285 comments

[ 3.9 ms ] story [ 275 ms ] thread
2016 is the year of desktop linux.

For the kind of people who care about this sort of thing.

Also puts "Scroogle" into perspective.

1) Internet web sites have always been "lit up with speculation".

2) Microsoft's "spying" has been going on since Windows Vista was released, and speculation has gone along with it.

3) Since the 1990's, next year has always been "the year of desktop Linux."

People keep saying that there was spying going on from XP or Vista, but "spying" isn't a binary state. The amount of intended data-slurping has increased incomparably.
You can choose between telemetry levels in Win10 though.
I think Navarr is fully aware of the Linux desktop meme. It's clearly tongue-in-cheek
Yes, thank you. Though honestly the people who really do care about this will see the coming year as year of the Linux desktop.

And to me it seems like a lot of HNers care that Windows is sending all this telemetry. (Aren't we the same group that is obsessed with A/B tests and recording analytics on everything a user does on our website?)

Agree. There seem to be hundreds of analytics services. Use of those is totally correct, obviously. The more specific the merrier.
I doubt there are enough people who care. Google has already proved that seemingly benevolent spying is a highly profitable business model. Most people aren't bothered, or even know, that they are being "Scroogled". Microsoft is just following suite. Sadly it seems to be a sign of things to come.
The potential big difference here is that it affects people's work computers, where they do things for organizations that have a strong interest in keeping information from leaking out. Such companies probably were never happy with corporate data passing through Android smartphones, and might have forbidden it. Now they know they can't trust Windows workstations either.
Win10 enterprise has the no telemetry option for a reason.
Because every small business uses Win10 enterprise?
Most enterprises that care probably is. And it is possible for small businesses to get, just costs a bit more (including Software Assurance renewal) and it also gets you access to things like LTSB.
Maybe some small businesses don't care, but the people whose data they are handling might not agree with that stance.
And don't some of the same companies store all their company documents, email etc. on Google Apps? Or on Dropbox?
Many do, but many don't. For those that don't, suddenly having the dominant desktop OS turn on them is going to be a big deal.
> And don't some of the same companies store all their company documents, email etc. on Google Apps? Or on Dropbox?

Storing company confidential information on services not controlled by the company is explicitly forbidden at many large corporations. They run their own email servers (not Google Apps), and often ban & block things like Dropbox outright.

I'm inclined to agree, albeit begrudgingly. I am more-or-less happy with the usability of Win 8.1, but I'm not willing to have my machine turned into a permanent outpost of the NSA.
It's since 2006 that every year is gonna be the year of linux on the desktop. Except it never happens.
I guess you haven't witnessed Corel Linux, Wordperfect for Linux or Loki Entertainment. It's been predicted way longer than 2006.

Ps. Sorry for the accidental downvote :(.

Can attest. Used Linux as primary OS for last 2-3 years in college, then got a job doing development on Linux, then worked for a Linux startup in early 2000's (we hired a couple ex Loki employees). Linux on the desktop has been a roller-coaster movement since not long after it's inception, likely around the time KDE and Gnome were released with some level of maturity. There was always the ported desktop managers but I don't think it's had much viability for dominance until OpenOffice came along.
Oh! Someone that remember Corel OS. I have one disc yet somewhere...
Yeah :). I was mostly using Slackware Linux at the time, but my brother bought a Corel Linux box at the time. If I remember correctly, it came with an inflatable Tux.

I also had a separate copy of WordPerfect for Linux for a long time. It still worked fine until I sold it on eBay, thanks to libc5 compatibility in most distributions. Even though I stopped using it at some point, I continued to use the Type 1 fonts that came on the CD.

First, the website is down. Second there is always overblown paranoia that runs with every release of Windows. I wish if EFF or atleast ArsTechnica would cover so atleast it will be a proving point for these independent blogs. For all I know is that these updates could be for someone who has already signed up for "Sent diagnostics to Microsoft for product improvement" on their existing Windows. Else it has to be the dumbest spyware that comes with a release note, description and a self describing name.

>2016 is the year of desktop linux.

