159 comments

[ 2.5 ms ] story [ 205 ms ] thread
If you think that’s creepy check out Microsoft Delve.
> your profile details including your email address and phone number, and a detailed analysis of what you were wearing on the call. (I may have made up that last one.)

I think it's annoying the author chose to throw in a joke about the very point he is trying to make - that what is tracked is excessive. Or maybe this is "whoosh" over my head and I missed the point.

I also didn't like it. Someone could easily overpass this statement and start a myth.
It is so tiring to be in an endless circle of people trying to find a new way to reach for more than they should and having to wait years for the common sense to become fact...

There really shouldn't be this much delay between tech advancing and legal frameworks figuring out how the old rights apply to our new environment.

I personally find Teams to be an abomination.

I asked my wife the other day, who isn't familiar with Slack or Teams, to look at the interfaces and tell me how to IM an individual. She glanced at Slack and pointed to the list of users. She looked at Teams and said "I have no idea".

Slack practically invites me to reach out to people. Teams OTOH makes me want to send an email. Now you can add this tracking to the list of things I detest about Teams.

Teams is Skype, but worse. Seriously, it's just reskinned Skype with bolt-ons.

You can see "skype" present in the address bar sometimes when you load Teams in a browser. The Teams desktop application (at least on Linux) has references to Skype as well.

Teams routinely uses between 200 and 500 MB of memory to run, which makes it the 2nd most memory-intensive program on my computer.

On top of that, it doesn't even work that well. The entire app is slow on mobile, compared with desktop/web where only some parts are slow. Feature parity across platforms is very poor. You can't even join audio calls in Firefox, let alone use video.

Some of the features that work well (searching for reaction GIFs) seem unnecessary, and it's almost insulting to see the amount of add-ins and superfluous crap that's available when the core of the program/service is so lacking in comparison.

The only positive thing I can say about Teams is that its integration with the rest of Microsoft's services is convenient. It's nice to be able to see my calendar in Teams without opening Outlook. Tools for scheduling/joining/managing meetings also work well. If coworkers share Microsoft documents in a Teams channel, clicking them will (sluggishly) open the document in Teams, ready for editing.

Outside of integration, the search function works passably, but is painfully slow. Group audio/video calls work fine too, but then again, they also worked fine back when the app was called Skype.

All of the things that work, however, are damaged by how lukewarm and _slow_ the overall experience is. Even features as basic as IM are half-baked. Not many messages fit on the screen at once, and scrolling up to see past messages is a nightmare, since messages lazy-load only when they are made visible, or the scroll bar will reset its position and snap back down to the bottom.

I read the article and the bullet-pointed list of data that Teams tracks doesn't seem like all that big of a deal to me. It makes sense that analytics would be running on everything you type into Teams. Always assume anything you use for work is wiretapped to hell and back, doubly so if Big Tech is involved. I am much more concerned about the fact that I don't even get a functional IM client out of the arrangement.

As someone who has worked on thirdparty clients for IM since the days of MSN Messenger (MSNP), the degradation is sad to see and extremely obvious.

The backend protocol that Teams uses is essentially MS-Skype (as opposed to the "OG Skype" binary P2P one), with some Teams-specific additions. Even the authentication token is called the "skypetoken". The only good thing about that is it should make a thirdparty Teams client relatively straightforward, given that things like https://github.com/EionRobb/skype4pidgin already exist.

All the users see and complain about is the horrid sluggishness, and Electron and the "webapp everything" craze is mostly responsible for that, but the backend protocol itself is also a bloated abomination.

A long time ago I wrote an MSNP client and used it right until MS finally shut down the servers a few years ago. It was a native Win32 application in a single binary <32KB and barely took any memory (at most a few MB). No audio or video, but IM and presence worked perfectly. Like HTTP, FTP, SMTP, and the other oldschool Internet protocols, MSNP is also a text-based protocol that runs directly over a socket. You could almost use it from a netcat if you really wanted to. It wasn't perfect but everything about it was in some ways sane. If I remember correctly, a single message would be a few dozen bytes of overhead.

The Teams/MS-Skype protocol is a stark contrast. It runs over HTTPS, which is an advantage in some ways with the current trend of stuffing other protocols over it, but it's not like they simply took MSNP and tunneled it over HTTPS, which would've been a far saner approach --- it's radically different and everything is far less efficient and more complex to handle as a result. JSON everywhere. Each message has several hundred bytes of overhead, and more like kilobytes if you count the HTTP layer and everything below it. Things are split between .skype.com and .messenger.live.com with no real consistency. Trying to get presence to actually work reliably has been a nightmare (the official client apparently has problems with that too...) I'm not surprised there's no official documentation on the API/protocol, because it's a bloody mess. As you may guess, I have been trying to write a native client for it.

Some of the features that work well (searching for reaction GIFs) seem unnecessary, and it's almost insulting to see the amount of add-ins and superfluous crap that's available when the core of the program/service is so lacking in comparison.

This may be a rather controversial point, but software quality overall seems to have taken a steep nosedive not long after the whole "everyone can code/diversity/inclusion" movement took off. Yes, apparently everyone can code --- just not very well. I think things like all this proliferation of mostly-useless features are a symptom of that. We are simply seeing the results of quantity over quality in an industry which has shifted to rewarding sheer participation and "disruptive change" over a carefully deliberated path to perfection.

> The only good thing about that is it should make a thirdparty Teams client relatively straightforward

Who can I throw money at to help make this happen? (Even one that only supported plain text chats and presence would be worth a lot, just so I don't have to have the whole beast running unless I'm actually in a video meeting)

> Teams is Skype

Teams uses (or at least used) Skype for business' core under the hood

And Skype for Business is actually their old Lync product and not related to Skype, the once famous VoIP startup.
Correct, they are hardly related although AFAIK some merging was done during the last years
Teams may be based on Skype tech under the hood, but the Skype desktop and mobile apps are garbage fires in comparison.

