Microsoft Sort Of Addresses Windows 10 Privacy Complaints With New Privacy Dashboard

from the hoover-up-ALL-the-data dept

For the last few years, Microsoft has been under fire because its Windows 10 operating system is unsurprisingly chatty when it comes to communicating with the Redmond mothership. Most of the complaints center around the fact that the OS communicates with Microsoft when core new search services like Cortana have been disabled, or the lack of complete, transparent user control over what the operating system is doing at any given time. Microsoft has since penned numerous blog posts that claim to address consumer concerns on this front -- without actually addressing consumer concerns on this front.

This week, Microsoft penned a new blog post claiming that the company has been listening to annoyed customers and privacy activists, and will finally be making substantive changes to Windows 10 privacy settings to give users more control. Among them will be new operating system-level privacy controls that make consumer options more granular. But Microsoft also says it is building a new privacy dashboard the company says will be doled out to Windows Insiders in an upcoming build, and will look something like this:
Microsoft says the company will simplify the operating system's diagnostic data collection levels, so that it's clearer what telemetry data is being sent back to the company’s servers. As it stands, Windows 10 currently has three snooping levels, but in the Creators Update (expected sometime in the Spring) there will be just two: an option to switch between "basic" and "full" data collection levels, depending how much invasive snooping you like with your morning coffee. Said basic tier is the lowest the settings will go, and includes collection Microsoft claims is necessary for the functioning of the OS. Basic includes:
"Data that is vital to the operation of Windows. We use this data to help keep Windows and apps secure, up-to-date, and running properly when you let Microsoft know the capabilities of your device, what is installed, and whether Windows is operating correctly. This option also includes basic error reporting back to Microsoft."
The problem is that Microsoft has often hidden behind claims that it has to collect a lot of this data or the operating system won't work, and there's still no option to eliminate the collection of telemetry data completely. "Full" data collection, in contrast, will collect everything that the basic setting covers, as well as "inking and typing data." That can include sending Microsoft the document you were working on that caused a system crash, and giving Microsoft support permission to access the OS remotely for troubleshooting.

The entire goal, Microsoft claims in the post, is to make consumer privacy easier to understand:
"When it comes to your privacy, we strive to make choices easy to understand while also providing clear visibility and control over your data. We believe finding the right balance is one of our most important tasks in delivering great personalized experiences that you love and trust."
We'll have to wait until Spring to see if these changes address concerns of the EFF, which last August criticized Microsoft's malware-esque forced upgrade tactics and its refusal to answer consumer privacy inquiries in a straightforward fashion. Microsoft's also trying to appease French regulators, who last summer demanded that Microsoft "stop collecting excessive user data" and cease tracking the web browsing of Windows 10 users without their consent. Of course if having total, granular control over how chatty your OS is over the network is your priority, not using Windows whatsoever probably remains your best option.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: privacy, privacy dashboard, windows 10
Companies: microsoft


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Max, 17 Jan 2017 @ 12:10pm

    Oh, it's a very easy equation: regardless of how many concessions they make, they will NEVER agree to a "ZERO bytes go to microsoft.com, ever (or indeed anywhere else I didn't mean to send some)" policy, which in turn guarantees that I will never willingly operate any MS OS past Windows 7, and even that one preferably only when I can't manage with a non-MS option. Simples...

    link to this | view in thread ]

  2. identicon
    Anonymous Coward, 17 Jan 2017 @ 12:21pm

    Said basic tier is the lowest the settings will go,

    Not actually. Corporate administrators can disable more data collection (proving it's not "necessary for the functioning of the OS"). Clearly MS is concerned about corporations avoiding their software, but they know users aren't going to do anything except complain.

    We'll have to wait until Spring to see if these changes address concerns of the EFF

    I don't have to wait: I'll say "no" right now. If the only choices are "fully on" or "mostly on", you're ignoring the choice of everyone who would have preferred "off".

    link to this | view in thread ]

  3. identicon
    Anonymous Coward, 17 Jan 2017 @ 12:31pm

    Privacy dashboard = Microsoft account

    Doesn't that "privacy dashboard" require you to have a Microsoft account?

    So in a way, this is even worse than what already exists? At least now I can use certain apps to turn off most of the collection.

    link to this | view in thread ]

  4. icon
    Mononymous Tim (profile), 17 Jan 2017 @ 12:38pm

    Off
    Off
    Off
    Off
    Off

    Accept

    link to this | view in thread ]

  5. identicon
    Anonymous Coward, 17 Jan 2017 @ 12:39pm

    and will finally be making substantive changes to Windows 10 privacy settings to give users more control.

