Linked by Thom Holwerda on Tue 6th Mar 2018 20:12 UTC
Windows

Microsoft is once again tackling privacy concerns around Windows 10 today. The software giant is releasing a new test build of Windows 10 to Windows Insiders today that includes changes to the privacy controls for the operating system. While most privacy settings have been confined to a single screen with multiple options, Microsoft is testing a variety of ways that will soon change.

There have been some concerns that Windows 10 has a built-in “keylogger,” because the operating system uses typing data to improve autocompletion, next word prediction, and spelling correction. Microsoft’s upcoming spring update for Windows 10 will introduce a separate screen to enable improved inking and typing recognition, and allow users to opt-out of sending inking and typing data to Microsoft.

I doubt any of these changes will reassure people who refuse to use Windows because of privacy concerns.

Order by: Score:
Comment by Drumhellar
by Drumhellar on Tue 6th Mar 2018 21:25 UTC
Drumhellar
Member since:
2005-07-12

I doubt any of these changes will reassure people who refuse to use Windows because of privacy concerns.


Of course not, at least not until Microsoft figures out a way to keep people from moving the goalposts.

If Microsoft completely stopped collecting telemetry, many of these people would believe Microsoft just found a way to do it secretly - after all, now that there is a tool that lets you view all the telemetry Windows collects, those people still believe there is data Microsoft is hiding - a belief based on no evidence.

And then, there are the people that have the opinion that Microsoft knowing how many times you click the start menu is the same as breaking into your home to read your diary.

Reply Score: 3

RE: Comment by Drumhellar
by leech on Tue 6th Mar 2018 22:01 UTC in reply to "Comment by Drumhellar"
leech Member since:
2006-01-10

To be fair, can you really trust it not to send anything unless it was open source and people could go through the code to see EXACTLY what it is doing?

With a tool "oh, we show you what we collect (at least that we're okay with you knowing what we collect...)"

The fact they started doing it in the first place is the big 'why'.

Reply Score: 6

RE[2]: Comment by Drumhellar
by BluenoseJake on Tue 6th Mar 2018 22:04 UTC in reply to "RE: Comment by Drumhellar"
BluenoseJake Member since:
2005-08-11

Why is MS any different then Google, or Apple? They also collect all sorts of info, and are less transparent. The reason they started doing it is the same as MS, but for some reason, they get a pass.

Edited 2018-03-06 22:05 UTC

Reply Score: 5

RE[3]: Comment by Drumhellar
by shotsman on Wed 7th Mar 2018 07:07 UTC in reply to "RE[2]: Comment by Drumhellar"
shotsman Member since:
2005-07-22

Google does not get a pass from me. A total and abject failure more like. They collect data on you and then sell it on to their Advertisers etc.

Apple gets a 'Meh' from me. You can opt out of their collection and they publicly say that anything they collect is never sold on.

These days, I go out of my way to avoid having anything directly to do with Google. Their motto has clearly (IMHO) become 'Do Evil' to us mere mortals.
They clearly don't understand the meaning of 'No'.

As for MS, their dictatorial stance on a whole load of things including updates for W10 and the way that they willy-nilly overwrite your settings during the update process clearly shows that they are in the 'MS knows best and you will do as we say' mode more and more.
Their data collection system that bypasses the 'hosts' file settings etc is just plain wrong in my eyes.

I voted with my feet and have got rid of all MS OS's from my life. The reduction in stress I have is huge.
I'll be ditching Office as soon as I can get around to it.
YMMV

Reply Score: 2

RE[3]: Comment by Drumhellar
by emphyrio on Wed 7th Mar 2018 14:04 UTC in reply to "RE[2]: Comment by Drumhellar"
emphyrio Member since:
2007-09-11

They don't.

Reply Score: 0

RE[2]: Comment by Drumhellar
by Drumhellar on Tue 6th Mar 2018 22:33 UTC in reply to "RE: Comment by Drumhellar"
Drumhellar Member since:
2005-07-12

To be fair, can you really trust it not to send anything unless it was open source and people could go through the code to see EXACTLY what it is doing?


I can. Not absolutely, but then again, that level of absolute trust isn't available for open source projects either.

Unless you are capable of reliably analyzing every bit of code that produces your OS on your own, you have to trust somebody.

You have to trust developers that say their software does what it says and nothing more. You have to trust your distribution that they're giving you the packages patched only in the way they say they're patching software. You have to trust that third parties actually bothered to check to make sure your distribution maker is giving you what they say, and that they are actually competent.

At some point, you just have to trust somebody. Pretending this isn't the case is naive, and simply incorrect.

Do I trust Microsoft software?
After all the years I've been using it, I've never heard of their software doing anything nefarious w/r to user data. They have consistently been clear about what they do, and in the areas they have been less clear, at least their opacity has been well defined.

I haven't seen any reasons why I should specifically distrust them.

From Microsoft's perspective, not doing so is a huge financial risk - think of what would happen in Europe especially if they were caught sending data they said they weren't collecting. The EU isn't shy from imposing huge fines and tight restrictions on large companies that break the rules.

The fact they started doing it in the first place is the big 'why'.


Started doing what in the first place? Collecting telemetry? That's easy: Makes it easier to find bugs and diagnose problems. There's been plenty of examples in Windows 10 where users were afflicted by bugs in updates that didn't show up in insider releases, that telemetry was able to provide answers for.