I don't care if it is Linux, Apple or Windows. As long as someone can guarantee a certain degree of usability and a common sense of privacy, I wouldn't mind switching. However at this point where even open source is taking a nose dive (eg: "Ubuntu and Amazon Search", "Chrome and proprietary blobs", "Firefox with Hello and Pocket"), I am not sure anymore. If it keeps up this rate, in the future people might look back and see privacy as a silly idea /sad.

Some of those look like they'd be used to upgrade to Win10? Compatibility checking, diagnostics, etc.

Nothing seems malicious, but you never know.

The list of files modified (to add telemetry hooks?) in kb 3080149 is crazy. NTOSKrnl, NtDll, Lsass, winload.exe etc... Are they really adding spyware/telemetry hooks all the way down to the kernel? What happens next time there's a security patch for the kernel, do we get an ntoskrnl with all these "optional updates" included as well?
Pretty much, yes. As I mentioned elsewhere, they enable spying on kids by default if they're logged in through a Microsoft account. If they're going to spy on kids, adults get the same mechanisms installed.
I remember some months ago where they only claimed fixing something minor (like, something that's not even an executable but some text-based or at least data file) in the patch and the list included also a huge amount of files including cryptwhatever.dll (not the actual name). "Backdoor time" thought I. As little as I checked however, it didn't look like a real smoking gun then.

It seems a common practice somehow that since some time their updates aren't "hand picked" but generated by the computer without too much human control or that the programmers don't have time, or simply nobody cares there anymore.

I'd be glad if somebody would sensibly explain all that. Including these recent "everything you type will be transferred" and "the list of all your files will be made" claims.

It would be interesting to see what someone knowledgable would report back on by taking something like zynamics bindiff onto pre- and post this KB.
I've never seen the proof of the claims from the article discussed here three days ago:

https://news.ycombinator.com/item?id=10099180

"Information transmitted: All text typed on the keyboard is stored in temporary files, and sent (once per 30 mins) to: oca.telemetry.microsoft.com.nsatc.net pre.footprintpredict.com reports.wes.df.telemetry.microsoft.com"

On another side, MSFT never issued the statement what they actually collect, probably because their lawyers will need a month or two to clear that up.

If the quote is true, it's a real full-blown keylogger. It's hard to believe. But there should be the pressure to find out the truth.

The worst thing is that it seems the users also don't care.

Do read kstrauser's top post in this discussion regarding automatic snooping of kids and emailing the parents, implemented by MSFT in Windows 10.

https://news.ycombinator.com/item?id=10111271

He posted the snapshot later. Unbelievable. But it seems they really do this. Built in spying, then sending reports by e-mail.

I've noticed recently that I'll get a weekly e-mail from Microsoft showing my "week in review", with inline copies of photos I took with my phone and uploaded to OneDrive (I have 1TB of space with OneDrive thanks to an O365 account). This just started a few weeks ago.

So, Microsoft is not only rifling through the contents of my OneDrive camera roll, they are then transmitting the photos to my email unencrypted, without ever asking me to opt in to this service. I used to praise Microsoft for being opt-in as opposed to Google's opt-out; I guess that's all out the window now (no pun intended).

I guess it's finally time to flip the switch on the OwnCloud account I've been testing and drop OneDrive.

This seems loosely equivalent to Google's account activity mail, but with invade-by-default. I can see it being useful, though, despite the flaws which you describe.

Also – potentially – incredibly dangerous, as other posters mention. I don't think that we can have the possibility of one without the possibility of the other here.

(comment deleted)
Reminds me of this: http://www.siao2.com/2011/03/22/10144474.aspx (see comment thread)
Yes, it was something like that "we changed the currency letter in Nowhereislands, list of 30 changed files includes cryptography.dll, well, why not."

The currency letters are since forever nicely separated from the code in the data NLS files, I thought I knew.

Whatever, there are enough problematic actions we're sure of, seen in the other posts here.