    Note it is granting the users full and total control.

    link to this | view in thread ]

  6. icon
    Mononymous Tim (profile), 17 Jan 2017 @ 12:41pm

    Re:

    Oops,

    Off
    Off
    Basic (dammit)
    Off
    Off

    Accept

    link to this | view in thread ]

  7. icon
    Dr. David T. Macknet (profile), 17 Jan 2017 @ 12:43pm

    Even better

    Rather than accept Microsoft's word for it, I've simply added the following to my hosts file, so that any request to their spy sites gets simply discarded:

    # Windows SPY sites
    0.0.0.0 a.ads1.msn.com
    0.0.0.0 a.ads2.msn.com
    0.0.0.0 a-0001.a-msedge.net
    0.0.0.0 ad.doubleclick.n et
    0.0.0.0 adnexus.net
    0.0.0.0 adnxs.com
    0.0.0.0 ads.msn.com
    0.0.0.0 ads1.msads.net
    0.0.0.0 ads1.msn.com
    0 .0.0.0 az361816.vo.msecnd.net
    0.0.0.0 az512334.vo.msecnd.net
    0.0.0.0 choice.microsoft.com
    0.0.0.0 choic e.microsoft.com.nsatc.net
    0.0.0.0 compatexchange.cloudapp.net
    0.0.0.0 corp.sts.microsoft.com
    0.0.0.0 co rpext.msitadfs.glbdns2.microsoft.com
    0.0.0.0 cs1.wpc.v0cdn.net
    0.0.0.0 df.telemetry.microsoft.com
    0.0.0 .0 diagnostics.support.microsoft.com
    0.0.0.0 fe2.update.microsoft.com.akadns.net
    0.0.0.0 feedback.micr osoft-hohm.com
    0.0.0.0 feedback.search.microsoft.com
    0.0.0.0 feedback.windows.com
    0.0.0.0 i1.services.s ocial.microsoft.com
    0.0.0.0 i1.services.social.microsoft.com.nsatc.net
    0.0.0.0 oca.telemetry.microsoft .com
    0.0.0.0 oca.telemetry.microsoft.com.nsatc.net
    0.0.0.0 pre.footprintpredict.com
    0.0.0.0 preview.msn .com
    0.0.0.0 rad.msn.com
    0.0.0.0 redir.metaservices.microsoft.com
    0.0.0.0 reports.wes.df.telemetry.micr osoft.com
    0.0.0.0 services.wes.df.telemetry.microsoft.com
    0.0.0.0 settings-sandbox.data.microsoft.com
    0 .0.0.0 sls.update.microsoft.com.akadns.net
    0.0.0.0 sqm.df.telemetry.microsoft.com
    0.0.0.0 sqm.telemetr y.microsoft.com
    0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
    0.0.0.0 statsfe1.ws.microsoft.com
    0.0.0.0 statsfe2.update.microsoft.com.akadns.net
    0.0.0.0 statsfe2.ws.microsoft.com
    0.0.0.0 survey.watson.micr osoft.com
    0.0.0.0 telecommand.telemetry.microsoft.com
    0.0.0.0 telecommand.telemetry.microsoft.com.nsat c.net
    0.0.0.0 telemetry.appex.bing.net
    0.0.0.0 telemetry.appex.bing.net:443
    0.0.0.0 telemetry.microsoft .com
    0.0.0.0 telemetry.urs.microsoft.com
    0.0.0.0 vortex.data.microsoft.com
    0.0.0.0 vortex-sandbox.data. microsoft.com
    0.0.0.0 vortex-win.data.microsoft.com
    0.0.0.0 watson.live.com
    0.0.0.0 watson.microsoft.co m
    0.0.0.0 watson.ppe.telemetry.microsoft.com
    0.0.0.0 watson.telemetry.microsoft.com
    0.0.0.0 watson.tele metry.microsoft.com.nsatc.net
    0.0.0.0 wes.df.telemetry.microsoft.com

    I imagine that I should hunt about for an update to that list, as no doubt they're aware of some of us trying to stop them spying, but it's a good start.

