Microsoft Launches Special 'Scott McNealy' Edition Of Windows

from the get-over-it dept

As you may have heard, a company called Microsoft has just launched version 10 of one of its products. Here on Techdirt, we don't do software reviews -- you might be able to find one or two online if you search a little -- but we do like to analyze privacy policies. In this respect, it seems that Microsoft is breaking new ground, as EDRi.org found when it looked at updated terms and conditions that came into effect on August 1, just in time for Windows 10:

We copied and pasted the Microsoft Privacy Statement and the Services Agreement into a document editor and found that these "straightforward" terms are 22 and 23 pages long respectively. Summing up these 45 pages, one can say that Microsoft basically grants itself very broad rights to collect everything you do, say and write with and on your devices in order to sell more targeted advertising or to sell your data to third parties. The company appears to be granting itself the right to share your data either with your consent "or as necessary".
If you want more details, the French site Numerama has picked out the key elements (original in French), summarized in English by EDRi:
When signing into Windows with a Microsoft account, Windows syncs some of your settings and data with Microsoft servers, for example "web browser history, favorites, and websites you have open" as well as "saved app, website, mobile hotspot, and Wi-Fi network names and passwords". Users can however deactivate this transfer to the Microsoft servers by changing their settings.

More problematic from a data protection perspective is however the fact that Windows generates a unique advertising ID for each user on a device. This advertising ID can be used by third parties, such as app developers and advertising networks for profiling purposes.
Other features include generating a recovery key when encrypting the drive that Windows is installed upon, which is automatically backed up online in the Microsoft OneDrive account. Microsoft's updated terms also state that it collects things about you, your devices, and app data, as well as information about the networks you connect to. Then there is Microsoft's personal assistant software "Cortana." If you use it, here's what it will gather:
Your device location, data from your calendar, the apps you use, data from your emails and text messages, who you call, your contacts and how often you interact with them on your device. Cortana also learns about you by collecting data about how you use your device and other Microsoft services, such as your music, alarm settings, whether the lock screen is on, what you view and purchase, your browse and Bing search history, and more.
And in case you thought that was everything, it also collects:
Your voice input, as well your name and nickname, your recent calendar events and the names of the people in your appointments, and information about your contacts including names and nickname.
Any one of these would be enough to raise serious privacy concerns, even if some can be turned off; put together, they look as if an executive order has gone out to harvest the maximum amount of personal information, and to disregard privacy issues completely. Back in 1999, when Sun's CEO Scott McNealy famously declared "You have zero privacy anyway, get over it," he could be forgiven for living in an innocent era when the harm that might flow from that situation seemed circumscribed. Today, in the post-Snowden world, putting "zero privacy" at the heart of your latest product in the way that Microsoft seems to have done with Windows 10, is not just foolish and anachronistic, but downright contemptuous of users and their safety.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: privacy, scott mcnealy, windows 10
Companies: microsoft


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Stephen, 3 Aug 2015 @ 11:12pm

    Microsoft helps out the NSA

    Windows [10] generates a unique advertising ID for each user on a device. This advertising ID can be used by third parties, such as app developers and advertising networks for profiling purposes.
    I'm sure the NSA, GCHQ, and other cyberspy agencies will find it useful too for tracking users.

    In particular, I wonder how that feature will affect Tor users?

    link to this | view in thread ]

  2. icon
    Pronounce (profile), 3 Aug 2015 @ 11:37pm

    From the Can't Beat Them Join Them Dept.

    Wasn't there a Scroogle ad campaign not too long ago? What happened to the view that Google was this big bad data slurper that Microsoft was using to promote its products?

    link to this | view in thread ]

  3. identicon
    Anonymous Coward, 3 Aug 2015 @ 11:56pm

    One weird part is that these terms apply to pretty much everything. Windows Movie Maker gets the same nudity prohibition as XBox Games.

    Also, "When you share Your Content with other people, you expressly agree that anyone you’ve shared Your Content with may, for free and worldwide, use, save, record, reproduce, transmit, display, communicate (and on HealthVault delete) Your Content. If you do not want others to have that ability, do not use the Services to share Your Content."

    Seriously? So if you send a copyrighted file (that you own the copyright for) to someone via Windows Live Mail, they can pretty much ignore the copyright and reproduce and distribute it for free?

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 4 Aug 2015 @ 12:07am

    Re: From the Can't Beat Them Join Them Dept.

    Yep. Classic Rovian tactic.

    link to this | view in thread ]

  5. identicon
    Anonymous Coward, 4 Aug 2015 @ 12:17am

    I don't know

    Cortana seems worth it, besides how else do you expect her to work without information sharing?

    link to this | view in thread ]

  6. identicon
    Anonymous Coward, 4 Aug 2015 @ 12:18am

    Hate speech?

    "Don’t engage in activity that is harmful to you, the Services or others (e.g. transmitting viruses, stalking, communicating hate speech or advocating violence against others)."

    So you can't use Word to type up your racist fliers? Can't email your Senator advocating a gay marriage ban? Can't use Translate to tell your foreign neighbors to go back to where they came from?

    Some people might think this is good. I don't. Microsoft should not be able to control its users' activities to this extent. Not to mention that "hate speech" is vague enough that you're often not sure if a particular thing is considered "hate speech" or not.

    Would the prohibition on advocating violence mean that you couldn't do that whole "woodchipper" thing that's been going around lately?

    link to this | view in thread ]

  7. identicon
    Woodchips McGee, 4 Aug 2015 @ 12:27am

    Re: Hate speech?

    I'm guessing that's a way for them to wash their hands if you get on the wrong side of the modern lynch mobs.

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 4 Aug 2015 @ 12:37am

    Service improvement?

    "To the extent necessary to provide the Services to you and others, to protect you and the Services, and to improve Microsoft products and services, you grant to Microsoft a worldwide and royalty-free intellectual property license to use Your Content, for example, to make copies of, retain, transmit, reformat, display, and distribute via communication tools Your Content on the Services."