Quick check if you have any of these installed:

systeminfo|findstr /LI "3068708 3075249 3080149 2976978"

Is there any tool like DisableWinTracking for Windows 7?
A Linux machine with two ethernet cards acting as a firewall to the internet?
Do we even know how you'd need to configure the firewall to block the specific traffic that's the problem?
There's a list of domains that came up in a previous discussion on HN (sorry, I don't recall it right away), and was also trending on pastebin.com, which contained all of the known domains Microsoft was using to report back from the OS. Presumably you could route those to "null" or the equivalent on your router and you'd be good to go.

Edit: Here's the pastebin link: http://pastebin.com/RZW74Npk

You could always just do that in Windows' hosts file, too.
You can, and I'm sure most would. There may come a time, however, when a future Windows update rewrites or works around the hosts file for telemetry. Doing it at the router or external firewall avoids that possibility.
Such an update could also add new data harvesting hosts, which would bypass your router's blacklist.
That's a given. The rabbit hole goes as deep as Microsoft is willing to dig it. Like any other vulnerability, there will always be security researchers out there who find and report on new ones.
That's assuming that Windows doesn't circumvent such things because "well we know what we're doing and you don't".
Not sure why this is being down-voted. Just trying to be helpful in case people want to avoid these optional updates or uninstall them. Maybe I should just delete the comment?
Please don't
OK, just didn't want to add to the clutter if it was unhelpful. A load of links without context isn't a great comment. :)

BTW these updates all appear to be "Optional" and are part of the Customer Experience Improvement Program (which in my experience is always opt in and you get a notification in the system tray).

They are currently optional - different than "Important Updates" and "Recommended Updates." I checked my windows update panel in Windows 7, mind you, (Start --> Control Panel --> Windows Update), and saw it listed as an optional update. I believe these optional updates, in windows 7 at least, are defaulted to be listed, but not downloaded or installed. I clearly won't be installing these, haha.
In general I'd say the inclination to delete a comment because it's being down-voted is... not good. Don't try so hard to conform to what appears to be the local public sentiment.

(EDIT: or, if it's a threat to delete if you don't get upvotes, also lame)

That helpful comment got two downvotes and well over a hundred upvotes. This is an extreme example of why HN has a guideline asking people not to comment about being downvoted. Most of the fluctuation is ephemeral, and most comments about it soon become inaccurate.

We've detached this subthread from https://news.ycombinator.com/item?id=10110543 and marked it off topic.

sorry :(
Please don't feel bad! Your contributions are overwhelmingly positive, and we're grateful. The reason I post stuff like the above is not to reprimand anyone, it's to feed reminders about the guidelines into the community.
Maybe a chance for the Linux gaming scene? Finally a window (see what I just did?) for an other gaming OS? Hail Unix.
(comment deleted)
Been waiting for an article like this but even though it points to two items, KB3075249 and KB3080149, it doesn't seem like "firm" information as there is a huge list of "maybe" items as well as a warning that removing things can mess up your computer.

How likely is it that we'll ever have a "firm" finite list?

FYI, you can't disable telemetry on Win10 unless you have enterprise edition, but you can select levels.
.... aaaand Windows Update Automatic Updates is getting disabled.
I have my windows 7 PC set up to automatically install "important" updates. Are these telemetry updates considered "important" or "recommended"?
Just check if you already have them installed or not
Article text, since the site seems to be down:

Windows 10 has been launched and already installed on more than 50 million computers worldwide. It is now a known fact that Windows 10 user data is being sent back to Microsoft servers back in Redmond, Washington. Well, now new updates that are being deployed to all Windows 7, 8 and 8.1 machines will turn their computers into a big piece of spyware, just like their predecessor, Windows 10.

The updates in question are KB3075249 and KB3080149. if installed, these updates are known to report your data back to Microsoft servers, without user interaction. KB3075249 Microsoft Update adds telemetry points to ‘consent.exe’ in Windows 7, 8 and 8.1, allowing for remote monitoring of everything that happens within the operating system. KB3080149 ensures that all “down-level devices” receive the same updates and treatment as Windows 10 boxes get.

