filesystem Archives

Winsage

March 6, 2026

Windows Server 2025 Native NVMe: Storage Stack Overhaul and Benchmark Results

On December 15, 2025, Microsoft announced native NVMe support in Windows Server 2025, marking a significant evolution in data management and access. The new architecture replaces Disk.sys with NVMeDisk.sys, allowing direct communication from the filesystem to hardware via StorMQ, eliminating latency and enhancing performance. Testing revealed increased read speeds, particularly in random 4K and 64K benchmarks, with significant reductions in average read latency and lower CPU usage during sequential operations. Write operations showed modest improvements. A registry modification is required to enable this feature, and caution is advised due to potential complications with NVMe drives when deduplication is enabled.

Winsage

March 4, 2026

OpenAI’s Codex is now on Windows

OpenAI has launched its Codex agentic coding application for Windows, expanding its reach beyond the Mac platform. The Mac version received over 1 million downloads in its first week and currently has 1.6 million weekly active users, with over 500,000 developers awaiting the Windows version. The Windows version is designed for real-world usage, featuring native sandboxing capabilities and OS-level controls for secure operation. It includes a WinUI skill for Windows application development and mirrors the Mac version in functionality while introducing Windows-specific features. Codex emphasizes managing the agent over just coding, providing a unique interface described as a "command center for agents." It operates on OpenAI’s latest coding model, GPT-5.3-Codex, with options to switch to earlier versions and adjust reasoning levels. Codex for Windows is available to users across various tiers, including ChatGPT Free, Go, Plus, Pro, Business, Enterprise, and Edu.

Winsage

January 30, 2026

I found a Linux user who switched to Windows 11 after 8 years of distros — and he actually prefers it. Here’s why.

Windows 11 is often criticized for being overly restrictive, bloated, and focused on AI features, while Linux is praised for its control and transparency. A former Linux user who switched to Windows 11 after eight years found that Windows 11 improved workflows and offered better compatibility and hardware support, despite acknowledging its shortcomings like data harvesting and mandatory account creation. The user appreciated tools like Scoop and Windows Subsystem for Linux (WSL) for enhancing their experience. The narrative emphasizes that the choice between operating systems is personal, with Windows 11 appealing to users for its convenience and compatibility, while Linux remains valued for its flexibility and control.

Winsage

January 30, 2026

I found a Linux user who switched to Windows 11 after 8 years of distros — and he actually prefers it. Here’s why.

Critics describe Windows 11 as overly restrictive and bloated, with a focus on AI and Copilot features, while Linux is seen as an ideal alternative for developers prioritizing control and transparency. A former Linux user switched to Windows 11 after eight years with various distributions, finding that Windows embraced workflows that suited their needs. They discovered tools like Scoop, which functions as a package manager, and appreciated the Windows Subsystem for Linux (WSL) for its integration without the challenges of desktop Linux. Despite acknowledging criticisms of Windows 11, such as data privacy concerns and unwanted interface changes, the user found Windows 11's compatibility and user-friendliness appealing. The narrative emphasizes that operating system choices are personal and depend on individual workflows and needs.

AppWizard

January 29, 2026

I turned my phone into a Linux desktop with this free app

Smartphones can function as desktop replacements, exemplified by the Steam Deck and the introduction of Local Desktop, which allows users to install a full Arch Linux environment on Android devices. Users can run applications like VS Code and Firefox by connecting a keyboard, with installation taking about ten minutes and not requiring root access. However, the installation process may require multiple attempts for stability due to various errors. Once set up, users can enhance their experience with the yay package manager, although some applications may not perform optimally. Local Desktop operates by installing an Arch Linux ARM64 filesystem within the app's internal storage and using proot to create a chroot-like environment. The display mechanism employs a minimal Wayland compositor for improved responsiveness. While it offers a portable Linux environment, performance can vary, and it is not suited for heavy workloads. The experience may appeal to tech enthusiasts willing to navigate its challenges.

