Historically I've minimized the use of Windows 10 on my home network, because of Microsoft's history regarding privacy and spyware.
Lately, however, I've considered letting Windows 10 run in a fairly locked down VM, so my family can use some apps and games that don't function well in Wine/Proton. I reckoned that the combination of VM isolation, and limiting Windows 10's internet access to a handful of whitelisted domains, is a reasonable compromise. I.e., I had a technical solution to a technical problem.
But this news story reminds me of another reason to keep Microsoft out of my network: they piss me off. Regardless of whether or not I'm currently ahead of them in the arms race. I don't want to reward Microsoft with even one more installation, and I don't want to be perpetually pissed off about something on my network. I crave Schadenfreude for everyone who conspired on this.
(Yes, I realize this sounds like the backstory for the least-compelling super-villain character ever.)
My Windows VLAN simply doesn't have any internet connectivity at all. I use those machines for benchmarking work, and I can't have them installing updates and invalidating previous measurements. Isolating them from the Internet entirely is the only simple way to make sure Windows updates are really not going to happen for any reason.
You are probably safe with your setup, but be aware that windows has peer-to-peer update functionality, so if another more up-to-date windows installation gets within reach of your benchmarking machines, it could potentially update them.
I have considered that, but it seems Windows still needs to phone home to Microsoft to check what updates are available, even if it acquires them locally.
Interesting. I do something similar, for an entirely different reason. Basically, I don't want any information about what I'm working on leaking to Microsoft. Or to anyone, for that matter. So I have a Win10 VM, with apps that I need, but with no sensitive information, and periodically install updates.
Whenever I need to use Win10, I create a clone, remove the network adapter, and attach a VDI containing my data. And once I'm done, I delete the clone.
Windows isn't allowed to run on any of my networks, and visitors who bring their own laptops are not allowed to connect if they're running Windows. I give them a bootable USB stick with Linux to use until they leave. Anyone knowledgable about tech (i.e. everyone on HN) is a fool to do otherwise.
Why do you believe Windows running on someone else's computer is a threat to your network? It seems to me that if Windows's telemetry is a threat, it's a threat to that person's computer and not your network. So this strikes me as an extreme overreaction.
Disclosure: I work at Microsoft on the Windows accessibility team. But this is my own opinion, posted on my initiative, and I do try to have nuanced positions even when it comes to my employer.
For me it's because I just don't trust Microsoft anymore. Whats stopping them from using their broad powers under their EULA from collecting information about any device on my network that will respond to the Windows 10 machine's request? The amount of telemetry they force you to accept just to use Windows 10 is unacceptable. If I want a local user account without the OS phoning home for anything other than Windows Update, I should be able to do that. Instead, on a default install of Windows 10 Pro, which I bought a license for, I get tons of preinstalled crapware / links to install said crapware, a barrage of attempts to convert my local user account to a Microsoft account, an antivirus tool that's so aggressive that some of my software development tools have had to include directions for whitelisting their cache directories, and just this persistent worry that Microsoft will push out the next update and break my PC or start collecting new data, or re-enabling things I've already disabled.
My ideal Windows 10 setup would be basically Windows 7 + a wizard of 'Do you want this feature / telemetry' that actually respects my answers.
> Why do you believe Windows running on someone else's computer is a threat to your network?
Not the OP, but given how Windows 10 treats the privacy of its localhost user, I can't rule out it trying to obtain information about other hosts on my network and sending it back to Microsoft.
Can I truly rule out the possibility of it sniffing network traffic to see what DNS queries are posed by other devices on the network? Or telling Microsoft about the count/timing/type of cellphones connected to my network?
I concur. Unfortunately, Microsoft has forfeited a lot of trust in recent years through a series of user-hostile acts it has taken in connection with Windows 10. It's prudent to apply the principle of least privilege with any device on your network, and given those user-hostile measures, a rational response is to consider a Windows 10 machine as potentially hostile and apply similar restrictions to something like a BYOD environment. After all, a device can't compromise information it never has through an external firewall that won't let it phone home.
There is a difference between something you can't rule out as impossible because it isn't a violation of the laws of physics and something you can't rule out as implausible based on the observed past behavior of the entity responsible.
If I told you that an operating system has just been caught doing that, would your first guess be Windows or Debian?
Rationally any device you allow unisolated on your network is a potential threat. Rationally you'd be more worried about infectious malicious packages or applications the user might have unknowingly installed and active than the base system/OS itself.
Empathically people will tend to tar with a bigger brush, like banning all Windows machines of the network, or not allowing any Huawei devices etc.
While these may not be 100% rational trade-offs, there are underpinnings in some if not all of these cases that can have some merit. The US lenience with regards to surveillance and their gagging laws, same for the Chinese etc.
So once that trust is lost, you will be hard pressed to convince people otherwise. What measures if any they are willing/capable to implement in light of that lack of trust will of course be different from person to person. One person's 'extreme overreaction' is another person's 'healthy caution'. One person's 'Calculated Risk' will be another person's 'Callous Neglect'.
I created a separate, isolated network, which is the only one that guests using
Windows can access. Same goes for Android phones running default images from
their manufacturers.
That is not reserved only for guests, thought.
My wife is now working from home, and follow best practices when it comes to
device separation, so she uses her company given Windows 10 laptop for work.
That computer can only connect to the isolated network.
At this point, I would argue anyone should do the same.
I tell them which network to connect to — the isolated network has a different name than the main one —, and share a link with them containing the password over whatever messaging application we use to communicate.
The password for the isolated network has been randomly created using apg[1], so I just share a self-destruct link from a self-hosted PrivateBin[2] instance. The bin part is totally overkill, as long as you create a typeable password using the diceware technique, but since I have the instance running, why not use it? ¯\_(ツ)_/¯
Using apg to generate the diceware password for you is as simple as:
Security of your network shouldn’t depend on your visitors not running malware (and/or Windows). I’d suggest putting them in a separate WiFi network isolated from your internal LAN and from each other. Most decent APs support it and call it something like client isolation, on top of that you might want to assign this traffic to a separate VLAN that only routes to WAN.
I think you are coming to this point from the wrong angle: if the OP thinks (like I do) that telemetry itself is an invasion of privacy, which data is sent is irrelevant.
