Last week, I turned on my PC, installed a Windows update, and rebooted to find Microsoft Edge automatically open with the Chrome tabs I was working on before the update. I don’t use Microsoft Edge regularly, and I have Google Chrome set as my default browser. Bleary-eyed at 9AM, it took me a moment to realize that Microsoft Edge had simply taken over where I’d left off in Chrome. I couldn’t believe my eyes.
I never imported my data into Microsoft Edge, nor did I confirm whether I wanted to import my tabs. But here was Edge automatically opening after a Windows update with all the Chrome tabs I’d been working on. I didn’t even realize I was using Edge at first, and I was confused why all my tabs were suddenly logged out.
↫ Tom Warren at The Verge
I would never accept such disregard for users from my computer.
Uses Windows and Chrome, and then complains that his privacy is not respected. Rather ironic.
What’s wrong with Windows and privacy exactly?
Do you have a single proof it’s leaking data to MS? Maybe a Wireshark dump? You can install it in a few moments and set up MITM to see all the traffic Windows sends to MS HQ. Is there anything on the Internet? No?
Then why are you lying that Windows is somehow “bad for privacy”?
Microsoft tells you themselves exactly what they collect, use, and share, and it’s second only to Google in its breadth and depth:
https://privacy.microsoft.com/en-us/privacystatement
Don’t spout bullshit you know absolutely nothing about, it’s a bad look.
Artem S. Tashkinov,
Having done this before, all you can really show is that they’re phoning home. You can see DNS lookups and HTTPS certificate info, but most of the traffic is encrypted and IMHO reverse engineering the OS payloads could be quite challenging.
We do know about a lot of what they collect.
https://www.howtogeek.com/224616/30-ways-windows-10-phones-home/
https://www.howtogeek.com/348699/how-to-see-what-data-windows-10-is-sending-to-microsoft/
https://privacy.microsoft.com/en-us/data-collection-windows
A lot of this is documented by microsoft, although it’s unclear to me if they’re collecting anything we don’t know about and it would be hard to find out. Some of it is definitely sensitive. For example they take your bitlocker keys if you use a microsoft account. IIRC they take your wifi keys by default, effectively giving microsoft (and law enforcement) backdoors to defeat encryption.
There should be laws against this sort of takeover. If there was, these “bugs” would never occur.
Paradroid,
This is kind of alarming. Companies like microsoft/google/apple have technically privileged access to our computers, just think if they all started to do this. It doesn’t have to end with browsers, they could use OS updates to replace all of your applications with others that fit their interests. Software developer could pay microsoft/google/apple for app conversions. As objectionable as this is IMHO, if we allow such practices to be normalized, surely such a service could be worth millions if not billions.
All the major OS vendors do this, and personally as long as the data is deliberately and unambiguously anonymised I don’t have a problem with metrics being collected, in fact it’s critical if you improve the products. Many regions already have laws that cover this type of data collection.
If at the client end those metrics are used specifically for the purposes of the client it can’t be a violation of privacy, a violation of privacy would be to take your open tabs and deliver them to the 3rd party for examination. If they take your tabs and give them back to you it’s probably data protection.
cpcf,
Well, it’s really the reverse that matters though, when data is collected and set to the vendor. You could say privacy isn’t a factor if the data doesn’t leave the end user’s property, but I’m not sure users should be making such assumptions. As documented here, browser history does get synced to microsoft servers…
https://support.microsoft.com/en-us/microsoft-edge/view-and-delete-browser-history-in-microsoft-edge-00cf7943-a9e1-975a-a33d-ac10ce454ca4
Steps to disable sync are given here…but many users may not even realize this is happening.
https://www.howtogeek.com/399568/how-to-disable-and-remove-windows-10-account-sync-settings/
There are several users in this thread trying to disable sync and not being able to.
https://answers.microsoft.com/en-us/windows/forum/all/how-can-i-turn-off-the-sync-function-my-microsoft/9beebbdf-f4bf-467c-8aca-32dad307cab1
IMHO browser hijacking has always been concerning. I don’t know if microsoft intends to deploy this hijacking to a wider audience or if it’s just a test group, but if they intend this to happen for all windows users, then it’s clear evidence that they are abusing their monopoly again.
You’re talking about opt-in or opt-out telemetry, which is fine if you know about it and trust it and agree to supply it. For example, many tens of thousands of Debian users willingly and knowingly install the popcon package and send off system data to be collected and analyzed and shared on a regular schedule. But what MS is doing with Edge and Google with Chrome here isn’t like that at all. Your tabs are being a) broadcast without your knowing consent, and b) hijacked into another browser without your knowing consent.
And the response from Google and MS will almost certainly be something along the lines of, “Calm down, you people are so paranoid …”
From the article I can’t determine if it’s a Chrome or Edge issue, the author assumes Edge stole something, but it could just as easily be an issue with how Chrome leaves stuff lying around in which case it’s a massive security threat but not specifically a violation of privacy.
cpcf,
It seems like more than a bug, rather intentional behavior. But let’s see if they apologize/patch it or if they dig in. If they dig in, then obviously it was intentional.
That seems to be a pattern with MIcrosoft, especially since Windows 10 came out and every single Windows user became an unpaid beta tester. Sometimes they will backtrack, roll the feature back, then quietly push it out in a later patch or feature update. I’m glad I left that world behind at home, unfortunately I still have to deal with it at work.