I regularly get messages come through to Skype mobile but not desktop even when I'm working on my desktop, the mobile app seems to need to crash and restart frequently, it's slow and unreliable responding to incoming calls which often get dropped, when they come to the app at all. Having said that now my organisation has decided to move decisively to teams, it's suddenly becoming unreliable. Maybe having trouble coping with increased usage. Maybe that was the problem with Skype too.

> "All of the things that work, however, are damaged by how lukewarm and _slow_ the overall experience is."

Oh pssht, humans can't notice a response time of less than 2 seconds. Plus performance doesn't matter at all because you can add it later if you need it, which you don't. Anyway, you can't say it's slow until you've measured it and you can't complain until you have a fix. Besides, it's more important that the code is readable because it will be read much more often than it will be written. And furthermore, if you re-run the same thing a few times to warm the JIT up, discount startup time, ignore input and output time and network lag because they are external to the system and only measure the core function runtime, you'll find it's ackshually really fast (if you buy new hardware which is ifine because +$2000 computer spend is cheaper than developer time). And does a few seconds really matter, what were you going to do with that 10 seconds of response time, read a book or something? Slow? What do you mean "slow", launch time, hover response, switching response, time to finish redrawing a page? There's many things happening and you can't complain unless you narrow down exactly which specific sub-millisecond behaviour is taking too long for you - none of them? thought not.

Stop questioning the dogma, hush.

Saying you and your wife find Slack superior is a bit lie preaching to the choir on these forums, no? Let me give a different anecdote.

When I open up teams, I have one account, I log in and have access to all other things in the account. Basic software behavior we're all used to.

When I open up Slack, it does or does not want me to login again based on if I've been on this server before. It may or may not want me to make a new account depending on if I've made one on this server before. I try all of my emails with all of my potential passwords to see if login works, if not new account time I guess?

Instead of Discord were you can see all of your servers, Slack separates this all out that makes the entire user experience (at least for me) completely abysmal.

Then don't even get me started with a lack of usernames and having intentionally hard-to-find ID. Again, why not do what Discord does and do Username#6789? Instead I have to search my friend 'John Doe' and hope it's the John I'm thinking of and not some random other John that I just invited to see all my business's internal discussions.

To sum up my 2 cents:

Teams is about the same as Zoom with some text-based chat functionality thrown in and some neat Outlook calendar integration.

Slack is just Discord that is way, way worse.

Comparing the two doesn't even make sense, but at least Teams does better in it's respective category.

that sound exactly the opposite of teams in my experience.

Slack I have one account and it logs in through SSO. sidebar, message window, thread. It seems pretty cohesive, and mostly customizable.

Teams I have the kitchen sink navigation experience, full of dark patterns and mediocrity.

One thing I will say for teams - since they were competing with other meeting software, they did add a good direct link from calendar to teams meeting.

So maybe Teams has a higher barrier of entry. I don't think that it's worse because of this particular reason.
I've never used Slack but the usability of Teams is awful. So much empty space, empty context menus, usually only one way to get anywhere. Notifications for a user can only be disabled by context menu, clicking away a notification doesn't mark the message as read, all settings are on a profile basis (no way to disable notifications for mobile only), there's no way to just stop Teams on mobile without having to sign out. The chat input editor is horrible when it comes to writing / pasting code.

Video chat and calendar integration work great, though.

Slack has it's benefits, but many of the complaints about Teams are because of its flexibility. For example the clutter of teams channels and chats can be simplified to Slack level if used with discipline (or maybe it's even configurable).

The way to IM individuals is cumbersome but consistent with other cumbersome Office products.

My biggest complaint is that the “teams” section is in a completely separate tab from the “chat” section. I find that companies tend to gravitate toward one of the two, because it’s impossible to keep switching.
It is more confusing than in Slack but Slack uses a different section as well.

I don't like how Slack keeps only a limited list of recent chats there, the hit-miss ratio for me is terrible and I usually need to re-search for the person I want to chat with.

Slack let’s you create your own sections. The default layout has channels on top and DMs on bottom, but you can put them anywhere.

And that kind of thing is my run with Slack. It has answers for many UX complaints, but they are buried in settings somewhere or behind a paywall.

If your company does this, you just have to give up on clearing the notification badge. You'd have to click on each individual "team" and then hover over each team's new message long enough that Teams is convinced you've read it. There might be a "mark all as read" button somewhere but Microsoft certainly doesn't make it easy to find.
> She glanced at Slack and pointed to the list of users.

While I also hate the team UX, at least to me it looks pretty similar to Slack in the standard view. On my left when I start up is a list of all users. If I click one I have an IM session with that user.

There are some other "views" in Teams (Teams view, Activities view, ...) were you in one of those?

I remember when I first started working and was surprised to learn that email admins could and would read email. When I asked HR for their policy on this they said they had none and the company can do anything they want with employee activity. This was the 90s and was true then as it is now.

Same for the MITM ssl proxy stuff.

This has always been legal and recorded, Microsoft just makes it easier. And I think maybe even better since at least the information is audited and not available to any random sysadmin.

This just makes me choose my employers more carefully as while they certainly have this data to abuse, fortunately few do not.

The risk of a micromanager misusing the information mentioned in this article isn’t one of privacy, but one of being a crappy manager. If someone ever remarked on the amount of screen sharing I did or did not use as if that metric mattered, it would just help me not work for them.

If someone is forced to work for someone, it’s extremely easy to game this metric and maintain privacy.

I learned decades ago to assume everything on company property is recorded and stored for ever. That’s why I have personal property that the company isn’t able to access so I can conduct personal activities with some level of privacy.

> Same for the MITM ssl proxy stuff.

If I logon to my personal banking website while at work, and my employer MITM's that connection to snoop, have they genuinely not broken any law?