Asking "what data do you think they will exfiltrate?" assumes that the only reason to oppose telemetry is "they might see something I want to keep hidden". But, as it's often said when it comes to other people attempting to cross your personal boundaries, "'No' is a complete answer".
Hmm. That's a cute way to talk through the ideas. But if someone asked for actual tea, then decided they just didn't want it, it would be okay to be a little pushy. Not hugely pushy, but notably more than with 'tea'.
Eh? Why would that be ok? I think it's worth asking them why they don't want it anymore. If they continue to say no, do you really think it is ok to start pouring it down their throat?
Consent can be revoked at any point in time.
For what it's worth I think most cultures today are crap at consent. I think many of us are victim to a pre-#MeToo culture where sexual harrasment was somewhat more socially 'acceptable' or 'accepted' [1][2]. I think of the memes of women who seem uncomfortable when Biden touches them. Dr. Bessel van der Kolk talks about his desire for a 'trauma-conscious' society.
To me there is no denying that often we have been hurt, and that there is not enough support for many people out there. I believe we don't get the support that we would need to heal from these things. Walking around hurt and unhealed is unfortunately the norm.
> That's a cute way to talk through the ideas
Rape and sexual assualt are very common, so I think this video is more than 'cute'; it's essential. I hope we start showing this to kids at a younger age, to help them grow boundaries early on. This also concerns consent for non-sexual contact such as hugs, or just any other type of physical contact with another person.
Pouring tea down someone's throat is more than "a little pushy".
I mean that "come on, you got me to make this tea, at least have a sip" is perfectly fine to say about actual tea. In the analogy, doing that is not good.
(Assume this is a situation where they don't have a specific reason, so asking why they don't want it is completely nonproductive.)
But an example that I once used to explain to my wife why I don't trust TikTok and whatnot:
Some time ago (I obviously won't say when) we interacted with a person, that had a bounty on his head, setup by Boko Haram, and people DID tried to kill him before. What if for example we had filmed him and that information leaked or got intercepted?
Me, and my wife, have no enemies, done nothing illegal, and so on, nothing to hide personally, but about other people we interact with? What if some day a friend on internet, maybe a gaming buddy, tells me a important secret out of the blue because he needs urgent help, and that secret gets intercepted?
Suppose you will forevermore remain a boring person who never has anything to hide. So you knowingly use spyware, because you're an open book.
That enables common software to be spyware. If people are willing to use it knowing full well what it is, it continues to exist and be popular. Then people who do need privacy for legitimate reasons don't realize that, or don't have any good alternatives because the better options are niche and make them stick out like a sore thumb. And then dissidents get killed.
Don't get dissidents killed. Just Say No to The Cloud.
Not OC but for example for me I won't like that a list of all my files,app or urls I visited to be saved and stored somewhere. Telemetry should always be opt-in or ask the user (we had cases where for example people were recorded by mistake and the conversations were send to contractors/developers without the user knowing)
It's not that easy. Take into consideration spreading of sensors like light/water/gas/sewerage meters, which report measurements to a central SCADA. I touched that around a decade ago, I had to build link with the meters with AT commands through GSM with modbus protocol on top of that.
These days it's a grown-ass market with competition and much more advanced toys involved. You turn on water, they know timings and how much you used. You use more electricity, they call you to suggest a different plan. You used drugs and flushed, they find metabolites in sewerage sensors (I heard that on news, dunno maybe bs).
So I think it's basically about bills; cameras in toilets are different market.
The point is that the family might actually want to upload their stuff to the social network, while using an OS and associated software doesn't and should never translate into surrendering all use and other personal data.
Would you find comfortable if while eating at the restaurant with your SO, a waiter sat at next table constantly staring at you two, and taking notes on what you eat, how you do it, in how much time and how much you appear to have enjoyed it, possibly also by analyzing your words?
Stupid example maybe, but that would be just one of the many exact equivalents in real life. Don't tell that to toilet manufacturers:)
It's called consent. No one likes being stalked or their will violated. A company that does not think much of your wishes and desires will cause you harm when they have to. What can be used against you, will be used against you.
Rhetorical question I know..., but I cannot resist to add 2 observations I made in the past
- The Finnish army did not have doors at their toilets before they got a female defense minister who obviously shocked by that practice ordered that doors need to be installed.
- In 2008 I visited New York City while suffering from stomach problems (We had bought the tickets months before.) While strolling around near Washington square I urgently needed to visit a toilet. I run to Washington Square and into the public restrooms there, to make the shocking discovery that there were no toilet cabins. It was just a big room with several toilet bowls and of course I was not alone. But there was no choice: It's the pants or the (semi-) public toilet bowl. (It remained unclear whether the setup was a result of vandalism or a prevention of vandalism or what)
I'm neither Finnish nor American and I found both learnings pretty shocking. But obviously it's just a cultural thing what is shocking and what not.
That said I am not happy that spying on users, whether its Android apps or Microsoft telemetry is seen as culturally acceptable instead of shocking by a majority of the public today.
Every TOS update and every windows update (probably also unasked for) means it's a never ending task to stay on top of things, the only winning move is not to play.
>I'm so curious. Why do you care so much about Microsoft telemetry?
You can be curious, but it's not on the OP to have to argue why he cares. Microsoft should not exfiltrate anything without asking for explicit permission, and honor a blanket refusal without exception. That the OP has to go through extreme countermeasures to prevent this leeching is unacceptable.
>Do you ban your family from using social media as well due to data collection?
This logical fallacy rhetoric is known as a whataboutism [1](an attempt to discredit an opponent's position by charging them with hypocrisy without directly refuting or disproving their argument)
Actually, I think it's a reasonable question as to why I care so much.
I'd like to say I have a rational justification based on risk/reward analysis, but I don't have enough information or time to really do that.
Honestly, it's more visceral. They repeatedly try to deceive people to pry away their private information. I want it to stop, and (probably to my discredit) I have strongly vengeful fantasies against the perps.
I guess I just heard a different tone in @jonax's post.
To me, his/her first question just showed interest in the perspective I'd posted.
I took @jonax's later questions as a kind of Socratic questioning. Which can come across as either a way to help sharpen one's position on a topic, or as an unwelcome display of skepticism, depending on the audience. I assumed the former.
If I had to criticize that post for something, it would be that it made wrong assumptions about how I'd answer that first question. So the subsequent questions weren't really on point.