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 17 Jan 2017 @ 12:45pm

    > The problem is that Microsoft has often hidden behind claims that it has to collect a lot of this data or the operating system won't work

    That's a bunch of bullshit. An earlier version of Myerson's blog post included the fact that enterprise users can turn off all data collection because enterprises have different needs than consumers. It's interesting that they removed that.

    Myerson is right about the differing needs. If I lost my work laptop and my personal laptop, it's my personal machine that I would be freaking out about. It's consumers that should be able to keep their secrets private. I don't care if Microsoft sees my TPS reports but I do care if Microsoft sees my personal medical or financial information.

    I think the real issue is that my TPS report is useless when it comes to targeting ads at me whereas my blood work lab report is just what the pharmaceutical companies need to figure out what ads to show me.

    I'm fortunate enough to have an "unlimited" data connection, but people that are stuck on a metered connection have even more reasons to demand less chat between Windows and Microsoft.

    I'd like to see open source router firmware makers start offering to block Microsoft servers. Windows sure is starting to feel like malware.

    link to this | view in thread ]

  9. icon
    Mononymous Tim (profile), 17 Jan 2017 @ 12:51pm

    Re: Even better

    Some of your IP addresses have an extra space in them, probably rendering those lines ineffective. And I'm pretty sure specifying a port is unnecessary (and not supported).

    I wouldn't put it past M$ to totally ignore the HOSTS file altogether in their sneakiness, or just use raw IP addresses.

    link to this | view in thread ]

  10. identicon
    Anonymous Coward, 17 Jan 2017 @ 12:54pm

    Re:

    If I lost my work laptop and my personal laptop, it's my personal machine that I would be freaking out about. It's consumers that should be able to keep their secrets private. I don't care if Microsoft sees my TPS reports but I do care if Microsoft sees my personal medical or financial information.

    Your medical and financial information are someone else's "work" information.

    link to this | view in thread ]

  11. identicon
    Anonymous Coward, 17 Jan 2017 @ 12:54pm

    Re:

    > Windows sure is starting to feel like malware.

    "Starting"?

    link to this | view in thread ]

  12. icon
    Ben S (profile), 17 Jan 2017 @ 12:56pm

    Re: Even better

    You forget that windows is hard coded to bypass the hosts file for its internal tracking services. Those entries in the hosts file won't do much of anything at all to stop tracking. I had a cousin show me a program he had installed to block the tracking, but I forget what it was called, and never did look into it to see if it actually does the job.

    Note: I don't have Win 10, so I can't really test the software myself.

    link to this | view in thread ]

  13. icon
    Roger Strong (profile), 17 Jan 2017 @ 12:57pm

    Re: Even better

    Some hardcoded DNS domain names will resolve to their proper IP addresses regardless of what you put into the HOSTS file:

    www.msdn.com
    msdn.com
    www.msn.com
    msn.com
    go.microsoft.com
    msdn.microsoft.com
    office.microsoft.com
    mic rosoftupdate.microsoft.com
    wustats.microsoft.com
    support.microsoft.com
    www.microsoft.com
    microsoft.com
    up date.microsoft.com
    download.microsoft.com
    microsoftupdate.com
    windowsupdate.com
    windowsupdate.microsoft. com

    That's as of last summer. The list could change with an update.

    link to this | view in thread ]

  14. icon
    Mononymous Tim (profile), 17 Jan 2017 @ 12:58pm

    Re: Even better

    And some of the fully qualified domain names also have spaces, rendering those lines ineffective too.

    link to this | view in thread ]

  15. icon
    Anonymous Anonymous Coward (profile), 17 Jan 2017 @ 12:59pm

    Re: Even better

    As much as I like this idea, I have heard that Windows has a tendency to ignore the HOSTS file. I am not sure if this is true or not, but I would not put it past them.

    link to this | view in thread ]

  16. identicon
    Anonymous Coward, 17 Jan 2017 @ 12:59pm

    Re: Even better

    Rather than accept Microsoft's word for it, I've simply added the following to my hosts file, so that any request to their spy sites gets simply discarded:

    You do realize that since Microsoft controls the operating system, it can also make it ignore those entries when it wants to, don't you?

    link to this | view in thread ]

  17. identicon
    Anonymoose, 17 Jan 2017 @ 12:59pm

    Informed consent...

    ...requires both an understanding, and the option to say 'no' in the absolute.

