Regardless of how you fall on this issue, this article is clearly highly biased.
If you read their link "detailed data"[0] you can see there is an issue but you can also see that the level of invasion is low with most telemetry disabled.
This article links to that, but then ignores that author's conclusions (that it is a relatively light level of privacy invasion) to draw this conclusion:
> So how concerned should users be about Windows 10’s default data collection policies? I would say very.
But the author's articles are only really pro-Apple and anti-Microsoft, just look at their back catalogue [1]. They've written about Windows 10 problems weekly for months, getting more and more inflammatory each time.
So how concerned should readers be about the author's obvious bias? I would say very.
> you can also see that the level of invasion is low with most telemetry disabled.
Regardless of their history, something along the lines of "We will invade your privacy and you can't disable it, but the level of invasion is low, and you have no choice but to trust us on this" doesn't sound reassuring to me.
I don't want to go there, but one can easy question if you have pro-Microsoft tendencies (or even sponsored by Microsoft ), because we're talking about invasion of user privacy at the hands of a corporation, and just because it's a "low-level of invasion [that can't be turned off]" doesn't make it OK for users, be it Microsoft or Apple.
From the perspective of a person whose standard for an operating system is "zero invasion of privacy", there's nothing particularly inflammatory about the article.
It's fine if your expectations are less rigorous; you simply aren't part of the article's intended audience.
I know ubuntu, osx and windows 7 phone home for certains scenarios. Until you are running some *BSD box, you aren't getting that "zero invasion of privacy", you just think you are.
Mods, can we get this link swapped out with a less biased one? I'm okay with Microsoft's telemetry stance hitting the front page, but I want it from a better source.
Ascribing sides to people like "pro-Apple and anti-Microsoft" is exactly the same thing as complaining about the liberal media. It's both irrelevant and damages your credibility.
Microsoft has essentially forced me to turn off Windows Update on all my Windows 7 machines/partitions and migrate everything I can to Linux. All I am waiting for is SteamOS delivering AAA games to Linux and I won't need to touch future Windows ever again.
How can you justify using Windows for enterprise work if due to new policies you can't be assured you can keep anything you work on secret? I am not willing to keep the possibility open of sharing my competitive advantages with whomever is in bed with Microsoft's management to capitalize on my ideas. Can somebody please tell them to get back to their senses and become trustworthy again?
Do I need a dedicated NUC running super-secured *BSD/Qubes filtering out traffic towards known Microsoft servers while using Windows 10?
> Microsoft has essentially forced me to turn off Windows Update on all my Windows 7 machines/partitions...
Same here. It's very annoying that they're trying to force a major upgrade. I don't like Windows 10 - I don't like its frankenstein UI and I don't like its privacy implications and I find myself in the odd position of having to jump through hoops to keep it off my PCs.
Wait, how do I prevent automatic update to Win10? I actually like the UI but the system Does Not Work (tm) on my hardware (I tried). I'm finding it hard to believe MS is going to auto-brick my laptop overnight.
They will when Windows 10 becomes a preferred update.
Before that head into Control Panel > Windows Update > Change Settings
Oh, btw: if you have let Automatic Updates run until now it's probably best to do a fresh reinstall of Windows 7 or Windows 8, because they retrofitted almost all of Windows 10 telemetry services in those operating systems in a series of "updates" released around August.
Which gave me enough reasons never to trust any update from Microsoft ever again.
I don't understand how Windows 10 can be used in a lot of small business environments.
If you are big enough to get the enterprise version, everything apparently can be tweaked. But there are a lot of tiny businesses that order a PC from Dell, install some software for their vertical, and then do little more than regularly install updates. My old dentist was a two person operation. They aren't going to get the enterprise version yet they need to handle medical and billing records securely.
Either I'm totally misinformed, or the professional version of Windows isn't suitable for many professionals. I'd be happy if somebody could explain why it's the former.
I also wish Microsoft were more transparent about the data that is sent to them. Why is a machine with all the options set with privacy in mind still in constant contact with Microsoft?
Apple devices have the same issues but for some reason nobody is talking about it. Just install Little Snitch and you will see arrays of services trying to access apple.com. I don't think they are malicious but it makes the device super noisy and exfiltrates a lot of information.
Putting on my trusting hat, I would think that MS is only transmitting enough data to keep the machine running and virus free without any intervention from the non-technical people. So it would be a safe machine for a small company without any IT staff. A lot of those companies just take the computer out of the box and plug it in and don't do anything further anyway.
I don't see why they don't just add the option to disable that with appropriate labeling, though, if nothing else to satisfy the more vocal, privacy-concerned folks.
