On the surface, I'm glad Microsoft is doing this. However, it's hard for me to ignore the idea that with these positive changes might come hidden, negative changes. That is, I don't think I can trust Microsoft to just do what they say they're doing in this announcement; I won't fully believe this is better for privacy overall until people have been over the new version of Windows with a fine-toothed comb and confirmed it. Plus, there are indicators (like the language around the switching off of invasive settings) that Microsoft's goal is still to collect way more data than seems reasonable.
That's funny, it's a web-based privacy dashboard that only works when you link your Windows 10 account with your Microsoft Live account. In other words: the opposite of privacy.
Your bing search history shouldn't be linked to your identity in the first place. Same for cortana and edge. So Microsoft isn't getting any kudos for allowing users to see what kind of data is being collected on them (which they have to do by EU law anyhow).
I applaud any serious projects that advance privacy but this ain't it.
Except they're still collecting everything by default and shifting the responsibility to review the privacy settings to the consumer.
They conclude:
> When it comes to your privacy, we strive to make choices easy to understand while also providing clear visibility and control over your data.
This is entirely the wrong approach. Just don't harvest the data in the first place. Have opt-in measures if you must. That's it. That's what a serious commitment to privacy looks like. Anything else is a serious commitment to get away with harvesting as much data as possible while minimizing PR backlash.
Honestly at this point I would be satisfied with an opt-OUT.
That's right-- there is no supported way to opt-out of telemetry on Windows 10 Home or Pro SKUs. You need to use a third-party program to do it, and these settings are lost with every major upgrade, which come twice per year.
(disclaimer, ms employee here and the below is just my opinion).
> Just don't harvest the data in the first place.
for better or worse, I just don't think this is feasible anymore. Telemetry is, by now, a fundamental part of the engineering process. Products that don't incorporate it are going to be clobbered by products that do. Microsoft didn't start this paradigm, but I think they had to incorporate it in order to stay competitive.
If you can't avoid telemetry, I think the next best thing is to be transparent about it (with respect to what's being collected, how it's being used) and allow the user some control over it (by letting them 'clear' data that's been collected, and opting in/out as needed). In that respect, I don't think the steps taken today are sufficient, but they are headed in the correct direction. I also think they are being more open/transparent than many other tech companies (who do similar things without receiving nearly as much negative press as MS).
Can't tell if you're being tongue-in-cheek, but that was kind of the problem. The cost it took to do QA for Windows was immense, and even with an army of testers, there were still highly embarrassing (and very expensive to fix) flaws in the product all the time. Windows had to find a cheaper solution or die a slow death in the market.
Earlier I said "Products that don't incorporate [telemetry] are going to be clobbered by products that do". High QA costs are the biggest part of this.
> The cost it took to do QA for Windows was immense
As it should be when you're developing an OS for 90% of the market across a huge variety of hardware. There's really no way around that, and jettisoning QA teams as a cost-saving response is incomprehensible to me.
Trusting telemetry alone to ensure the robustness of your product will result in a "good enough to ship" focus on mainstream work-flows and leave corner-cases unaddressed since they're rare. And corner-cases are where the bad, system-breaking things happen.
Telemetry should help QA people write mundane automated test-cases to cover the 99% and then enable them to go and spend the constructive part of their time focusing on breaking the system. But it's absolutely not a replacement for QA.
I'd say that 'jettisoning QA teams' is a mischaracterization. The role is still filled, it's just evolved a lot since the windows 8.1 (and prior) era. Similarly, I'd say that 'Trusting telemetry alone' is also a mischaracterization.
From where I sit, both roles are combined. The output is a far smoother engineering process and a higher quality OS. You mentioned 'corner cases [being] unaddressed' but I've witnessed the exact opposite: most of the criticism I hear about Win10 has nothing to do with quality.
I understand the value of telemetry-- it truly does help improve software. And I'm fine with telemetry being active by default too. If it wasn't active by default its value would plummet as very few people would /choose/ to turn it on.
Windows telemetry should be set to "Basic" by default on every Windows install, and the user can choose to turn it off entirely or set it to "Full".
As a more sophisticated user who values his privacy, all I want is a supported method to opt-out. That's it.
I don't want to be forced to use a third-party program to do it. I don't want Windows updates to frequently reset my clear preferences, so I need to keep running that program on a regular basis. I just want a switch to turn it OFF.
I appreciate that it's tempting to add telemetry and crash logging functionality. The problem is that Microsoft gets the benefit (in reduced QA costs) but the consumer pays the cost (loss of privacy). Classic externality trap.
Microsoft acknowledges that full documents along with stack traces (that can contain sensitive information) can end up on Microsoft servers when error log reporting is enabled. Sending a call stack consisting of function names and pointer offsets and register values to aid debugging is one thing. Sending entire globs of application memory along with the crash log is much less defensible.
My objection about linking user data to real world people still stands. There is no technical reason why _personalized_ logging is necessary. Telemetrics can be pretty innocent (e.g. track which percentage of Windows users have multiple monitors), but as they become more personal it's again much harder to justify.
The absence of a single switch (during install or first login) to get rid of all logging/monitoring/telemetrics and other privacy-invading nonsense is indefensible.
> This is entirely the wrong approach. Just don't harvest the data in the first place. Have opt-in measures if you must. That's it. That's what a serious commitment to privacy looks like. Anything else is a serious commitment to get away with harvesting as much data as possible while minimizing PR backlash.
I'm sorry, but it's not economically realistic to demand that companies trying to minimize cost stop all data collection. They're not selling it: they're using it to make their developers work on real problems and improve real features. That's the same as nearly every mobile app. Watch how much your phone sings to mixpanel, kahuna, or google analytics to get a sense of what I mean.
You can raise the price substantially, or you can find ways to make things cheaper. The market is really clear they want the cheaper and are fine with benign telemetry collection. But what's really absurd is that you then decide that doing what a small minority of users are asking for is a PR stunt because it doesn't go far enough in one step.
Your appeal to economic realism is just a different way of saying that tracking is advantageous for Microsoft, which I don't think anybody disputed.
Which brings me to your second point, that customers are fine with it. The underlying assumption is that consumers are Homo Economicus: rational agents making intelligent, informed decisions. This is not the case, as evidenced by the overwhelming difference between opt-in, opt-out, and must-choose behavior. Customers don't care about tracking, as you say, but not because they've thought about the issue and concluded the trade-off is in their benefit -- in reality they've never thought about the issue at all. Regular people are indifferent to iPhone privacy until they're asked if they ever have conversions or ever take photos they don't want to become public. And then it all clicks, and then they do care about their privacy. People don't care, until they do.
