LTSC 2024
  • Windows 10 IoT Enterprise LTSC 2021

They are 100% official ISO files from Microsoft, meant for evaluation purposes, and which have some utterly fascinating characteristics:

  • Being customized for IoT, they are without the usual Microsoft bloat and, surprisingly enough, without any TPM-related system requirements! Yay! God is real! (No, it’s not. WinXP SP3 was God.)
  • Being ❶ Enterprise, ❷ LTSC, ❸ IoT, and ❹ with specific release dates, such OSes (I was about to write “distros”) are supported through the Extended Security Updates (ESU) program as follows:

OMFG! So here’s what I did: I downloaded the respective shit and, for name consistency, I renamed them as follows:

  • en-us_windows_11_iot_enterprise_ltsc_2024_x64_dvd_26100.1742.iso
  • en-us_windows_10_iot_enterprise_ltsc_2021_x64_dvd_19044.1288.iso

Then I decided to give each a try. Note that a license for using such a product for more than 90 days retails for about $295.00, or this is what some people say. But they also say that the Massgrave Powershell script will license such a Windows IoT LTSC in seconds! Just don’t tell the FBI that you did it.

Questi aspetti sono importantissimi!

To install such a Windows edition (remember the four crucial characteristics: Enterprise, LTSC, IoT, and the release year), don’t ever try to use any kind of Microsoft account! Therefore, even if the setup detects your usual Wi-Fi access point, select from the bottom left “I do not have an Internet connection” and continue with what it pretends to be a “Limited Setup”—it isn’t!

Remember: until you see the familiar Windows desktop, pretend you have no Internet whatsoever!

Quick assessment after having tried both editions:

  • Win11 is unusable regardless of the edition. It’s designed by shitheads, it looks like shit, and it’s meant to destroy the last remainder of intelligence on Earth! (So is GNOME, BTW.)
  • Win10 is surprisingly decent in this IoT edition!

Some advice—take it or ignore it

These editions come without the Microsoft Store and without any Store app! OK, there is a catch here: some apps, such as Paint, are preinstalled, but should you remove them, you won’t be able to reinstall them. Even after adding the store, locating these items within it might prove challenging.

This being said, the Microsoft Store can be installed. Just open Powershell as admin and enter wsreset -i. You will need a Microsoft account (Outlook.com/Live.com, ex-Hotmail/MSN) to use Windows Store. Also, for some reason, it will take an eternity and a reboot to have the Store visible and working.

After having installed the Store and made sure it works, I wanted to install the so-called “App Installer,” which includes WinGet, thus enabling the easy installation of .appx or .msix packages. But this URL didn’t work, and “App Installer” was impossible to find!

BTW, I installed Firefox from the Store the GUI way, not by using winget install Mozilla.Firefox.

As long as “App Installer” (which bundles WinGet) wasn’t showing up in my Windows Store, I decided to install WinGet from GitHub. This method works consistently on any IoT LTSC, and it bypasses the Store entirely. What I did was this:

I then started PowerShell as admin, and within it, I navigated to the download folder. Then I issued this command (adapt to your case if necessary):

Add-AppxProvisionedPackage -Online -PackagePath "Microsoft.DesktopAppInstaller_8wekyb3d8bbwe.msixbundle" -LicensePath "4df037184d634a28b13051a797a25a16_License1.xml"

Testing WinGet should return a version if nothing failed:

winget --version

A last suggestion, and a kinky one at that

On March 1, 2019, I was writing this:

Those who have ever heard of cruelsister should already know that she advocates CFW (properly configured!) and nothing else. She doesn’t believe in signature-based detections (neither do I), and often HIPS can’t cope with 0-day malware.

CFW stands for Comodo Firewall, and despite this product still being at version 12.2.2.8012 from 2021, it’s a good one. But Comodo being Comodo, the above link isn’t the best one; it would download the Comodo Internet Security thing (cispro_installer.exe), and you’d need to persuade it to only install the firewall. You should go here, and grab cfw_installer.exe. Oh, but even so, you should pay attention to prevent it from installing the Comodo Dragon browser and from setting Yahoo as your home page.

The idea is the following one: If you’re smart, you don’t need a signature-based AV that would quarantine or delete a suspicious file without asking you, and even without telling you that it did that! Yes, Windows Defender does that. And Bitdefender Free. And Panda. And so on.

I have used Windows 7 for years after it ceased being supported, and I used it without any antivirus! Not many people know how valuable the Comodo Firewall can be!