If you are wrong and Microsoft suffers a breach, your defense for HIPAA violations has to be better than "but I trusted Microsoft!"
> I would think that MS is only transmitting enough data to keep the machine running and virus free
I don't think that's true. It uploads what you type, your calendar, contacts, etc... so that things like Cortana work better. What makes me nervous is that even if you turn off all the Cortana things that you can, Cortana is still always running. Plus, how often to business users use Cortana?
> I don't see why they don't just add the option to disable that with appropriate labeling, though, if nothing else to satisfy the more vocal, privacy-concerned folks.
Your last point basically contradicts the first one, IMHO, because you have an OS that itself becomes a giant spyware. You don't know what MS is doing with all that data. The could very well resell them to 3rd parties, give it to states, ...
And the "you can't turn that off" is obviously by design. You can't turn off a spyware.
Unfortunately with all US and Alaska tribes, their IT/MIS upgrade their systems as soon as an new OS releases... So in order to keep up we have to install the latest Windows to ensure our application runs without issues. That is the only reason why we do it, though we test on VMs and our workstations are still Windows 7.
Ugh, the "cloud" comes to the desktop. Companies like to have all kinds of telemetry and forced non-security updates, both of which are easy to have with a hosted application. "You'll take whatever we throw up on the server, and we'll watch you like it."
Some of us poor software users don't always like one or both of these things, and client-side software is great at avoiding them: you choose when to install newer versions, and whether the software talks to the developer. Sadly, companies are figuring out how to "cloud up" client-side software with forced updates [1] and always-on telemetry, and Microsoft is jumping on the bandwagon in a big way. Maybe reverse firewalls will catch on like browser ad blockers have; probably not, but there's always a chance.
This, combined with Microsoft trying to trick people into thinking they need a Microsoft account in order to create a user account, shows how far they have fallen.
What's amazing about this telemetry issue and the forced upgrade path is that, at the same time, they're trying to fight the PR problem by claiming that they might soon have a more reasonable FOSS (or at least OSS) mentality, will contribute to openssh, etc., all as part of their new "customer-oriented culture." It's really just a carrot-and-stick, isn't it?
Is there anyone in MS management here who can explain how and why this is supposed to be a customer winning idea, and how it won't launch a stampede towards OS X and Linux?
"Okay, so we do the spying thing with everything you type. But - scout's honour - we don't do it all that much. Honest!"
Corporate dementia is becoming more and more of a problem in enterprise scale IT. HP, Yahoo, Apple, Oracle, IBM, and Google all suffer from it to varying degrees.
But MS appear to be trying to win a special best-in-class award for it.
I posted this in a different thread but am reposting here for the folks that do move to Win10.
--
PSA: For people with Windows 10 installed, I've found the following tool quite useful in shutting down the large amount of information collected and transmitted.
Please, don't use these tools. Yes, they may fix the immediate problem, but you're still rewarding Microsoft with money and/or market share. You're sending them the message that you are loyal even when they abuse their power in obvious ways. By continuing to use their platform, you're conditioning[1] Microsoft to continue with stronger spyware in the future.
Unless they see an actual reduction in revenue and fewer people using their platform, this problem is only going to get worse.
personally I took it as an opportunity to finally try out VT-d gaming... so Linux on the bare metal, and Windows tightly locked down in a VM (on a separate vlan).
MS are free to spy on me playing X-COM, but they won't be getting anything else...
I've had two problems: crackling audio and NVIDIA's driver coming up with strange errors.
the former was fixed by buying a cheap PCI-E soundcard and passing it through (line-in'ed to the primary soundcard), and the latter by twiddling some QEMU flags, as NVIDIA want you to buy the $4000 quadro... my next card will be AMD, who don't do this sort of BS.
now it's all sorted it works like a dream, you wouldn't know it's in a VM.
1) wine is quite good these days. It has played far more than Source Engine games for like 5+ years. Ever since steam went to Linux and the Unity engine became popular, compatibility problems became much less common even on new games.
2) If you are always going to rank playing games as more important than spyware, then you're an easy mark. If you aren't willing to make a few sacrifices to invest in your future, then you're made your decision. Why do you care about spyware if games are more important?
The costs of leaving are only going to get worse with time. I recommend paying these costs now instead of waiting for the problem to get worse.
Linux gaming is getting better and better. Yes, we have a few sacrifices to make in the form of not getting to play every mainstream title, but many of the ones worth your time have great Linux versions, and if not, they might run well in Wine.
I wiped Windows nine months ago and installed Arch. The only things I missed were Dark Souls and Insurgency.
I found out a week ago that Dark Souls runs like butter in Wine, and Insurgency just got native Linux support the other day. I am a happy Linux gamer.