When you call telemetry "benign" you're begging the question: the definition of benign implies you can't reasonably be opposed to it. So that's fallacious.
I never said what Microsoft did was a PR stunt. My claim is that Microsoft isn't genuinely committed to the privacy of their customers, because these privacy measures are (a) insufficient (b) an afterthought (c) opt-out only. I see this as an effort to appease disgruntled customers, not as PR stunt. And as somebody else pointed out already, it still isn't possible to opt-out entirely.
> Customers don't care about tracking, as you say, but not because they've thought about the issue and concluded the trade-off is in their benefit -- in reality they've never thought about the issue at all. Regular people are indifferent to iPhone privacy until they're asked if they ever have conversions or ever take photos they don't want to become public. And then it all clicks, and then they do care about their privacy.
Yes I suppose if you draw an unrealistic line between data collection and Facebook suddenly sharing photos you could scare up any sort of response you want.
Sharing content vs app usage metadata are quite different in point of fact though.
> People don't care, until they do.
Yes. I suppose this is true in the sense that it's tautological. I only bring that up because of your meticulous dedication to discarding social context in:
> When you call telemetry "benign" you're begging the question: the definition of benign implies you can't reasonably be opposed to it. So that's fallacious.
(P.S., this is not "begging the question". "Begging the question" is not "Obviously we should ask." If you're going to use a technical term, perhaps look up its technical definition? I do not think this assertion is unusually cyclical.)
> I see this as an effort to appease disgruntled customers, not as PR stunt.
I sure do wish people would hold desktop to the same uncompromising standard they hold Windows to...
> And as somebody else pointed out already, it still isn't possible to opt-out entirely.
Actually, they were referring to the current state of affairs for specific editions of windows. We are not entirely sure how this will change with the new edition.
1. Your claim is people don't care about privacy. I say they never considered the implications, and provided evidence that people do switch from "not caring" to "caring" in some situations. We don't know whether people would care about the collection of meta-data because they've never seriously thought about the matter. Your assertion that people don't care is still false.
2. I am using the technical (dictionary) definition of "begging the question" and I'm using it correctly. We're not in agreement whether the data collection is fine. You say it is, I say it isn't. Begging the question is the fallacy where you assume the statement under examination to be true, which do you when you label collection "benign". After all, if I agreed it's benign we wouldn't be having this discussion.
3. Non-sequitur.
4. No evidence has been provided that opting out entirely will be possible, and it's not possible today, so it stands to reason it won't be possible in the future either (except perhaps with registry hacks).
1. "If only everyone agreed with me and thought about it the way I do." I'm curious if you think I don't agree with you because I haven't worked through the conversation.
2. No. You didn't. And no, it isn't quite that.
3. Industry security as a holistic vision does indeed seem to be immaterial to this conversation. I talk back against this point in this community because I'd prefer not to see the slashdot-esque "M$" mindset take over the discourse in an industry that sorely needs competition in this space.
4. Since no evidence has been provided either way it doesn't seem safe to assume either way. I'm not sure why the lack of clear policy here is license for you to say "It is not changing."
A big part of the issue I'd think is that as Microsoft pushes over to the Store as a significant app distribution medium, they consider no telemetry a breaking issue for anyone who doesn't have an enterprise software deployment setup.
I'm kinda sad to see that's where we've hit on service dependence though.
Isn't Microsoft sending requests to see if updated versions of Store apps are available telemetry, if it indicates which apps you have installed? There's always some manner of detectable feedback they could collect, and so no matter how slight "Basic" telemetry becomes, it may be dishonest to ever call it "No" telemetry.
Contacting MS servers for functionality inherent in the application being executed is perfectly fine by me.
I expect Spotify to know I just listened to "Bring Me to Life" by Evanescence. I don't expect MICROSOFT to know that too, unless I use a Microsoft music service.
Thanks for that. I _still_ can't tell, from looking through it -- are they going to stop harvesting wifi access point passwords? That alone (along with many of the other items) is a non-starter.
It seems misleading to describe Wi-Fi Sense has harvesting passwords - that's a side effect and not the purpose.
That said, I'm not sure if Microsoft still stores Wi-Fi passwords at all; if they do, they removed the primary benefit: Wi-Fi passwords can no longer be shared. The Wi-Fi Sense privacy page only talks about open networks now. If they still store Wi-Fi passwords on their servers, it must be only used for profile sync. I can't find any information one way or another.
Absolutely right that there's no /supported/ way to disable telemetry. However, it's your computer. You've got root. You can disable it via a third party program. I recommend this one:
And in all editions, there is a whitelist of IPs and Domains in kernel mode part of Win10.
From their PR only the LTSB edition (most expensive one), allows one to disable all phone-home "features" (even there opt-out, and if you miss one, your bad)
There is a reason Win7 goes still strong, and many are very carefully with recent patches of Win7 (which backport some phone-home features and degrade performance, like they did with WinXP3 in its last days).
I am waiting until MSFT board member and lead managers get fired over this case. In the early 2000s, US went after adware and spyware distributers. Nowadays MSFT is the biggest adware and spyware distributer, please go after them. They should split MSFT up in two companies.
>At Microsoft, we are deeply committed to protecting our customers’ privacy. This includes providing clear choices and easy-to-use tools that put you in control of how your information is collected and used.
LOL here I stopped reading this FUD. Do they still re-enable telemetry when updates to them are installed?
This comes across as: "Now that we've got all your private data, there's a diminishing return on maintaining a system to collect it again, so we'll go for some positive PR by putting this interface up and let you secure a false sense of privacy"
They've been collecting "telemetry" through an opaque encrypted collection system [1], and after a year of this collection, comes a "deep commitment to privacy"? This is very difficult to believe. Am I needlessly cynical here?
[1] As far as I know, nobody has decrypted the "telemetry" streams, so we don't actually know what MSFT is collecting, so nobody can be sure that it doesn't collect your sensitive documents, private keys, keyboard logs, etc.
> This comes across as: "Now that we've got all your private data, there's a diminishing return on maintaining a system to collect it again
No way -- there's no such thing as "ALL your private data" (emphasis mine). You're always making more data, it never stops. There's no way there's diminishing returns on collecting it, nowadays those systems must be super cheap to maintain, especially for a company that runs one of the largest cloud computing systems in the world.