    Microsoft has long been one of those companies you have to watch out for.

    link to this | view in thread ]

  18. identicon
    Anonymous Coward, 17 Jan 2017 @ 1:02pm

    Re: Re: Even better

    Yeah, you don't control your own computer with Windows. Microsoft does.

    link to this | view in thread ]

  19. icon
    chiefwiggum (profile), 17 Jan 2017 @ 1:04pm

    Re: Re:

    Blocking at the router, or MS giving the "Enterprise" options to home users is the only way I'll ever use 10 outside the office. I've found that Linux Mint meets my needs quite nicely.

    link to this | view in thread ]

  20. icon
    ECA (profile), 17 Jan 2017 @ 1:09pm

    IN THE LAST 10+ years...

    Ever since the net POPPED UP..
    ALL games and programs are RELEASED as ALPHA/BETA WARE..
    NOT FINISHED PRODUCTS...
    NOT NEAR FINISH PRODUCTS
    NEVER FINISHED PRODUCTS..

    Next up Windows v99.. AND STILL NOT FINISHED..

    link to this | view in thread ]

  21. identicon
    Anonymous Coward, 17 Jan 2017 @ 1:21pm

    Someone doesn't know how to write and OS.

    [quote]The problem is that Microsoft has often hidden behind claims that it has to collect a lot of this data or the operating system won't work[/quote]
    This is seriously wrong.

    I have written device drivers, worked on I/O systems, Real Time OSs, maintained them, administered Unix/Xenix, admined and modified Linux since

    link to this | view in thread ]

  22. identicon
    Lurker Keith, 17 Jan 2017 @ 1:25pm

    Not can't, refuses to

    The problem is that Microsoft has often hidden behind claims that it has to collect a lot of this data or the operating system won't work

    Then they need to design their OS better, so it can work without all that collection. It isn't impossible, they just don't want to respect privacy concerns.

    I found out the hard way (relative's computer) that rejecting the ToS did force the OS to revert back to what it was before Microsoft forced the illegal "upgrade".

    link to this | view in thread ]

  23. identicon
    Anonymous Coward, 17 Jan 2017 @ 1:27pm

    Re: IN THE LAST 10+ years...

    Not sure where you are but most games I have obtained over the last few years are finished products. The only exceptions being games that I bought/supported specifically as under development.

    Since your examples start with games one suspects that games are your major focus. Let's keep it to the subject.

    You might need to tune your tinfoil hat.

    link to this | view in thread ]

  24. icon
    David (profile), 17 Jan 2017 @ 1:31pm

    Re: Someone doesn't know how to write and OS.

    Sorry, this one and the reply to the tin foil upper case was me. I didn't notice I wasn't logged in.

    link to this | view in thread ]

  25. identicon
    Anonymous Coward, 17 Jan 2017 @ 1:34pm

    Re: Re: Even better

    I had a cousin show me a program he had installed to block the tracking, but I forget what it was called, and never did look into it to see if it actually does the job.

    It might, but in general a program cannot be relied on to police an OS it runs within. Future Windows updates could easily break it, intentionally or not.

    Realistically you'd need to run Windows in a VM to prevent it from doing this. But "realistically" is the wrong word, because in practice a VM cannot easily decrypt traffic to tell the difference between Windows Update downloads and telemetry uploads, so you'd have to disable networking entirely.

    link to this | view in thread ]

  26. identicon
    Anonymous Coward, 17 Jan 2017 @ 1:38pm

    Re: Someone doesn't know how to write and OS.

    When Microsoft says the OS won't work without the data collection, they are being a little dishonest.

    As you know, there's a line between operating system and applications. Where the line is changes over time, but with Windows 10, Microsoft is moving that line for business reasons, not technical reasons. So the part of the operating system that won't work are the parts that get personalized. Those also tend to be the parts that those of us asking for better privacy controls don't want to work.

    link to this | view in thread ]

  27. identicon
    Anonymous Coward, 17 Jan 2017 @ 1:46pm

    The fact that so many people are upset with the lack of privacy controls is really a sign that Microsoft isn't executing very well on their Windows 10 vision.

    They need to add features so compelling, that customers want to give Microsoft their personal data. If by giving Microsoft access to my files, calendar, contacts and location some amazingly useful features were made possible, I'd be excited. The way it is now though, I have to give up a lot and get very little in return. It's a bad deal.

    My personal data is something that I should choose to share with Microsoft, not something they just take from me.

    link to this | view in thread ]

  28. identicon
    Anonymous Coward, 17 Jan 2017 @ 2:18pm

    Re: Re: Even better

    O&O ShutUp10

    link to this | view in thread ]

  29. icon
    LVDave (profile), 17 Jan 2017 @ 2:22pm

    All I can do is shake my head..