Your answer aligns with pretty much all the others. They have in common reprhasing the original situation or questions in extreme way possible.
Cake is a personal taste. Are technical choices a question of taste. Your arguing against debates and technical discussions.
It's telling that many examples given were using video feed or pickpockets as an analogy to telemetry. These are not interesting explanations. Going to extreme arguments is not illuminating.
Sometimes I too take someone's position to a logical extreme. Not to be a jerk, but to start teasing out which parts of their statement need more nuance. Kind of like doing a binary search to find what they really are trying to say.
I've mostly stopped this approach though, because it makes people doubt that I'm having the discussion in good faith.
I'm sure you leave your car doors unlocked, because you don't mind if people randomly rifle through your glovebox as long as they don't take anything. Right?
And yes, this analogy is admittedly a weak one, because while your particular brand of car does have locks on its doors, the manufacturer didn't give you the key.
For all the people who keep fawning of how Microsoft is now such a wonderful friend of open source, how this is not the Microsoft of 10 years ago, blah blah blah, THIS is why the old timers don’t trust them. THIS kind of behavior is what we expect from Microsoft, and is exactly why we have long memories and distrust of them, including all their new seemingly open initiatives.
Thank you. If I have to read one more damn astroturfed post about how Microsoft is a totally different company, or that WSL can't conceivably be part of a next gen EEE, I'm going to puke.
And for some reason they always feel the urge to name drop the current CEO.
Microsoft is the General Motors of computer software. They rode high and then rested on their laurels. They learned that they can't sell an operating system directly to consumers, so they're trying to steal users away from macOS and Ubuntu so their spyware OS can make them money that way.
So who would you trust more? Red Hat? Apple? Mozilla? Independent developers? DuckDuckGo? Your government? Yourself?
All of them will betray your trust, either through maliciousness or incompetence. All major Linux distributions ship Firefox as the preferred default browser, which would be considered spyware if it were held to the same standards that Microsoft is held to. And even if they didn't, odds are you'll screw something up and get hacked (nobody, not even DJB, is perfect).
> All major Linux distributions ship Firefox as the preferred default browser
Which is why anyone truly privacy conscious would use a distro or OS that isn't mainstream. My personal preferences for obscure OSes are Void Linux and OpenBSD. Void has a barebones installer image without any desktop software, you can build that up into whatever you want with whichever browser you prefer. A good simple setup would be something like i3 or dwm with the Surf browser.
With OpenBSD you do get a basic desktop window manager, but no browser is installed by default and the authors of that project are extremely privacy aware and security focused.
> If you really want privacy, don't use a computer.
I would amend that to "...don't use the Internet". A computer without a network connection isn't giving away your secrets, but even the most locked-down device can still leak data as soon as it's on a network, especially the Internet. Your ISP is fingerprinting you right now and there's not a damn thing you can do about that.
I think choosing a community-run distro rather than corporate-run one is probably more key than being 'mainstream' or not. (Though Void Linux is my distro of preference as well.)
Trust noone. Trust nothing. But make a particular point to especially distrust anything that has a decades-long history of screwing over anyone who trusts it.
Sorry, but I couldn't help but laugh the whole time reading this. The vast majority of these things are bullshit.
- portal detection is a plain GET request - no actual data is sent
- Google Analytics is used on Mozilla Web pages, not Firefox itself
- default search engines are meaningless, as you can pick which one to use and not even suggestions are requested without opt-in
- FHR I believe is still opt-in and also contains no PII
- Pocket does absolutely nothing unless you manually register and log in
- Auto updates are only on Mac and Windows, but if you're using either of those, you really can't complain here
That site is a good resource, but it is extremely exaggerating the situation - and that's not ok. Once you label Firefox as "spyware level HIGH", what do you call something like Windows 10? Firefox has a few opt-out points of telemetry that share no PII and aren't correlatable by design, whereas Windows 10 has no opt-out and automatically sends everything from local search queries to full binaries back to the mothership.
Saying everything is bad isn't helping anyone. We need to work on getting people off the things that actually violate their privacy (Windows, most Google products, FB, Web trackers...) and only then start working on improving the lesser offenders.
Companies seem to follow a standard rulebook for these things. Do something flagrantly invasive and outrageous, wait for the inevitable backlash and then back down on a few of the minor points which is also great opportunity for PR to say how much they care about your privacy, and when the dust settles, they've gained a little more ground against user control of their device.
"Ask for more than what you want and then negotiate to some middle ground."
Very common practice in politics which serves both sides (assuming the most common 2 main parties context) as both of them can tell voters they accomplished part of their goal after hard fighting.
No, because technically it doesn't unset your default browser.
It's default behavior in Windows 10 to ask the user to confirm the default handler for certain URI schemes after a new application capable of handling them is installed. The same would happen after installing any other browser.
I can't verify now, but IIRC if you dismiss the dialog the default handler doesn't change, basically it gives you an opportunity to change your default without delving into Settings. Android does something similar.
Another thing: Windows 10 at some point removed the API for changing default URI and file handlers, so they would need to use private APIs for something like that (to be fair, APIs for automatically pinning icons to the Taskbar never existed in the first place, but all Chromium-based browsers do it anyway)
Setting file handlers are still allowed IIRC but yes, the default browser API doesn't work anymore and pops up a "select a default browser" widget.
IIRC no browser currently force-selects a default browser via private API, except for new Edge if you had old Edge as default (since old Edge is uninstalled at the same time).
Yeah it seems like Microsoft is playing both sides. On the one hand they want New Edge to just be a new version of Edge if they already use Old Edge, and on the other they want New Edge to be treated as a new browser if you aren't using Old Edge.
But users didn't install Edge. It installed itself. Yes, writing a special case for just this one situation sounds annoying, but they have a responsibility to their users. If the user didn't install something new, they shouldn't get the popup. That was the deal and MS broke it.
Getting updates from Windows Update with everything they include, was also part of the deal.
As you say, they have responsibility to their users;
If the URL handler was old Edge, and they didn't change it while removing old Edge, the user would have broken internet access and not understand why. That's no good.