> Am I needlessly cynical here?
In reality, yes. In Hacker News Distortion Field, not even close.
Well, in one year of monitoring your PC, I've seen your tax returns, documents/photos, countless correspondence samples, countless voice samples, internet browsing history and online spending habits. I've identified everyone you regularly communicate with, a list of locations you regularly visit, and what your career path is. What is year two going to reveal? "Bought a new lawn mower"? "Finally joined a gym"?
How the heck did you manage to see my tax returns? Does the privacy policy for these features indicate that you can send over the content of these documents, beyond simply the metadata -- in fact, where does it even say the metadata is sent?
How did you see my online spending habits? Surely those were done over an encrypted connection online, and probably not to any of the services my OS manufacturer has partnered with. If anything, that data-in-motion is the most secure data there is.
I'm so confused how this notion is so prevalent on HN.
The windows 10 "telemetry" is not a man-in-the-middle attack, it's a compromised endpoint. You don't know what's in the telemetry -- it's encrypted, and there's no (known) mechanism for you, the owner of the computer, to inspect it. It /could/ include what Microsoft claims it does, or it could include all of the above and more.
I'm so confused why anyone would want to normalize the idea of backdoored computers that let Microsoft collect whatever data they want from your on a routine basis. Normally we consider this kind of thing spyware or malware and try to get rid of it stat, why does Microsoft get a pass?
Why would they need to decrypt it? Surely it would be easier to reverse whatever is encrypting it and dump it out in the clear? Perhaps the EFF could request that Microsoft open source or otherwise explain the process that produces the data.
If you can determine a way to intercept the pre-encrypted "telemetry" data, then we'd have the ability to verify Microsoft's claims about what they are transmitting. At the moment, we only have Microsoft's claims, and they are unverifiable.
And people claim that making Linux work is hard. Man, making Linux / BSD do what I want seems trivial compared to making Windows / OSX not do what I don't want.
Your subjective opinion is noted, but I'm confused how someone with this read would ever be appeased.
Sequence of events:
1. Microsoft ships an OS with signal collection roughly analagous to OSX.
2. Microsoft is raked over the coals for this.
3. Microsoft scales it back a bit.
4. People demand more.
5. Microsoft actually makes a UI and offers even more cutbacks, with less collection by default and a more thorough set up experience.
6. People claim this is a PR stunt.
What the hell do you actually want other than a black hole to swallow the Redmond you learned to hate in high school? That ship has sailed. They're already gone.
Yes, I do block it via a third-party program. The problem is that every major Windows update resets those settings, so I need to run that third-party program regularly.
Blocking IPs could work, but then I'd need to stay on top of the current addresses, which they could (and probably do) change inside their CDN.
What I want is for the switch that currently says "Basic, Enhanced, or Full Telemetry" to say "Security, Basic, Enhanced, or Full Telemetry". (Security setting essentially turns it off.)
I do block searchui.exe at the network level, and that works. Unless you block it, Win10 talks to MS with every local filesystem search, even with Cortana and web search integration disabled.
Only telemetry and windows update is whitelisted in the kernel?
I couldn't find any corroborating evidence to back that claim up, for what it's worth. It's sort of true for the insider editions (but those are a semi-private beta program).
Not only can you, but people have done it. There are several available methods using native and non-native tools.
The only people who cannot do so are people on the insider ring builds. When you sign up for those builds, you accept the telemetry as part of the agreement (which is not unprecedented at all).
Reading TFA, it seems like that's about to happen. But when you do it you'll break voice control and they will not be doing it for 3rd party apps, which they can't negotiate on behalf of anyways.
I don't really get why OS metadata is so disturbing but the fact that every other app and website you visit (including this one) is a blinking light of information with effectively no overarching privacy policy is overlooked. This website is run by people who fund companies that use data collection as a primary business model and early revenue driver. Why are you here if you don't support that?
That's a charitable assessment. Microsoft does not get privacy points for reducing a privacy invading program, any more than an abusive person gets credit for abusing less often.
A more realistic assessment is that this "telemetry" aims to normalize windows users to the idea that you don't have an expectation of privacy on your windows computer, that your windows computer regularly reports data back to Microsoft, and that you do not get to inspect what data is reported back.
I'm uncomfortable sharing the amount of time I have games running with Steam; I certainly don't want MS to have information about which applications I'm running and for how long.
MS and I have radically different expectations about what privacy means in the context of a personal computer.
In particular, I run applications I've written myself. You could easily figure out what I'm doing from knowing which application was in the foreground at any given time.
Contents of files etc. is at the extreme end of privacy violation. I strongly object to the thinnest end of the wedge.
It's particularly uncomfortable now that Steam has some... risqué game titles out there. I'm surprised there isn't at least more options on Steam to mark certain titles as private.
You can set your profile private and then play in offline mode, which should prevent people from viewing your profile and seeing what your playtimes are. I'm not sure if playing in offline mode stops Valve from logging / viewing this data, however. I'd be surprised it it does.
In terms of playtime I think offline mode does stop it being logged. My wifi was stuffed in my game box and about 20 hours of a game weren't logged by the time I got a new adapter and reconnected to Steam servers.
Hmm. For the most part I only play games in a social setting - local multiplayer or online - so it may be different for me. When I join an IRC channel, every other user sees "wallacoloo has joined" and I've never heard anyone complain about that. It's an open invitation, "hey, I'm here now - message me!" Similarly for Steam, the notification serves the purpose of saying "hey friends, I'm playing Rocket League now if you want to join".
Isn't the whole point of friending people on Steam so that they can play games with you? In that case, this behavior seems pretty intuitive to me. Though from that angle, broadcasting this announcement for single-player/non-networked games doesn't really achieve anything and should maybe not be the default.
"When I join an IRC channel, every other user sees "wallacoloo has joined" and I've never heard anyone complain about that."
I'm okay with Steam saying "Soandso has logged on" but not "Soandso has moved their mouse 400 pixels, double left clicked, and is starting new software... stay tuned!"
"Isn't the whole point of friending people on Steam so that they can play games with you?"
The whole point of steam is a distribution platform. It has a defacto monopoly on computer gaming with some 3/4 of the entire market through the platform.
Sure, I play the occasional multiplayer game, but the other 80% of my behavior doesn't need to be publically broadcast against my will at all times.