    So if you store a picture using Windows Photo Gallery, or edit a movie using Windows Movie Maker, Microsoft could take it and use it in their products? I mean, you're apparently giving them permission to use any content to improve Microsoft products and services.

    link to this | view in thread ]

  9. identicon
    Anonymous Coward, 4 Aug 2015 @ 12:47am

    microsoft, huh?

    link to this | view in thread ]

  10. icon
    Uriel-238 (profile), 4 Aug 2015 @ 1:11am

    I wonder if they're doing the same thing they did with the XBone.

    MS: You can't share games. The Kinect is bundled with the unit and is required for all games. And we can brick the unit or your account anytime we want!

    PUBLIC: OUTRAGEOUS!

    MS: Okay, you can share some games. You can turn off the Kinect. But we still can brick the unit or your account.

    PUBLIC: ACCEPTABLE!

    link to this | view in thread ]

  11. identicon
    Anonymous Coward, 4 Aug 2015 @ 1:19am

    Re:

    Actually, that (and a lot of the other stuff mentioned in the article) is just standard copyright boilerplate.
    You, for example, by commenting here in this thread, have implicitly granted Techdirt permission to infinitely reproduce your comment for free, anywhere in the world, including in advertising.
    What that means is that Techdirt can serve your comment on this webpage, and refer to your comment in any other story on the site, and could use screenshots of their site in adverts, some of which might contain your comment.
    There's probably some boilerplate on the site somewhere that explicitly grants them those permissions too, but damned if I care enough to look for it.
    That's all these Microsoft policies mean. It's just kind of unfortunate that the legal language around them also grants them tinfoil hat conspiracy level powers, too.
    Glyn realises this, of course, but gotta get those sweet-sweet pageviews.

    link to this | view in thread ]

  12. identicon
    David, 4 Aug 2015 @ 1:21am

    Re: Re: Hate speech?

    "Modern lynch mob" is a cute euphemism for "David Cameron".

    link to this | view in thread ]

  13. icon
    PaulT (profile), 4 Aug 2015 @ 1:32am

    Re: I wonder if they're doing the same thing they did with the XBone.

    The timeline's a little off. They originally said you could share games, but then stated that the way they'd implement that would be to require a constant internet connection - meaning that the unit would be inoperable even for single player and non-gaming activities if the internet went down. That was unacceptable, so they backtracked but removed the game sharing functionality as part of that.

    I also don't see the ability to block or remove your account from the server as being objectionable, since all companies can do this is they believe you're violated their ToS and that's been possible since XBox Live was first launched. Ditto the ability to block a particular console from Live if they believe it's been hacked to allow cheating or piracy.

    link to this | view in thread ]

  14. identicon
    Anonymous Coward, 4 Aug 2015 @ 2:05am

    Re:

    If you don't like it then do without. Or find another mail service. Or make your own. You do believe in contract law right? It's their platform, they own it and you should comply by their rules if you believe in ownership right? They created their platform, you believe in supporting the rights of creators right?

    link to this | view in thread ]

  15. identicon
    Anonymous Cowherd, 4 Aug 2015 @ 2:12am

    Re: I wonder if they're doing the same thing they did with the XBone.

    Perhaps. Or they're banking on the fact that the average Windows user doesn't even know what an operating system is, much less how to change it. They'll get Win10 because it came pre-installed on their new computer. And they'll never read the privacy policies anyway.

    link to this | view in thread ]

  16. icon
    krafty_izz (profile), 4 Aug 2015 @ 2:12am

    It's just like when they brought in the Internet privacy laws on Internet Explorer and if you said no to their agreement then they removed some of your software like realtek then windows sent you message saying if you don't agree to us monitoring you then you can't use our software. This happened to me first hand when refused to agree to their terms my laptop shut itself down I then turned it back on that when the message popped up saying that they were protecting their intellectual property rights or some bs like that this was in 2011 they are obviously just stepping it up I told my partner windows giving you something for free is suspicious as fuck it was only last week I had to factory reset my tablet cause a windows 8.1 update fucked my wifi up saying that it didn't have a valid ip address I had only had it two days just transfered 300 ebooks on to it one by one cause the readers available in windows app store are shit and don't let you import all at once from you hard drive I hadn't got round to turning off the automatic updates and it proper pissed me off I can't see why windows 10 will not be full of bugs if 8.1 still is

    link to this | view in thread ]

  17. identicon
    Anonymous Coward, 4 Aug 2015 @ 2:14am

    Who wrote their terms of service, the US law enforcement agencies?

    link to this | view in thread ]

  18. icon
    techflaws (profile), 4 Aug 2015 @ 2:22am

    link to this | view in thread ]

  19. icon
    techflaws (profile), 4 Aug 2015 @ 2:24am

    Re: Re:

    Jealous much?

    link to this | view in thread ]

  20. icon
    techflaws (profile), 4 Aug 2015 @ 2:28am

    Re: Re:

    You believe in someon voicing their opinon on their blog, right?

    link to this | view in thread ]

  21. icon
    PaulT (profile), 4 Aug 2015 @ 2:36am

    Re: Re: Re:

    "You believe in someon voicing their opinon on their blog, right?"

    Most do. Why, have you started your own blog rather than spending your time attacking the writers on this one?

    link to this | view in thread ]

  22. icon
    Uriel-238 (profile), 4 Aug 2015 @ 2:49am

    I think the difference is...

    Microsoft is notorious for engaging in questionable activities, including handing over end-user data to the NSA and FBI without consideration of fourth amendment protections.

    I have plenty of reasons to distrust Microsoft's sense of Good Faith. Many more than I would (say) Google (who's crossed the line a few times, but not to the degree that Microsoft has) and More by magnitudes than TechDirt.

    Of course, I don't know the full history of TechDirt. You guys may know something about how they completely sell out those of us with accounts. But I'm not yet in the know.

    link to this | view in thread ]

  23. icon
    Violynne (profile), 4 Aug 2015 @ 3:06am

    Scott McNealy was right.