If the URL handler was updated to quietly move to new Edge, they just swapped out a major piece of software for one which looks and behaves differently, with a different icon, without any introduction or warning or confirmation, which is an awful experience for users. Microsoft get accused of special-casing themselves and their browser, and it breaks the work Microsoft has done for years to stop programs changing file/protocol handlers without confirming it with the user. [see Raymond Chen writing about it here https://devblogs.microsoft.com/oldnewthing/20181016-00/?p=99... ]
If they decide a browser is not part of Windows and you have to install new Edge from the app store yourself, tens of millions of computers are now stuck on the last version of old Edge basically forever - because there's no Windows 11 on the way to replace it - and it becomes the new IE6 millstone for web developers. If they also remove old Edge at the same time, millions of people lost their browser and don't know why - and the only default one remaining is IE 11.
There is a new thing, the hypothetical user who had settled into Edge does need to know, however it got installed.
I think this was done initially because it was being hijaaked by malware. Malicious applications were getting into systems then changing the default handlers to insert themselves into the system processes.
Right, lots of Chromium-based adware browsers would accidentally be installed and set themselves as default, and the user -- who used Chrome until now -- wouldn't suspect anything's different. (Except his search results look a little different)
IIRC it changed with Seven's taskbar, which removed the Quick Launch section, basically unifying it with the usual taskbar buttons (similar to how the Dock works in macOS)
To be clear, an API for pinning apps now exists[0], but it asks confirmation to the user
At my job we have a Google Drive clone that only works in Internet Explorer, which is a whole different rant, but half the times I open the Start menu, type in "Internet Explorer", and click on the IE logo, it changes to Edge after I click and opens that instead. It's very frustrating and I can't believe Microsoft thinks this is the way they're going to get people to use it.
They did that because grandma knows to go to internet explorer for the internet, and won’t ever click on Edge unless forced to (even though she doesn’t get security updates for IE).
Your IT department can tell Edge to open intranet sites in IE so even if you open Edge, you’ll get to the site.
Maybe, but I do sometimes appreciate introductions to new features when they're significantly different or improved. From the user's perspective I wouldn't consider Edge to fall into that category. Sure under the covers it's radically different but functionally not so much.
I think were the guided tours really annoy me is when they know who I am but insist on showing them to me across all my devices with no escape.
I actually got this update a few weeks ago on one of my machines and immediately rattled off bug reports to MS about the fullscreen BS and the importing of FF history. When I received the update on another machine a few days ago, the importing didn't occur. I assumed this was MS correcting an err in judgement but based on the reports that's not the case.
The just don't appear to be doing the import step to the same account twice across machines, that's nice I guess... but it's like not having diarrhea gravy poured on the second serving of shit sandwich you're being fed nice.
I personally suspect Microsoft will argue that reverting certain system settings to defaults every update is SOP because they've been doing it elsewhere.
For example: sound settings. My physical Bose headphones show up as 2 different logical bluetooth headphones, one with sound that sucks, and one with sound that doesn't suck. Whenever Windows chooses the one with sound that sucks, I go into sound settings and disable it. This prevents sucky audio for a few months until an update lands, the sound settings get reverted, and the sucky audio returns. Ugh.
My speakers connected via HDMI and monitors w/ HDMI audio did something similar. It seemed like I got duplicate audio devices, depending on which port I used (DisplayPort or HDMI, via an adapter cable or not). The audio driver seemed to get so confused with this it just stopped working.
I had to unprotect a deep registry entry and clear out my audio devices, at which time the relevant entries came back after a reboot. Any normal user would have been stuck with reinstalling.
It’s quite amazing how many “edges” Windows still has. I’m very close to figuring out how I can have a Windows VM w/ graphics card passthrough just for games on top of Linux. It might have warts too, but at least I can fix it.
These are the A2DP (stereo audio, but no microphone) and HSP (sucky audio, but microphone) profiles. The system is supposed to switch automatically between them depending on whether microphone input is required.
As of today I think no operating system performs this switch correctly. It's been broken in desktop Linux for a couple years now.
This is why my "gamer" headphones can use both profiles simultaneously! The game/music/media audio comes through the headphone profile, and chat audio comes through the headset profile. There's even the ability to change the volume-per-logical-device (chatmix).
Agree with you that I never got it working consistently in Linux. Just getting normal BT headphones to use A2DP rather than HSP was always a bit tricky. I've not dared try my gamer headphones...
Perhaps in yours, but my Linux desktop always uses the proper sound settings, even though I switch constantly between bluetoith headphones and speakers. So maybe YMMV?
Does your microphone work in the stereo hq audio case? On my headphones the mic only works in the crappy audio mode. Maybe they are trying to "fix" Cortana by un-disabling the bt interface that has a mic? Idk
Yes, that's why it happens, but it doesn't make it less obnoxious. It's obnoxious that Microsoft periodically breaks my audio and it's doubly obnoxious that some designer at Bose thought that trading away a physical button for this two-bluetooth-endpoint nonsense was a UX win (or, cynically, a portfolio win).
The fact that I've been able to figure out what's going on and am therefore able to work around the problem with only minor inconvenience is neither here nor there. Most users with the same setup will not be in a position to understand or do anything about the problem. Microsoft will degrade their audio, and they will live with it. Same with Edge.
Anecdotal data point: I live in the UK and I got this Edge advert when I updated my Windows VM a few days ago. I imagine Microsoft are hoping these tactics will gain them more permanent users (i.e. those who don't know any better) before European regulators belatedly catch up to them.
Am I the only one who actually clicked through the link and is confused? It looks like a rant thread, with no specific information or links to blog posts, against Windows 10. I was expecting to get a link to a blog post, tweet, etc that showed specifically what MS is doing, with I don't know, some proof or facts? It doesn't seem like any of the HN commenters have clicked through; I know shocking...
All it is is some text that says:
Are we going to get treated to spam popups advertising Edge and having it duplicate our data from Firefox without asking every time Microsoft decides to update it from now on?
Love rebooting my computer to get treated to a forced tour of a browser I'm not going to use that I have to force close through the task manager to escape, and then finding out it's been copying over my data from Firefox without permission.
Same here. Surprised so many people have commented on this without questioning the veracity of the claim. Specifically, the claim that it is importing your firefox data without you giving it permission.
It's not that I have trouble believing this. It's definitely something they might do. But when did some random redditor become a reliable source?