Why did they release the tool to examine all the telemetry? People have been asking for it, and it actually will assuage some of the distrust about the telemetry data when people are able to analyze it.

Reply Score: 3

RE[3]: Comment by Drumhellar
by Alfman on Wed 7th Mar 2018 02:10 UTC in reply to "RE[2]: Comment by Drumhellar"
Alfman Member since:
2011-01-28

Drumhellar,

You have to trust developers that say their software does what it says and nothing more. You have to trust your distribution that they're giving you the packages patched only in the way they say they're patching software. You have to trust that third parties actually bothered to check to make sure your distribution maker is giving you what they say, and that they are actually competent. At some point, you just have to trust somebody. Pretending this isn't the case is naive, and simply incorrect.


It's true, sometimes claims about FOSS get exaggerated. However just one minor counter point: with proprietary software, trust typically has a single point of failure (the commercial vendor). With FOSS on the other hand, trust can span multiple parties, adding a form of "trust redundancy" that isn't possible with proprietary software because no one else has the source.


Do I trust Microsoft software?
After all the years I've been using it, I've never heard of their software doing anything nefarious w/r to user data. They have consistently been clear about what they do, and in the areas they have been less clear, at least their opacity has been well defined.

I haven't seen any reasons why I should specifically distrust them.


This is a dated reference, but what about the "_nsakey" that was revealed when microsoft accidentally published a debug version of the kernel?

https://www.heise.de/tp/features/How-NSA-access-was-built-into-Windo...

Microsoft tried to rebuke the accusations in public, but it never really provided supporting evidence.

Reply Score: 6

RE[4]: Comment by Drumhellar
by adkilla on Wed 7th Mar 2018 08:08 UTC in reply to "RE[3]: Comment by Drumhellar"
adkilla Member since:
2005-07-07

The article is old. The NSA has found it easier to store their backdoors on CPUs. You may use an open source OS, but what about your CPU? They are actively finding a way and won't stop doing that.

Unless we DIY everything, we can never be sure of anything. Open source don't mean anything if we don't have control over every stage of of our IT infra. Even if our PC fully is open source (both hardware and software), then what about our printers, routers, NAS, etc? See where this is going?

Reply Score: 1

RE[5]: Comment by Drumhellar
by Alfman on Wed 7th Mar 2018 14:46 UTC in reply to "RE[4]: Comment by Drumhellar"
Alfman Member since:
2011-01-28

adkilla,

The article is old. The NSA has found it easier to store their backdoors on CPUs. You may use an open source OS, but what about your CPU? They are actively finding a way and won't stop doing that.


We've covered the closed CPU firmware/microcode/management processors problem a couple times here on osnews and it is very concerning. However it's quite unlikely they'll stop infiltrating the operating systems too.


Unless we DIY everything, we can never be sure of anything. Open source don't mean anything if we don't have control over every stage of of our IT infra. Even if our PC fully is open source (both hardware and software), then what about our printers, routers, NAS, etc? See where this is going?


Some things are easier than others. There are lots of open source NAS and routers. I'm not so sure about printers.

Some people assume that high proprietary market share is evidence that open source is not important. However as I can personally attest to, there's a lot of equipment where despite my efforts, I've been unable to locate an open source vendor and have been forced to buy something proprietary against my wishes. This is a big reason why I'm always trying to promote open hardware/software whenever I can and am extremely wary of people claiming closed platforms don't hurt us.

Reply Score: 1

RE[3]: Comment by Drumhellar
by grat on Wed 7th Mar 2018 18:06 UTC in reply to "RE[2]: Comment by Drumhellar"
grat Member since:
2006-02-02

All of what you said is true, but irrelevant.

It is "cool" to disbelieve-- You are a sheeple if you trust anyone or anything, and an elite if you distrust everything and everyone.

The fact that society cannot stand that level of disbelief is irrelevant.

The internet is truly a wilderness of mirrors where reality has ceased to have any useful meaning.

I've always found it entertaining that people can believe that a company like Microsoft is capable of incredibly complex and devious conspiracies, when the company's history is actually littered with examples of poorly kept secrets. Even the NSA has been unable to conceal the full extent of their operations, but somehow, a company like Microsoft is (apparently) capable of all kinds of super sekret information gathering without anyone noticing, or blowing whistles.

Reply Score: 4

RE[4]: Comment by Drumhellar
by tomchr on Wed 7th Mar 2018 21:43 UTC in reply to "RE[3]: Comment by Drumhellar"
tomchr Member since:
2009-02-01

It is "cool" to disbelieve-- You are a sheeple if you trust anyone or anything, and an elite if you distrust everything and everyone.


Grat,

(Dis)belief is not exactly a choice. One may choose to hide one's real beliefs in order to act "cool", but one cannot just change those beliefs on command. Experience and knowledge play a big part when it comes to what to believe.

It is a fact that Microsoft collects huge amounts of personal telemetry data, regardless of your consent.

Trust is usually earned. If you trust anything that does not respect your rights, then I would venture that you are naive.

What Microsoft is doing is not very complex or devious. It is simply an invasion of privacy. Google does it. Apple does it. They are making a clear choice not to respect your constitutional and basic human right. If you are lax about it, then you are part of the flock of the vast majority.

Edited 2018-03-07 21:56 UTC

Reply Score: 3

RE[5]: Comment by Drumhellar
by grat on Thu 8th Mar 2018 17:52 UTC in reply to "RE[4]: Comment by Drumhellar"
grat Member since:
2006-02-02

It is a fact that Microsoft collects huge amounts of personal telemetry data, regardless of your consent.