    I spent close to 20 years supporting MS products in the workplace and up until I retired in 2010, I dualbooted Win7 and Linux. At that time, I decided I was done with Microsoft's products, and deleted the Win7 partition on all of my home systems. Since Windows 10 has come out, and I hear of all of the abuse that people who still use MS products get from MS, the forced updates, updates that brick the system and the textbook malware methods MS used to get the "free" Win10 on as many systems as they could AND THEN the blatant spyware aspects of Win10, all I can do is shake my head and realize that a VERY large number of people either don't know what a turd Win10 is, or they know and DON'T CARE..

    Certainly am glad I don't use MS products anymore...

    link to this | view in thread ]

  30. identicon
    Thad, 17 Jan 2017 @ 3:38pm

    Re: Re: Re: Even better

    Realistically you'd need to run Windows in a VM to prevent it from doing this.

    Well, that or block those IP's on a hardware firewall rather than within Windows itself.

    link to this | view in thread ]

  31. identicon
    tracyanne, 17 Jan 2017 @ 3:54pm

    Re: Re: Re: Even better

    Precisely why I don't use Windows, or OSX for that matter, and have not done so for personal computing since 2000. On the other hand I have no problem using either, when I'm paid to do so.

    link to this | view in thread ]

  32. identicon
    Anonymous Coward, 17 Jan 2017 @ 4:09pm

    There's something that most here don't seem aware of. You can turn your settings off. Sooner or later, M$ in it's wisdom will decide to turn them back on for you. Especially if the software believes it should be on, no matter what you chose.

    I see this issue often, with the wifi side. I don't have wifi on, it's all hard wired. When I am not on the net, I turn the net drivers off. When I go to turn them back on ever so often, the wifi has changed on it's own but to enable.

    Seeing this, I decided to go check some of those other settings I turned off. Sure enough, some of them had re-enabled on their own.

    You can't depend on your privacy settings staying where you put them.

    link to this | view in thread ]

  33. identicon
    tracyanne, 17 Jan 2017 @ 4:37pm

    Wow Ads

    I've got to run out and buy a copy of Windows.

    link to this | view in thread ]

  34. icon
    AEIO_ (profile), 17 Jan 2017 @ 4:41pm

    Re: Re: Re: Re: Even better

    "... that or block those IP's on a hardware firewall rather than within Windows itself."

    Not really -- the internal Windows firewall will be good enough for blocking. The _SECOND_ Microsoft gets caught bypassing it's own firewall rules is the same second all of the security pros begin to dump Windows. You might not trust every program not to do something stupid, but if you can't trust the OS to enforce blocks then it's pointless.

    Yep, you could kill it at the outgoing border gateway but if Windows won't support it's own firewall rules there's no reason to use it. (There's less and less every day -- inertia, both programmatically and human. AD however, won't go away. Shame it wasn't Novell's NDS, out years earlier than MS.)

    Ii wouldn't be surprised if there wasn't someday an automatic AD-enforced rule that disabled some of the call-home stuff -- that way Win HOME and Win Pro non-AD could be configured out of the box that way and no one would gripe.

    link to this | view in thread ]

  35. icon
    kenichi tanaka (profile), 17 Jan 2017 @ 5:16pm

    I noticed that Microsoft has neglected to include:

    o Opt Out: Enable this option to opt out.
    o Customize: Select what data Microsoft collects.

    How much you want to bet this dashboard is just a visual feature to let users "believe" that they can select what security level for data collected by Microsoft.

    link to this | view in thread ]

  36. icon
    AEIO_ (profile), 17 Jan 2017 @ 5:16pm

    Re: Even better

    Don't do HOSTS. That only works with DNS lookups, not if the IP addresses themselves are actually encoded within the product -- for ALL apps, not just the OS. DNS just makes it easier.

    Instead use firewall rules as primary and HOSTS as a secondary backup. Destroy Windows Spying (DWS) has a good rule set.