It's ridiculous: I have to click "appear offline" then log into the Steam Chat website just to play a game and not have my steam account announce that to everyone I know. Sometimes you just don't want to push notify everyone you know about your every behavior.
Also -- why be friends on steam? "Dude you didn't friend me yet" "Dude i sent u my info a week ago" "Dude i thought you said you wanted to friend me" "Dude" "dude"
You have to friend people or they get offended. Social networks and psychology man. I just don't want a f'n social network in my video game launcher. Crazy. Not every single computer endpoint has to be a social network.
Yeah, I've always been slightly uncomfortable with the level of tracking in Steam as well. Mostly the notifications to friends when I start and stop playing a game, but the total hours count as well.
I guess I take partial solace in the fact that my number of hours played is almost always wildly inaccurate because I have a habit of (sometimes accidentally, sometimes intentionally) letting my PC sit idle for long stretches of time with a game still running. Steam doesn't track for activity within the game, just that it's open.
I regret ever using Google or Facebook services so extensively. I'm on Windows 7 and intentionally never upgraded to Windows 10 due to the privacy issues. From this announcement it doesn't sound like there's anyway to 100% remove any tracking for all applications. Am I mistaken?
You are not. MS is playing intentionally dense with this PR post. It is infuriating that one can't disable info (keystrokes, crashed dev apps with source inside) leaking out, on a machine paid in full. Hardware and software.
The joke is that Microsoft finally solved the perception problem around spyware by making the OS into one big bundle of spyware.
I still have a VM running Win7 that I use to run CNC software. Like any other software I don't trust, it isn't allowed talk to the net and any time it breaks I roll it back to a checkpoint and continue.
And that's all the Windows I need in my life. And now that Apple's laptops no longer appeal, the future, for me at least, is all about Linux and FreeBSD.
What are you using as your host OS? I've been really wanting to virtualize my Win7 install but I haven't decided on a host OS yet. My ideal would be Qubes OS.
Qubes OS is a reasonable way of running Windows VM's. You install a template VM with Windows 7, and the only thing you run in that VM is Windows Update to make sure it's up to date.
Your actual Windows work is run in AppVM's which are based on the template. Any changes in an AppVM is rolled back every time it's restarted (it's always based on the template), with the exception on the user's home directory.
For anyone that hasn't used Qubes OS, this is how you do most work in it, even for the Linux VM's, and I like how it allows you to be in better control of what is actually running on your system.
Using Qubes OS take a bit more effort, but once you get everything up and running the way you want it, you'll be asking yourself why not all operating systems do this.
I really like the idea of Qubes, but it just seems Not There Yet. Or at least, was when I last looked.
Anyway, I wouldn't recommend doing what I'm doing. My home environment is the result of many years of incremental change, benign neglect, not-so-benign neglect, quick duct-tape fixes and grandiose redesigns half-completed. Learn From My Mistakes.
I run two virtualization hosts - FreeBSD and Ubuntu[1]. FreeBSD runs my always-on VMs (DNS, DB, some apps, monitoring, etc.). The Ubuntu box is where I run the Windows VM I mentioned, and sometimes others, depending on what I'm working on.
Ubuntu/KVM is fine as a virtualization host. I'm less thrilled with Ubuntu overall; generally, I don't like some of the decisions they've made. Next rebuild I'll probably be back to vanilla Debian.
I wouldn't recommend FreeBSD/Bhyve to anyone who is not already conversant with FreeBSD. From the perspective of a user coming from Linux, the transition isn't bad, but if you're running VMs, you're at least a part-time sysadmin as well, and managing FreeBSD looks a fair bit different than Linux. Additionally, Bhyve is currently missing some features KVM/libvirt has. In particular, if you want VGA or USB passthrough, stick to Linux[2] for now.
This is all predicated on this being a workstation - if you're doing server virtualization, I really like Ovirt, which requires an RHEL-lineage host OS.
[1] The FreeBSD box used to be "just" a storage server, but has grown up a lot and last time I did a lot of work on it, I renamed it 'spof', as in 'single point of failure', in honor of the role it serves. The Ubuntu box is my desktop machine.
[2] Actually, unless you like the adventure, maybe wait a bit - there are patches soon to be merged that will make VGA-passthrough quite a bit easier than it is now. I had a terrible time getting it working and to a kinda-stable point.
But Windows 10 doesn't collect much more than Apple and Safari do. It collects substantially less than iOS and Android do. And of course, all of this ignores that individual 3rd party software is actually the real culprit (along with websites).
You can't use their store without any data collection because the core functionality of a store entails sending data to Apple. That's fine and I don't count it as telemetry.
Like I said elsewhere in the thread, I expect Spotify to know I listened to "Bring Me to Life" by Evanescence when I streamed it via their program. That's perfectly fine. I don't expect MICROSOFT to know that.
> That's perfectly fine. I don't expect MICROSOFT to know that.
Why do you think they do as it stands? Unless of course you use the media player from their store. iTunes has a nearly identical setup.
In general they're only collecting the outer edge of application usage. I hope people realize Apple effectively has the exact same data via their bundled store solution? The idea that MS is unique or even first here is wrong.
According to Microsoft, on "full" telemetry they actually could know I listened to that song if the Spotify program crashed.
Note that Enhanced is the default today, but Full will be the default telemetry level in the update this thread is actually about.
Anyway, that was just an example illustrating the difference between an application talking back to its server to deliver core functionality and OS telemetry.
Apple collects the crash reports for App store apps too. They just continued to use the brand testflight. But it's all Apple now.
If the app developers elect to use testflight to manage crash reports (which they're suggested to do, and it's a good service for devs), then yeah, Apple owns that pipeline. So yeah, they do end up handling that data.
Can we flag and ban this MSFT shill accounts on HN? Their sock puppet accounts swamped over to HN around their DEV 2015 conference, doing PR for all new and great MSFT. It was all full of lies, and even VS Code comes will all these spyware. HN is about startups, and Silicon Valley, and investors and shady corporate things from a stoneage company don't fit quite well - who would use Windows and MSFT products with all those license costs for a startup anyway? Who would burn money for fun these days?
I'm jealous--I could have purchased my last laptop with Windows 7 after upgrading from an older Windows 7 system. I went with 10 because I'm a gamer. Really regretting that now, especially since many of the games I play these days probably would have been fine without it.
It's not a coincidence that most of the DX12 exclusives are published by MS. Also note, that none of those are particularly good games, albeit they probably do work okay in showcasing some of DX12's features.