    You can argue the point all you want, but he's been dead-on accurate since Corporate America has turned to advertising revenue for additional revenue.

    As I said many times before: If you don't want your information shared, keep it in your house.

    This bullshit of "every device connected" was a privacy destroyer from the start. If people can't understand why, then they've no reason to disagree with McNealy.

    link to this | view in thread ]

  24. identicon
    Anonymous Coward, 4 Aug 2015 @ 3:08am

    It is the same problem as with all mass surveillance.

    Most people don't really care because they are apolitical and/or cannot see beyond how it will directly impact them.

    But everyone suffers when the 1/1000000 whistle blowers, investigative journalists, civic leaders etc are shut down before they can fulfill their potential.

    It is truly an affronterous situation. Microsoft, and the other US data thieves/collaborators, need to be muzzled and leashed. The direction we are heading in is intolerable.

    link to this | view in thread ]

  25. identicon
    Jake, 4 Aug 2015 @ 3:15am

    Well, looks like my next gaming rig is going to be Linux-only.

    link to this | view in thread ]

  26. identicon
    Microsoft = Malware, 4 Aug 2015 @ 3:29am

    Re: Re:

    I believe that we live in an age of lawlessness.

    If Microsoft, and the other US data thieves/collaborators, had not spent millions bribing officials then we would have privacy/consumer protection laws to protect us from such predation. Microsoft has a monopoly. They collaborate with a regime that tortures people. They, quite franking, can go fuck themselves.

    link to this | view in thread ]

  27. identicon
    Anonymous Coward, 4 Aug 2015 @ 3:39am

    Re:

    Yes, technically, if you send your own copyrighted file to someone via Windows Live Mail, they can pretty much ignore the copyright, IF that's what the EULA says AND if it can stand in court.

    Google Chrome v.1.0 made the same mistake in their EULA. It got better after users complained enough.

    So, what are you waiting for, complain to Microsoft and boycott their services until they fix this.

    link to this | view in thread ]

  28. identicon
    Anonymous Coward, 4 Aug 2015 @ 3:45am

    Re: Re: Re:

    Take it as a joke, but technically, you too had the option "to spend millions bribing officials" and have "privacy/consumer protection laws to protect us from such predation.

    It's just that you chose not to exercise that option.
    Or well couldn't because:
    1) You didn't have the millions
    2) If you had the millions they'd be better spent elsewhere
    3) We're supposed to have laws against this kind of shit

    But politicians didn't care back then and they don't care even now.

    There should have existed a trust fund where consumers could donate so that their rights could be lobbied for.

    link to this | view in thread ]

  29. identicon
    Anonymous Coward, 4 Aug 2015 @ 3:49am

    Re: Hate speech?

    I was thinking more along the line of: "It's against the EULA to engage in the defamation of important public figures".

    Cue this piece from 20 hours ago: https://www.techdirt.com/articles/20150801/00093531816/spanish-cops-use-new-law-to-fine-facebook-com menter-calling-them-slackers.shtml

    Which begets the question is calling cops "lazy" hate speech?

    Then you're running afoul of the EULA.

    link to this | view in thread ]

  30. icon
    Ninja (profile), 4 Aug 2015 @ 3:51am

    Gotta collect them all. - Microsoft Ketchum of Pallet Town

    link to this | view in thread ]

  31. identicon
    Anonymous Coward, 4 Aug 2015 @ 3:51am

    Re: Re: Re: Re:

    "Why, have you started your own blog rather than spending your time attacking the writers on this one?"

    Have you?

    link to this | view in thread ]

  32. icon
    Ninja (profile), 4 Aug 2015 @ 3:56am

    Re: Microsoft helps out the NSA

    I know older Windows versions aren't much better than that but we still need Windows to run some stuff (some games mainly). Still, I'm not upgrading to Windows 10 even if I'm paid to use it. Too much privacy invasion and too little control to the user.

    link to this | view in thread ]

  33. identicon
    Yes, I know I'm commenting anonymously, 4 Aug 2015 @ 3:57am

    Now we know why the NSA was not that bothered with the (small) limitations om their rampant surveillance.

    link to this | view in thread ]

  34. identicon
    Anonymous Hero, 4 Aug 2015 @ 4:18am

    Recovery Key?

    > Other features include generating a recovery key when encrypting the drive that Windows is installed upon, which is automatically backed up online in the Microsoft OneDrive account.

    I believe the word you're looking for is "backdoor".

    link to this | view in thread ]

  35. identicon
    Microsoft = Malware, 4 Aug 2015 @ 4:28am

    Re: Re:

    Your analogy is ludicrous.

    link to this | view in thread ]

  36. identicon
    Stephen, 4 Aug 2015 @ 4:32am

    Re: Recovery Key?

    I believe the word you're looking for is "backdoor".
    Great point! Who needs magical golden keys when your own operating system will obliging save the means to unlock your encrypted drive to the cloud, all ready to be harvested by the NSA et al?

    James Comey will be so relieved.

    link to this | view in thread ]

  37. identicon
    Anonymous Coward, 4 Aug 2015 @ 4:47am

    I'm kind of surprised Microsoft would do this after they ran that stupid scroogled campaign against Google. Sounds like they are doing most of the same things they were attacking Google for.

    Also, I wonder how this works when the Windows user is a child? My daughter's school hands out Lenovo Yoga laptops running Windows to all the kids. Is Microsoft targeting children too?

    link to this | view in thread ]

  38. identicon
    Stephen, 4 Aug 2015 @ 5:13am

    Does Windows 10 still have Its keylogger?

    The Windows 10 preview edition reportedly came with a feature which recorded your keystrokes.

    In effect a built-in keylogger.

    See for example:

    http://www.theinquirer.net/inquirer/news/2373838/microsofts-windows-10-preview-has-permissio n-to-watch-your-every-move

    Is that still a part of the final version, whether deactivated or otherwise?