    Even if you can't actually read and understand all of the code, you can still get a good impression of what's going on and what they're doing.

    https://github.com/Nummer/Destroy-Windows-10-Spying/releases/tag/1.6.722

    File MainDwsForm.cs. Code:
    private void AddToHostsAndFirewall()
    string[] hostsdomains =
    "a.ads1.msn.com",
    "a.ads2.msads.net",
    "a.rad.msn.com",

    and so on. These lines add HOSTS blocks to 0.0.0.0 to stop DNS lookups. [They're actually created in the "/C" code at the end of the array.] Then later on they block actual IP addresses,

    private void BlockIpAddr()
    string[] ipAddr =
    "104.96.147.3",
    "111.221.29.177",
    "111.221.29.253",

    These block the actual embedded IP addresses using the native Windows firewall. [literally adding null routes via the trailing "/C" code again.] The second Microsoft is caught bypassing it's own firewall to communicate home I think is the second they get dumped.

    This is the same type of thing that PeerGuardian / Peerblock does, only they target ever-changing RIAA/MPAA IP addresses.

    MS changes IP collection addresses only occasionally and sometimes it's not even their fault. But don't rely on this 100% to block mothership access; they'll someday add a new patch that'll not be blocked. Gee, if only there were a monthly update system in Windows that could update this.

    [GEE, IF ONLY THEY WOULD QUIT COLLECTING THIS DATA TO START WITH. IT'S ONE THING TO HOLD PROGRAM LAUNCH NAMES AND TIMES ON MY PC, BUT ANOTHER to store them all in Redmond. You don't need to know I've got VLC playing My Little Pony in an endless loop. And you SURE don't need to know I'm controlling a botnet of LOIC nodes. In this case I guess it'd be a botNOT. :-)]

    link to this | view in thread ]

  37. identicon
    Anonymous Coward, 17 Jan 2017 @ 5:49pm

    > Of course if having total, granular control over how chatty your OS is over the network is your priority, not using Windows whatsoever probably remains your best option.

    So... when will Fallout 4 be ported to Linux? :)

    link to this | view in thread ]

  38. icon
    Wyrm (profile), 17 Jan 2017 @ 7:02pm

    The entire goal, Microsoft claims in the post, is to make consumer privacy easier to understand: "You have no privacy."

    link to this | view in thread ]

  39. identicon
    Anonymous Coward, 17 Jan 2017 @ 7:22pm

    Re: Re: Re: Re: Even better

    Well, that or block those IP's on a hardware firewall rather than within Windows itself.

    A Windows computer is opening an encrypted connection to microsoft.com:443. Do you allow or block it? If you block too much you're not going to be able to update the OS. And if MS don't want you to have privacy, which they seem to not want, why do you think the traffic will be easy to identify? The IPs and hostnames could change at any time, and you can probably use domain fronting to access any MS domain through any MS hostname/IP anyway. (You could block every domain related to MS, but then why are you using Windows?)

    link to this | view in thread ]

  40. identicon
    bshock, 17 Jan 2017 @ 7:33pm

    I'm trying very hard to find this story important

    If you're still using Windows 10, it's either because that's the office OS or because you're too lazy, too apathetic, or too dumb to care.

    This reminds me of the situation where people build their homes on the bank of a river and then seem astonished when it overflows and almost drowns them. Sure, I'll help them because it's the human thing to do, but don't look for me to feel terribly sympathetic.

    link to this | view in thread ]

  41. identicon
    Anonymous Coward, 17 Jan 2017 @ 7:51pm

    Re: Re: Re: Re: Re: Even better

    The SECOND Microsoft gets caught bypassing it's own firewall rules is the same second all of the security pros begin to dump Windows.

    That's optimistic. They were already caught bypassing the hosts file. I expect if they're ever caught bypassing the firewall, they'll just say it was to protect against malware that was interfering with Windows Update. People have been threatening to dump Windows for years due to privacy invasion, ever since the mandatory product activation in XP, and now MS are calling the bluffs of home users (not corporate users though--MS lets them disable telemetry because they might not be bluffing).

    link to this | view in thread ]

  42. identicon
    Anonymous Coward, 17 Jan 2017 @ 9:03pm

    not using Windows whatsoever probably remains your best option

    i believe we have a winner.

    link to this | view in thread ]

  43. identicon
    Anonymous Coward, 17 Jan 2017 @ 9:21pm

    Re: Re: Re: Re: Even better

    > Well, that or block those IP's on a hardware firewall rather than within Windows itself.

