> However, before more info is gathered, Microsoft’s privacy governance team, including privacy and other subject matter experts, must approve the diagnostics request made by a Microsoft engineer. If the request is approved, Microsoft engineers can use the following capabilities to get the information:
> Ability to gather user content, such as documents, if they might have been the trigger for the issue.
This means that Telemetry in Windows 10 is a built in backdoor that allows Microsoft to access your local files. That is disturbing. At minimum, explicit user consent should be required, i.e. a popup asking if you'd like to share a specific file with Microsoft.
And if you look in the comments even for enterprise he chose a "customized install" to be presented with 15 pages of telemetry options (all default on even in enterprise). He selected "No" for all telemetry data (in the customized install that even most admins would trust is not necessary from MS rhetoric) and is still getting this activity.
Thanks for catching that. It is still worrisome that there is activity after disabling the 15 options (3 pages) and maybe more worrisome that you don't get that option in enterprise edition without a custom install. Working in biotech, pharma companies do not take well to external network connections. Although most will have whitelist firewalls, I would have expected the default in enterprise would be to not phone home.
I can understand Microsoft forcing non-Enterprise users to update. What I don't understand is why only the Enterprise version of W10 has switches to control the leakage of information. The cynic in my thinks maybe Microsoft is fulfilling some three-letter agency wishlist items.
Even if the US government were entirely trustworthy, other governments are not. Does Microsoft really want to be put in the position where they either have to face sanctions or turn over the data of somebody whose big crime is being the opponent of somebody powerful?
I can't. I bought windows. If I don't want the new version or the new patches I damn well shouldn't be forced to use them. This crap doesn't fly with anything else, why do we accept it with software? Would it be ok for GMC to come to my house at night and replace a recalled part on my truck in my garage without my explicit consent?
GMC won't fix your truck, but Tesla might upgrade their cars when you aren't looking.
I look at patching almost like a public health issue. Vaccinations are important because they protect you and the people around you. Likewise, secure machines connected to the internet are good for the owner and everybody else on the internet.
I get what you are saying, but I think the forced patches on consumer machines is at least arguable. The forced collection of data seems less defensible to me.
> I have configured the DD-WRT router to drop and log all
> connection attempts via iptables...
I'd be more interested in seeing the result of letting the connections succeed while timing how long they stay open and how many bytes are sent/received. The fact that thousands of connections are opened is likely a result of retry mechanisms after the connections are dropped at the router. Perhaps the first thing Windows 10 does is let Microsoft know "this system has opted out of the following tracking: ..." so that connections to Windows Update, etc. don't end up logging additional information.
I'd also like to see a similar comparison for an average desktop Linux installation, OS X installation, and so on.
"I'd also like to see a similar comparison for an average desktop Linux installation, OS X installation"
I agree. I'd really like to see an analysis of Android and ChromeOS. I'm glad to see Microsoft in the spotlight over tracking and analytics as this is a subject that gets far too little scrutiny from the tech community.
Tracking practices are widespread in the industry. Take Chromebooks for example, they are now used in many US schools. The kids have no choice in using these laptops, it's the adults who make the decision to deploy them (and Google that heavily promotes their use). The privacy implications of an OS that requires sign-in and then tracks every app and website you use are horrendous. Yet there's barely any scrutiny from the tech community.
We really need to apply this analysis of Windows 10 to other operating systems, especially ones that we know track you by default.
Yea I know he mentions Android and ChromeOS, but I'm mostly asking where the info is to support his claim that "we know they're tracked by default". I've never come across anything yet related to ChromeOS that even comes close to the Win10 tracking by default, but it seems presumed for some reason.
ChromeOS is mostly a cloud-based operating system. Although, there is an offline mode, apps and data reside in the 'cloud' (Google's servers). Cloud-based software makes it very easy to track users.
To use ChromeOS you must sign in with your Google account. Although you can use it as a "guest", this will limit what you can do.
Once you are signed-in, Google knows which web apps you use, including when and how often you use them. It knows (and records) the websites you visit (unless you browse constantly in private mode). It even knows when you print to your desktop printer because print jobs are routed through Google's cloud print service first.
To repeat: none of this is anonymous since you must be signed into use the OS properly. A Google account = your name, date-of-birth, gender, location and (optional) phone number. In other words, some of your most private and personal details.
In my view, this all amounts to a privacy-invasive OS that tracks you by default.
I'm not very familiar with ChromeOS but I can cite an example in Android:
When you turn on Location in your Android phone, every time there is a disclaimer (unless you turn the notice off). It says that Google will collect your location data. If you decline, your phone's GPS is useless. So, in order to utilize the hardware you bought, you are forced to give up your privacy.