    If so, then they would be really handy for the hacking community. :-(

    link to this | view in thread ]

  39. icon
    PaulT (profile), 4 Aug 2015 @ 5:21am

    Re: Re: Re: Re: Re:

    No, but I'm happy with the blog and happy to participate in conversation generated by the articles. The moron above has created an entire online persona specifically to attack the writers here, often by lying about them or whining that they're no writing what he wants them to write.

    From his comment, I was just wondering if he'd finally developed a shred of intellectual honesty..

    link to this | view in thread ]

  40. icon
    techflaws (profile), 4 Aug 2015 @ 5:57am

    Re: Re: Re: Re:

    Quote fail?

    link to this | view in thread ]

  41. icon
    techflaws (profile), 4 Aug 2015 @ 5:59am

    Re: Does Windows 10 still have Its keylogger?

    As all previous versions of windows, you mean?

    link to this | view in thread ]

  42. icon
    Machin Shin (profile), 4 Aug 2015 @ 6:02am

    Re: I don't know

    It seems worth it? Really? You are cool with them knowing pretty much everything about your life in exchange for what she offers?

    Lets look at this another way, you ask how is she expected to work without all that sharing. My question is, Why does she need to share all that? I can't think of a single thing she does that could not be handled locally on the computer.

    link to this | view in thread ]

  43. identicon
    Colin Bragg, 4 Aug 2015 @ 6:07am

    Privacy

    Privacy is going to become a hotter topic than ever before as personal assistants like Cortana, Siri and Alexa become more usable and more popular. The metrics they will produce will be astounding

    link to this | view in thread ]

  44. identicon
    Anonymous Coward, 4 Aug 2015 @ 6:09am

    Why does microsoft need to collect data on your emails
    and browsing history .
    How long will this data be retained for.
    will data on eu users be sent to american servers or kept on eu servers .out of reach of nsa court orders .
    IS the browsing data purely for use in tracking and sending ads to you .
    Someone needs to answer these questions .
    Basically if you sign into a ms account on a pc or phone or use cortana ,
    you are giving up all your privacy .
    This privacy policy if left at the windows 10 default
    settings looks like big brother built into the os.
    This is relevant as theres a court battle going on at the moment
    re who can acess microsoft email data stored in ireland ,
    The fbi to want acess to this data .
    IT sounds like ms wants to be able to sell and track individual users and sell ads thru their browser .
    Like google sells ads on youtube .

    link to this | view in thread ]

  45. icon
    PaulT (profile), 4 Aug 2015 @ 6:19am

    Re: Re: Re: Re: Re:

    Crap, in fact.. yes. Lack of sleep and some medication seem to have made me mistake you for someone else (at least that's my excuse). Apologies, I'm reporting myself and hanging my head in shame...

    link to this | view in thread ]

  46. icon
    Spaceman Spiff (profile), 4 Aug 2015 @ 6:30am

    Just in case...

    Just in case you were interested why I REFUSE to use Microsoft products... Read no further. Great phones but crappy battery life and worse software. I am much happier with my Samsung Galaxy 5 and One-on-One Android phones. Everything else in my universe runs Linux.

    link to this | view in thread ]

  47. identicon
    Anonymous Coward, 4 Aug 2015 @ 6:36am

    Eh..

    So, Microsoft is becoming a hybrid of Facebook, Google and Apple.

    link to this | view in thread ]

  48. identicon
    Anonymous Coward, 4 Aug 2015 @ 6:37am

    Re:

    Yes, obviously.

    link to this | view in thread ]

  49. identicon
    Anonymous Coward, 4 Aug 2015 @ 6:37am

    Alternatives?

    Are other companies any better than this? If I switched to using Apple products would I be any better off in terms of privacy?

    link to this | view in thread ]

  50. identicon
    Anonymous Coward, 4 Aug 2015 @ 6:43am

    Re: Does Windows 10 still have Its keylogger?

    in the imgur screen shot someone posted above, the keylogger option is there, but the on/off switch is disabled in the "on" position.

    link to this | view in thread ]

  51. identicon
    Anonymous Coward, 4 Aug 2015 @ 6:44am

    Microsoft comes clean and documents exactly how everything is used and what can be disabled. That sound like a good thing. Does Techdirt do the same thing? What about Apple? Of course we know Google's response "We can use anything of yours anytime we want an you have no options"

    I get scared every time I do an Android app update. Why does something as simple as a calculator need network access and access to my contacts?

    link to this | view in thread ]

  52. icon
    techflaws (profile), 4 Aug 2015 @ 6:59am

    Re: Re: Re: Re: Re: Re:

    No worries.

    link to this | view in thread ]

  53. identicon
    Anonymous Coward, 4 Aug 2015 @ 6:59am

    Re: Alternatives?

    ...you're expecting a /more/ locked down OS than windows to be better for privacy? No. Nonono. You idiot.

    Your choices for privacy are either Linux distros or non-networked machines.

    link to this | view in thread ]

  54. identicon
    Anonymous Coward, 4 Aug 2015 @ 7:03am

    Re: Alternatives?

    You know, it always astounds me how far the Stockholm Syndrome regarding Microsoft goes. For desktop computers, there are at least tens of serious alternatives that respect your privacy and your freedom to use your own device like Microsoft and Apple never did. Just go to distrowatch and choose one.

    In the 80s people asked themselves the exact same question and built an entire operating system complete with desktop programs and distribution infrastructure. Just complaining about unfair privacy policies won't change them.

    link to this | view in thread ]

  55. identicon
    Anonymous Coward, 4 Aug 2015 @ 7:04am

    Re: Recovery Key?

    Sounds more like they are just keeping their own copy of the key to the front door. No backdoor necessary.

    They'll be like the trusted neighbor that you leave a key with, so they can keep an eye on things for you. Everybody's neighbor. With a billion keys in the cabinet.

    link to this | view in thread ]

  56. identicon
    Anonymous Coward, 4 Aug 2015 @ 7:12am

    Re: Alternatives?