If you take out "personal", I'd probably agree with you.

Trust is usually earned. If you trust anything that does not respect your rights, then I would venture that you are naive.

No, I just choose not to live a life full of paranoia and tin-hat conspiracies. Nothing in the Snowden releases particularly surprised me-- there have been enough credible stories over the years to know they're going to grab everything they can.

However, Microsoft, unlike Google, Apple and Facebook (and the NSA), actually released a tool that allows you to see what data they collect-- But the general consensus is that they're lying, with no proof whatsoever.

If someone can prove there's data being collected by Microsoft that they aren't revealing in their data diagnostic tool, then that's news. That's evidence of further misbehavior.

So far, no one has produced such evidence.

What Microsoft is doing is not very complex or devious. It is simply an invasion of privacy. Google does it. Apple does it. They are making a clear choice not to respect your constitutional and basic human right. If you are lax about it, then you are part of the flock of the vast majority.

The government does it, your ISP does it, every web advertiser does it, Facebook, Google, and Apple does it-- Nothing you do on the web is a secret. Accept it, and move on.

Microsoft is, theoretically, being more transparent than any of those organizations, so why the hatred for Microsoft?

By the way, thanks for using the word "flock" to prove my point.

Reply Score: 2

RE[6]: Comment by Drumhellar
by Alfman on Thu 8th Mar 2018 21:13 UTC in reply to "RE[5]: Comment by Drumhellar"
Alfman Member since:
2011-01-28

grat,

However, Microsoft, unlike Google, Apple and Facebook (and the NSA), actually released a tool that allows you to see what data they collect-- But the general consensus is that they're lying, with no proof whatsoever.

If someone can prove there's data being collected by Microsoft that they aren't revealing in their data diagnostic tool, then that's news. That's evidence of further misbehavior.

So far, no one has produced such evidence.


I actually think everyone's mostly in agreement, it's just that we're focusing on different parts of the truth. You would be right to claim that there's no evidence that microsoft is lying about the data collection, however no one here on osnews has asserted the opposite. What has been asserted is that what microsoft's claims cannot be verified because the code is proprietary. Both of these can be simultaneously true, so IMHO there's no reason for there to be a disagreement about it.

The government does it, your ISP does it, every web advertiser does it, Facebook, Google, and Apple does it-- Nothing you do on the web is a secret. Accept it, and move on.


Well, if a company claims XYZ to be true, then XYZ had better be true otherwise it may merit a lawsuit.

Microsoft is, theoretically, being more transparent than any of those organizations, so why the hatred for Microsoft?


But it's NOT just microsoft...it never has been. In fact even in the post to which you responded, tomchr explicitly named apple and google guilty as well. As patrix pointed out, this seems to happen a lot when some company goes under the microscope: "Why the hatred for <X>? Why aren't we criticizing <others>?" The truth is that every week we DO criticize google, apple, facebook, etc. Just because it's microsoft's turn doesn't mean we're giving other companies a pass. People CAN criticize microsoft without being hypocrites about it!

Reply Score: 1

RE[6]: Comment by Drumhellar
by tomchr on Thu 8th Mar 2018 23:10 UTC in reply to "RE[5]: Comment by Drumhellar"
tomchr Member since:
2009-02-01

grat,

Excuse me, but you are contradicting yourself.

First you find it amusing that other people believe in company conspiracies. Next you state that you are not at all surprised about the Snowden releases, since you yourself found the stories over the years credible (i.e. former conspiracy stories). Lastly, you clearly state that 'everyone' is doing it and nothing you do on the web is a secret. It seems to me that you are the paranoid one.

I am not at all concerned about conspiracies and paranoia. I am concerned with Microsoft's abuse of privacy, since this is done at operating system-level. Windows 10's privacy settings have been found "not trustworthy" by experts, organisations and authorities.

The fact that governments, coorperations, ISPs et al. are abusing your rights as well does not excuse them from moral or legal ramifications.

How about standing up for your rights for a change?

One more thing, beliefs are not something you pick up at Walmarts at $10 discount. You either have faith or you don't. Beliefs can't change facts. Facts, however, should change your beliefs.

Reply Score: 0

RE[7]: Comment by Drumhellar
by grat on Fri 9th Mar 2018 17:33 UTC in reply to "RE[6]: Comment by Drumhellar"
grat Member since:
2006-02-02

grat,

Excuse me, but you are contradicting yourself.

First you find it amusing that other people believe in company conspiracies. Next you state that you are not at all surprised about the Snowden releases, since you yourself found the stories over the years credible (i.e. former conspiracy stories).

Stories in major newspapers and a lawsuit over "Room 641A" aren't 'conspiracy stories'-- they're facts. They're not even alternative facts, they're actual truth.

Lastly, you clearly state that 'everyone' is doing it and nothing you do on the web is a secret. It seems to me that you are the paranoid one.

As an IT professional, I know what data is available at the ISP level-- it's trivial to correlate DHCP and firewall logs to produce an easily read list of websites (and URL's) a given user accesses.

Having read articles about researchers decoding keystrokes via two cellphones and acoustic mapping algorithms, or knowing that the NSA can turn your analog monitor signal into a visible image from a distance-- it's kind of hard to believe that "privacy" has any real meaning these days.