This is the definition of "tracked by default". Is there any hardware feature that Windows does not allow users to access if you turn off all the tracking?
I'm pretty familiar with Android and this isn't quite true. It prompts to ask if your phone can report nearby WiFi hotspots to Google and use that information to try to get a more accurate location than GPS provides.
But GPS still works. GPS even works with the WiFi and mobile radios turned off. GPS works without the Google Apps installed, and without the WiFi location being enabled.
All the android phones I've used do not let you turn on gps (even the non assisted gps) option without making you agree to data collection. It does work without a data connection but I assume they store the data till the next time you get Internet.
Edit: I read a bit about this. There is something called Google location history. It's on by default and tracks and reports your location to Google. You can turn it off (it's a bit non-obvious but not very much so). The wording is "Places you go with your devices will stop being added to your Location History map". So there, "tracked by default".
The data collection is active only in 'High accuracy' and 'Battery saving' modes. Both these modes are services, the phone asks Google servers "I see wifi with SSID ABC and MAC 0:1:2:3:4:5, where am I?" or "I see celltower of provider 0123, with id 456, where am I?".
In 'Device only' mode, your location is determined purely by the device hardware. If anyone, it's Qualcomm who knows about you, due to AGPS request.
Then there is a separate service, Location History, that can be turned off.
To the best of my knowledge the only telemetry that OSX provides is crash logs, and only if you opt into it. You could argue that spotlight's (and Safari's) web search should be included, but I disagree.
Because they aren't metrics, but search integration. So as I understand it, they equivalent to google instant (safari literally; spotlight on the same vein) and they claim not to retain data on them.
> I'd be more interesting in seeing the result of letting the connections succeed
Or route them to an internal system with a promiscuous HTTP server that gives a 200 response to any request. One could then parse the logs to see which URLs were being requested.
> The only way to turn Telemetry data full off is to use Local or Group Policy (and an Enterprise SKU, to be fair), as documented by Microsoft publicly. You cannot disable telemetry using the UI in Windows.
Strangely, I decided to lock down my Win10 Pro machines earlier today after seeing telemetry traffic reported by GlassWire.
I ended up using O&O ShutUp10, a free app with a simple on/off interface for a bunch of Windows privacy-related settings, including telemetry.
There are other apps, and ways to block specific domains and IP to prevent Windows from calling home. It's staggering to see just how many part of the OS actually report information.
The problem most people have is how opaque the choices are and how little control users have over them. OP in the linked thread mentions disabling /all/ telemetry options during install, but here we are.
Yes, but isn't that basically letting the fox guard the hen house? If you already don't trust Microsoft based on articles like this, depending on Microsoft's firewall is not really a logical choice.
For what it's worth, I have Windows 10 Home and Pro as well as Windows 7 on several machines, and according to my router Windows 10 is only slightly more talkative than 7. I think that is mostly the Windows Store and Cortana stuff. The dreaded telemetry from 10 has already been backported to 7 and 8/8.1, so it's better to say "Windows tracks you" rather than "Windows 10 tracks you".
> With Windows 7/8 you can opt to not install telemetry updates.
For now, yes. In the future that may change, just as it did when the Windows 10 update changed from "optional" to "recommended" and the installation began without user interaction.
When you combine that with Microsoft's truncated support life cycle for 7 and 8.1, you end up feeling forced to move to 10 one way or another. I'm not saying that Windows 10 is a bad OS (indeed, I enjoy it on my gaming PC and my Stream 7 tablet, and it has been a huge performance boost to my wife's PC and laptop). I'm just saying that any pretense of "Microsoft would never say one thing and do another" is null and void at this point.
I used to have strictly manual updates set up. Yes, past time. One day I've had to hide KB3035583 one time too much, so now I'm getting used to El-Capitan.
I block all outbound traffic on several of my CentOS 7 boxes and have logging rules just before the reject rules. I get zero hits.
This includes 2 workstations. In fairness, my /etc/resolv.conf points to recursive cache servers on my vpn, but I do log all my DNS queries. The only log entries are for things I ask for and Firefox trying to dial home.
This is pretty weaksauce. You can get all the open sockets in like 10 seconds. Besides, all of these IPs have been out there ever since W10 came out. How about an actual analysis of what data is being gathered, what data is sent, and what settings affect it?
I'd bet a lot of it is encrypted. The flip-side of having security. Remember the "smart" TV spying a few years ago that was discovered only because it was doing it in plaintext?