It depends on which country you're in.
I'm sure somewhere in the many legal documents you signed to start the job (given to you after you've already resigned from your previous job, of course) you give them the right to do so.
The law is the law: You cannot contract with another party to "allow" either one of you to break the law.
If you're doing it on a company machine, haven't you implicitly given you permission to see that data?

You don't have privacy on company equipment.

"You don't have privacy on company equipment." is true (AFAIK) in USA, but false in a number of other countries e.g. Germany; so this depends on where you live/work.

In general, in Europe you can't contract away most of your privacy rights, so it's not even worth looking at your job contract because you signing "I allow the company to do X" does not necessarily mean that the company is allowed to do X.

Sadly, not in the states I’ve worked. There’s a login banner on work machines letting them see everything.

Fortunately, my org doesn’t actually mitm bank sites.

I tried looking for cases where this was tried and haven’t found any. I would like to see this prosecuted as it seems wrong.

I've often wondered the same thing, but about personal health information and educational information (HIPPA, FERPA). If you intercept that data and store it, transmit it or even just allow real time access to it are you suddenly on the hook for all that those laws require?
I confirmed that at a company town hall once and I asked if that makes that system a hack target. The CISO didn’t seem to understand the vulnerability, as if it were inconceivable that their infrastructure would be targeted to take advantage of their position as mitm.
Obviously it depends on what country you are in, but in a few examples I know of it is perfectly legal for them to do that.

You don't want to be tracked ? use you own device and network.

> That’s why I have personal property that the company isn’t able to access so I can conduct personal activities with some level of privacy.

The problem right now is: due to Work from home, you basically have blurred the lines between the digital company and private assets. Either you have a company device; or even a personal device running this software in your private networks doing and telemetering you don’t know what.

This especially bad for the folks who aren’t able to properly put those devices in a separate subnet and protect themselves.

Or you have both. For example, I have work equipment and personal equipment on my same home desk.

My home network blocks a lot of traffic, but I’d be really surprised if my personal device provided any telemetry to work.

> "due to Work from home, you basically have blurred the lines between the digital company and private assets"

I have a separate work computer and home computer on my desk; the work computer is on a guest wi-fi network and cannot see local traffic. A decent wi-fi router with guest network capabilities is a trivial expense these days.

We just RDP into our in-office machines when we work from home.
From your personal machine? Do you ever check your email via a web interface on your own box? write a quick textfile or document? Log into a web app?

It's really easy to let your work bleed into your personal machine...

Sure, but the threat level of occasionally writing some notes on a personal box is nowhere near what it would be if I was writing code or connecting to production environments from it.
Second laptop. I know it's expensive, but if your working from home, don't do it from your own computer. do it from a computer work provides. Or at least, create a second account called work and do everything from that. Also make the theme, colors and everything you can different so there's a context shift between the two activities.
Same setup, except three laptops: personal, company-provided, client/project-provided.

You would think it would be unmanageable and you'd be right we're it not for Synergy (https://symless.com/synergy). I've got two laptops docked and connected to external monitors. Synergy lets me use just one keyboard and mouse for all three at the same time. Makes it feel like they're just three adjacent screens on one PC. But because they're not I can maintain strict separation between personal and work, and between internal/corporate and client data.

Then, like others have said, I have a fair amount of filtering on the network level.

I’ve thought about this but I assumed it would be too hard to get Synergy installed on employer or client-provided computers. It sounds like you’ve used this setup with multiple clients – is it normal in your field of work to get local admin rights on corporate devices?
https://answers.microsoft.com/en-us/windows/forum/windows_10...

Why not use the First party equivalent? Microsoft's Mouse Without Borders claims to do exactly this.

Because my personal machine runs Linux, my corporate machine runs macOS, and my client machine runs Windows.

If they were all Windows this might be nice as it claims to support some edge cases Synergy doesn't (primarily logon/UAC).

It's not ideal, but you can run the Synergy client executable (synergyc.exe) without admin rights. You lose the conveniences of having it auto-start and using the GUI configuration, but you still get all the functionality. You also can't use the installer, but you can just copy the Synergy directory from a working machine. You also need a MS C++ runtime DLL, but you can copy that too. I'm not in front of my computer at the moment. I'll edit/reply to this comment with details

For example, on my client/project-specific machine (where I don't have admin rights), I have a batch file (start-synergy.bat) that lives on my desktop with:

  C:\Users\jdbernard\Synergy-1.12.0\synergyc.exe -name client-pc 192.168.1.120
I imagine if the work laptop is 24/7 connected to a VPN, then this tool doesn't work.
Depends on the network filtering done by the company.

I have my router setup with port-forwarding for the Synergy protocol. Combined with stable IP addresses internally on my network and dynamic DNS pointing to my home network, I am able to use this tool even when the client machine is on VPN.

Of course, it's important to realize that by doing this you are sending keystrokes across the internet, so it's important to enable the option in Synergy to encrypt the traffic.

We all know Synergy and for basic setups it gets the job done. I paid for the v2 Pro license to support them and will keep doing so.

I have moved over though to using Barrier, a synergy-core fork. You get ssl crypto for free, and it fixes some simple but long standing bugs that really annoyed me. Have only used on Mac + Linux for now.

https://github.com/debauchee/barrier

Good advise - I know people who got fired because all of a sudden during a zoom session on their personal device some content showed up that would not have been on a work computer.
This won't work at most companies of any size, because you need to use a VPN, and the VPN client enforces policies - checking you are using a company machine, that you have their AV installed and updated, that you have their DLP (Data Loss Prevention) installed, that you have their endpoint protection system installed...
But that's a good strategy regardless of Corona, you don't want you kid to download stuff into your work environment or watch NSFW stuff on a work related computer.
I am using a second account, configured differently, like you recommend, as this is the simplest solution.