For what it's worth, I just updated my Windows 10 install and all that changed was a new Edge icon appearing on the desktop, that's it. When I clicked it I had the option to load settings from Firefox which I declined. It didn't set itself as the default browser (maybe there was a prompt about it but I don't remember), but it did get pinned to the taskbar, which I now removed.
As if I needed more reasons to avoid Windows 10. The level of user hostility emergent from this OS is absurd.
The shame is I want to love it. The engineers made some great improvements under the hood. But the product decisions are a disaster. It's like an out of control dog with an owner that just doesn't care, who shits in the middle of your meticulously maintained PC and pisses your privacy all over the neighborhood.
The engineers made some great improvements under the hood. But the product decisions are a disaster.
This would be a good reply anytime someone goes the generalist 'Microsoft does this and that and that and that and it's all bad' way. I've always found it somewhat strange how many people don't seem to realize there's x different divisions within Microsoft, and that's it's somewhat unfair to call all of it crap just because some lame in-your-face management-crap. Not that the latter is acceptable, but as you say: other divisions have been doing some neat things for the past decades..
Honestly, why should a customer care? If half of microsoft is sane and the other half retarded, the result will be retarded. The customer should be able to say microsoft as an entity is retarded. They have plenty of management to figure the details out themselves
There's plenty of bright and good people working for Microsoft, even producing some decent software. But Microsoft as a corporation remains harmful and untrustworthy.
Might be because I can vividly imagine there are many of those. I.e. suppose you're doing nice work on improving VScode (just to name a well known thing) and then another unrelated part of your company does stupid things like this and then you get associated with it. That just sucks. Like when you use a linux shell for your day-to-day work and others are all like 'linux is completely not ready for the desktop, linux sucks'. I guess I just don't like generalizations.
Interesting info from that thread. Apparently if you follow through the entire setup, it asks what you'd like to import, but if you go through the task manager and force close it, then it automatically imports everything without your consent.
Unfortunately people's solution to this will be "edit this registry value" or "use this tool that disables it", just like with telemetry, instead of dropping this user-hostile data collection system off the face of the planet.
Quoting the top comment there, this is egregiously blunt:
"I was immediately annoyed at how invasive this. I'm a software developer so I'm sensitive to these sort of UI tricks. What MS has done this time:
Hit the user with a maximized Edge, with a modal roadblock window that only has one button that says "Get Started"
No option to get rid of the window, you cannot close Edge with the mouse and you cannot escape the modal window.
The only option if you don't want to "Get started" is to use task manager to kill it
Even when you do, it pins itself to your task bar
It puts an Edge icon on your desktop
It unsets your default browser, so next time you click a URL from a shortcut, you'll have to re-choose your default browser.
Apparently it ingests data from other browsers without your permission
Your parents and grand parents are probably using Edge now. They didn't mean to, they just couldn't seem to get it out of the way unless they agreed to "Get Started"."
I'm not saying it's OK, but if you open Safari for the first time after using Chrome, it will import Bookmarks and History without asking for permission.
As usual, there is a way to disable this if you can apply GPO or registry tweaks.
GPO: After installing[0] the Edge Group Policies (because of course they aren't included with the installer!), set the "Automatically import another browser's data and settings at first run" policy to "4: Disables automatic import, and the import section of the first-run experience is skipped". This works on any version of Windows 7 or later. Note that if you already enabled the "Hide first-run" policy, Edge will take it upon itself to import from the user's default browser anyway without asking, so you'll still have to set the other policy as well.
Registry: Go to Computer\HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Edge, create a new DWORD called "AutoImportAtFirstRun", and set it to 4. Auto import will not happen when Edge (Chromium) is launched for the first time, and you won't be asked about it during setup.[1] If you want to disable the first-run wizard entirely, create another DWORD called "HideFirstRunExperience", and set it to 1.
If you've already opened Edge (as described in the article), these policies being applied will not clear your browser of already imported data. You'll have to delete your Edge profile (edge://settings, -> profiles, delete) to get rid of it. If you haven't installed Edge, note that new Edge becomes mandatory in version 20H2, so you'll want to set the policy now before you get overtaken after a system update.
Guess this is another thing to add to the "new-install checklist"...
The title should be updated to "Microsoft Edge copies user data from Firefox without asking".
The current title is ambiguous: "Windows duplicates data from Firefox without asking". The fact that this is user data is an important distinction. Also, the word duplicates has a sense of having a purpose of redundancy, which is not the case here.
The correct title should actually be "Edge imports Firefox data if you say yes when it asks you". Because that is what is happening. The article on Reddit is just wrong.
I think its more complicated because it happens if you try to avoid the getting started screen (by terminating it) where it does ask you, if you just answer the questions, then it seems it doesn't import.
This is another reason I avoid Win10 on my personal machine like the plague.
People just don't get it.
For example Cyberpunk 2077 has no official mininum requeriments listed for PC yet, and I noticed in their official forums a couple people are asking if it will support Win7, a lot of people replied to these questions along the lines: "Of course not you loser, Win7 support from MS ended, noone is going to be retarded and support a game that uses Win7" and this just makes me sad.
I really hope Linux will "take off" before I am actually forced to ditch Win7.
If you can put as much weight on Linux as possible, that will help it happen.
We've made massive strides in the last 2 years, but we need everyone who is Win7 Main to at least run Linux for some games to get used to the differences and to get the numbers up. This will help bolster the efforts of all those who are switching from 'some usage -> dual booting', 'dual booting -> Linux main' and 'Linux main -> leading edge'.
If all take one step forwards then overall the scales start to tip!
At home currently I run my machine by default on Win7 and my wife machine by default on Ubuntu (I prefer Fedora but... it is her machine, not mine).
Often we play games with each other and whatnot.
But it is still obvious Linux is behind in some senses.
1. Some interfaces are just awful, Ubuntu default one took me ages to figure how to type addresses on the file explorer thingy it has (seemly you have to type Control+G or something).
2. If you use nVidia, you are screwed, nVidia drivers just suck.
3. Often even native linux games do weird unexpected things, like refusing to close, and the kill interface on Linux is generally awfull, it is hard to track why the hell the game just doesn't close, my wife reboots her computer much more often than me because of something going wrong with a game and make the system go into a weird state of some kind.
4. Installing wine and whatnot is a pain, for example when I tried to install Magic Arena I ended somehow, with many, many copies of wine on the system, and NONE worked. There are multiple game launchers and wine wrappers too, all of them trying to fix this issue, and none of them succeed completely.