I am concerned with Microsoft's abuse of privacy, since this is done at operating system-level.

... and this is where I have a problem. You have an OS on your computer, which is collecting data. You have the option to disable much of that data collection. Microsoft has produced a tool that allows you to see what data is being collected.

And yet, you don't believe them. Not because there's any evidence they're lying, not because they've used that data in a malicious way, or even for marketing, but simply because "well, Microsoft behaved badly once".

They're far more open about what they're doing than the NSA, Facebook, Google, or Apple-- Try turning off some of the Google Assistant tracking functionality-- or Alexa, or Siri.

Neither Apple nor Google give you fine-grained controls over what data is collected about you. Google not only collects what you do with your phone, they collect what you do with your gmail account, your google searches, your youtube account-- and show very little as to what they're actually collecting, or what they're doing.

But somehow, Microsoft is perceived as the bad guys here.

Windows 10's privacy settings have been found "not trustworthy" by experts, organisations and authorities.

Have you actually read through the data structures that Microsoft gathers? I have. I believe a link was published on this site to the data fields that are available via Microsoft telemetry. It's nearly all OS related, and very little (if any) user identifiable data is available.

The major privacy leaks (cortana, edge, etc.) are easily turned off. Not that it matters, since the moment you open a browser, you're leaking far more information that Microsoft will ever gather about you.

The fact that governments, coorperations, ISPs et al. are abusing your rights as well does not excuse them from moral or legal ramifications.

How about standing up for your rights for a change?

No one else is. I live in Florida-- I'm not even protected by the 4th amendment (within 100 miles of border). My electronic devices aren't subject to protection under the 4th or 5th amendment, and daily, people give Facebook more information about their private lives than the government could accumulate in a decade.

I would cheerfully join the bandwagon, and be part of a pro-privacy crusade-- except people are attacking Microsoft for privacy issues, when they ought to be going after Facebook, Google, and Apple.

Right idea, wrong target.

Reply Score: 4

RE[5]: Comment by Drumhellar
by zima on Fri 9th Mar 2018 23:58 UTC in reply to "RE[4]: Comment by Drumhellar"
zima Member since:
2005-07-06

Experience and knowledge play a big part when it comes to what to believe.

Hm, more like what we're told by others in our ~group / ~peer pressure... (most glaring example: religions tend to basically disregard experience or knowledge)

Reply Score: 3

RE[4]: Comment by Drumhellar
by zima on Fri 9th Mar 2018 23:57 UTC in reply to "RE[3]: Comment by Drumhellar"
zima Member since:
2005-07-06

I've always found it entertaining that people can believe that a company like Microsoft is capable of incredibly complex and devious conspiracies, when the company's history is actually littered with examples of poorly kept secrets. Even the NSA has been unable to conceal the full extent of their operations, but somehow, a company like Microsoft is (apparently) capable of all kinds of super sekret information gathering without anyone noticing, or blowing whistles.

And at least some ( http://www.osnews.com/permalink?654315 ) of the conspiracy theorists / believers in Your Microsoft Overlords also think at other times, when it suits them, that MS is totally incompetent as an organisation... ( http://www.osnews.com/permalink?653972 )

Reply Score: 3

RE[3]: Comment by Drumhellar
by Doc Pain on Fri 9th Mar 2018 05:15 UTC in reply to "RE[2]: Comment by Drumhellar"
Doc Pain Member since:
2006-10-08

Do I trust Microsoft software?
After all the years I've been using it, I've never heard of their software doing anything nefarious w/r to user data.


How about this?

https://mspoweruser.com/microsoft-monitoring-censoring-skydrive-uplo...

https://mspoweruser.com/watch-what-you-store-on-skydriveyou-may-lose...

Additionally, just because you don't notice something (or hear about in the TV news) doesn't imply it doesn't happen. As you may have gathered from recent history, with the many leaks of how governments and their spy agencies cooperate with companies in order to obtain and manipulate data (for whatever purpose they claim after the leak), you cannot deny that there is at least potential for abuse. And if there is potential for abuse, it will happen, no matter if we can notice it ourselves, or get slapped by harsh reality when a whistleblower tells us the truth.

They have consistently been clear about what they do, and in the areas they have been less clear, at least their opacity has been well defined.


You cannot be sure without auditing. For example, some "Windows" dialog tells you that telemetry has been switched off. Then you monitor the network traffic. Do you still see suspicious packets going in and out? Then you probably found something worth investigating.

(Keep in mind not all traffic should be considered suspicious. Just because the system appears to be doing nothing, it might still act on the network for good and valid reasons.)

I haven't seen any reasons why I should specifically distrust them.


This should help:

https://www.infowars.com/direct-nsa-partners-att-verizon-microsoft-c...

Except of course your viewpoint is that all those actions taken by spy agencies are entirely and always within national and international boundaries of law, serving mankind, providing benefit for everyone. ;-)

From Microsoft's perspective, not doing so is a huge financial risk - think of what would happen in Europe especially if they were caught sending data they said they weren't collecting. The EU isn't shy from imposing huge fines and tight restrictions on large companies that break the rules.


MICROS~1 currently is in a position where it can "dictate" how the EU deals with them simply because the EU is in their hands, in terms of "keeping the offices running". They put much work and money into lobbying. With vendor lock-in and long-running contracts (with exceptional fees for breaking them), nobody will oppose or just question what they do.