For even better isolation, a virtual machine could be used, instead of a second computer.

> your working from home, don't do it from your own computer. do it from a computer work provides

Wait, is this something that needs even saying?! Are people relly BYODing personal laptops too? Why? It would not even cross my mind to use personal computer to touch work stuff with ten foot pole.

I wish there was a better solution to this. I tried creating a VM and joining that to the work "services" but HyperV, VirtualBox, etc. all add an audio delay making Teams unusable.

Also tried Barrier and dedicating one monitor to work, but I still can't share/mix the audio so have 2 separate headsets.

I know ideally I'd just use the work computer all the time when "working", but they're VPN-ing all traffic and I occasionally need to read a private email, or do some browsing and would prefer they don't see that traffic.

So my plan for the audio problem is to use a set of raspberry pis with USB-gadget stuff enabled to be a webcam & soundcard then running them as a usb device. The webcam is going to be an RTSP feed (with the microphone audio) from the main system to push it through and pulseaudios network side of things to do speaker\headphone out.

it's a bit complex for what i need but it should work well.

> I occasionally need to read a private email, or do some browsing and would prefer they don't see that traffic.

Low friction answer to that is a personal smartphone. Bonus points because it works in the office too!

You could buy a small desktop mixer with two sends, so you could connect a microphone to it and choose which computer it will send voice to and also mix sound from both computers.
> separate subnet

Why ? theoretically you have a point, but practically which company would spy on your network ? I totally understand, and agree to some degree, a company protecting its assets and tracking what their employees are doing but it's not the same as putting a general spyware.

It’s not about that I don’t trust my company. I just don’t necessarily trust the software I need to use for a job.

For example if it has some device management software, or some VPN clients or whatnot installed, this increases the attack surface.

Also „leipert“-private might be boring for targeted attacks. But „leipert“-corporate might be interesting, if someone owns my private network OR my work computer, it might have an impact on the other.

>it’s extremely easy to game this metric.

This reminds me how companies used to rate the performance of programmers based on how many lines of code they produced and why so many companies eventually abandoned this model. All it did was incentivize programmers to quickly hammer out superfluous, inefficient, bug ridden code that would just bite them in the ass later rather than concentrating on writing quality code. I think that's all that would end up happening with MS Teams tracking. Once employees figure out the game, they're just going to spend as much time as they can chatting, posting messages and scheduling pointless meetings rather than doing actual work.

> This just makes me choose my employers more carefully as while they certainly have this data to abuse, fortunately few do not.

I think the issue with this approach, which is one that I completely agree with, applaud, and also adhere to is that many people are not as fortunate to be in such a position to turn down employment opportunities.

Those are the people who need protection from "features" such as these, because those are the people who's employers WILL take advantage of them using features.

Here's an example: "'I monitor my staff with software that takes screenshots'" https://www.bbc.com/news/business-54289152

AFAIK legislators in most countries do not agree that this protection is needed.

Employers are not allowed to track you in your private time, in the toilets or putting a camera under you chair, but it is perfectly fine to track your usage of the company's resources and adherence to regulations.

We software engineers are a spoiled kind of employee, but in most traditional work places your time and actions are tracked

Admins that read their users email without express instruction from management to dig up and review a particular email should be fired.
Does it tell them home many times it goes active to away? :)
When I've used Teams it took 15 minutes to start. This ended up with an error that it could not find my home SMB mount while in the office (I guess it retried a few times before giving up). So you can add 'crawling network mounts' to the list of unpleasant things that Teams does.
This is not a constructive comment, but I just found it amazing that this entry was right below the one about a GDPR fine to a company for violations of employee privacy: https://news.ycombinator.com/item?id=25813559

Sometimes it seems like coincidence wants to tell us something through the main page!

> For example, does Teams really record the actual messages a user posts in a Teams chat?

I’m confused with this question. Why wouldn’t it? It’s not like Teams has (or will have) any kind of end-to-end encryption in place. Teams is a sluggish and monstrous replacement for chat that stores all messages (on Microsoft’s servers if the organization uses Office 365) to synchronize views across devices. The easiest way to achieve such synchronization with history is to store everything on the servers. That also has the potential to make searching faster (though such a potential is squandered in Teams, in my experience).

> The Microsoft spokesperson continued: "We also believe that privacy is a human right, and we're deeply committed to the privacy of every person who uses our products. Only the global administrator has rights to the analytics and reporting experience, which provides insights into the ways in which the organization is using Microsoft Teams, not the message content itself."

IMO, this part is perfect wording in legalese. It doesn’t say that the global administrator does not have access to the message content. It says that the analytics and reporting experience (which the global administrator has access to) provides insight into how Teams is used and that this experience does not provide the message content. There must be another “experience” mode that provides access to all message content from every user in the organization’s scope. After all, every organization has its users emails available to it at any point in time in plain text form (unless the user has encrypted them with specific keys unknown to the organization). Why should chat be considered more private?

Teams provides minimum viable EDiscovery unless you buy a separate service. Good luck reconstructing conversations without it!
Thanks. I didn’t know that. Wouldn’t larger organizations (if not medium sized ones or small ones) want to have that service anyway?
It's funny because you were talking like you knew it all, then someone with real world knowledge of Teams gave you info invalidating the key point of your argument and you just shrug it off with more assumptions.

It's the entire Hacker News culture completely and wholly represented in three succinct comments.

You must be fun at parties.
Depends on upstream regulations and other factors. Financial services have a lot of need in this space, for example.

Otherwise it’s a risk consideration like anything else... is the benefit of “knowing” what’s going on more than the liability? Usually managers in bureaucratic institutions want to know as much as they need to, but no more.

It’s also expensive and not worth it unless you’re bundling it in with M365 E1000

> Teams is a sluggish and monstrous replacement for chat...