    Just exactly which IP's would those be?
    See the problem?

    link to this | view in thread ]

  44. icon
    techflaws (profile), 17 Jan 2017 @ 9:52pm

    "The problem is that Microsoft has often hidden behind claims that it has to collect a lot of this data or the operating system won't work"

    Just like Win 98 could not work without Internet Explorer. Yeah, right.

    link to this | view in thread ]

  45. identicon
    Anonymous Coward, 18 Jan 2017 @ 12:51am

    Re:

    When their sales start falling because more people are using Linux, and will do without rather than run Windows.

    link to this | view in thread ]

  46. identicon
    Anonymous Coward, 18 Jan 2017 @ 1:11am

    And I'm trying very hard to find a shred of sense in your post

    "because you're too lazy, too apathetic, or too dumb to care."

    Harsh in the extreme and grossly unfair. How about ignorant? How about uninformed? How about "it came with the machine", which applies to what, 99.99% of all desktop/laptop sales?

    And your analogy is crap. Who the hell is building their own houses, let alone on a river bank? Builders build houses and flog them to people. And yes, they sometimes build them on flood plains, because they're allowed to do so by god damn awful planning regulations and kickbacks, but that's another story.

    link to this | view in thread ]

  47. icon
    Jinxed (profile), 18 Jan 2017 @ 5:34am

    Re: Even better

    @Dr. Macknet:

    Move these addresses to your router and block them there. Windows ignores the hosts files (confirmed by many, including myself).

    At the router, Microsoft has no control.

    If your router doesn't give you the ability to administer IP addresses, buy a new router.

    In addition: you can buy third party software which regulates internet traffic, blocking what you need to (regardless of what is trying to get through). The con to this type of software is you have to spend a good deal of time "Allowing" as most sites are turned off by default.

    link to this | view in thread ]

  48. icon
    Jinxed (profile), 18 Jan 2017 @ 6:05am

    These settings look identical to those on my XBox One.

    And they're just as effective as a placebo.

    link to this | view in thread ]

  49. icon
    R.H. (profile), 18 Jan 2017 @ 8:46am

    Re: Re: Even better

    This is for a very good reason. Microsoft has had issues with malware altering the HOSTS file in older versions of Windows and redirecting people from MS sites to other sites in the past. So, they hard coded their websites to always go where they're supposed to go. If you don't trust Microsoft though, don't use Windows.

    link to this | view in thread ]

  50. identicon
    Anonymous Coward, 18 Jan 2017 @ 9:23am

    Re: Re: Re: Even better

    That does not fix the security issue, but rather bypasses it for Microsoft software, giving them an unfair advantage.

    link to this | view in thread ]

  51. icon
    Not an Electronic Rodent (profile), 18 Jan 2017 @ 9:31am

    Re:

    "The problem is that Microsoft has often hidden behind claims that it has to collect a lot of this data or the operating system won't work"

    Yeah, this one's even harder to swallow...

    So, Mr. Microsoft, you're claiming that if you try and use Windows 10 on a network without an internet connection, or (shock, horror!) airgapped, it'll just randomly fail.... is that right? Wow, way to build an OS!

    link to this | view in thread ]

  52. identicon
    bob, 18 Jan 2017 @ 9:43am

    Re: I'm trying very hard to find this story important

    You forget that a lot of PC games still only run on windows. It's getting better now that more developers will make their games cross-OS compatible. but until the games I play can run on Linux I'm stuck with windows.

    Speaking of houses and windows those that live in glass houses...

    shouldn't use the bathroom.

    link to this | view in thread ]

  53. identicon
    Anonymous Cowherd, 18 Jan 2017 @ 9:55am

    Re:

    There's absolutely nothing Microsoft could offer to make me want to give them my personal data.

    link to this | view in thread ]

  54. identicon
    Anonymous Cowherd, 18 Jan 2017 @ 10:04am

    Too little, too late

    Unfortunately, at this point even if Microsoft added an option to send no data at all, many people would simply not trust it.

    link to this | view in thread ]

  55. icon
    Gwiz (profile), 18 Jan 2017 @ 10:30am

    Re: Re: I'm trying very hard to find this story important

    I am curious as to what games you play that won't run on Linux.

    My Debian laptop is approaching 10 years old and basically I have found (with a few exceptions) that if my hardware could handle the game in Windows then it would also run under Wine on the Linux OS.

    Being that my computer is so old, I don't often attempt to play the newer, high-end graphics games that are out there nowadays, so I am curious as to which games you couldn't get to work on Linux.

    link to this | view in thread ]

  56. identicon
    Thad, 18 Jan 2017 @ 11:58am

    Re: Re: Re: Re: Re: Even better

    Not really -- the internal Windows firewall will be good enough for blocking. The SECOND Microsoft gets caught bypassing it's own firewall rules is the same second all of the security pros begin to dump Windows.

