Invasive telemetry and profiting from ads instead of selling software is definitely the "Google way" and it's been taking over MS since at least the beginnings of Windows 10 (remember the forced "free upgrade"?)
I mostly view this as the turn from SDET to Quality. SDET used to do both telemetry and quality testing, coordinating with devs frequently. Now Quality mostly coordinates with PMs. Satya as Azure head had success via this method, so it's copied throughout the entire company
Not parent but it's something that's been bugging me for a while (especially since I work in a field where you often have to debug based on field logs from three weeks ago from a device halfway across the world). My two cents, I think telemetry is OK if:
* It has a retention policy that ensures a data breach five years down the road won't compromise five years' worth of relevant data. 30 days of full data + maybe an year of relevant analytics (but no detailed data) are more than enough to improve software. Five years' worth of data, even if it's not strictly speaking personal data, can make identity theft trivial.
* The processes and criteria for who gets to access that data and in what manner are clear, transparent, enforceable and can be subjected to appeal by any user. Can I be reasonably sure (i.e. based on public, legally-binding statements from Microsoft) that, for instance, a Microsoft employee who has a beef with me won't be able to stalk me based on that data?
* For a large system or a piece of hardware, if I can have a reasonable assurance that, at least in the short-term (1-2 years), the data won't end up being used for ad targeting. An OS or a piece of hardware is something that you don't switch that often. If I make a purchase, I'd like to be sure that the reasons why I made it remain valid for a while.
"Makes the product better" is a great reason and I'd wholeheartedly support that, as long as I had an assurance that my data is handled responsibly.
I'm just sayin' -- if I break the terms of doing business with Microsoft (e.g. by using a pirated copy), there's a good chance that some DMCA organization comes knocking at my door and the best I can hope for is an out-of-court settlement that ruins me. I sure as hell expect that, if Microsoft breach the terms of doing business, someone can go knocking at their door and the best they can hope for is an out-of-court settlement that ruins them. That's why I insist on "legally binding". A blog post that says we totally don't spy on you is something that you can breach without any real consequences.
Until that's the case (or, you know, until there's no data being siphoned...) I can do my work on Linux just fine, I don't need no damn WSL :-).
I think "make the product better" is really an excuse, considering what has actually happened with the changes in Win10. The most useful changes have been suggestions that came from the users themselves (of which they ignore most of them anyway), not by watching them. "The telemetry told us to do it" is a convenient excuse for making unwanted changes, because everyone else doesn't have access to the data and even if they did, it could still have been massaged to fit their narrative.
Sure, but for it to be anonymous it should not contain the sender's IP address. That probably means an UDP message with nulled source ip, which runs foul of many ISP's egress filters (and rightly so).
So, realistically speaking, there is no such thing as an anonymous ping. Or am I missing an obvious solution here?
No. Because keylogging and capturing other UI events can be used to reconstruct what you're working on. It thus fails basic obligations the law puts onto you when working with customer's documents, data, or code. Using telemetry, and implementing telemetry in your app is just asking for getting sued big time.