Not only that, but I noticed you purchased a laptop, which makes even less sense, since the most graphically demanding games that require DX12 are unlikely to run at decent framerates on a laptop anyway, without spending $3000+ on it.
Are you sure that this is really the case and that it does send data even if any consumer experience program or error reporting to Microsoft is disabled?
I haven't seen anyone closely investigating the telemetry added in 2016 to Windows 7 and 8, now that you mention it. All I've seen are reports it's "the same as Windows 10".
I would be very surprised if MS allowed users to disable the newly added Win7/8 telemetry, as they do not allow it on Win10.
It's just duplicitous corporatespeak. They do whatever they want, ignoring privacy entirely, for years, and then claim to have a "continuing commitment". They don't care about privacy, they just care that they got flak in the press about privacy so they're trying to backpedal about it.
Yeah, one distribution tried this a few years back, got grilled to a char by the community for it, and swiftly trashed the idea. This is nothing like Microsoft turning Windows into one giant dark pattern and trying to convince the world that it's progress while showing no signs of backing down despite the overwhelming backlash.
Ubuntu's Amazon integration was a failed experiment in an ecosystem with literally hundreds of other players to choose from while Microsoft's Windows telemetry is an inescapable dogma forced upon all Windows users.
I'm with you. Its objectively a move in the right direction. is it far enough? maybe not. Seems shitty to chastise a company for moving toward better privacy and transparency while listening to customer feedback. Seems like "a damned if you do, damned if you don't" scenario.
Many OS' and apps create unsolicited TCP connections on startup to check for updates, seems a touch harsh to equate that with "Zero Privacy", also kind of hard to see how they do product updates without them...
For non-technical users, it seems pretty likely that a product without automatic updates, users won't update frequently.
This results in users getting compromised... a lot... that's why pretty much every heavily used piece of consumer software now does automatic updates, from Apple, to Google to Microsoft.
Decrying automatic updates as "zero privacy" seems a bit daft in that context.
Excerpt:
"With free software, the users control the program, both individually and collectively. So they control what their computers do (assuming those computers are loyal and do what the users' programs tell them to do).
With proprietary software, the program controls the users, and some other entity (the developer or “owner”) controls the program. So the proprietary program gives its developer power over its users. That is unjust in itself, and tempts the developer to mistreat the users in other ways."
Sure, organizations have different needs. If I lost my work laptop and my personal laptop, it would be far more concerned about the data on my personal laptop. That's the nature of personal things.
So I would agree with Microsoft that the two have different needs: individuals require more control over what and how their personal and private data is harvested by Microsoft.
My continuing commitment to my privacy means that I continue to stick with Windows 7, and only for those things that I must use Windows for. Everything else is done on Linux.
I acknowledge that this alone doesn't guarantee my privacy, but I refuse to make it easy for corporations to rifle through my personal documents and watch me like a hawk.
Aside from that, I object to having a "free" upgrade option shoved down my throat so often and aggressively that I've got to hack the registry to shut it up. It's clear that Microsoft still doesn't give a damn about what I want as a user.
And like I said, I realize that avoiding the upgrade to Windows 10 doesn't guarantee my privacy...but I'm not making it easier for Microsoft. I'll continue to disable that nonsense by removing specific updates.
And I'll continue using Linux. Redmond can double-down on their Orwellian fantasy while calling it the opposite, but in the long run it will cost them dearly.
My god this is painful to read with all the cold and opaque corporate speak. When they start referring to everything as 'experiences' my brain switches off
Having the default position of gathering everyone's personal information and requiring them to learn more about your policies before manually opt-ing out is a huge problem, and it's one of the major reasons why I upgraded my personal Computers from Windows 7 to Ubuntu. The "GWX" thing didn't help either.
How about you take a page from your own book and go back to an O/S that strictly runs my programs and doesn't look for analytics in my computing habits? Honestly, taking payment for a product and still using the client as a product through gathering analytics is double-dipping. It's monetized twice over and provides no added value to the user.
I do like how the "simplified" privacy controls conflates sharing choices you would want to make with sharing choices that don't benefit you in any way. E.g.: Share your location with the weather app and microsoft? Yes/No. Share your location only with the weather app? Sorry, that's not possible.
161 comments
[ 2.7 ms ] story [ 100 ms ] threadYour bing search history shouldn't be linked to your identity in the first place. Same for cortana and edge. So Microsoft isn't getting any kudos for allowing users to see what kind of data is being collected on them (which they have to do by EU law anyhow).
I applaud any serious projects that advance privacy but this ain't it.
They conclude:
> When it comes to your privacy, we strive to make choices easy to understand while also providing clear visibility and control over your data.
This is entirely the wrong approach. Just don't harvest the data in the first place. Have opt-in measures if you must. That's it. That's what a serious commitment to privacy looks like. Anything else is a serious commitment to get away with harvesting as much data as possible while minimizing PR backlash.
That's right-- there is no supported way to opt-out of telemetry on Windows 10 Home or Pro SKUs. You need to use a third-party program to do it, and these settings are lost with every major upgrade, which come twice per year.
https://www.oo-software.com/en/shutup10
> Just don't harvest the data in the first place.
for better or worse, I just don't think this is feasible anymore. Telemetry is, by now, a fundamental part of the engineering process. Products that don't incorporate it are going to be clobbered by products that do. Microsoft didn't start this paradigm, but I think they had to incorporate it in order to stay competitive.
If you can't avoid telemetry, I think the next best thing is to be transparent about it (with respect to what's being collected, how it's being used) and allow the user some control over it (by letting them 'clear' data that's been collected, and opting in/out as needed). In that respect, I don't think the steps taken today are sufficient, but they are headed in the correct direction. I also think they are being more open/transparent than many other tech companies (who do similar things without receiving nearly as much negative press as MS).
Earlier I said "Products that don't incorporate [telemetry] are going to be clobbered by products that do". High QA costs are the biggest part of this.
As it should be when you're developing an OS for 90% of the market across a huge variety of hardware. There's really no way around that, and jettisoning QA teams as a cost-saving response is incomprehensible to me.
Trusting telemetry alone to ensure the robustness of your product will result in a "good enough to ship" focus on mainstream work-flows and leave corner-cases unaddressed since they're rare. And corner-cases are where the bad, system-breaking things happen.