Collecting telemetry? That's easy: Makes it easier to find bugs and diagnose problems. There's been plenty of examples in Windows 10 where users were afflicted by bugs in updates that didn't show up in insider releases, that telemetry was able to provide answers for.


Which is probably fine if the user provided consent, either by own choice, or by "accept license" (with telemetry being part of the license, and accepting it is the first step in getting "Windows" installed).

It's also possible to see this as follows: They are simply delegating the work of QA to the paying (!) users. This is doubleplusgood: Users pay, and they can fire QA stuff, as the users are doing QA now. ;-)

But keep in mind not everyone has a high bandwidth Internet flatrate plan. Some people are still paying by the MBs, especially on mobile connections. Deactivating any traffic unneccessary to them (!) is an important option which should work as expected: Telemetry off = no data sent.

Why did they release the tool to examine all the telemetry?


Because when you provide a tool to inspect data, you can always filter out the things which users should not see. If I was a malicious actor, I'd do exactly the same - and as you probably know, that's exactly what many hacking techniques include: hide what you do, keep everything else look normal. This is easily possible when you control the tools that should monitor a system's actions.

That's the reason it's neccessary to have independent tools to examine this kind of data - simply to rule out this important point to hide "undesired" information.

People have been asking for it, and it actually will assuage some of the distrust about the telemetry data when people are able to analyze it.


They also could have released a complete specification of telemetry traffic so everyone interested could create an own parser / analyzer / monitor for that data. Relying on closed-source "solutions" to monitor closed-source systems sending undocumented traffic and then expecting trust... well, that just doesn't seem right.

Reply Score: 2

RE[4]: Comment by Drumhellar
by Drumhellar on Fri 9th Mar 2018 07:22 UTC in reply to "RE[3]: Comment by Drumhellar"
Drumhellar Member since:
2005-07-12



ne·far·i·ous
nəˈferēəs/
adjective

(typically of an action or activity) wicked or criminal.


Censoring images that violate a ToS on images (We don't know if the person's images were public or not - he thinks they weren't, but who knows) is hardly wicked, and certainly not criminal.

Additionally, just because you don't notice something (or hear about in the TV news) doesn't imply it doesn't happen.


I try to base my decisions on what is known, or reasonably well supported by actual evidence. I don't base my decisions on supposition, or on what I imagine to be true.



InfoWars is run by a person who literally claimed that the reason President Obama proposed airstrikes in Syria was so he could take technology so he and fellow "globalists" could become immortal cyborgs and rule the world from their "flying jetcopters and Air Force Ones". Sadly, that is very run-of-the-mill material for InfoWars and for Alex Jones.

I absolutely distrust everything that is on that page, as should you.

And that includes everything they post about actual, legitimate government conspiracies, because what they post is going to be utter bullshit and still not based in truth.

And, honestly, I stopped reading your post there. I have never encountered a person who both read InfoWars and actually honestly cared about facts and evidence.

Reply Score: 3

RE[5]: Comment by Drumhellar
by Doc Pain on Fri 9th Mar 2018 07:48 UTC in reply to "RE[4]: Comment by Drumhellar"
Doc Pain Member since:
2006-10-08



ne·far·i·ous
nəˈferēəs/
adjective

(typically of an action or activity) wicked or criminal.


Censoring images that violate a ToS on images (We don't know if the person's images were public or not - he thinks they weren't, but who knows) is hardly wicked, and certainly not criminal.
"

You can easily justify everything with ToS. Fact is, nobody actually reads and understands them (and their implications). This is so great about ads: They only tell you the good bits, and the bad bits... well, they might be found in the ToS. If you use a service, you give yourself into the hands of the service provider, and you surrender certain rights depending on location and legislation, for example, transfering intellectual property for everything you create using a specific tool, be it a creative suite or a messenger client. It's not different with cloud storage: If the provider is able to parse your data, your data will be parsed, and maybe censored, deleted, used in ads, or sold. First claiming "we don't do this" and then doing this maybe isn't nefarious, but still a problem due to the common "don't care" mentality of users.

This is true for virtually all commercial services that say "your data is safe" and actually it isn't. Remember Equifax? It's just one of many examples.

That being said, if you trust MICROS~1 (and rely on their tools to show you a happy little world), it is your right to do so, but don't be surprised when in 2020 there will be a leak that shows how they have been secretly copying user data via telemetry streams or taking control of webcams and microphones to spy on journalists...

I try to base my decisions on what is known, or reasonably well supported by actual evidence. I don't base my decisions on supposition, or on what I imagine to be true.


That is a good starting point.



InfoWars is run by a person who literally claimed that the reason President Obama proposed airstrikes in Syria was so he could take technology so he and fellow "globalists" could become immortal cyborgs and rule the world from their "flying jetcopters and Air Force Ones". Sadly, that is very run-of-the-mill material for InfoWars and for Alex Jones. [/q]

You're missing the point. Instead of providing just a link to the first image (via Google image search), I wanted to provide a link where the image is present. On the web, there are now probably hundreds of pages which host that particular image. The fact that InfoWars was the one I chose is just pure accident, baded on Google's search result ranking.

Sorry for the confusion, the image was the thing I wanted to bring into focus, not the site it was on, its creator, or the creator's opinions (which aren't mine, by the way, but I thought that this was obvious; sorry if it wasn't to you).