Winsage

January 8, 2026

Windows can never be an immutable OS, and that might be a problem

"Immutable" operating systems are designed with a read-only core that is updated comprehensively, allowing user data and applications to exist independently from the base system, reducing risks of corruption and configuration drift. While macOS is largely immutable, Windows cannot transition to an immutable model due to its design based on mutability, which allows for continuous modification and backward compatibility. Windows 11's flexibility leads to a cumulative change model, making it increasingly difficult to troubleshoot and maintain. Microsoft has made some improvements within the mutable framework, but challenges remain, such as dependency control and application integration. Users expect seamless updates, but Windows is perceived as high-maintenance, leading to performance issues. A truly immutable version of Windows would conflict with user expectations and require significant software rewrites. Consequently, Windows is likely to remain in a hybrid state, adopting some immutable features while still facing issues related to its mutable architecture.

AppWizard

December 17, 2025

Cellik Android malware builds malicious versions from Google Play apps

A new Android malware-as-a-service (MaaS) called Cellik has appeared on underground cybercrime forums, offering capabilities for a subscription fee of 0 per month or a one-time payment of ,000 for lifetime access. This malware can be embedded into any app on the Google Play Store, creating trojanized versions of popular applications while maintaining the original app's interface. Cellik includes features such as real-time screen capture, interception of app notifications, filesystem access, data wiping, and secure communication with a command-and-control server. It also has a hidden browser mode that allows attackers to use the victim's stored cookies and an app injection system for overlaying fake login screens. The malware can inject payloads into installed apps, complicating detection. Cellik is designed to bypass Google Play security features, raising concerns about the effectiveness of automated reviews and device-level scanners.

Tech Optimizer

November 2, 2025

New EDR-Redir V2 Blinds Windows Defender on Windows 11 With Fake Program Files

An upgraded release of the EDR-Redir V2 tool has been developed to circumvent Endpoint Detection and Response (EDR) systems by using Windows bind link technology. This version targets the parent directories of EDR installations, such as Program Files, and creates redirection loops that blind security software while keeping legitimate applications intact. Unlike its predecessor, EDR-Redir V2 uses a more complex mechanism that loops subfolders back to themselves, isolating the EDR's path for manipulation without triggering alarms. The tool utilizes the bind link feature from Windows 11 24H2, allowing filesystem namespace redirection without needing kernel privileges. EDR solutions typically secure their subfolders but cannot entirely restrict writes to parent directories. EDR-Redir V2 queries all subfolders in a targeted parent directory and mirrors them in a controlled directory, establishing bidirectional bind links that create loops for normal access by non-EDR software. In a demonstration against Windows Defender, EDR-Redir V2 successfully redirected access to its operational files, making Defender blind to its actual files. This technique highlights vulnerabilities in EDR systems regarding filesystem manipulations at the parent directory level, suggesting that folder-specific safeguards are inadequate. Although there are no widespread reports of exploits using this method, it poses significant concerns for enterprise environments, prompting security teams to monitor bind link usage in critical directories and implement integrity checks on EDR paths.

Winsage

October 14, 2025

Microsoft October Patch Tuesday for Windows 11 Fixes 175 Flaws

Microsoft's October 2025 Patch Tuesday addressed 175 vulnerabilities, including two zero-day elevation-of-privilege flaws: CVE-2025-24990, related to the legacy ltmdm64.sys Agere Modem driver, and CVE-2025-59230, affecting the Remote Access Connection Manager. Five vulnerabilities were classified as critical, including CVE-2025-59246 (remote code execution in Azure Entra ID), CVE-2025-55315 (ASP.NET Core vulnerability), CVE-2025-49708 (Microsoft Graphics Component bug), CVE-2025-59287 (Windows Server Update Service flaw), and CVE-2025-59228 (SharePoint vulnerability). The update (KB5066835) also resolved usability issues, such as print preview hangs and input detection failures. Microsoft notified administrators about the expiration of Secure Boot certificates in June 2026. Windows 11 users can install the update via Settings > Windows Update, requiring a system restart and data backup before installation.

Winsage

June 25, 2025

Building a Windows Storage Dashboard, Part 2: Collecting Historical Data

The process of gathering historical data for a Windows storage dashboard involves two steps: creating a PowerShell script to collect and save the data, and configuring the Windows Task Scheduler to run this script at set intervals. The script collects data on file system drives using the Get-PSDrive cmdlet, creating a custom PowerShell object with columns for Timestamp, Drive, UsedGB, FreeGB, and TotalGB, which is then exported to a CSV file. The script specifies the CSV file path, appends new data without overwriting existing data, and excludes type information from the header. The generated CSV file includes a header row and records for each drive with their respective usage statistics.