Ask HN: Are privacy concerns around Microsoft Windows 11 overblown?
I see a lot of FUD and fearmongering around privacy invasions via Windows 11 (and 10, as well). Is this unfounded, or overblown?
I'm getting more and more concerned that our private data is no longer private, or even ours. And this does not seem to be set to improve in the future.
What's the best way to go forward if this is the case?
82 comments
[ 3.1 ms ] story [ 151 ms ] threadHowever "Windows remains the defacto choice for bros who want security". I'm genuinely curious about this part of the statement. Could you please elaborate
I've decided to really dive deep in linux. This is a rest-of-my-life thing now. I'm going through the Arch install process, really enjoying reading the wiki and enabling the services and fiddling with all the options. Windows treated me poorly enough that I no longer care about things "just working". I need to take this stuff into my own hands.
Microsoft isn’t helping the matters by completely failing at building new UI toolkits. Internally Azure is seen as the future, but they burned a lot of their biggest customers already by overselling capacity to them in three year contracts. Those contracts are not getting renewed at the same level. I’ve never before seen a company sabotage itself so badly.
I have so many measurement devices that run some form of windows on them and are impossible to port to anything else. I still run windows XP and 7 in private networks for some machines and still have to use windows 95 to rewrite some 8bit routines to floppy to run some ancient controllers.
Not because I want to, but because I have to.
Windows 11 is a giant problem, as it uses ridiculous amounts of ram. Around 2025 we will not be allowed to have win10 on the network.
So this is serious question for some, is windows 11 any good with privacy? Well I certainly hope so, as I'm not in the position where I have any choice.
I really hope that's not true. I'm a programmer and I still prefer Windows.
The UI is nicer than macOS, and the UX is smoother than Linux. Every now and then I try to install Ubuntu and find that it still doesn't work well with my headphones, or it randomly disconnects from my wifi.
Efforts like the Windows Terminal and WSL lead me to believe that you're wrong.
I think it depends on whose perspective you're talking about. For some people it'll be overblown.
In my case, I don't really like what MSFT has been doing with their OS. It's clear for years now that they are intent on creating some form of ads platform and they'll likely do it in a way that is directly integrated with the OS. You can't even install Windows 11 without a Microsoft account (so they obviously have a way to identify you).
This seems in line with what Apple seems to be planning for their own platform [0].
All of these companies will claim they'll build something in a privacy-conscious manner, which might be true.
The question I ask myself is: Am I comfortable with that? Even if it has privacy safeguards, I am not. I'm not willing pay $130 for a Windows license AND have ads presented to me.
If Microsoft said they were going to offer a freemium model, where people that don't wanna pay for the OS will get ads I'd be fine. I'd just pay for the license to get rid of all ad tech and the respective tracking.
But regarding the future, I have no idea. I don't think there's any stopping this anymore. The only way would be for governments to get their shit together and regulate this space.
The only way to keep your privacy IMO is to choose "pain":
- Move to an OS that won't track you (Linux, *BSD, etc) – I don't care what Linux zealots say, the Desktop experience is still not even close to what Windows and macOS offer
- Avoid being online as much as possible and when you are, use tools to mask your presence
[0] https://digiday.com/media/apple-is-building-a-demand-side-pl...
Exactly this. It's bad enough if it's free, you are the product. But if you pay, it definitely must not be this way. That's the worst form of capitalism in tech.
Microsoft has IOS and Android envy. They've been trying unsuccessfully to make Windows store successful like their mobile counterparts but they keep picking the wrong reasons for their continuous failures.
I've used the "Microsoft account" since windows 8 without benefit. I still had to to manually sign-in to the store, the store was super slow, apps would not install for random reasons, it'd ask me to relogin at random times, the store couldn't automatically check if the internet connection was restored, the store would give meaningless windows-esk error codes, no side loading of store apps was possible, I still had to login to Microsoft owned apps even though I'd logged in to the OS, store apps are aliens - look different from normal apps and many shortcuts keys don't work, they randomly close.
Basically, the store has / had issues. People will willingly add their emails if there's a benefit to doing so.
Yes you can, even the 22h2 update, although it's of course not self-evident.
If you say you want to join it to an ActiveDirectory domain (on-prem, not Azure AD), it will ask you to create a local admin account. It will not follow up with the domain join procedure, so you can leave it at that.
Actually you can, just don't connect to the Internet during your initial setup.
The fact that remaining anonymous requires this trick is 100% a dark pattern on MSFT's part.
While we're at it: to avoid being forced to fill in the "security questions" during set up, the trick is keep your password blank during set up (add it after set up is done).
I recently set up Windows and it requires SO many workarounds to keep your privacy. I recommend setting up OOSU10 before even connecting to the Internet to avoid the Telemetry and Windows sneakily installing helper apps related to your hardware (and I don't mean Drivers) without your consent or knowledge.
Most users would have a perfectly fine time with Linux. Most things just work these days. Hell, with WINE or Proton/Steam, even Windows stuff works - even this year's games.
The recurring pattern with Linux is that:
- Trivial things don't always work out of the box
- Even after spending considerable time on the command line to fix it, things break semi-frequently
I've had setups that I've loved in the past, only to have it fail for some silly reason. i.e. too many kernels have been installed because of updates and suddenly /boot has no more space.
I have a job to do, and sysadmining my laptop is not it.