Big corporations with access to user data cooperate with governments for the reasons mentioned. They get money for this by running the state's IT, and in exchange, they can (more or less) do whatever they want. It's a win-win situation when 0days are used for secret services to plant false evidence in order to accuse someone innocent who just happens to get in the way, and the more control a service provider takes, the less personal a PC will become. As the world obeys to US law, this is fully okay, everything else is in the EULA. And if nobody notices - why care?

You just need to use your power of imagination. Imagine what is possible. In the end, everything which is possible will be done, no matter if the public will ever be aware of it. History has told us that even the smallest potential for abuse in the most positive or innocent undertaking will be used by some entity that doesn't care about initial motivations or rights. This just isn't something new in today's society.

I absolutely distrust everything that is on that page, as should you.


As I said, I just linked this page because of a particular image. Any other source would have been okay, too. And you surely won't distrust what the majority on the web says... ;-)

And, honestly, I stopped reading your post there. I have never encountered a person who both read InfoWars and actually honestly cared about facts and evidence.


You're concluding nonsense. I didn't even read that page. See actual reason above. Please don't try to create relationships where there are none. Thank you.

Reply Score: 0

RE[2]: Comment by Drumhellar
by FlyingJester on Wed 7th Mar 2018 01:39 UTC in reply to "RE: Comment by Drumhellar"
FlyingJester Member since:
2016-05-11

Being "Open Source" never stopped Chromium from downloading backbox binaries on Debian that could listen in on your microphone.

Reply Score: 4

RE[3]: Comment by Drumhellar
by patrix on Wed 7th Mar 2018 09:25 UTC in reply to "RE[2]: Comment by Drumhellar"
patrix Member since:
2006-05-21

It did, because the behaviour was noticed very quickly and fixed.

Reply Score: 3

RE[4]: Comment by Drumhellar
by zima on Sat 10th Mar 2018 02:52 UTC in reply to "RE[3]: Comment by Drumhellar"
zima Member since:
2005-07-06

But this Chromium "feature" wasn't really noticed thanks to its open source nature...

Reply Score: 2

RE[3]: Comment by Drumhellar
by Dr.Cyber on Wed 7th Mar 2018 10:29 UTC in reply to "RE[2]: Comment by Drumhellar"
Dr.Cyber Member since:
2017-06-17

Being "Open Source" never stopped Chromium from downloading backbox binaries on Debian that could listen in on your microphone.

But it does make it so that people can more easily know about it.

The advantage of open source regarding spyware is not that spyware is harder to include in it, but that it is harder to hide in it.

Reply Score: 4

RE[2]: Comment by Drumhellar
by darknexus on Wed 7th Mar 2018 13:34 UTC in reply to "RE: Comment by Drumhellar"
darknexus Member since:
2008-07-15

Don't be ridiculous. Even if it were open source, no one is going to audit every line of that code before they run it. You have to trust the rest of the community, and your distributor (Canonical, Red Hat, etc) and even then you can't be guaranteed someone in the chain won't put something in later. If you audit every single line of code that runs on your machine, good for you. The rest of us have a job and a real life to worry about, so there's just as much trust required as there is with Microsoft or any other closed company.

Reply Score: 1

RE: Comment by Drumhellar
by WorknMan on Wed 7th Mar 2018 00:26 UTC in reply to "Comment by Drumhellar"
WorknMan Member since:
2005-11-13

those people still believe there is data Microsoft is hiding - a belief based on no evidence.


Well, hopefully those people are not using Windows 7, if they're that paranoid.

As for the 'FOSS or death' crowd, they would never use anything proprietary anyway, so their opinions don't matter much in this regard.

Reply Score: 4

RE: Comment by Drumhellar
by Alfman on Wed 7th Mar 2018 01:41 UTC in reply to "Comment by Drumhellar"
Alfman Member since:
2011-01-28

Drumhellar,

Of course not, at least not until Microsoft figures out a way to keep people from moving the goalposts.
If Microsoft completely stopped collecting telemetry, many of these people would believe Microsoft just found a way to do it secretly - after all, now that there is a tool that lets you view all the telemetry Windows collects, those people still believe there is data Microsoft is hiding - a belief based on no evidence.



That's not all of us though, a simple option to turn off all data collection without having to block the OS at the firewall would go a long way. A user's choice should be respected regardless of their reason.


And then, there are the people that have the opinion that Microsoft knowing how many times you click the start menu is the same as breaking into your home to read your diary.


To be fair though, even trivial evidence like that can be used in court. Beyond that, it's also a matter of principal, some of us just don't want corporations monitoring us at all. Microsoft has no business monitoring me in my home against my wishes no matter how innocuous it claims the data collection is.

Reply Score: 3

RE[2]: Comment by Drumhellar
by shotsman on Wed 7th Mar 2018 07:13 UTC in reply to "RE: Comment by Drumhellar"
shotsman Member since:
2005-07-22

There is a list of IP addresses that MS use for data collection available on the Internet. AFAIK, it changes after each update but add all those addresses to your external firewall and see how many connection attempts are blocked. It is staggering even from someone just doing a bit of web browsing (not using IE or Edge naturally).
Doing that was enough to tell me that they have clearly crossed the line. No one in their right mind can persuade me that that amount of data is related to bug reporting unless Windows 10 is the buggiest bit of software ever written.
{I'll put my tin-foil hat away now}

Reply Score: 4

RE[3]: Comment by Drumhellar
by The123king on Wed 7th Mar 2018 10:07 UTC in reply to "RE[2]: Comment by Drumhellar"
The123king Member since:
2009-05-28

No one in their right mind can persuade me that that amount of data is related to bug reporting unless Windows 10 is the buggiest bit of software ever written.