The perfect way to summarize the situation no matter what problem you're talking about.

Teams has a feature of sending questions anonymously. I have always been wondering whether the admin or the OP can see who sent questions.
> It doesn’t say that the global administrator does not have access to the message content.

Slack also allows administrators to view deleted content, etc.

Slack used to let users see who those admins were in certain places; if that's still true, then finding out who those people are may give insight into who has the ultimate form of political power.

In my experience, Teams, even with the official Linux app (Electron-based) simply doesn't work on Linux, just like Skype for Enterprise didn't work before. Had an appointment the other week with a customer, and had to resort to dial-in with audio-only. I guess you need a corporate account or something, but Teams wouldn't say. When I wanted to start a video call, an error message would flash up briefly, like 100ms, so you can't read it - typically MS, I thought, shrugged, and deinstalled the app, for it to be never installed again. That was for a .deb-based package; a snap wouldn't even install. Regular Skype, OTOH, has worked for like 15 years.
On Mint 20.1, both Teams app and webapp works. Might be dependent on distro/versions. It's still slow and bloated, so I quit it at EOD.
On latest Ubuntu it is unusable. Consistently takes over 50% CPU and makes everything slow.
On Fedora 31/32 was working fine (with corporate account). After the call was over ctrl+q wouldn't stop it from running, therefore I'd completely remove it with

  pkill teams
IME Teams on Linux will occasionally completely freeze the entire OS on startup. Sometimes it recovers after 15 mins or so, sometimes it needs the machine to be physically powered off / on to recover.
If that can happen it's clearly an OS bug. Maybe something like an unstable driver?
I had to close the tab at "We also believe that privacy is a human right, and we're deeply committed to the privacy of every person who uses our products". This is a blatant lie.
> "Teams could soon be a digital platform as important as the internet browser." - Satya Nadella

Every person reading this should be scared, because he's not wrong. Ever since the pandemic started, 90% of our B2B SaaS platform customers (current and prospects) have asked "do you have a Teams app". Its sudden; it was not like this a year ago. Its an "end the conversation" question for maybe half of them, similar to how not having SSO was/is an "end the conversation" issue in B2B.

Thankfully, Satya is only right in the domain of B2B. The web browser is critical software for any use-case, B2C and B2B; Teams will probably never breach B2C in a meaningful way.

Worth saying, developing apps for Teams is quite literally the most garbage-filled process we've ever been through. We've dealt with Google Play and Android, we've dealt with Apple and iOS; this is not an overstatement, Teams is a magnitude worse than both of those combined. At their core, most apps are just iframes for a website. But their reviewers actually give a shit about how your website looks. But, they give a shit in the typical Microsoft phone-it-in inconsistent half-assed way. It took us four months to get our app approved, and we're an official "Teams Partner" (whateverthehell that's worth, it means you get a contact at Microsoft who rotates every three weeks and is woefully undertrained and only capable of giving abstract, vague advice on getting through reviews). This wasn't "pandemic four months", this was "dozens of back and forths with a brick wall". We'd submit the package, they'd complain about a dozen things, we'd invest dozens of person-hours fixing half of them, dispute the other half, they'd cave, then come back with a half-dozen totally new things. Repeat. For. Four. Months. We'd model user experiences after their own apps; nope, against design guidelines. We'd build one Teams SSO flow; they'd deprecate the library. We'd make a change; their guidelines would change. It doesn't help that 80% of the devops tech they use to "help" with Teams app dev (App Studio being the big one) literally doesn't work. The VSCode plugin breaks all the time. The quality of the entire ecosystem is bad even by Microsoft standards, which are already so low they could win an olympic limbo tournament.

We finally made it through, and two of the primary engineers on the project put in their two weeks. I laughed and wished them well, and then I realized that this 1:1 with my boss that just popped up is likely him passing ownership of the project to me. At which point, I will also put in my two weeks. We have 11 engineers total; Teams single-handedly killed a quarter of our product development team. If you're ever asked to work on Teams; RUN (if you can). If you're ever asked to use Teams; RUN (if you can). It is deeply cursed; it is fundamentally, to its core, anti-user, anti-developer, and only benefits Microsoft and the so-called "Global AD Administrators". If Teams had existed in 1949, there'd be a page in the Geneva Conventions categorizing it as a Weapon of Mass Destruction and banning its use during wartime.

Good intel. They've been throwing throwing in Teams as a free service and building a massive enterprise moat that will be impossible to disrupt. Slack, which started out with a NY Times full page advert welcoming Microsoft Teams, ran to Salesforce unable to compete.

Imagine Microsoft being able to connect your Teams activity, Edge browser activity and Windows 10 usage to your linkedin profile, github profile (all owned MSFT properties) using a singular Microsoft account, within an enterprise. Microsoft, as a corporation, will have the ability to see the inner workings of a company and build an inter-enterprise social graph.

A very ripe target for NSA fusion technology.

The only reason I'm not bullish on Microsoft is because I don't know where else they can expand to. Teams is growing in Microsoft shops. There are a LOT of these; if these shops had real-time chat, it took the form of either something like Skype (useless) or a half-dozen siloed Slack servers started by employees (no company-wide benefit). So, they add on Teams; usually its already in the plan they're paying for. Suddenly they realize how alluring real-time chat can be. I'm not convinced its actually more productive for what people use it for, but that's irrelevant to real-time chat's ability to fool you (and the administrators) into thinking its increasing productivity, and that's all that matters for usage.

But how does Microsoft reap that into something meaningful? They're not monetizing the app store (that I've seen); they're not monetizing the entire product; maybe it increases lockin, but most of these companies are so lockedin anyway they were never leaving. The argument for data sharing is interesting, but: I hate Microsoft with a feverish passion, and even I'll admit that if they were sharing/correlating significant employee data beyond the firewall of some AD/Teams/whatever instance, they'd have a lot of very angry customers on their hands. I don't see them doing that.