    Apple is more controlling of your machines and software than Microsoft, so switch to Linux, you could get VirtualBox and try it out that way. The advantage of that over a live distribution is that it works like a real install, including the installation process.

    link to this | view in thread ]

  57. identicon
    FM Hilton, 4 Aug 2015 @ 7:12am

    Other worries

    When MS says that they'll only collect data to 'improve their customer service", they're attempting to quell any fears that all the information they collect is just going to sit in their cloud and never be accessible to anyone but MS.

    It's supposed to be for funneling more effective advertising, etc.

    However, I wonder what they'll do when someone in the government says, "Hi, would you mind if we borrowed some of that data?"

    Not that they don't already. Gotta admit this is a perfect set up for the NSA.

    I wonder if MS was 'consulted with' by those guys when building the OS and writing the EULA.

    Or even more precisely, "advised" by them.

    I still can't think of this without a mental picture of a great big hand coming out of the cloud and going into your computer..grabbing everything for whatever use they have for it.

    All without your knowledge or permission-oops, you did sign that agreement, didn't you?

    Damn right there's a security problem there.

    link to this | view in thread ]

  58. identicon
    Anonymous Coward, 4 Aug 2015 @ 7:19am

    Re: Re: Alternatives?

    Thanks for the advice.

    link to this | view in thread ]

  59. identicon
    Anonymous Coward, 4 Aug 2015 @ 7:26am

    The flip side

    is that this level of ubiquitous bulk collection will inevitably pick up classified data by accident. Security (national or otherwise) is still a lowest common denominator environment, and there is plenty of low hanging fruit.

    As a multinational corporation, there is some question whether this sort of ambivalence to civil rights hazards the state directly in terms of espionage.

    Based on some of the public statements that have come out of the FBI in recent history, it is reasonable to presume that they would actively endorse this sort of thing for a piece of the pie.

    But Microsoft is very much like ITT was during WWII. They will, (and have) throw a bone to anybody if it makes a profit. So such a cozy relationship may be _easier_ for the Feds, but certainly not in conformance with their respective oaths.

    link to this | view in thread ]

  60. identicon
    Stephen, 4 Aug 2015 @ 7:27am

    Re: Re: Recovery Key?

    They'll be like the trusted neighbor that you leave a key with, so they can keep an eye on things for you. Everybody's neighbor. With a billion keys in the cabinet.
    There is a difference between CHOOSING to leave a key with a trusted neighbour and being OBLIGED to do so whether you want to or not; and whether you trust the neighbour or not.

    And let us not forget that the archives of the NSA, GCHQ, et al ingest ALL traffic on the Net. Which potentially means that Microsoft is not likely to wind up being the only one with a billion keys in its cybercabinet.

    One further point. The very fact that so many encryption keys will be sitting in one place (in Microsoft's "cabinet") will make that cabinet a potential single point of failure for Windows 10 security, and as such a tempting target for hackers to crack open and steal the valuables within.

    In other words, and especially given the tendency for Windows versions to come with security holes, large and small, Microsoft has set up the makings for a potential fiasco bigger than the OPM hack.

    link to this | view in thread ]

  61. icon
    HegemonicDistortion (profile), 4 Aug 2015 @ 7:32am

    Re: Recovery Key?

    Wow. This is an important find, AH. -- worthy of an article/post itself.

    link to this | view in thread ]

  62. icon
    John Fenderson (profile), 4 Aug 2015 @ 7:32am

    Re: Re: Microsoft helps out the NSA

    Personally, I think while Win 10 improves a couple of things, it makes a number of things worse. On the whole, it is inferior to Win 7.

    My recommendation: if you're running Win 8, upgrade to 10. If you're running Win 7, stay there.

    link to this | view in thread ]

  63. icon
    John Fenderson (profile), 4 Aug 2015 @ 7:34am

    Re: Re:

    "That's all these Microsoft policies mean. It's just kind of unfortunate that the legal language around them also grants them tinfoil hat conspiracy level powers, too."

    Are you really arguing that we should ignore rule #1 of contracts? What counts is what they say, not what they "mean".

    link to this | view in thread ]

  64. identicon
    Anonymous Coward, 4 Aug 2015 @ 7:35am

    Re: The flip side

    is that this level of ubiquitous bulk collection will inevitably pick up classified data by accident.
    Given the likelihood that most people in the US government (probably) use Windows desktops and laptops, it will be interesting to know whether they will be switching to Windows 10 or stick with existing versions.

    link to this | view in thread ]

  65. icon
    John Fenderson (profile), 4 Aug 2015 @ 7:36am

    Re: I don't know

    "Cortana seems worth it"

    Clearly this is a matter of opinion. In my opinion, Cortana is spyware that should be avoided at all costs.

    link to this | view in thread ]

  66. icon
    John Fenderson (profile), 4 Aug 2015 @ 7:39am

    Re:

    Why does this surprise you? This is standard Microsoft.

    link to this | view in thread ]

  67. icon
    HegemonicDistortion (profile), 4 Aug 2015 @ 7:41am

    Re: Re: Recovery Key?

    Sounds more like they are just keeping their own copy of the key to the front door. No backdoor necessary.

    No, in mentioning this specifically in conjunction with encrypting your drive, it sounds like they're keeping a copy of your decryption key.

    link to this | view in thread ]

  68. identicon
    Microdreamin, 4 Aug 2015 @ 8:19am

    Very Murky These Companies

    They are disrespectful of humans by default.

    Some day Microschtictit2u and Gaggle will cease to exist evermore. Just how many humans will actually witness this, couldn't even guess..

    Sigh..

    link to this | view in thread ]

  69. identicon
    Anonymous Coward, 4 Aug 2015 @ 8:27am

    Meanwhile CISA is being "debated" and TPP is being finalized. Everywhere you look the global fascist state is advancing.