It may not be the buggiest software Microsoft have released, but it'd definitely not the best from a UI perspective. Much of this data could be UI anylitics, which may explain the volume of data

Reply Score: 0

RE[3]: Comment by Drumhellar
by darknexus on Wed 7th Mar 2018 14:30 UTC in reply to "RE[2]: Comment by Drumhellar"
darknexus Member since:
2008-07-15

No one in their right mind can persuade me that that amount of data is related to bug reporting unless Windows 10 is the buggiest bit of software ever written.

Well, if it's not the buggiest thing ever written, it's certainly up there.

Reply Score: 1

RE[4]: Comment by Drumhellar
by grat on Wed 7th Mar 2018 18:12 UTC in reply to "RE[3]: Comment by Drumhellar"
grat Member since:
2006-02-02

Well, if it's not the buggiest thing ever written, it's certainly up there.


For people who've actually *used* Windows 10, it's pretty damned solid, and as a rule, not too difficult to track down what's crashing on the rare occasions something starts misbehaving.

It's certainly less buggy than KDE (akonadi remains a disaster that requires frequent hand-holding).

Reply Score: 4

v RE[5]: Comment by Drumhellar
by darknexus on Fri 9th Mar 2018 14:42 UTC in reply to "RE[4]: Comment by Drumhellar"
RE: Comment by Drumhellar
by l3v1 on Wed 7th Mar 2018 06:38 UTC in reply to "Comment by Drumhellar"
l3v1 Member since:
2005-07-06

now that there is a tool that lets you view all the telemetry Windows collects, those people still believe there is data Microsoft is hiding - a belief based on no evidence


So, we don't know what they collect, but if they give you some tool that shows you something, then suddenly i). you know what they collect, ii). you believe what they collect is what the tool shows you, iii). everyone else is crazy tinfolhatter. The one thing you're right about is that there's no evidence, but that goes both ways, and this issue is clearly not one of belief. There's no absolute way to tell what they collect, thus, there's no way anyone could believe anything about it. You could disable telemetry service, but again, there's no evidence that's the only way they collect anything, plus, they have a habit of renaming services for fun's sake.

My point is, unless we know for sure, which we don't, there's no reason to believe anything they try to convince us about. But this is not a Microsoft/Win-specific issue, you'd do better take everything with a grain of salt.

Reply Score: 4

RE: Comment by Drumhellar
by birdie on Wed 7th Mar 2018 17:59 UTC in reply to "Comment by Drumhellar"
birdie Member since:
2014-07-15

You're so full of BS, it's unbelievable.

First of all, you can never know if this wonderful "a tool that lets you view all the telemetry Windows collects" actually shows all the data that Windows collects and sends.

Secondly, if Microsoft was completely honest, they would just let the "Off" switch for data telemetry. No ifs, no whats, just "Off".

Thirdly, Microsoft made sure that you cannot stop telemetry by 1) adding offending domains to `hosts` 2) by blocking the offending collection servers in their own firewall - IOW, they completely broke and infringed on all the networking rules and RFCs.

Fourthly, they could have made data collection Opt In rather than a hundred layers of semi-working (mostly not) Opt Out.

There's just one way not to leak your personal data with Microsoft: you do not run Windows 10 (corporate users enjoy the LTSB Enterprise Edition but let's just not talk about it right now - SOHO users cannot legally run it).

Reply Score: 4

RE: Comment by Drumhellar
by bassbeast on Sat 10th Mar 2018 21:30 UTC in reply to "Comment by Drumhellar"
bassbeast Member since:
2007-11-11

Have you ever looked at the page MSFT has for corps on how to turn off the spying in Enterprise? Its like 41 PAGES long and the majority of it? Yeah it doesn't work in Windows 10 Home and Pro, sorry, its exclusively for Win 10 Enterprise.

Here read for yourself and enjoy, according to MSFT it will take 57 MINUTES just to go through it and again, most of the things require tools simply not available to Windows 10 Home and Pro users, sorry.

Yeah so ask me again why we don't buy their bullshit?

https://docs.microsoft.com/en-us/windows/configuration/manage-connec...

Reply Score: 2

RE[2]: Comment by Drumhellar
by Drumhellar on Sat 10th Mar 2018 23:59 UTC in reply to "RE: Comment by Drumhellar"
Drumhellar Member since:
2005-07-12

The fact that you broadly classify everything in this document as "spying" shows that you are either unwilling or incapable of having a thoughtful discussion on the subject.

To you, everything is spying, including:

1) The Map app's ability to download maps

2) An application's ability to use your camera

3) Automatically setting the time

etc.

Yes. Using your choice of words, you consider automatically setting the system clock to the correct time as "spying."

A quick glance shows that the majority of these settings actually have nothing to do with data being sent to Microsoft's servers. if you had even bothered to scroll past the headline, you might have noticed.

Many of these settings are indeed available in Pro and even Home editions, and actually do not require special tools.

So, do you understand why I don't buy your bullshit?

Reply Score: 2

RE[3]: Comment by Drumhellar
by Alfman on Sun 11th Mar 2018 14:52 UTC in reply to "RE[2]: Comment by Drumhellar"
Alfman Member since:
2011-01-28

Drumhellar,

The fact that you broadly classify everything in this document as "spying" shows that you are either unwilling or incapable of having a thoughtful discussion on the subject.