With encrypted connections, you won't know what data it's sending, and if MS's treatment of security in other areas in previous versions of Windows is any indicator, the certificates will also be hardcoded so it's very difficult to MITM. Good for stopping everyone else from spying on you, but really bad when it stops you from knowing what data your own machine is sending.
I can't see an analysis of this, just a huge list of IP addresses? We need to know what the actual content is and from what Windows components it's being sent.
AFAIK setting Windows firewall to deny all outgoing and then manually whitelisting apps you use cuts all(') logging. Microsoft would be crazy to punch backdoor holes in its own firewall, it would probably kill enterprise market.
' maybe almost all, you need DNS. I dont know any way of letting applications use DNS selectively, its all or nothing :(. This forces you to let svchost.exe talk outgoing 53 udp.
That is putting a lot of faith in both Microsoft and the windows firewall, which has historically been very weak. Microsoft has also indicated that they're not adverse to bypassing users' obvious attempts to protect themselves from spying, for example: bypassing hosts file entries for telemetric data exfiltration. So while the firewall might work today, there is absolutely nothing preventing a future update from silently changing the rules of the game.
I suspect the problem will be if they have independent security tools near their network edge that MITM their own traffic, as discussed elsewhere on HN recently. If Microsoft are hard-coding addresses and certificate details for its online services within Windows itself, the security tools won't be able to inspect that traffic, and will probably be set to block it by default.
I suspect the kinds of organisations operating these tools would consider that "working as intended" in most cases, but if it interferes with the enterprise-grade configuration and update management tools then that could be an issue for them.
My point was that they will be able to detect if Microsoft is subverting the Windows Firewall, trivially. So it would be incompetent for Microsoft to subvert the firewall and expect those users not to notice and incredibly foolish for Microsoft to do it if they think those users will object by moving away from Windows.
I've heard that adding certain entries to the hosts file doesn't stop much of the telemetry from happening, so I wouldn't be surprised if the same was true for Windows Firewall.
I use a third party firewall with all the known telemetry domanins added to a block list.
It might not be so difficult to just patch this stuff out, but the biggest problem is the automatic updates which could replace your changes. If someone eventually finds a way to allow updates and automatically merge them in with the local changes, that would be very highly appreciated for all those who are forced to use Win10 for other reasons but do not want this behaviour.
Uhh that script is horrifying. It is from the same Cargo cult technical support personnel that run stuff like CCleaner, BleachBit, and memory cleaners. Just go look at the script itself and the supporting scripts, if nothing else they make a lot of assumptions about what the end user does or does not want, and it reconfigures the machine in such a way to disable legitimately useful functionality.
if nothing else they make a lot of assumptions about what the end user does or does not want
If anything, Windows 10 makes "a lot of assumptions about what the end user does or does not want"... and that script is just a different set of assumptions, perhaps ones that users would agree more with.
You could argue that anything is "legitimately useful functionality", while someone else would say it's privacy-invading spyware.
Which one would you rather debug, as an end-user or support technician? The options set by Microsoft, or the options set by an opaque tool from some third party? There will be a lot more community support for fixing those issues caused by Microsoft. The issues caused by the third party tool are way more likely to harder to find discussion on and solutions of
> it reconfigures the machine in such a way to disable legitimately useful functionality.
???? What are you talking about? Everything it does is pretty bog-standard troubleshooting in the PC tech space. chkdsk, sfc, rebuild the DISM store, run some anti-virus engines, etc.
Very interesting. I too have been struggling to find decent analysis on W10's telemetry features. While not everything on his list is specifically telemetry, it certainly shows you the shift from "give the user full control" to "be convenient at the cost of privacy" (to put it nicely).
This website uses cascading stylesheet portions (please read what Cascading Stylesheet is) which are provided under CPAL by Reddit Inc. Copyright (c) 2006-2013 reddit Inc. All Rights Reserved. Original stylesheet file can be found here: reddit.less at github Attribution link: code.reddit.com
> However, before more info is gathered, Microsoft’s privacy governance team, including privacy and other subject matter experts, must approve the diagnostics request made by a Microsoft engineer. If the request is approved, Microsoft engineers can use the following capabilities to get the information:
> Ability to gather user content, such as documents, if they might have been the trigger for the issue.
This means that Telemetry in Windows 10 is a built in backdoor that allows Microsoft to access your local files. That is disturbing. At minimum, explicit user consent should be required, i.e. a popup asking if you'd like to share a specific file with Microsoft.
Source: https://technet.microsoft.com/en-us/library/mt577208.aspx?f=...