    When your grandchildren ask what you were doing when this shit was taking off - what will you tell them?

    link to this | view in thread ]

  70. identicon
    Fuck This, 4 Aug 2015 @ 8:28am

    Re: Re: Re: Recovery Key?

    The only people OBLIGED to leave the key with them are the people who CHOOSE to use their product. Now, knowing what MS is collecting, it would be completely reprehensible if our US government CHOOSES to leave them the key to OUR kingdom. That seems to give MS the right to sell US secrets to OUR ENEMIES. That it NOT ACCEPTABLE.

    link to this | view in thread ]

  71. identicon
    Anonymous Coward, 4 Aug 2015 @ 9:07am

    @ "When your grandchildren ask what you were doing when this shit was taking off - what will you tell them?"

    Well, the pirates here will be able to tell that they were too busy stealing other people's stuff -- copyrighted content -- to worry about the globalist corporations stealing their own and all future privacy. Heck, most here seem to view corporate spying, especially Google's, as a positive. Probably because Google helps them find content to steal.

    link to this | view in thread ]

  72. identicon
    Anonymous Coward, 4 Aug 2015 @ 9:08am

    @ "When your grandchildren ask what you were doing when this shit was taking off - what will you tell them?"

    Well, the pirates here will be able to tell that they were too busy stealing other people's stuff -- copyrighted content -- to worry about the globalist corporations stealing their own and all future privacy. Heck, most here seem to view corporate spying, especially Google's, as a positive. Probably because Google helps them find content to steal.

    link to this | view in thread ]

  73. identicon
    Anonymous Coward, 4 Aug 2015 @ 9:26am

    Re: Re: Re: Re: Re: Re:

    The person being responded to was an IP extremist that was complaining about platforms, like YouTube, for requiring users to relinquish their copy protection privileges to use them. He wants it both ways, he wants to force platforms to both host his content and force them to undergo the unreasonable costs of enforcing hi privileges as he sees fit. I simply told him to do what other IP defenders tell critics, if he doesn't like the platform's TOS then do without.

    link to this | view in thread ]

  74. identicon
    Anonymous Coward, 4 Aug 2015 @ 9:28am

    GNU/Linux is a better choice.

    link to this | view in thread ]

  75. identicon
    Anonymous Coward, 4 Aug 2015 @ 9:28am

    Re: Re: Re: Re: Re: Re: Re:

    his privileges*

    link to this | view in thread ]

  76. icon
    Ninja (profile), 4 Aug 2015 @ 10:15am

    Re: Re: Re: Microsoft helps out the NSA

    That's what I thought. I'm sticking to 7.

    link to this | view in thread ]

  77. identicon
    Anonymous Coward, 4 Aug 2015 @ 10:31am

    M$ total capitulation to FBI's James Comey

    Microsoft was probably told in no uncertain terms that any future US govt purchases were contingent on delivering ALL customers private info to FBI/NSA/Homeland Security.

    link to this | view in thread ]

  78. identicon
    Anonymous Coward, 4 Aug 2015 @ 10:35am

    How bout some help on this question that windows 10 created

    Those of us who run enterprise networks or in my case a school district network are stuck when it comes to windows 10 wifi access sharing. Here is my situation:

    A salesperson comes in and needs wireless access while here. We give it to him/her and only then find out that this salesperson is using windows 10. How do I control which of this salespersons 500 contacts are now able to access our network thru the encrypted password microsoft just handed out to all of them? Am I really in a position where I have to change the SSID with _optout and then go thru hundreds/thousands of systems to get them reconnected? There is no ability on my side to prevent this from happening and with the visit of 1 sales person, 500 others can now connect too our network without our knowledge.

    link to this | view in thread ]

  79. icon
    Uriel-238 (profile), 4 Aug 2015 @ 10:59am

    What calculator do you use?

    I use Realcalc which... has permission to access my SD card.

    To be fair, there are plenty of Android apps that require excessive permissions and can use them in exploitative ways. But a lot of them are over-reported. A game with a proprietary inboard sharing function may require access to your address book. (I don't have friends who play the same android games so I don't share much and am distrustful myself). ...Or they could be collecting your social data for advertising purposes.

    Android requires a different spectrum of vigilance than OSes such as Windows and iOS, but still, buyer beware.

    link to this | view in thread ]

  80. icon
    Uriel-238 (profile), 4 Aug 2015 @ 11:15am

    Yar Har, Fiddle Dee Dee!

    Amazingly, some of us Pirates have time to both download bears AND concern ourselves with big corporate power-grabs.

    Considering one of largest power grabs in the world has been about IP maximalism, it defines a lot of common human social activities as piracy.

    Betcha you've already sign'd the book,
    And Join'd with Captain Hook!

    link to this | view in thread ]

  81. icon
    Uriel-238 (profile), 4 Aug 2015 @ 11:24am

    I would expect Microsoft to salt their big ol' database of a kagillion keys with a proper amount of security.

    But I also expect them to share with agencies who'll just leave it lying around in plaintext, or salted, but right next to the decryption key, since there's nobody but good folks in their house.

    It will be a big embarrassment of the future if one of these agencies or other Microsoft affiliates becomes the vector by which the lolsec hackers get the plaintext version of the everyone's keys.

    Then Microsoft gets to explain how they fucked everybody.

    link to this | view in thread ]

  82. identicon
    Anonymous Coward, 4 Aug 2015 @ 11:52am

    Re:

    Dear Microsoft:

    Please make CISA look like it enhances privacy.

    Thanks,
    USG

    link to this | view in thread ]

  83. identicon
    That One Other Not So Random Guy, 4 Aug 2015 @ 12:01pm

    HIPPA orgs will never adopt this nightmare of an unsecured OS.

    link to this | view in thread ]

  84. identicon
    That One Other Not So Random Guy, 4 Aug 2015 @ 12:01pm

    Re:

    *HIPAA*

    link to this | view in thread ]

  85. identicon
    Anonymous Coward, 4 Aug 2015 @ 12:11pm

    Re: What calculator do you use?