As you would guess, forums are lit up with speculation on these updates and more. Below you can find a list of other Windows updates that some users have questioned. Please keep in mind, avoiding some or all of these updates may cause your environment to be unstable and/or unsecure.

KB2505438 KB2670838 – Windows 7 Only (corrupts AERO and blurry fonts on some websites) KB2952664 KB2976978 – Windows 8 only KB3021917 KB3035583 KB3075249

The links to the Microsoft's KB articles of the two updates:

https://support.microsoft.com/en-gb/kb/3080149

"This package updates the Diagnostics and Telemetry tracking service to existing devices. This service provides benefits from the latest version of Windows to systems that have not yet upgraded. The update also supports applications that are subscribed to Visual Studio Application Insights."

https://support.microsoft.com/en-gb/kb/3075249

"This article describes an update that adds telemetry points to consent.exe in Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 7 Service Pack 1 (SP1), and Windows Server 2008 R2 SP1."

Just the name "consent.exe" itself sounds malicious (although it's been around for a while).
"The consent.exe is a part of Windows operating system. It is part of the User Account Control feature which allows or disallows access to administrative functions based on your preference."

http://answers.microsoft.com/en-us/windows/forum/windows_vis...

It's also a process run whenever you install a new program!

It's the updates to consent.exe (adding telemetry points) which are cited in this thread that are the issue.

Brilliant, 2 options I see

Never do updates again (which is what I will be doing this evening) and make system perm insecure

Or let MS and the NSA rape me for even more data than they already have

Go [insert abusive word] yourself Microsoft and to think just last week I got a 3rd windows 7 license because I was planning to stay on 7 long term and not upgrade to 10.

Steam hopefully will push linux gaming that i can finally get rid of this crap.

If Steam OS becomes a viable desktop gaming OS that plays most, if not all games, I'll drop Windows in a heartbeat.
Steam is owned by Valve and Valve is a US company. Using steam will not change anything since it is the US laws allowing/requiring companies to comply with the NSA.
The difference being that I want to use Windows only for games without all this other cloud integration crap that comes with it.

Steam OS is a Linux-based OS designed primarily for gaming. Any and all cloud-integration will be specifically gaming-focused.

Can you not see the difference between that and a general purpose OS like Windows harvesting data everything you do on your system?

I won't be using Steam OS to do anything very sensitive like sending or receiving personal e-mails, editing word documents or spreadsheets, or browsing the internet for whatever reason.

Unless you consider firing up a shooter or a city-building sim sensitive.

The two OS's have very different purposes and use-cases.

Telemetry is clearly not a legal requirement. It's only data stored on steam servers (including chat logs) which you have to worry about.
> Using steam will not change anything since it is the US laws allowing/requiring companies to comply with the NSA.

There's a big difference between 'allowing' and 'requiring'.

There are over 1,900 games on Steam that run in Linux.

https://steamdb.info/linux/

Many of the games I have in my library do not run at all unfortunately.

Sometimes I like to go back and play old stuff too.

Wine is always a viable option, especially for older games. With DirectX 11 support coming later this year, almost every Windoze only game should hopefully work.
it's still slower mostly. Mostly since they don't have any specification at all.
Parent's post has so many qualifiers, it says nothing at all.

I do not see a performance penalty at all with WINE. Most games that work play at speeds matching or better than windows. WoW is usually a big example of that, as are emulators.

WoW and emulators are both fairly trivial for a modern system to run well. There is definitely a significant performance hit if you are running something in WINE that nearly maxes your performance in windows
someone's never used Higan before. I've made Stunt Race FX and Yoshi's Island peg a Core i7. Running Tekken 4 on MAME is just as intensive.

Running either in wine is a fine benchmark on performance.

It is? I've personally seen better performance with Wine + Linux than with Windows.

Now, this isn't to say that Wine is totally up to par with Windows in terms of compatibility, but performance hasn't been a significant issue for quite some time.

I searched for a few games I'm playing now and have played recently and out of 10 there were 4 that had no entry on the WINE database.

This might be enough of a barrier to stop me using it right now.