>1. Some interfaces are just awful, Ubuntu default one took me ages to figure how to type addresses on the file explorer thingy it has (seemly you have to type Control+G or something).
That's GNOME. Which regular Ubuntu ships by default. If you like Win 7, use Plasma (formerly known as KDE).
>2. If you use nVidia, you are screwed, nVidia drivers just suck.
That's just Ubuntu again. On Arch or Manjaro you just install the "nvidia" package, reboot and you're done.
>3. Often even native linux games do weird unexpected things, like refusing to close
You should have a task manager to list your processes and kill them. But it's true that the failure handling mode for some games that do weird shit isn't as nice as on Windows. I recommend htop, because when the graphical system hangs, you can switch to another tty (Ctrl+Alt+an F key like F2) and use htop.
>4. Installing wine and whatnot is a pain
Don't. Use Lutris which handles installations of many games automatically for you, or if it doesn't have an install script (MtG: Arena does: https://lutris.net/games/magic-the-gathering-arena/), helps you anyway in managing Wine for you.
In response to his response as a response to my response, I'd add that if he wants to see progress on these issues, Linux isn't ever going to burst into the room, take him by the hand and whisk him away. At some point he's going to need to take the leap and start using Linux in anger in order to escape W7 or W10.
His wife running Ubuntu is encouraging though. I'm much happier if someone has at least tried Linux rather than just assuming it's terrible.
But as I say, everyone needs to take a step forward of we want to move the front line.
As a counterpoint, Windows explorer still doesn't support tabs. I would also give the newest version of Ubuntu a try--NVIDIA driver support is much improved, and IMO the installation/upgrade workflow is nicer than Win 10 now (built-in driver management vs the trainwreck that is GeForce Experience).
RE 4., have you tried using something like Lutris (https://lutris.net/games/magic-the-gathering-arena/) or Proton (via Steam)? These two have essentially obsoleted all of the crazy wine wrappers and whatnot - many games are now plug-and-play :)
First step is to get people thinking using WSL is a good enough reason to not give full desktop Linux a go.
I've a number of friends who are like "but now I don't need to use Linux because I have WSL", which in concert with some of the improvements MS has made to it make it seem increasingly like a honey-coated embrace-extend-extinguish move.
i leave distros all over the place, on thumbdrive on nas on disk, any free media usually has linux distro or image on it to be used or bit bucketed by the end user, thier choice.
At this point, every ms customer should stop complaining. MS knows what you think about it, and ignores you. Look at your options rationally:
You can chose to live with it and bitch. Sorry, dont expect anyone to care, you preferred it over the alternatives.
You can mess with the registry/ group policy/ whatever. It will take you a few hours, and in a few weeks you'll have to do it again. You'll never be in the lead. If that's your choice, so be it, but be honest: you wanted this more than any alternative.
You can go to linux. Things will be better, but not perfect, and there will be an uncomfortable learning curve of a few weeks. Bonus points if you reclaim the money for the license. More bonus points if you give some money to the linux ecosystem.
You can go to OSX, and deal with the walled garden. Life will be good, as long as you can live with whatever apple thinks is best.
You can contact local politicians, consumer groups, etc...
You can sue microsoft. Really. Especially in the EU, if you thoroughly do your homework, you have a reasonable chance of winning. Somebody complained about seeing the license only after having paid for windows, sued and won. After that ms printed the url to the license on all their EU windows boxes.
You can contact ms support and complain. They will notice if their decisions make their support costs raise.
Each non ms option causes some short term discomfort, but each small drop eventually wears down a mountain. Make your choice and live with it.
Amen. Windows 10 is now >5 years old. It isn't like this is new.
There are more valid OS choices now than ever before: iOS, Android, Chrome OS, Windows, OS X, Linux. And you can get them at any store regular people shop at like Costco, BestBuy, Amazon, or Dell.com.
And there are more cross-platform options for software than ever before: native multi-platform, native-ish (ReactNative/Electron), PWAs (Twitter's Windows client is just a PWA), web (Office 365, Google Apps), etc. Most of the core apps I use every day (Outlook, Office, web browser, Teams, Skype, Netflix, Prime Video, etc) are available 5+ platforms (Windows, OS X, iOS, Android, Chrome OS, or web). 10+ years ago you'd be lucky if something was on Windows AND Mac.
If you don't like Windows, quit bitching and switch. It is your fault if you are somehow surprised by Microsoft's Windows 10 telemetry behavior for the 20th time.
Most of the core apps I use every day (Outlook, Office, web browser, Teams, Skype, Netflix, Prime Video, etc) are available 5+ platforms
That's nice for you, but not everyone is so lucky. It's definitely becoming more viable to move off Windows, but there are still many useful applications that are native to Windows and not available on most or all other platforms. Pretending that simply migrating off Windows is a practical option for everyone isn't going to solve this kind of problem.
I write this as someone whose businesses really have so far refused to adopt Windows 10, other than for specific testing purposes. But again, we recognise that we were able to make choices that newer businesses who are buying their hardware and software today don't have any more. What we do would also be impractical for larger businesses where realistically you need a consistent desktop deployment across many users, whereas just about all of us here are technically literate and have a customised system anyway so we already use a diverse range of hardware and software.
> You can go to linux. Things will be better, but not perfect
A lot of people say Linux is not perfect or it is not as good as windows or mac.
I have used all three operating systems and all of them are not perfect, Linux may be the best among them for a software engineer.
I've been running suse/red hat/ubuntu/debian since 2000 and I'm very happy with it. KDE mostly. I'm a software engineer, so it makes sense. Sometimes I have a hickup, but I can fix it. People drop random hardware at my house, and it generally works. I recently started some casual gaming, and wine works great most of the time, but not always.
Now I am free tech support for quite a few people in the neighbourhood, so I know what goes on in the windows world. I mean it when I say linux isnt perfect, but windows is worse.
My wife and parents got linux. A local school got 20 debian PCs for corona remote classes. If you want my free support and you have to call me once to much, you'll get linux or no more free support.
And it works. Normal people can do as much or more with linux as with windows, gaming being the major hold out. Power users complain, but then they son't get support from me anymore. There's a lot less trouble with my linux users as with the windows club.