    A game with a proprietary inboard sharing function may require access to your address book.

    Much better would be for the game to maintain its own address book, so that you can control who its shares with, and what contacts it can leak.

    link to this | view in thread ]

  86. identicon
    Doug, 4 Aug 2015 @ 12:20pm

    Optional

    Sending data to Microsoft is optional and easy to turn off. Yes, it's on by default.

    BitLocker recovery? Optional. If you want Microsoft to be able to help you unlock your drive, you send them your keys. If you don't want them to have your keys, you turn off the recovery feature. They're very clear and up-front about this. Of course, if you want the data to be protected from the nsa, you should disable the recovery key, since Microsoft can be subpoenaed.

    link to this | view in thread ]

  87. icon
    John Fenderson (profile), 4 Aug 2015 @ 1:13pm

    Re:

    "Microsoft comes clean and documents exactly how everything is used and what can be disabled."

    I suppose that burying this information in a 45 page legal document is technically "coming clean," but I don't think it counts in the real world.

    link to this | view in thread ]

  88. identicon
    Anonymous Coward, 4 Aug 2015 @ 1:15pm

    Re: Re: Re: Re:

    "to spend millions bribing officials" and have "privacy/consumer protection laws to protect us from such predation."

    Exactly. It's the free market of politician buying. Whoever spends the most on buying politicians wins the laws that they want.

    "There should have existed a trust fund where consumers could donate so that their rights could be lobbied for."

    Well, now that political ads are a form of free speech I don't see why we don't exercise that. We could elect a private organization similar to how big corps elect the MPAA/RIAA and the like; like the EFF, public knowledge, or even Techdirt and we can pour money at them to buy political ads that target corrupt politicians. Uber has had success putting out political ads against politicians that were previously bought and paid for causing those politicians to capitulate. That's because they act organized and have the money to defend themselves politically and they make it very clear to any politician that if they want to be bought and paid for and abuse their political power against Uber for personal or political gain Uber will not hesitate to spend a portion of their billions on making the politician's life very very miserable. They have been very very successful and regulators and politicians have now learned from experienced to be scared half to death when approaching Uber. We, too, must do the same thing.

    link to this | view in thread ]

  89. identicon
    Anonymous Coward, 4 Aug 2015 @ 1:16pm

    Re: Re: Re: Re: Re:

    See, you must realize, it is a democracy. Dollar bills get votes.

    link to this | view in thread ]

  90. icon
    Uriel-238 (profile), 4 Aug 2015 @ 1:36pm

    Games with proprietary address books.

    Yes, but that's more infrastructure than a small mobile game developer wants to add.

    At some point we may have mobile equivalents to the Steam client (steam doesn't sell mobile games yet, so its own client doesn't really count) so there's no universal chat-and-stats related social network for mobile games to plug into.

    At some point, maybe they'll make (say) a Facebook share plug-in that can connect to any other app, so you only have to affirm the plug-in's access to your address book and it will only use that access for Facebook-approved uses (e.g. sharing scores or screens). That leads to its own problems when Facebook wants to change its plug-in privileges in a disagreeable way (say to also give all your addies to third party advertisers). Then your refusal of the plug-in update shuts down utility of all the apps that use it.

    And Facebook is known to do exactly that sort of thing.

    So, it's a Knot of Gyges.

    link to this | view in thread ]

  91. identicon
    Anonymous Coward, 4 Aug 2015 @ 1:51pm

    Re: Games with proprietary address books.

    Yes, but that's more infrastructure than a small mobile game developer wants to add.

    SQLite makes such simple databases trivial to implement, is it not available for mobile OSs.

    link to this | view in thread ]

  92. identicon
    Anonymous Coward, 4 Aug 2015 @ 2:17pm

    Re: I don't know

    Collecting the data for the purpose of functioning internally is one thing. But Microsoft is granting itself permission to use that data in endless means, with or without benefit to the user. Different.

    link to this | view in thread ]

  93. icon
    John Fenderson (profile), 4 Aug 2015 @ 3:11pm

    Re: Re: Games with proprietary address books.

    Yes, it's available -- but the database maintenance isn't where the complexity would lie. Regardless, the amount of work involved would still be small and not a problem.

    I think the real reason why developers want to use the address book is because the alternative is to have the user actually enter in the information for his friends -- and if that's required, then almost nobody will do it.

    Also, marketing.

    link to this | view in thread ]

  94. identicon
    Greg, 4 Aug 2015 @ 3:21pm

    Re: Optional

    Windows 7 attempts to call home every few minutes despite my having "opted out" of all the explicit spyware, updates etc.

    I don't know what it is trying to send, and, apart from firewalling, I don't know how to stop it.

    This is not informed consent.

    And by all accounts Windows 10 is worse.

    link to this | view in thread ]

  95. identicon
    Anonymous Coward, 4 Aug 2015 @ 4:08pm

    Re: Re: Re: Games with proprietary address books.

    The app still has to track which friends to communicate with, and the user still has select them.
    Over sharing of data is one of the bigger risks to privacy as it enables leaks of things like doctors or clinics a person has contact with, and reducing the separation between work and private life/leisure.

    link to this | view in thread ]

  96. icon
    MrTroy (profile), 4 Aug 2015 @ 6:53pm

    Re: Re: I don't know

    This is the standard way of offering these kinds of services now - doing the heavy lifting "in the cloud". I haven't looked deeply into either, but Cortana sounds like Google Now - indeed, all of the information listed above is also slurped up by Google.

    This is not to say that this is a good development. Or a bad one. I'm not that comfortable with it myself, but I don't specifically mind as long as it's opt-in.

    Personally, I think I'd keep any installations of this new version of windows behind a pretty restrictive firewall until I became more comfortable with what's actually being shared.

    link to this | view in thread ]

  97. icon
    MrTroy (profile), 4 Aug 2015 @ 6:58pm

    Re:

    As I said many times before: If you don't want your information shared, keep it in your house.