That happens, particularly on really new (or really obscure) software. Really, though, that ought to be an encouragement; sure, you're left in the dark, but it means that those games could use some test coverage. Your contributions to the AppDB could help quite a few others.
What about the games that have no entry in the WINE database? Are they just untested or do they not work at all?
Many Steam games work great under WINE, both on Linux and OS X desktops!
I updated to Windows 10 and found it to be so painfully slow that I switched to Ubuntu 14.04 for gaming. I've honestly had a pretty good experience playing everything from low-fi indie titles (like Terraria) to AAA releases (like Shadow of Mordor). Try it out!
> I updated to Windows 10 and found it to be so painfully slow

I initially had that problem, but it seemed to be the fact that (on top of some phoning-home options that I missed disabling originally, which seemed to play some role in the slowness -- disabling them helped) the Windows 10 update from Windows 8.1 also, for some unknown reason, rolled WLAN drivers back to the versions that were several years old (pre-Win8.1 at least) and fairly broken and couldn't automatically locate new ones; redownloading the latest (for Win8.1 -- no Win 10 specific drivers were available for the hardware in question) drivers (which is what had been installed prior to the update) resolved the slowness problems.

I can't say I've had any issues with performance on Win10. Some games seem to actually run a bit better for me.
Same. I would really like it to accommodate old Windows games as well, but that's too much to ask for right now.
Partition your system: Linux for browsing, typing, etc. swindows for gaming and being raped...
Parent post is willing to sacrifice his liberty and privacy because not doing so will cut him off from games.

Can we all just be honest with each other and call this behavior an addiction already?

Easiest way to block this for sure is probably going to be harvest a list of hostnames and/or IPs microsoft are using and block them at your border gateway/router.

I've recently considered setting up a separate wifi SSID where everything outbound except DNS, and tcp 80/443 is blocked, as well as TLS SNI and plain HTTP logging just so this sort of thing can be monitored.

That's a fragile solution at best. One update could change the IP/hosts of the data harvesting servers.

Surely the data will be transmitted using TLS or equivalent; HTTP logging won't do you much good unless you can (a) MITM the TLS setup, or (b) extract the keys that the spyware is using.

It's not what you said, but note that some of the phone-home behaviour is very deep rooted, ignoring proxy settings (http://arstechnica.com/information-technology/2015/08/even-w...):

> We configured our test virtual machine to use an HTTP and HTTPS proxy (both as a user-level proxy and a system-wide proxy) so that we could more easily monitor its traffic, but Windows 10 seems to make requests to a content delivery network that bypass the proxy.

Windows internal firewall blocks everything just fine. So far there are no secret allow lists present.

Enable 'Deny all outgoing' and start adding your own Egress filtering rules.

If I could figure out my wireless card/GPU drivers, I'd swap to Linux in a heartbeat. Plug-n-play drivers is the only reason I'm still on that closed-source OS. Just don't have the patience to hunt down third-party drivers.
Boot off a live CD (e.g. Ubuntu) and run lspci from a terminal session then post it here.

You may find the drivers you need are available in a separate 'restricted' or 'non-free' repository. It is unusual these days on desktop/laptop oriented installs to have to 'hunt down' anything.

Very very recent hardware can still be problematic mind you.

Just get the right hardware with good Linux support, it all just works then. You won't find any lasting happiness by digging deeper into the third party drivers swamp. (all-Intel for wifi and graphics is the safest bet)
Mainstream hardware is decently supported, if you don't have special claims. Ubuntu live cd/usb?
> Just don't have the patience to hunt down third-party drivers.

For most modern distros, you don't have to hunt down third-party drivers; at most, you might need to enable some first-party or second-party "restricted" repo, at which point you can install the necessary drivers from there. And last I checked, Ubuntu and Linux Mint (among others) provide a "restricted hardware wizard" in the normal settings screen to do precisely this.