As for the titles that choose to avoid supporting my operating system, well I guess I won't be supporting them with my dollars.
The problem with wine in this case is that it currently can't work with anything using DX11/12, many (if not most) of the big name titles coming out on PC these days are unusable on wine because of that.
2 is actually a decent reason to try to change, given that Valve is trying to get more venders to SteamOS it might just be start to make a difference.
Does anyone know the status of using the Windows Firewall to block this stuff? Since Search and other parts of the OS are actually apps it seems, if you set a default deny, then whitelist only certain parts, wouldn't that sort itself out?
And any idea why MS is acting this way? Certainly offering a hidden opt-out registry key would satisfy a lot of customers, and not impact the telemetry data in a meaningful way. For Office, they literally discarded/sampled the telemetry data as it was simply too much to use.
I tried in the VM during beta, windows firewall deny all policy blocked _all traffic_. Should be enough unless MS decided to lie about data statistics visible to the user, I didnt look at the network stats outside vm.
Firewalls on hosts should really only be used for protection against inbound traffic, trying to use firewalls on a host to block that host from sending traffic a) doesn't scale on a network of many hosts and b) can be overriden if the thing trying to send traffic has root access to modify the firewall.
Gateway firewalls are much less susceptible to malicious modification this way, and IMO are the best way to protect yourself from this type of corporate spying in general.
I generally support privacy issues (donor to EFF and ACLU).
But, I see some hypocracy in criticizing companies like Microsoft and Google about the danger of private information being leaked. What about github repos, data on AWS, etc.? Most people seem willing to trust those companies.
I believe that companies like Microsoft and Google will immediately fire any employee caught improperly accessing user information.
We also trust our doctor's office and our bank with critical information.
I trust Microsoft and Apple to a large degree because I believe that their interests and my interests are aligned. I trust Google and Facebook, as sellers of data for advertising, less.
In the last five years I have gone through two "phases" where I used Linux on my laptops almost exclusively - for privacy and control reasons. The problem is both times I was a bit less productive during the periods when I used Linux. Personal efficiency trumps some of my concerns over privacy, especially given that the NSA and other intelligence agencies around the world record most of what we all do anyway.
Is there a layman's guide to this whole. Does Cortana sends only explicitly told to it or everything I speak in vicinity of computer. Also, if I create a text file notepad that uploaded. My email, contacts, photo, messaging all already live in cloud. I am ok with Cortana having some access as long as I am aware of what it is.
The one and only place that things like keystroke logging are mentioned in the privacy policy is in the context of interacting with Cortana and the related search service, where the phrasing is similar to "things you enter here get sent to us, and we log those things."
The vast majority of the Windows 10 privacy concerns are mitigated by turning off the Customer Experience Program stuff and never turning on Cortana.
It's been reported elsewhere that key strokes are logged. Whether it is limited i nature or not, the ability is there and is used.
Why?
What's the need for key strokes to be logged rather than just a complete edited search term sent to a server. Why does anyone need to know which keys I press on my computer?
This is how autocomplete works. You progressively type, it progressively adjusts the results so you can stop typing and just select the result you want.
Microsoft arbitrarily cripples or how it's called in business lingo "market segments" their products. Maybe their marketing felt Windows 10 was too good of a product and needed to make it artificially less desirable? Surely no professional or business user wants to be spied on?
There are a lot of examples in the past too. Arbitrarily limiting 32-bit consumer versions to just 4 GB RAM. Letting just one user having an interactive login in the same time. Not having remote desktop server in consumer versions.
Microsoft, please just make one version of Windows. If you must, make a separate server version. But please stop this segmentation madness.
I disagree that the 4GB RAM cap is entirely arbitrary. Guess how many GiB of memory you can address with 32 bits? 4. Now, x86 CPUs have been capable of addressing more memory since the Pentium Pro [1]. But even then, not all motherboard chipsets supported that, probably because back in 1995, RAM was more commonly measured in megabytes, not gigabytes. Then consider that Microsoft discovered that some drivers became unstable when addressing more than 4GiB of RAM.
From a tech support perspective, the decision makes sense. Most target consumers probably aren't going to have enough RAM to hit the limit, but are going to notice and complain when their computers become extra-crashy. I may well have made the same decision.
Why are you talking about 1995? Talking about 2005 is more relevant here.
> I disagree that the 4GB RAM cap is entirely arbitrary. Guess how many GiB of memory you can address with 32 bits? 4.
That's completely irrelevant. You could still simultaneously a lot of processes each taking up to 3 GB RAM individually. All that matters is that different processes and drivers could utilize whole installed physical memory range. 2.5-3.5GB limit was already an issue in Windows XP era, when computers started to commonly have 4GB or more. 32-bit Windows XP could have handled up to 64 GB RAM just fine.