Telemetry should help QA people write mundane automated test-cases to cover the 99% and then enable them to go and spend the constructive part of their time focusing on breaking the system. But it's absolutely not a replacement for QA.
From where I sit, both roles are combined. The output is a far smoother engineering process and a higher quality OS. You mentioned 'corner cases [being] unaddressed' but I've witnessed the exact opposite: most of the criticism I hear about Win10 has nothing to do with quality.
I understand the value of telemetry-- it truly does help improve software. And I'm fine with telemetry being active by default too. If it wasn't active by default its value would plummet as very few people would /choose/ to turn it on.
Windows telemetry should be set to "Basic" by default on every Windows install, and the user can choose to turn it off entirely or set it to "Full".
As a more sophisticated user who values his privacy, all I want is a supported method to opt-out. That's it.
I don't want to be forced to use a third-party program to do it. I don't want Windows updates to frequently reset my clear preferences, so I need to keep running that program on a regular basis. I just want a switch to turn it OFF.
Microsoft acknowledges that full documents along with stack traces (that can contain sensitive information) can end up on Microsoft servers when error log reporting is enabled. Sending a call stack consisting of function names and pointer offsets and register values to aid debugging is one thing. Sending entire globs of application memory along with the crash log is much less defensible.
My objection about linking user data to real world people still stands. There is no technical reason why _personalized_ logging is necessary. Telemetrics can be pretty innocent (e.g. track which percentage of Windows users have multiple monitors), but as they become more personal it's again much harder to justify.
The absence of a single switch (during install or first login) to get rid of all logging/monitoring/telemetrics and other privacy-invading nonsense is indefensible.
I'm sorry, but it's not economically realistic to demand that companies trying to minimize cost stop all data collection. They're not selling it: they're using it to make their developers work on real problems and improve real features. That's the same as nearly every mobile app. Watch how much your phone sings to mixpanel, kahuna, or google analytics to get a sense of what I mean.
You can raise the price substantially, or you can find ways to make things cheaper. The market is really clear they want the cheaper and are fine with benign telemetry collection. But what's really absurd is that you then decide that doing what a small minority of users are asking for is a PR stunt because it doesn't go far enough in one step.
Are you aware that Windows 10 is ad supported? If the data isn't being sold today, it will as soon as quarterly profits dip low enough.
Which brings me to your second point, that customers are fine with it. The underlying assumption is that consumers are Homo Economicus: rational agents making intelligent, informed decisions. This is not the case, as evidenced by the overwhelming difference between opt-in, opt-out, and must-choose behavior. Customers don't care about tracking, as you say, but not because they've thought about the issue and concluded the trade-off is in their benefit -- in reality they've never thought about the issue at all. Regular people are indifferent to iPhone privacy until they're asked if they ever have conversions or ever take photos they don't want to become public. And then it all clicks, and then they do care about their privacy. People don't care, until they do.
When you call telemetry "benign" you're begging the question: the definition of benign implies you can't reasonably be opposed to it. So that's fallacious.
I never said what Microsoft did was a PR stunt. My claim is that Microsoft isn't genuinely committed to the privacy of their customers, because these privacy measures are (a) insufficient (b) an afterthought (c) opt-out only. I see this as an effort to appease disgruntled customers, not as PR stunt. And as somebody else pointed out already, it still isn't possible to opt-out entirely.
Yes I suppose if you draw an unrealistic line between data collection and Facebook suddenly sharing photos you could scare up any sort of response you want.
Sharing content vs app usage metadata are quite different in point of fact though.
> People don't care, until they do.
Yes. I suppose this is true in the sense that it's tautological. I only bring that up because of your meticulous dedication to discarding social context in:
> When you call telemetry "benign" you're begging the question: the definition of benign implies you can't reasonably be opposed to it. So that's fallacious.
(P.S., this is not "begging the question". "Begging the question" is not "Obviously we should ask." If you're going to use a technical term, perhaps look up its technical definition? I do not think this assertion is unusually cyclical.)
> I see this as an effort to appease disgruntled customers, not as PR stunt.
I sure do wish people would hold desktop to the same uncompromising standard they hold Windows to...
> And as somebody else pointed out already, it still isn't possible to opt-out entirely.
Actually, they were referring to the current state of affairs for specific editions of windows. We are not entirely sure how this will change with the new edition.
2. I am using the technical (dictionary) definition of "begging the question" and I'm using it correctly. We're not in agreement whether the data collection is fine. You say it is, I say it isn't. Begging the question is the fallacy where you assume the statement under examination to be true, which do you when you label collection "benign". After all, if I agreed it's benign we wouldn't be having this discussion.
3. Non-sequitur.
4. No evidence has been provided that opting out entirely will be possible, and it's not possible today, so it stands to reason it won't be possible in the future either (except perhaps with registry hacks).
2. No. You didn't. And no, it isn't quite that.
3. Industry security as a holistic vision does indeed seem to be immaterial to this conversation. I talk back against this point in this community because I'd prefer not to see the slashdot-esque "M$" mindset take over the discourse in an industry that sorely needs competition in this space.
4. Since no evidence has been provided either way it doesn't seem safe to assume either way. I'm not sure why the lack of clear policy here is license for you to say "It is not changing."
[1] https://technet.microsoft.com/en-us/itpro/windows/manage/con... CTRL-F "windows 10 enterprise"
I'm kinda sad to see that's where we've hit on service dependence though.
I expect Spotify to know I just listened to "Bring Me to Life" by Evanescence. I don't expect MICROSOFT to know that too, unless I use a Microsoft music service.
That said, I'm not sure if Microsoft still stores Wi-Fi passwords at all; if they do, they removed the primary benefit: Wi-Fi passwords can no longer be shared. The Wi-Fi Sense privacy page only talks about open networks now. If they still store Wi-Fi passwords on their servers, it must be only used for profile sync. I can't find any information one way or another.
https://privacy.microsoft.com/en-us/windows-10-about-wifi-se...
https://www.oo-software.com/en/shutup10
Is that even true anymore with SecureBoot?
From their PR only the LTSB edition (most expensive one), allows one to disable all phone-home "features" (even there opt-out, and if you miss one, your bad)
There is a reason Win7 goes still strong, and many are very carefully with recent patches of Win7 (which backport some phone-home features and degrade performance, like they did with WinXP3 in its last days).
I am waiting until MSFT board member and lead managers get fired over this case. In the early 2000s, US went after adware and spyware distributers. Nowadays MSFT is the biggest adware and spyware distributer, please go after them. They should split MSFT up in two companies.