With Linux, at least it's easy to fix things myself. Doubly so for NixOS which is especially hackable. The UX is atrocious and you don't get the network effects of the mainstream though.
What functionality do you use that’s missing from the Office 365 web app? I didn’t use it for a few years, then had to again recently, and was surprised how well it worked (in Firefox even!)
Namely, Power Query and some of the formula stuff (the entirety of the formula ribbon is just missing). I guess I could just start using pandas more, but its super handy to just click Excel, tell it where the CSV file is and start messing with something.
Wow, it's almost as though Microsoft has been spending the last couple years trying to gain what they thought was enough good pr to allow them to just brazenly start openly pulling all their old bullshit again and expect it to be ok because, they gave people a powershell, the linux subsystem, 'open sourced' some of their software and bought github...who woulda ever guessed.
I don't get it. What happened and when? I am running Win10 on all my computers in my house and none of these happened to me. On the other hand I don't run an online but local account and I've disabled Win10 all crap by using WPD.
What a depressing time to be alive. The end of privacy, police brutality, dysfunctional dystopian governments, fascism on the rise, and tech companies brainwashing everyone so they can get away with dehumanizing everyone in the name of profits.
Also massive inequality, rising productivity, declining real wages, increased debt, global warming, and a complete lack of opportunity for most people.
Don't be so glum. We can travel across the world in a day. We have medical treatments for diseases that would have killed millions a year 75 years ago. We can communicate openly and freely with people all over the world. We can go to motherfucking space! The world is more at peace right now than any other time in recorded history. The power of religion to control people has slowly degraded away.
>We have medical treatments for diseases that would have killed millions a year 75 years ago.
Thus exacerbating global overpopulation and all the problems this causes
>We can communicate openly and freely with people all over the world.
Not for much longer. There's a push everywhere to centralize communications into silos owned by tech giants with zero accountability. How many times have I seen on HN that "email is deprecated" and the way of the future is to just buy into $proprietary_messenger that the user happens to work for?
>We can go to motherfucking space!
If you're a CEO, sure. The privileged overclass enjoys many perks as a consequence of its dominance.
>The world is more at peace right now than any other time in recorded history. The power of religion to control people has slowly degraded away.
Replaced by massive media and tech corporations controlling public discourse via social media, the new opiate of the masses, and fomenting identity politics to stave off the realization of class consciousness.
Anybody with a $200 Chromebook can now write things that are read more than ever before. People have a voice that was unthinkable even 50 years ago.
CEOs can't go to space quite yet. However, it appears that space is about to get far more accessible. Not only that, cheap space launches are enabling things like Starlink, which may provide worldwide internet and get around national firewalls and make the world that much more transparent.
The average person has many incredibly cheap amenities available that were unthinkable not that long ago. What does a CEO have that is that much better? A bigger boat than other people? They get to fly in an airplane that has less people in it? A more expensive car? A slightly bigger TV? There are rapidly diminishing returns for being rich.
A (large company) CEO has the wealth to give them the freedom to not be an employee. The wealth to pay others to do anything they don't want to do. The top of the pyramid status and respect, and power that comes with it. Ordinary laws and things like parking fines become trivia they can dispense with. Other laws become things they can bend by buying a sufficient quantity of lawyers.
Time becomes less of a sticking point as they can buy a waiting limo and direct connecting flight, other people become less of a concern as they can rent any Penthouse suite with bodyguards in any location.
Influence over others becomes a matter of spending - donations, philanthropy, employment, high status connections.
The returns on being a (sufficiently) wealthy (American) person are much more than just the material stuff they can buy and own.
You missed the biggest one of all, he doesn’t have to work at all anymore. Giving him all his time back, which is priceless.
But, they also become what they likely spent their life hating: a non-worker. Worse yet, they get the added distinction of becoming a leech on the human network, gaining further wealth through usury. The welfare recipient at least puts all the money they’re handed back into the economy. The capitalists can never claim that, and mostly horde.
The OP is correct in that materially, the capitalist and the worker are largely equals. We all use the same phones, TVs and computers now. When I was a kid in the 80s a car phone was something only in movies, I never actually saw one.
> Giving him all his time back, which is priceless.
It's valued at "a livable wage", which isn't always but ought to be, "minimum wage". That's how much money you need to have every month to not need to work and still be considered living.
> "The OP is correct in that materially, the capitalist and the worker are largely equals. We all use the same phones, TVs and computers now."
Which is why I was trying to point out that's a sham measure, it's like saying "King Richard is your equal because you both speak English!". That might be true, but it's certainly not true that we are equals, it's a distraction from all the things which aren't equal. If nothing else, it shows that using a smartphone, TV or computer has lost its significance now we all have it, rather than we all gained signficance by having it.
Sure they can[0]. They can also afford to live in luscious gardens patrolled by private security while inner city kids struggle with things like lunch debt because they didn't have the foresight to be born to wealthy parents.
The supposed reasoning being: it’s in the contract that you willingly agreed to. You could’ve not paid for and installed Windows, but you did, then agreed to the EULA. So you’re out of luck.
It’s a perversion if what a contract is supposed to be: negotiable, but it’s what it is right now.
Maybe this is a little off-topic, but has anyone else noticed that the Microsoft Teams browser interface works a lot better with Chrome than it does with Edge? Aside from the curious behavior where Teams meetings open in a browser, then either the native Teams app or another browser depending on which "Teams" ecosystem your meeting originated, if you open the Teams browser interface in Edge, you cannot share your desktop or present files. If you open in Chrome, you can do these things. Go figure...
Is there an idiot-proof way to set up a Windows 10 VM with good performance these days?
I play computer games. Because maybe 30% or so of the games I play work badly or terribly in Linux (anything from screen tear to crashing on startup) I have a licensed copy of Windows 10. I tried setting up a KVM / QEMU-based VM with GPU passthrough, but apparently Windows detected it because it locked up (somehow, I don't remember the details) after I entered the license key, and I ended up having to dual-boot.
Do you by any chance have an Nvidia gpu? Nvidia doesn't like people passing through their consumer grade gpus to VMs and blocks those. You can however enable a "hiding" mode so it works regardless.
Maybe have a look at the Archwiki about OVMF Passthrough That's how I got it to work.
Yes, it's cursed Nvidia. Thanks for the tip, I'll try that out! Edit: Yeah, not exactly idiot-proof. Without a simple list of commands it'll probably take a couple hours just to establish beyond a doubt that my hardware even fits the prerequisites.