I'm biased, but I'm still bearish on them just because their reliable revenue centers are becoming less and less diversified. Yeah, Azure/365. What else do they have? Windows is more and more irrelevant. Browser; lost the war. Github; an expensive side-business. Xbox; a billion dollar money pit with their leaders at the top praying for Halo Infinite. Consumer hardware; nothing. Linkedin; its like Facebook, everyone hates it but everyone has one. If all of their revenue growth is in Cloud, that's still a ton of growth to reap, but I'm not sure it justifies a valuation previously assigned to the 2000s-era multi-disciplinary conglomerate Microsoft was. Amazon is fully capable of (at least) keeping pace with Azure's growth here, and they're also the biggest retailer on the planet with an unassailable operations network. I think, over the next five years, it'll be increasingly "weird" how those two companies are priced so similarly.

> "Yeah, Azure/365. What else do they have? Windows is more and more irrelevant. Browser; lost the war. Github; an expensive side-business. Xbox; a billion dollar money pit with their leaders at the top praying for Halo Infinite. Consumer hardware; nothing."

I started to copy chunks out of their 2020 Q1 and 2020 Q4 earnings reports, but there's too much. If you genuinely think their revenue was significantly from Internet Explorer, that nobody really uses GitHub, that Azure is a few virtual machines, and they have nothing else - you should skim read them[1][2]. Here are some excerpts:

"record Xbox Live monthly active users, console, mobile and PC. Ten years in, Minecraft is stronger than ever, with record revenue and usage". Money pit? Cash cow.

"GitHub has grown, up more than 30 percent since our acquisition a year ago. And more than 2 million organizations use GitHub" in Q1 followed by "3 million organizations using GitHub" by Q4. "The state of California is using GitHub and Azure DevOps to power 90 percent of its digital COVID-19 response infrastructure. All 5,000 engineers at Autodesk rely on GitHub to break down silos across the organization. And, at Etsy, developers are using GitHub to deploy to production more than 50 times per day", "At Ford Motor Company alone, 8,000 employees use GitHub". An "expensive side project" giving them huge growth and a foot-in, or extended lock-in, at a ton of companies.

"Azure Active Directory Premium, used by more than 100,000 organizations" in Q1 followed by "used by 200,000 organizations" by Q4.

"partnership with SAP, making Azure the preferred destination for every SAP customer." (SAP is a huge enterprise company and has 400k business customers).

"LinkedIn revenue increased 25 percent" in Q1, and by Q4 "Content shared was up nearly 50 percent year over year, and LinkedIn Live streams were up 89 percent since March. Professionals watched nearly four times the amount of LinkedIn Learning content in June than they did a year ago".

"sixty-nine organizations now have more than 100,000 users of Teams, and over 1800 organizations have more than ten thousand users of Teams."

"Power Platform already has more than 2.5 million monthly active citizen developers."; "Power Apps monthly active users increased 170 percent year over year."

"OEM Pro revenue grew 19 percent, ahead of the commercial PC market, driven by strong Windows 10 demand", "on-premises server business grew 12 percent".

"96 percent of the Fortune 500 now use Power BI to find insights in their data." up from 84% in Q1.

"our commercial cloud, which surpassed $50 billion in revenue for the first time – up 36 percent year over year"

"In June alone, 13.5 billion transactions were processed in Azure Cognitive Services. 2.5 billion messages sent. 9 million hours of speech transcribed"

"material growth in the number of $10 million plus Azure contracts" in both Q1 and Q4.

In Q4 "Commercial cloud revenue grew 30 percent. Office 365 commercial revenue grew 19 percent. LinkedIn revenue increased 10 percent. In Surface, revenue grew 28 percent. In Windows, overall OEM revenue grew 7 percent. Windows Commercial products and cloud services revenue grew 9 percent. Azure revenue grew 47 percent. Per-user business, growth continued to moderate given the size of our enterprise mobility installed base, which grew 26 percent to over 147 million seats. In Gaming, revenue increased 64 percent."

[1] https://vi...

> Ever since the pandemic started, 90% of our B2B SaaS platform customers (current and prospects) have asked "do you have a Teams app". Its sudden; it was not like this a year ago.

Interesting, because even though as a company we use teams, it's literally just a chat app for us. Most departments don't even use the "teams" part, all conversations happen 1:1 or in meetings.

I work in the IT dept, so technically we should be at the forefront of this, and yet I'm only in 2 channels and they're both silent 360 days a year. every couple months someone will ask a question in one, no one will answer and that it's until the next time.

Out of curiosity, why were you involved in that development if Teams is so bad? I mean I'd rather wouldn't like to associate my company with such garbage. Just good old money reasons?
Customers want it, so we build it. Its mostly that simple.

I respect any company that runs itself with that attitude. That doesn't necessarily mean that I want to spend my days working on it.

Fair enough, probably only way I could even consider it, is when customer wanted it - but I wouldn't advertise that...
So if your work can be surmised by your activity on teams then sure teams provides those metrics too your boss. If your work and your teams usage are not closely correlated then it does not.

Tbh this is not that concerning. Teams is a desktop application it could report computer usage by the minute. It could send a list of applications you use and how much, and probably your browser history (unless that's encrypted). Etc. It could be a lot worse.

It could also take a picture every minute and record your microphone, then have running captioning on it and stream whatever has been said in the vicinity.
Microsoft already try to collect your browser history in several places, if you don't turn it off.

In the Windows 10 setup screen, this dialog[1] includes "Use page prediction [...] your browsing data will be sent to Microsoft".

In Windows 10 settings, look for "Activity History" setting, "by sending Microsoft your activity history, including info about websites you browse". This is for y

In "Diagnostics & Feedback" settings, "optional diagnostic data: Send info about websites you browse".