LOL here I stopped reading this FUD. Do they still re-enable telemetry when updates to them are installed?
https://www.oo-software.com/en/shutup10
There's also a few scripts on GitHub like win10-unfuck:
https://github.com/dfkt/win10-unfuck
I stopped reading. Marketing bull does that.
Windows 10 is basically a data collecting malware.
Terry (?), the writer, must be from Microsoft's experimental comedy group.
MWAHAHAHAHA... Jesus. Just read it word by word.
That's some Grade A newspeak. Such a strong wiff of Orwell.
They've been collecting "telemetry" through an opaque encrypted collection system [1], and after a year of this collection, comes a "deep commitment to privacy"? This is very difficult to believe. Am I needlessly cynical here?
[1] As far as I know, nobody has decrypted the "telemetry" streams, so we don't actually know what MSFT is collecting, so nobody can be sure that it doesn't collect your sensitive documents, private keys, keyboard logs, etc.
No way -- there's no such thing as "ALL your private data" (emphasis mine). You're always making more data, it never stops. There's no way there's diminishing returns on collecting it, nowadays those systems must be super cheap to maintain, especially for a company that runs one of the largest cloud computing systems in the world.
> Am I needlessly cynical here?
In reality, yes. In Hacker News Distortion Field, not even close.
Well, in one year of monitoring your PC, I've seen your tax returns, documents/photos, countless correspondence samples, countless voice samples, internet browsing history and online spending habits. I've identified everyone you regularly communicate with, a list of locations you regularly visit, and what your career path is. What is year two going to reveal? "Bought a new lawn mower"? "Finally joined a gym"?
How did you see my online spending habits? Surely those were done over an encrypted connection online, and probably not to any of the services my OS manufacturer has partnered with. If anything, that data-in-motion is the most secure data there is.
I'm so confused how this notion is so prevalent on HN.
I'm so confused why anyone would want to normalize the idea of backdoored computers that let Microsoft collect whatever data they want from your on a routine basis. Normally we consider this kind of thing spyware or malware and try to get rid of it stat, why does Microsoft get a pass?
Sequence of events:
1. Microsoft ships an OS with signal collection roughly analagous to OSX. 2. Microsoft is raked over the coals for this. 3. Microsoft scales it back a bit. 4. People demand more. 5. Microsoft actually makes a UI and offers even more cutbacks, with less collection by default and a more thorough set up experience. 6. People claim this is a PR stunt.
What the hell do you actually want other than a black hole to swallow the Redmond you learned to hate in high school? That ship has sailed. They're already gone.
Is that so unreasonable?
Blocking IPs could work, but then I'd need to stay on top of the current addresses, which they could (and probably do) change inside their CDN.
What I want is for the switch that currently says "Basic, Enhanced, or Full Telemetry" to say "Security, Basic, Enhanced, or Full Telemetry". (Security setting essentially turns it off.)
https://technet.microsoft.com/en-us/itpro/windows/manage/con...
I do block searchui.exe at the network level, and that works. Unless you block it, Win10 talks to MS with every local filesystem search, even with Cortana and web search integration disabled.
Only telemetry and windows update is whitelisted in the kernel?
The only people who cannot do so are people on the insider ring builds. When you sign up for those builds, you accept the telemetry as part of the agreement (which is not unprecedented at all).
I don't really get why OS metadata is so disturbing but the fact that every other app and website you visit (including this one) is a blinking light of information with effectively no overarching privacy policy is overlooked. This website is run by people who fund companies that use data collection as a primary business model and early revenue driver. Why are you here if you don't support that?
What we want is "security" level, which is only allowed on Win10 Enterprise and Education.
That's a charitable assessment. Microsoft does not get privacy points for reducing a privacy invading program, any more than an abusive person gets credit for abusing less often.
A more realistic assessment is that this "telemetry" aims to normalize windows users to the idea that you don't have an expectation of privacy on your windows computer, that your windows computer regularly reports data back to Microsoft, and that you do not get to inspect what data is reported back.
> What the hell do you actually want
Opt-in "telemetry".
MS and I have radically different expectations about what privacy means in the context of a personal computer.
In particular, I run applications I've written myself. You could easily figure out what I'm doing from knowing which application was in the foreground at any given time.
Contents of files etc. is at the extreme end of privacy violation. I strongly object to the thinnest end of the wedge.
Could you imagine if Facebook pushed a notification to all your friends when you visit a new page?
If Microsoft sent an email to your entire contact book every single time you opened a program?
And yet, that's precisely what Steam does. Insane.
Isn't the whole point of friending people on Steam so that they can play games with you? In that case, this behavior seems pretty intuitive to me. Though from that angle, broadcasting this announcement for single-player/non-networked games doesn't really achieve anything and should maybe not be the default.
I'm okay with Steam saying "Soandso has logged on" but not "Soandso has moved their mouse 400 pixels, double left clicked, and is starting new software... stay tuned!"
"Isn't the whole point of friending people on Steam so that they can play games with you?"
The whole point of steam is a distribution platform. It has a defacto monopoly on computer gaming with some 3/4 of the entire market through the platform.
Sure, I play the occasional multiplayer game, but the other 80% of my behavior doesn't need to be publically broadcast against my will at all times.
It's ridiculous: I have to click "appear offline" then log into the Steam Chat website just to play a game and not have my steam account announce that to everyone I know. Sometimes you just don't want to push notify everyone you know about your every behavior.
Also -- why be friends on steam? "Dude you didn't friend me yet" "Dude i sent u my info a week ago" "Dude i thought you said you wanted to friend me" "Dude" "dude"
You have to friend people or they get offended. Social networks and psychology man. I just don't want a f'n social network in my video game launcher. Crazy. Not every single computer endpoint has to be a social network.
I guess I take partial solace in the fact that my number of hours played is almost always wildly inaccurate because I have a habit of (sometimes accidentally, sometimes intentionally) letting my PC sit idle for long stretches of time with a game still running. Steam doesn't track for activity within the game, just that it's open.
The joke is that Microsoft finally solved the perception problem around spyware by making the OS into one big bundle of spyware.
I still have a VM running Win7 that I use to run CNC software. Like any other software I don't trust, it isn't allowed talk to the net and any time it breaks I roll it back to a checkpoint and continue.
And that's all the Windows I need in my life. And now that Apple's laptops no longer appeal, the future, for me at least, is all about Linux and FreeBSD.