> Then consider that Microsoft discovered that some drivers became unstable when addressing more than 4GiB of RAM.
I've heard this one often, but never seen any concrete examples of drivers with such problems. What are these drivers actually? What kind of bugs? Say DMA buffers? Well, if the developer was incompetent enough to set 4GB max DMA buffer bit for PCI[e] hardware that can't address 4GB+... All other memory buffers would have mapped behind 32-bit pointers anyways, regardless of where they actually are in physical memory. You seldom deal with direct mapping even in kernel mode drivers.
For example, how about drivers that use PASSIVE_LEVEL functions at DPC or higher? Should they not trigger IRQL is less than equal blue screen as well? Buggy drivers are buggy drivers, period.
> complain when their computers become extra-crashy
Why would their computers be extra crashy? Windows 2003 server versions worked just fine with very much the same drivers without any crashing. Why would Windows XP have been any different?
By the way, I have written Windows kernel mode drivers.
IIRC correctly PAE was used anyway on the editions of windows limited to 4G. And legacy drivers are always managed by putting their dma buffers in safe zones. This was purely a limitation for market segmentation.
All you have to do is care enough to install a proper gateway firewall that can intercept and block these requests before they leave your network.
Companies will only encroach more and more on your privacy all the while telling you there's nothing wrong and it can't be disabled and that its just a little bit of your privacy [that they're forcibly stealing].
Stop being complicit in it and do something about it. You'll feel much better about everything when you do.
I am a developer and pretty computer savvy, but I don't know the first thing about configuring a firewall and I suspect it would be pretty time consuming to even make an attempt at doing so. Regardless of what I did, I would not be confident that I actually blocked everything I needed to. This isn't a reasonable request of pretty much anyone except professional network administrators.
I just made the switch to Linux full time after all this Win10 privacy bullshit. Been Linux full time for 4 months with no problems, never going back to Windows.
That's a fair point, but you gotta start somewhere (if you have an interest and an inkling that is) or just give in and let them take what they want.
I started by configuring it to block everything by default and white listing the traffic I wanted to allow. Most systems will log dropped or anomalous traffic so its very easy to work out what traffic needs to be allowed when some new game's multiplayer features don't work as expected. And as an added bonus you learn a lot about networking at the same time, possibly opening up new career opportunities.
It might not be for everyone but if you value your privacy you owe it to yourself to explore your options. I suggest the Sophos UTM if you're just starting off, the UI is very friendly and helpful.
I'm not a fan of Satya, but you are trying to start a flame war. This is what Satya is on record saying
"I believe men and women should get equal pay for equal work. And when it comes to career advice on getting a raise when you think it’s deserved, Maria’s advice was the right advice. If you think you deserve a raise, you should just ask."
He also said "[I] Was inarticulate re how women should ask for raise. Our industry must close gender pay gap so a raise is not needed because of a bias"
So you've made a conclusion because he said something that was wrong and silly. I would go as far so say that it's a big leap of faith that you've drawn, or that you're trying to be inflammatory on purpose.
Now it would be more accurate to say that Microsoft is seeing how much money Facebook and Google make from knowing people's secrets.
It's not fair to quote Nadella saying "I was inarticulate". That comment only happened after, as Wikipedia puts it, "a strong backlash". Melissa Waggener (a very smart lady who I've met) probably gave him a good talking to.
Making it about one guy and his cultural background is a bit stupid, in my opinion.He is what, Indian? does it influence its way of thinking, maybe. Does that dictate Windows 10 strategy? no. This guy was mostly unknown before he becomes CEO of Microsoft, I always thought Sinofsky would take Balmer's job. My point is, MS board chose a rather "unknown to the public" and more discreet guy to represent MS in order to change the image of the brand. Which worked. Who came up with that new business model, we don't know, Nadella certainly vetted it though.
If you read their link "detailed data"[0] you can see there is an issue but you can also see that the level of invasion is low with most telemetry disabled.
This article links to that, but then ignores that author's conclusions (that it is a relatively light level of privacy invasion) to draw this conclusion:
> So how concerned should users be about Windows 10’s default data collection policies? I would say very.
But the author's articles are only really pro-Apple and anti-Microsoft, just look at their back catalogue [1]. They've written about Windows 10 problems weekly for months, getting more and more inflammatory each time.
So how concerned should readers be about the author's obvious bias? I would say very.
[0] http://arstechnica.co.uk/information-technology/2015/08/even...
[1] http://www.forbes.com/sites/gordonkelly/archive/