To you, everything is spying, including:

1) The Map app's ability to download maps

2) An application's ability to use your camera

3) Automatically setting the time

etc.

Yes. Using your choice of words, you consider automatically setting the system clock to the correct time as "spying."


To be fair to bassbeast, you are cherry picking, however I actually found the link highly informative and bookmarked it. I wouldn't say everything that makes a connection is necessarily "spying", but technically everything that makes a connection potentially could, it's important to understand this. As a user, you may not care much, and that's fair enough, but it wouldn't be a bad idea for privacy-minded enterprise to investigate these further. In some cases it could even be irresponsible not to. For example, companies subject to PCI or HIPAA compliance should understand 100% of the traffic going through their servers, which is something they can't claim if they haven't even investigated all of the traffic sources.


A quick glance shows that the majority of these settings actually have nothing to do with data being sent to Microsoft's servers. if you had even bothered to scroll past the headline, you might have noticed.


You are right, the list has more than just network connections.

So, do you understand why I don't buy your bullshit?


Meh, it's just information, no need to call it BS. When you think as a hacker does, you begin to see ways that even legitimate channels can be exploited.

Reply Score: 2

RE[4]: Comment by Drumhellar
by Drumhellar on Sun 11th Mar 2018 19:36 UTC in reply to "RE[3]: Comment by Drumhellar"
Drumhellar Member since:
2005-07-12

To be fair to bassbeast, you are cherry picking


Come on, now. It's not cherry picking, it's a random sample. ;)


Meh, it's just information, no need to call it BS. When you think as a hacker does, you begin to see ways that even legitimate channels can be exploited.


No. I'm calling it BS. What he said was a significant misrepresentation of what he actually presented.

Reply Score: 2

To be fair
by Poseidon on Wed 7th Mar 2018 02:19 UTC
Poseidon
Member since:
2009-10-31

Seriously, Apple, Google and Microsoft all collect on their mobile operating systems immense amount of data. There's not really much that can be done about that on any platform except Android, which is released in open source mode (most of the os except drivers from vendors), but even then, that means you'd have to re-image the phone with the clean, audited version. Since the drivers are not open source, that means that your device could just be a nice PDA and that's about it, unless someone takes the time to write drivers for devices as well.

I only know of Copperhead, and they're still not as open as one would like.

That's some disturbing situation.

Reply Score: 2

Typing data, autocompletion, etc.
by karunko on Wed 7th Mar 2018 07:32 UTC
karunko
Member since:
2008-10-28

Just for the record, you don't need any future release to opt-out from this type of data collection. The feature is clearly explained to you at setup time but, should you want to check or change your mind afterwards:

Settings -> Privacy -> Speech, Inking & Typing

The "magic toggle" is there and, in all fairness, it seems to me that they're really upfront about what enabling certain features entails.

If you don't trust Microsoft to respect your choice... well, that's another thing altogether but, as someone else has posted, then why do Apple and Google usually get a pass?


RT.

Reply Score: 4

patrix Member since:
2006-05-21

They don't get a pass. Each different article gets comment pointing out the same thing, always about the other companies. Collect them all and nobody gets a pass.

AS for Microsoft, the reason to not trust them is "why now, and not when they released it?"

The deed is already done, and it's tainted the OS... And will take a while to regain goodwill if it's even possible.

Reply Score: 2

karunko Member since:
2008-10-28

AS for Microsoft, the reason to not trust them is "why now, and not when they released it?"

As I said, it's nothing new and opting out has always been possible -- since release 1511 and later, in fact. But don't take my word for it, just grab an ISO and see for yourself. You don't even need a license key to complete the installation.

But realize that if you want to talk to Cortana/Siri/Google and have them do stuff for you they need to dig into your computer to check calendar, address book, installed applications, and so on. The same goes for auto completion and suggestions as you type.

Of course you don't have to like it and nobody, not even Microsoft, is forcing you to use any particular feature, but to act all surprised and indignant is rather naive -- if not downright biased.


RT.

Reply Score: 3

Alfman Member since:
2011-01-28

patrix,

They don't get a pass. Each different article gets comment pointing out the same thing, always about the other companies. Collect them all and nobody gets a pass.



This is so true. I notice it quite a lot. It's like how the president and his representatives are constantly pivotting to divert legitimate criticism (esp kellyanne conway). It's so painfully blatant at times when they deflect and avoid serious accusations by blaming hilary or obama instead of seriously addressing the criticism as it applies to them. This can be infuriating to someone trying to stay on point, to say the least, but obviously that's the intention. I don't know if it's coincidental or not, but I am noticing this tactic more in online discussions. Maybe I am just becoming more perceptive of it too.

Edited 2018-03-07 15:39 UTC

Reply Score: 6

Dr.Cyber Member since:
2017-06-17



If you don't trust Microsoft to respect your choice... well, that's another thing altogether but, as someone else has posted, then why do Apple and Google usually get a pass?


In what way do they get a pass? I think most privacy concerned people know that they should avoid MS, Apple, and Google as much as possible.

Reply Score: 3

A step inthe right direction
by dusanyu on Sun 11th Mar 2018 17:31 UTC
dusanyu
Member since:
2006-01-21

But I think I will still be using spybot anti-beacon as a little extra cover my butt

Reply Score: 1