Your actual Windows work is run in AppVM's which are based on the template. Any changes in an AppVM is rolled back every time it's restarted (it's always based on the template), with the exception on the user's home directory.
For anyone that hasn't used Qubes OS, this is how you do most work in it, even for the Linux VM's, and I like how it allows you to be in better control of what is actually running on your system.
Using Qubes OS take a bit more effort, but once you get everything up and running the way you want it, you'll be asking yourself why not all operating systems do this.
My most painful hurdle will be passing PCIe through to the Win VM, as I do enjoy some CS:GO in my life.
I really like the idea of Qubes, but it just seems Not There Yet. Or at least, was when I last looked.
Anyway, I wouldn't recommend doing what I'm doing. My home environment is the result of many years of incremental change, benign neglect, not-so-benign neglect, quick duct-tape fixes and grandiose redesigns half-completed. Learn From My Mistakes.
I run two virtualization hosts - FreeBSD and Ubuntu[1]. FreeBSD runs my always-on VMs (DNS, DB, some apps, monitoring, etc.). The Ubuntu box is where I run the Windows VM I mentioned, and sometimes others, depending on what I'm working on.
Ubuntu/KVM is fine as a virtualization host. I'm less thrilled with Ubuntu overall; generally, I don't like some of the decisions they've made. Next rebuild I'll probably be back to vanilla Debian.
I wouldn't recommend FreeBSD/Bhyve to anyone who is not already conversant with FreeBSD. From the perspective of a user coming from Linux, the transition isn't bad, but if you're running VMs, you're at least a part-time sysadmin as well, and managing FreeBSD looks a fair bit different than Linux. Additionally, Bhyve is currently missing some features KVM/libvirt has. In particular, if you want VGA or USB passthrough, stick to Linux[2] for now.
This is all predicated on this being a workstation - if you're doing server virtualization, I really like Ovirt, which requires an RHEL-lineage host OS.
[1] The FreeBSD box used to be "just" a storage server, but has grown up a lot and last time I did a lot of work on it, I renamed it 'spof', as in 'single point of failure', in honor of the role it serves. The Ubuntu box is my desktop machine.
[2] Actually, unless you like the adventure, maybe wait a bit - there are patches soon to be merged that will make VGA-passthrough quite a bit easier than it is now. I had a terrible time getting it working and to a kinda-stable point.
(Note that Microsoft patched Win10-style telemetry into Win7 and 8 in 2016, so this is no longer the case. But it was when those OS's were current.)
Mobile operating systems are a completely different animal.
Like I said elsewhere in the thread, I expect Spotify to know I listened to "Bring Me to Life" by Evanescence when I streamed it via their program. That's perfectly fine. I don't expect MICROSOFT to know that.
Why do you think they do as it stands? Unless of course you use the media player from their store. iTunes has a nearly identical setup.
In general they're only collecting the outer edge of application usage. I hope people realize Apple effectively has the exact same data via their bundled store solution? The idea that MS is unique or even first here is wrong.
Note that Enhanced is the default today, but Full will be the default telemetry level in the update this thread is actually about.
Anyway, that was just an example illustrating the difference between an application talking back to its server to deliver core functionality and OS telemetry.
If the app developers elect to use testflight to manage crash reports (which they're suggested to do, and it's a good service for devs), then yeah, Apple owns that pipeline. So yeah, they do end up handling that data.
https://support.apple.com/en-us/HT202031
Again, I have no problem with telemetry being on by default, so long as the user is permitted to opt-out.
All of them should be held accountable.
This doesn't make any sense. There's nothing in Windows 10 that is a prerequisite for being a "gamer".
DX12 certainly isn't it.
https://en.wikipedia.org/wiki/List_of_games_with_DirectX_12_...
It's not a coincidence that most of the DX12 exclusives are published by MS. Also note, that none of those are particularly good games, albeit they probably do work okay in showcasing some of DX12's features.
Not only that, but I noticed you purchased a laptop, which makes even less sense, since the most graphically demanding games that require DX12 are unlikely to run at decent framerates on a laptop anyway, without spending $3000+ on it.
I would be very surprised if MS allowed users to disable the newly added Win7/8 telemetry, as they do not allow it on Win10.
What's with all these negative comments here? Does any other os give you so much information about what is going on behind the scene?
Ubuntu's Amazon integration was a failed experiment in an ecosystem with literally hundreds of other players to choose from while Microsoft's Windows telemetry is an inescapable dogma forced upon all Windows users.
At least on 16.04 gvfs-http would sometimes create hundreds of connections to the mothership even with all privacy settings maxed out.
It's very easy to see how they do product updates without them. Simply have the user do "software update ..." at his convenience.
What you meant to say is it's kind of hard to see how they FORCE product updates without them.
This results in users getting compromised... a lot... that's why pretty much every heavily used piece of consumer software now does automatic updates, from Apple, to Google to Microsoft.
Decrying automatic updates as "zero privacy" seems a bit daft in that context.
Translation: in our opinion, individuals don't need that much privacy. So we won't give them any.
https://www.gnu.org/philosophy/free-software-even-more-impor...
Excerpt: "With free software, the users control the program, both individually and collectively. So they control what their computers do (assuming those computers are loyal and do what the users' programs tell them to do).
With proprietary software, the program controls the users, and some other entity (the developer or “owner”) controls the program. So the proprietary program gives its developer power over its users. That is unjust in itself, and tempts the developer to mistreat the users in other ways."
So I would agree with Microsoft that the two have different needs: individuals require more control over what and how their personal and private data is harvested by Microsoft.
I acknowledge that this alone doesn't guarantee my privacy, but I refuse to make it easy for corporations to rifle through my personal documents and watch me like a hawk.
Aside from that, I object to having a "free" upgrade option shoved down my throat so often and aggressively that I've got to hack the registry to shut it up. It's clear that Microsoft still doesn't give a damn about what I want as a user.
And I'll continue using Linux. Redmond can double-down on their Orwellian fantasy while calling it the opposite, but in the long run it will cost them dearly.
It seems that the new Microsoft are now using the word "experience" for the same effect.
How about you take a page from your own book and go back to an O/S that strictly runs my programs and doesn't look for analytics in my computing habits? Honestly, taking payment for a product and still using the client as a product through gathering analytics is double-dipping. It's monetized twice over and provides no added value to the user.
https://modzero.github.io/fix-windows-privacy/