"Improve inking and typing" - send optional inking and typing diagnostic data. Not sure how much typing data that covers.

In the Microsoft Edge browser settings (new Edge/Chromium), "Microsoft Defender SmartScreen - Help protect me from malicious sites and downloads with Microsoft Defender SmartScreen." which could be done with a local database like Chrome does, but I don't think it is, e.g. this website[2] says "The SmartScreen filter works by checking each website you visit and each file you try to download and run. It sends some quick information about them to Microsoft’s Windows Defender SmartScreen servers."

Navigation helpers: "if a website can't be found, the web address will be sent to Microsoft to try to find the correct site." setting catches typos and unavailable LAN servers, and "Show me search and site suggestions using my typed characters" catches your keystrokes in the address bar looking for internal servers and sends them to Bing.

If you sign-in to Edge to sync passwords and favourites between different devices, that includes "other browsing data". [3]

Opt-in part of the Edge Family Features, "Activity reports - See what websites your kids are visiting"

And of course if you signed into Windows with a Microsoft Account to sync your profile to Microsoft, that includes[4] Internet Explorer browsing history, typed URLs, favourites and Edge favourites, typed URLs, reading list.

> "Teams is a desktop application it could report computer usage by the minute. It could send a list of applications you use and how much"

"Optional diagnostic data" in Windows 10 settings already covers "how you use apps and features, plus additional info about device activity".

[1] https://images.techhive.com/images/article/2017/01/express-s...

[2] https://www.digitalcitizen.life/what-smartscreen-filter-how-...

[3] https://support.microsoft.com/en-us/microsoft-edge/sign-in-t...

[4]

I really think, companies should actively inform their team leaders that metrics and scores are not an adequate measure for performance. E.g., a person may have great scores, but is in actuality just micro-managing their incompetence at the cost of everyone else's performance. Metrics may indicate a certain behavior, or they may hint at the opposite, or they may be even somewhat random, as they record just a certain slice of activity, which may or may not be representative and may be of more or less significance to an individual's total work process. Performance is still best judged by performance, that is, output and resource management and, maybe, how much and what kind of irritation a person causes in the given organisation. (Mind that there may be something like positive irritation, as well.) In the light of this, these questionable products are actually quack. (Sorry to have to say so.)
If they hired team managers that use those metrics, do you think that their peers would know this is a bad practice? It seems like this problem widespread and nobody wants to say "we don't need this data", so yes this should come from the top. However, I fear that if a company starts to suffer, the shareholders would want to know answers and data. Would any exec have dared to say "sorry we don't have any metrics about individual employee performance"?
The problem is: It's not a viable metric in any way, meaning, it's not a metric at all. It's just another incentive for some "alternate reality".
I can't believe how aggressive Teams is at inserting itself in my login items (on a Mac).

At first, I thought it just happened when I installed the application. But nope — any time I open Teams, it will re-insert itself in my list of login items. This happens no matter how many times I have manually removed it.

I think it even happens more than once per launch because I recently launched it to join a call and then immediately removed it from my login items before the call even started. But after the call, there it was again in my login items.

I have never seen an application behave this way that was not widely considered to be malware.

What is a "login item"? Sorry, I dont know about Macs
The login items are applications that open automatically when the computer is started (like the startup folder on Windows).
It seems to do the equivalent of this on my ubuntu machine too.
Oh my, makes me glad I only used it in the browser so far. That kind of nuisance makes me glad VMs and containers exist.

Maybe it's possible to restrict its access via flatpak or Snap? I have a messenger via flatpak that can't access anything outside the home/Downloads folder, but I can't say whether that restriction applies to other apps as well.

(comment deleted)
I responded in more detail elsewhere because I hadn't seen your comment yet, but you're not imagining things.
apps in windows are, and have always been, more like this than mac apps. it seems like the worst offenders on mac are ports from / native residents of windows. steam does this, for example. it drives me BONKERS. at least on Mac it's kind of rare. on windows, i swear to god every single thing you install does this. razer mouse? better run at startup! weird USB peripheral you use once in a blue moon? better run at startup!
Honestly I’m surprised that Apple doesn’t block applications from inserting themselves into a user’s login items after the user has manually removed it. Or maybe only let the application do it by asking the use (and requiring one of the answers to be “no, and never ask again”.
I know, this is a crazy design to start an app during startup. They better get user’s consent before user installs the app and provide an option to disable start on startup (login).
I feel like steam is a good citizen in this regard. I had no problem with it starting at startup/login after I asked it not to do that.
i thought so too, but for some reason on my macbook air it keeps starting at login lol. i wouldn't be surprised if it's PEBKAC, honestly...
This is an abject failure of OS design. If an app is allowed by the OS to insert itself in the startup list without explicit user consent first an foremost I blame the operating system. You can’t trust every app and every developer out there. I would love if there would be a Linux distro out there that would adopt some of the principles and values embodied in iOS, without the draconian Apple walled garden.
Get Sysinternals' Autoruns and simply just run it on a Windows system. There are so many ways executable code can run automatically without you knowing.
Eh, I don't know if you can exclusively blame Apple for this one. I've observed the same behavior in the MATE environmment, both on Fedora and Pop! OS. I'd install Teams, it would autostart on login, I'd remove it from my list of startup items, then the very next time I fired up Teams it would reinsert itself. The only way to disable it was inside Teams' own preference dialog, which I found to be an extremely tone-deaf mechanic.
That's odd: I've recently switched macs, and nor on the old, nor on the new one was Teams added to the Login items; only OneDrive did that.

So I had a vague memory: go to your account icon > Settings > Auto-start application, and uncheck it.

Unfortunately this ability is only afforded to people who have accounts (I only use Teams when invited to someone else's meeting).

How silly that people who don't have accounts — because they use Teams infrequently — are subjected to the spammiest behavior.