To disable Windows Defender on Windows 10 IoT Enterprise LTSC, the best option is via Group Policy:

  1. Open Group Policy Editor: press Win + R, type gpedit.msc, and hit Enter.
  2. Navigate to Windows Defender Settings: Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus.
  3. Turn Off Microsoft Defender Antivirus: double-click on Turn off Microsoft Defender Antivirus; set it to Enabled (this counterintuitively disables it); click Apply and then OK.
  4. Restart the system for the changes to take effect.

Technical notes: Windows 10 and 11 being what they are, even with Windows Defender disabled, not everything is lost:

  • Microsoft Defender Application Guard (MDAG) is a hardware-based isolation feature that uses Hyper-V to create a sandboxed environment, and it can technically still function even if Defender Antivirus is disabled.
  • Microsoft Defender Exploit Guard (MDEG) is tightly coupled with Microsoft Defender Antivirus. If you’re using a third-party antivirus solution, Exploit Protection can still operate, but the other MDEG features (Attack Surface Reduction, Network Protection, Controlled Folder Access) won’t, as they’re exclusive to Defender Antivirus.

SmartScreen still works even if no third-party AV is installed (CFW is not an AV).

Not many people have 30+ years of experience with malware, and most don’t know shit about Comodo Firewall. Well, I suggest they become more knowledgeable.

Try to use your brains and grasp the gist of it if you never used Comodo Firewall:

● Whenever Comodo Firewall complains from the bottom right (it serves as a behavioral antivirus without signatures doubled by a firewall that also deals with outbound connections), select the last option at the bottom (it has “…” in a circle) and choose “Treat as” with one of: “Installer or Updater” or “Windows System Application.” In the latter case, it should stop alerting about other actions of these apps. Choosing “Allow” only allows the current type of action.

I forgot that other options can be offered for “Treat as”: “Web Browser” and “FTP Client.” But you can also just choose “Allow” and let “Remember my answer checked”—it will remember the authorization for this type of action.

● If you accidentally let it block something, open the interface, look for “Blocked applications” in the bottom left of the screen that appears, click on it, right-click on the blocked application, “Unblock,” “Unblock for all security components” (or “Unblock for component(s) shown”).

This is not the most secure, but the simplest way to deal with trusted apps. A more convenient one, but that disables CFW for a while, is to set all its “Firewall” and “HIPS” components to “Training Mode”; then open and use all the apps you need, so CFW would learn about their actions; finally, change to “Safe Mode” (which is the normal mode).

I forgot to mention an important feature of CFW: when you’re not sure about a binary, right-click on it and select “Run in COMODO container”! Its window will have a light-green border, and the app won’t be able to access your files, not even in reading; but you’ll see what the program actually does, or tries to do.

A last note. You might need to disable Comodo’s HIPS (right-click on the system tray icon) to install or uninstall some apps. It tends to block some binaries that run from %TEMP% without explicitly telling you so (check the “Blocked Applications” if something just doesn’t do anything). Disabling it during the installation of larger apps would speed up the process, as Comodo checks all the actions that could affect the system, and this slows them down.

The bottom line

As far as I am concerned, I decree as follows:

  • Microsoft is a bunch of retards. They did (and still do!) have a decent enough OS, but they ditched it for Win11.
  • Using Windows for IoT is dumb, but in this case it’s helpful: Win10 IoT LTSC (which is an Enterprise product) is a true gem!
  • Should you need Windows, this IoT 2021 version of Win10 is highly recommended, as it’s supported until 2032, and it’s mostly bloat-free!
  • On the other hand, the fans of “progress” could install Windows 11 IoT Enterprise LTSC 2024 on older hardware that doesn’t meet the official requirements, especially TPM-wise.
  • I won’t discuss the licensing issue. They clearly don’t want you to be able to buy a license at a fair price.
  • As always, I can’t stand Windows Defender, so I recommend everyone to ditch it. That is, tinkerers. Sheeple can keep using Windows Defender. Security-wise, it’s fine, but you should know that, should it dislike some of your files, you might lose them forever! Suppose you back up some files to a different drive or that you copy between drives. Windows Defender likes to silently quarantine or delete files, and you won’t find them anymore on any of the two drives without even knowing that! At some point, the quarantine will be purged, and the files will be lost forever. Good job, Microsoft!

In the last 35 years, I never lost a single file because of malware! But I lost a few ones because of legitimate AV solutions. I even ran Windows 7 for about 3 years with absolutely no security solution at all, not even CFW, and with a completely castrated Windows Defender. Smart people don’t get infected, not even when torrenting.