    How many security pros do you know who don't use hardware firewalls?

    link to this | view in thread ]

  57. identicon
    Thad, 18 Jan 2017 @ 12:01pm

    Re: I'm trying very hard to find this story important

    If you're still using Windows 10, it's either because that's the office OS or because you're too lazy, too apathetic, or too dumb to care.

    Nah, it's because Windows 7 changed my fucking speaker settings back to "stereo" every time I powered down my audio receiver.

    link to this | view in thread ]

  58. identicon
    Thad, 18 Jan 2017 @ 12:13pm

    Re: Re: Re: Re: Re: Even better

    Well, yes; using an operating system implies a certain level of trust. (This is especially true of proprietary OS's, but it's even true of free/open-source ones. Even if you're compiling the OS from source yourself, and even if a checksum is provided so that you can confirm that no unauthorized code has been injected by the compiler, it's unlikely that you'll personally have the opportunity to audit every single line of code in every program you use. Unless your workflow is very limited.) That's what Shuttleworth meant when, in response to an outcry against Ubuntu sending its launcher's search data home to solicit ads from Amazon, he responded, "We have root." It was a foolish and arrogant thing to say, but he's not wrong -- if you're using Ubuntu, that means you're already giving Canonical a substantial amount of trust not to take advantage of your most intimate information.

    That list of domains provided by Dr. David T. Macknet is a list of places we know Windows 10 is sending private data. You're correct that it could just be sending it encrypted to microsoft.com. It could also be sending it to any other domain, including ones not obviously owned by Microsoft, or funneling it through a third party. And how do you know it's only Windows 10 doing it? How do you know Windows 7 isn't doing it too?

    The answer is that you don't. On some level, if you're using Windows, you're trusting Microsoft, at least a little bit.

    Somebody who blocks that list of domains at the firewall trusts MS less than somebody who doesn't. But you're right, if I'm using Windows at all, I'm trusting MS at least a little bit.

    link to this | view in thread ]

  59. icon
    orbitalinsertion (profile), 18 Jan 2017 @ 12:19pm

    Re: Re: Mr. Microsoft

    I find MS is really much creepier without a Gates or Monkey-Boy Ballmer to have a stab at. Even more so that MS seems to continually corrupt good people to write and push their crap.

    link to this | view in thread ]

  60. identicon
    Thad, 18 Jan 2017 @ 12:23pm

    Re: Re: Re: I'm trying very hard to find this story important

    Some games run fine under WINE; Trails in the Sky is a recent example that works great.

    Some don't; I never could get Civ4 to do anything but crash on load.

    An increasing number of games are getting native Linux versions, too, making WINE unnecessary. This is especially true for indie games. Major studio games sometimes get native Linux releases too, but there's usually a lag, and it's never a sure thing.

    But there's another problem: DirectX just works better than OpenGL. This doesn't matter on lower-end games, but if you're playing a game that really maxes out your hardware's capabilities, DirectX is a better choice than OpenGL. Which means Windows is a better choice than Linux.

    Vulkan seems to be closing the gap a bit, but it's still not on par with DirectX, and it's still early days and Vulkan's not widely supported.

    Believe me, I'm hoping this changes; I've been waiting for an opportunity to ditch Windows completely for around 15 years now. But for now, I'm still running Windows on my HTPC, and keeping a dual-boot on my main computer, so I can play games.

    link to this | view in thread ]

  61. identicon
    Anonymous Coward, 18 Jan 2017 @ 1:16pm

    The only certain way to address this problem:

    Get a Windows command prompt, and type "format c:" and say yes to all prompts.

    Then install Tails.

    link to this | view in thread ]

  62. identicon
    Anonymous Coward, 18 Jan 2017 @ 1:19pm

    Re: Re: Re: Even better

    > don't use Windows.

    That's kind of the point.

    link to this | view in thread ]

  63. identicon
    Anonymous Coward, 19 Jan 2017 @ 11:28am

    Re: The only certain way to address this problem:

    Or just add the /y switch

    link to this | view in thread ]

  64. identicon
    Anonymous Coward, 22 Jan 2017 @ 8:08pm

    In the dashboard, I don't see the button to install Linux.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.