    What, you mean in the computer in my house?

    I think if you don't want your information shared, keep it in your head.

    link to this | view in thread ]

  98. icon
    Uriel-238 (profile), 4 Aug 2015 @ 7:45pm

    "Keep it in your head."

    The few cubic centimeters inside your skull?

    link to this | view in thread ]

  99. icon
    MrTroy (profile), 4 Aug 2015 @ 7:46pm

    Re: Re:

    Technically speaking it was buried in two 22-23 page legal documents, but that's just splitting hairs ^^

    link to this | view in thread ]

  100. icon
    MrTroy (profile), 4 Aug 2015 @ 7:48pm

    Re: Yar Har, Fiddle Dee Dee!

    How do you download a bear? I tried to download a rabbit once but it got pretty messy, I can't even imagine the cleanup from a bear.

    link to this | view in thread ]

  101. identicon
    Anonymous Coward, 5 Aug 2015 @ 6:39pm

    I'm glad Windows isn't my main operating system. Sadly, Android isn't much better in the privacy department. At least there's still strong privacy choices available for i386/x64 PCs.

    link to this | view in thread ]

  102. identicon
    Anonymous Coward, 6 Aug 2015 @ 2:50am

    Re:

    Yes

    link to this | view in thread ]

  103. identicon
    Anonymous Coward, 6 Aug 2015 @ 2:55am

    Re: Re: Does Windows 10 still have Its keylogger?

    Makes sense /s

    link to this | view in thread ]

  104. identicon
    Anonymous Coward, 6 Aug 2015 @ 2:56am

    Re: Eh..

    Sounds like the script to an apocalyptic movie

    link to this | view in thread ]

  105. identicon
    Anonymous Coward, 6 Aug 2015 @ 3:01am

    Re: Alternatives?

    Im a user of the other one, was excited by their creation and possibilities, basically, what im saying is, i was very impressed.......today, im constantly looking out for news on an alternative with potential growth that takes privacy and security VERY seriously, not as an after thought or a "compromise"

    link to this | view in thread ]

  106. identicon
    Anonymous Coward, 6 Aug 2015 @ 3:04am

    Re: Re: What calculator do you use?

    Im sorry, but that just smacks with common sense plus no invasion of privacy.......so offcourse they wont do it

    link to this | view in thread ]

  107. identicon
    Anonymous Coward, 6 Aug 2015 @ 3:06am

    Re: Re:

    Were gonna invade your lives............look, heres our liability

    link to this | view in thread ]

  108. identicon
    Anonymous Coward, 6 Aug 2015 @ 3:08am

    Re: Re: Re:

    TOS = geT Out of jail free cardS

    link to this | view in thread ]

  109. identicon
    Anonymous Coward, 6 Aug 2015 @ 3:11am

    Advertisement, content delivered to your personal device from outside source.

    Mighte create revenue, but is also a damn security risk

    link to this | view in thread ]

  110. identicon
    Anonymous Coward, 6 Aug 2015 @ 3:13am

    Re:

    Potential, if not already

    link to this | view in thread ]

  111. identicon
    Anonymous Coward, 6 Aug 2015 @ 3:15am

    When they start banning/arresting/threatning/bribing/investing/funding os's and hardware offering a true chance at freedom, then were up shits creek

    link to this | view in thread ]

  112. identicon
    GEMont, 9 Aug 2015 @ 12:33pm

    Re: Re: Re: Microsoft helps out the NSA

    "My recommendation: if you're running Win 8, upgrade to 10. If you're running Win 7, stay there."

    Funny you should say that...

    I have a Win 8.1 box and a Vista HP running Win 7.

    The Vista has run flawlessly forever, albeit in a somewhat slower fashion than I would like. Takes about 45 seconds to a minute and a half, to shut down.

    The Win 8.1 sucks in so many ways it would take a day to list them.

    Unplug your mouse or keyboard after booting up the computer, and the OS refuses to acknowledge it when you plug 'em back in, without first rebooting.

    First time I've ever had to use the "Safely Remove Hardware" button, and it is absolutely necessary or the hardware will fail on next connection of external hard drives and thumb drives.

    It was however reasonably fast and fairly useable.

    I upgraded the Win 8.1 to Win 10.

    Pretty.

    But it has so many apps that cannot be turned off or uninstalled that I'm surprised there's enough CPU left for the OS. Spent the day finding and killing what I could though.

    Took three attempts to install because it kept reporting that my computer was broken and needed to be repaired.

    I needed to type this into an Admin-run Command Prompt before it would stop reporting this and allow the upgrade to continue.

    "bcdedit /deletevalue {badmemory} badmemorylist"

    Windows and associated Updates are automatic apparently, as there is zero configuration allowed, and the old Win Update Icon is dead and no longer connected to anything. At least I have found nothing to allow control of updates so far.

    Took me fifteen minutes just to find Internet Explorer.

    There is something called The Edge that is like a facebook page filled with little windows of shit you're likely not interested in, but unlike Facebook, I have yet to find a way to disable any of them. The only configuration is to add more of the same.

    Gonna take a couple more weeks to sort through the crap, but if you're a bad guy trying to hide shit on yer computer, Win 10 should not be your choice of OS.

    Its pretty much just Microsoft's computer, but your allowed to use it, sort of, according to their rules.

    Get a Mac maybe.

    ---

    link to this | view in thread ]

  113. identicon
    Anonymous Coward, 9 Aug 2015 @ 1:55pm

    Re: Re: Re: Re: Microsoft helps out the NSA

    Get a Mac maybe.

    That is jumping from the frying pan into the fire. Microsoft is catching up with Apple in the amount of control they exercise over what users can do with their (Meaning Apple and Microsoft owned) computers.

    link to this | view in thread ]

  114. identicon
    Anonymous Coward, 10 Aug 2015 @ 2:51pm

    Re:

    HIPPA orgs will never adopt this nightmare of an unsecured OS.

    Sure they will. HIPAA enforcement is a joke.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.