That's bad design, indeed.
Why, they don’t need to advertise to the people who already have the product!
This is why I never run the desktop version of Teams, only the phone app. (The phone app is total shit, and loses all the distinctive and useful functionality of Teams, but I don't care.)
At least it is relatively easy to close it, Skype was almost impossible to close in a normal way
I think I ran into this when I first used it, and tried disabling it, but then I just uninstalled it and exclusively use the browser version.

I can't recall exactly what I did, it was a while back.

I think one way to combat things like this is to find the launch file disable it and make it unwritable.

   chflags +simmutable <launchfile>
Other possibilities are: zero out files and make them immutable, or make the directory for updaters unreadable.
> but then I just uninstalled it and exclusively use the browser version.

I had a couple of interviews with a bank and they wanted me to use Teams. I fell through the trap of installing it. Then (by default) plugged itself on my start-up list. "Join by browser" is the best option.

As or the tool, I use from SysInternals the Autoruns.exe. I love this toolkit (for a couple of decades now), I always suggest people to download the SysInternals Suite, cool small exe tools.

Edit: adding the download site: https://docs.microsoft.com/en-us/sysinternals/downloads/sysi...

I did another variation of this for the Chrome updater. I deleted its plist files in ~/Library/LaunchAgents and created the directories with the same names so it can't easily overwrite them.

Honestly, it's frustrating that installing a daemon doesn't require user consent. Apple doesn't have their priorities right — instead of this legitimately useful feature, they added these annoying runtime permissions for the subdirectories in your home directory.

I think this is also partially on apple they did deprecate the existing start on login API, and I could get the new API working.
Random idea:

I like the idea of running apps in their own sandbox, eg using docker container to run an instance.

For macOS, maybe second desktop login just for Teams and then use quick user switching.

Kludge, not a fix.

Working remotely, my SO has to agitate the mouse, like a dead person's switch, to prevent screensaver / lock screen, and to signal to micromanaging PHB continuous attention. Separate user login wouldn't help with that.

Check out Cisco WebEx sometime if you want to see how bad it can get. It is not possible to quit the app, it will re-open itself automatically and stick in your dock + app switcher. Nothing in Login Items and no setting to disable this. I found the LaunchDaemon doing this and deleted it, and it figured out and refused to work when launched manually.
> …any time I open Teams, it will re-insert itself in my list of login items. This happens no matter how many times I have manually removed it.

In your Teams profile settings, have you also unchecked Settings > General > Auto-start application?

(I'm not saying that Teams shouldn't use "Login Items" as the source of truth on this, just that Microsoft provides its own setting for this.)

What always surprises me is the fear about a company having tools to track you. Yes, there are tools, and yes you can be tracked at your workplace. The bigger question is whether your employer really uses this data to judge your contributions, or there are effective review processes where your work can be evaluated rightfully.
It's not fear. It's disgust.
Is this actually that different than the things Slack tracks? I guess a bit more explicitly open about them, but all of the message productivity pieces are achievable in Slack.
The other day I found Boxcryptor for Teams[1] which seemed like a useful tool, if the company can be convinced to use it. At least it feels like an option for a privacy concerned organisation, which somehow ended up in the Microsoft 365 ecosystem.

[1] https://www.boxcryptor.com/en/microsoft-teams/

Anyone experience on HN with Boxcryptor? Would like to hear why you chose it? How easy it is to deploy, maintain & upgrade? And how the user acceptances/usability is?
I guess this is one of the few times its beneficial to work for a German-based company with a strong workers council. Even though I'm in the US and work for the US-legal entity, because IT is managed in Germany they refuse to allow local management to access any worker tracking. Even SLAs cannot be attached to individual users, only to departments.
Our company set message retention on Teams to 4 days, citing the GDPR as the reason :S

So many people now avoid it. When I read this I guess it may have been a good decision, apart from the fact that people move to uncontrolled platform like Slack and WhatsApp.

Our laws do protect us somewhat from all this "innovation" coming in from the US, just now a company had to pay 10.4 million euros for putting cams on employees[0].

Also, most of WhatsApp's plans are not allowed here.

[0]: https://lfd.niedersachsen.de/startseite/infothek/presseinfor...

The thing I hate the most about Teams is how it shows you as idle within what seems like 30 seconds vs only going idle once your machine starts to sleep. There’s no way to configure this as an end user. I really started hating Teams with a passion after that. MS is losing the goodwill from Nadella rise to the CEO seat
I use ziggle mouse to keep my active status
That is going to hurt people who work at large corporations, who try to do good job and who have unusual work patterns.

Now the moment your usage patterns don't conform you are going to get flagged and potentially punished for it.

IMHO Teams isn't as good as they make out. Firstly, you have the constant stream of 'Are you there?' popups which kick you out of calls, alongside the blocking modals which stop you from editing documents. Moreover, the UI is a slow mess.

I guess the most attractive point for employers is that this is free for 0365 consumers, but O365 isn't that good either IMHO.

> Firstly, you have the constant stream of 'Are you there?' popups which kick you out of calls

What are those? I have never seen or heard about those.

They're prompts you get when you have three Teams tabs open at the same time. When you click them, it refreshes the current tab. Kicked me out of calls a couple of times.
What are "Teams tabs"? Are you using some kind of browser based version of Teams?
Teams is a menace, just like IE 6.0 was. Apart from being essentially a spyware it is also chewing resources like an old locomotive, at least on Linux. It's interesting that they put so much focus on tracking, but actual usability is in dire straits. They even dared to push this crap in my Windows machine without my consent. I think the problem is that such tracking of employees is largely unregulated, so greedy execs are milking the situation while they can to stroke their egos and count those beans. Unfortunately it seems like the unions or even workers themselves are not so concerned about this. When I told my colleagues about it, they said "so what, we are tracked everywhere anyway".