When KB3035583 GWX/Win10 Spam came out I removed it and put my updates into manual because I figured it won't be long before MS put out another updated to push Win10. This is much worse, now I find out there are a number of updates that I have to track down and uninstall. Going forward I will always have to lag a month or so behind updates to make sure MS is not installing a key logger on my Win7 computer. I guess my move to Linux is sooner that I thought.
This news is another nail in the coffin. The pattern I can see among my peers and my small market is that people are more and more uneasy with using the web for sharing valuable info and data, both on public and private networks. They prefer face-to-face meetings and paper docs. Food for thought and some ground for new startups maybe.
Every-time Microsoft releases a new Windows (Since XP SP1) I saw quantifiable performance decline with every update I installed. I think Microsoft pushes people to change OSs using this technique.
This looks like a deliberately misleading and overblown claim to me. Looking at the knowledge base articles, we see that the diagnostics tracking service is enabled only for users who already participate in the customer experience program (a very clear option when setting up Windows for the first time:

- KB3080149: "The diagnostics tracking service collects diagnostics about functional issues on Windows systems that participate in the Customer Experience Improvement Program (CEIP)."

The second update is short on details, but it's specifically targeting the UAC "Run as Administrator" dialog (which is implemented by consent.exe), presumably to collect information on unsigned applications which request admin privileges. Microsoft should provide further details here for sure, but I see nothing nefarious. One might guess that the information collected here might be the hash of the exe requesting admin privileges.

- KB3075249: "This update adds telemetry points to the User Account Control (UAC) feature to collect information on elevations that come from low integrity levels."

Compare this with the ridiculous claim in the article that this is "allowing for remote monitoring of everything that happens within the operating system."

(comment deleted)
So I just started my windows and it seems that I am 'infected' with this anti-privacy stuff. How do I get rid of it? Re-install from the installation disk and disable updates, or can I still remove the updates?
You can remove updates via the control panel.
But does that really work in this case? It seems as if these new privacy things go pretty deep.
I'm not sure. I have seen spam that has unsubscribe buttons that actually work, as well as adware that uninstalls properly from the control panel.

I hope Windows doesn't do worse than spammers and malware programmers.

Lol, thanks.

I will at least give it a try ;). But before that I am moving all my personal files to my NAS and I will only be using windows for playing a game or 2.

What an unbelievable lack of respect and a big FU to Microsoft's own customers. At least using Windows 10 is a choice (I think - do they force it on Windows 7 machines?), but to do this to all existing customers - wow, just wow.

Behold everyone - this is the "new" Microsoft, worse than it ever was.

> I think - do they force it on Windows 7 machines?

No, but they keep nagging you every time you turn your computer on.

You can turn off the nagging by uninstalling update kb3035583. Then hide the update so it doesn't helpfully install it again for you.
I wonder how any IT corporation of decent size, with internal data policies will be able to live with something this.
Happy linux desktop user here, I only need windows for turbotax once a year, so I will worry about this in Feb/Mar, anyone provides a cloud-based tax filing service?
Doesn't turbotax provide just that? I did my taxes with them last year and never left the browser.
H&R Block does: http://www.hrblock.com/online-tax-filing/

Disclaimer: I have not used their online version so I don't know how well it works. I have been running their Windows version in a VM the last few years because I'm not wild about putting any more of my tax information "in the cloud" than I have to.

I would expect TurboTax to support online filing too, but did not see it on a quick search.

> I don't know how well it works

I've used H&R Block's online service for filing federal and state taxes for the past few years with no issues.

The most you need to get turbotax to work online is a user agent spoof.
taxact.com is entirely online too. No app required.
Yeah, TurboTax does. I've done my taxes several times now entirely from Firefox+Linux. TurboTax will nag you about using an unsupported browser/OS combo, but you can just click the link saying "yeah, whatever, I know what I'm doing, sod off and let me do my bloody taxes" and it'll work perfectly fine.
I have a question that I can't seem to get a straight answer anywhere. If I were to use Win 10 Enterprise edition, could I theoretically disable all the spying and telemetry?

It also now seems like we need two computers. One that is open for "spying" so the government looks at my usage and white-lists me as a "good citizen" and another computer that basically is encrypted and hides anything I don't want anyone to know about.

Or just one that runs open software...