I found it particularly jarring the this pushy behaviour is present on Windows10 Pro as well, which is supposed to be a "for business" edition of Windows.
Pro is still primarily targeted towards individual users, albeit as a "productivity-focused" version. Businesses are mostly targeted by Enterprise, and they (along with educators) are the only customers for whom MS generally avoids mucking with established configs.
As someone who only runs a win10 instance for gaming, while using Linux for all other aspects of my computing, I am honestly now thinking about giving PC gaming up just so I can stop having to deal with M$ and their practices.
And before it is mentioned; I do realize I can play on Linux, but frankly I dont feel like sysadmining every time I want some escapism.
Steam handles all that now. You literally dont have to do anything special for an ever increasing number of new games. The method of installation is the same as on windows: Click install and wait.
It has admittedly been some time since I last gave it a go. In my memory I had wasted hours tweaking graphical drivers and game configs to get a game working, before finally giving up.
So I just had some free time today to look into the state of Steam gaming on Linux. And my mind is blown! Between Proton and Vulcan it couldn't be easier and more stable.
I might just toss my Windows partition overboard in due time.
As has already been said this isn't an issue these days. Pretty much the only games which don't work these days are games that require anti cheat software (though some progress is being made on this) or games with really bad DRM which are few and far between the days.
This week alone I've managed to play Titanfall 2, Doom Eternal, Elite Dangerous (with full HOTAS and VR support), and Some sniper game I picked up for a couple of quid. All Windows titles with no Linux support. I only needed to "fix" one (TF2) to get working but that was a weird tiling window manager and Origin bug which was fixed with 2 minutes of Gooling and a single line of config for my WM.
Valve have knocked it out if the park with Proton (as well as the community of course) and 99% of things "just work". If you're unsure if your favourite games will work check protondb.com and have a search.
My issue is this: I still have weird issues in some games on Windows. For instance, I really enjoyed episode 1 of Life Is Strange 2, but when the second episode came out, I just could not get the game to start—I would launch it, and then nothing would happen. After about half an hour of this, I gave up; I didn't want to play the game that badly.
Yes, this type of thing is not the general case, but it happens, and the last thing I want to do is introduce yet another layer of tech weirdness that could potentially cause problems.
Going by ptotondb Life is Strange 2 has a native Linux build. Who knows, maybe it's a Windows bug and it'll work on Linux? :)
If you have the time/hardware (a spare HDD/SSD) I would heartily recommend giving Pop OS a go, it's geared towards running games out if the box (without being at all GAMER!!!1) and is very pleasant to use IMO.
Reading that, it does seem like it is bad, but at least Microsoft has documented a registry setting to disable this feature. Still, that doesn't excuse most of the bad stuff they have done with this, and otherwise with Windows 10, even if they have made a few good improvements too.
"You never sent me a response on the question of what things an app [application] would do that would make it run with MSDOS and not run with DR-DOS," ... "Is there [sic] feature they have that might get in our way?"
and 1992 one:
"What the [user] is supposed to do is feel uncomfortable, and when he has bugs, suspect that the problem is DR-DOS and then go out to buy MS-DOS,"
Both versions of Edge are used for webviews in native apps, removing it would break lots of them. Even not UWP ones, since both the Spartan webview and the new Chromium-based webview2 can be used in normal desktop apps too.
For example, the auth0 SDK for WPF uses the Spartan one for login screens
Yes it is very common: Ie on windows previously, Safari on ios, Chrome on Android. Or am I understanding it wrong? It's often integrated in UI frameworks.
I dont remember it resetting default browser back to edge. I remember the update, edge popup, it putting edge shortcut to taskbar but firefox was still my default browser.
Is there actually any data being sent or shared from your device remotely or is it just copying/taking local data from one application to another application?
IIRC Chromium-based Edge imports not only bookmarks but also Cookies from Google Chrome that's surprising (and convenient) for me. Anyone know details?
The Edge popup asks you if you want to import data from other browsers and set the default browser (like what happens when any browser is installed). If you just press cancel a bunch of times nothing gets imported or defaults changed and only some icons get added. That dude just killed it in the task manager so it used the popup's default settings.
Complain about getting the chromified Edge popup as part of a regular update, not about it copying data.
You shouldn't have to do that. And it disables the normal close button.
What if you reboot without engaging with this weird unclosable window? What if you lose power? That's not agreement to the terms!
When you have a dialog to choose between yes and no, it is not acceptable to copy data without 'yes' being clicked. Justification about "they didn't 'just press no'" is not okay.
He did nothing in terms of giving the program any kind of input.
"Do nothing" doesn't imply consent by any means. Exiting (killing) a forced onboarding process must be an option and doesn't imply any consent, as well. Like "do nothing", the clear intent is to not to alter the status quo. Default settings can't imply consent. There's no contract, no grant, no entitlement for any subsequent actions. (The EU GDPR made this quite clear on a legal level.)
Your user files for one program are never "private" from any other program running on your computer. This is the security model of the desktop OS. It's not specific to Windows. It may be presumptuous - offensive, even - for Microsoft to do this from a UX standpoint, but there's nothing new here. There was no breach of protocol, Microsoft wasn't abusing its privileged position. Any program on your PC could do this at any time. We shouldn't act surprised.
I mean, honestly... you're using Windows. This kind of behavior shouldn't even come as a surprise, but should be expected.
The longer you stay on it, the longer you're tacitly supporting those kind of decisions.
If I went to a restaurant and they kept bringing me something I didn't order, I wouldn't go there anymore.
Lately, however, I've considered letting Windows 10 run in a fairly locked down VM, so my family can use some apps and games that don't function well in Wine/Proton. I reckoned that the combination of VM isolation, and limiting Windows 10's internet access to a handful of whitelisted domains, is a reasonable compromise. I.e., I had a technical solution to a technical problem.
But this news story reminds me of another reason to keep Microsoft out of my network: they piss me off. Regardless of whether or not I'm currently ahead of them in the arms race. I don't want to reward Microsoft with even one more installation, and I don't want to be perpetually pissed off about something on my network. I crave Schadenfreude for everyone who conspired on this.
(Yes, I realize this sounds like the backstory for the least-compelling super-villain character ever.)