Seems an awful lot like
> sysadmining my laptop
Perhaps you meant to say "learning a new system involves a lot of mental effort". I get that sentiment and don't even disagree (the first quote is a part of what keeps me away from windows I don't want to sysadmin my windows install because I don't want to learn it).
I find switching to a different system (e.g. windows) makes everything feel hard because I have enough experience dealing with the little issues. With linux things that the stuff you declared "too much" is a 60-90s blip in my day due to familiarity, not a huge time-sink or rabbit hole. That familiarity means not just "I know what buttons to press" but also "I know where to look to know what buttons", "Consequences of pressing those buttons", "what are the red herrings when I go looking something up".
It's a different system with different patterns, thought models designed in, etc. Not that different from say, knowing C and trying to pick up an ML as a second languge - it's not that the patterns are bad or the language "isn't there", it's hard because it's a bunch of different concepts than you're brain is currently patterned for.
Yes, both require lots of initial setup and both break sometimes.
My anecdata is that Windows breaks less frequently and it's rarely something as blocking as "I can't boot" or "I lost my GUI".
That stopped working in Windows 11's 22H2 update. Now you have to either modify your ISO with Rufus, or pop a shell (Shift-F10) and run OOBE\BYPASSNRO to get around the account requirement.
https://support.microsoft.com/en-us/topic/update-for-custome...
Well, and it's also some of the richest user datasets. Google is doing it. Apple is doing it. Amazon is doing. So why not MS? It's not like we have hard privacy laws in this country!
"Oh, only 1% of users are hitting this one!" (Reduce priority, ignore, automatically close for "zero bug bounce")
And they remove necessary features then lie, "Our telemetry suggests that people don't use those features."
Although I'm not particularly confident in MS's security competence (judging by Windows' security track record), I don't think the main issue people take with this data collection is related to breaches by outside entities. At least in my case, it's not.
What I take issue with is the same as for Google et al.: I find it creepy and don't want MS (or Goog / Apple / etc) to keep tabs on me, on what I do, and to try to find a way to make me buy more random crap with their ads.
I'm also uncomfortable with the avenues this opens for State-level surveillance and the use of wonky "IA" to check on whether I'm doing anything "illegal" on my device. Cf the guy whose Google account got suspended for sending pictures of his son to a doctor.
I don't care if it's secure. It's my data, not yours. You have no business hoarding it in the first place.
If I take copy of your diary without your permission and pinky-swear that I won't share it with anyone else, does that make it right?
Why do tech companies have such a hard time just doing the right thing?
On top of that, you can use network-level tools to block your data from leaving your home. This could be something like a pihole that blocks the relevant domains, and/or a firewall that blocks them entirely.
At least on paper, Apple does seem to be doing better on privacy. They are private by default. Again, this all depends on how much you believe they aren't lying. There are also edge cases with them. For example, iMessage is encrypted end to end, but if you make an iCloud backup of your iMessages, those are not completely protected.
If someone is that paranoid about the OS being the point of failure their privacy, open source OSes are available for them to use. I'm personally not concerned about using Windows, MacOS, iOS, or even Android as long as I am thorough about configuring all the settings in the OS and my network appropriately.
It's a set of group policy settings that can be used to manage and prevent almost all of the "phoning home", and it documents what is done etc.
https://learn.microsoft.com/en-gb/windows/privacy/manage-con...
It would be interesting to then do a private CA intercept (a la mitmproxy) on the resulting system to validate whether this correctly stops everything.
[1] - https://www.oo-software.com/en/shutup10
My gut feeling is that they don't straight up lie, but that they for sure are leaving things out. Also putting good faith on microsoft is just something I'm not able to do no matter how much I try.
Don't you need to buy the enterprise version to completely turn off telemetry?
Except the fact that they get informed every time you run any software on your Mac, and they even used to send that over HTTP, in the clear (I'm hoping it's changed). The reported purpose is to check software signatures live, for security or something. I personally think code signing isn't of a huge benefit for the user, and there is no need for live checks (instead of cache or Certificate Revocation Lists) to be performed. The only reason i can think for Apple to implement it this way is to collect data on what you do with your device ostensibly for "security", but it might just be a negative way of looking at things.
I don't believe that's true for all telemetry data; there's an option between enhanced & core/basic or similar, but it cannot be disabled.
I use windows as my daily driver for both work and home and what kills me, and your argument IMO, is that forced updates turn on new features and old ones that I've disabled, and dark patterns put your typical user in a state where the only available option appears to be enabling the function. Cortana is a great example of this, if you accidently run it while disabled (how is that even possible?) you cannot exit, and the UI implies you need to continue, which gets you to enable it. You can't quit, only minimize to the tray, then the dialog pops up frequently. You need to end the process from the process explorer, which most users are not going to do.
I used to buy all windows computers directly from the Microsoft store because they were optimized to run windows as well as possible, so had no bloatware or add-on garbage. now Windows itself includes all these features and add-ons, which seems so short-sighted.
Moreover, Microsoft and Apple can do essentially anything they want to. They have an unassailable stranglehold on the desktop OS market.
I believe Apple's true stance on this is, "we will protect your data from third parties, but in exchange, you have no privacy with us"
This, in combination with the trend of less and less autonomy over our time, equipment, and purchasing.... I think it's perfectly valid to be loud about.
Sending back stack traces of crash reports is not the same as gathering data for targeting and pushing manipulative ads while you're browsing your folders.
I for one don't care about privacy that much, and that's how most consumers are. Almost everyone hates with a fury being shown ad over ad.
Keep ads out of my OS, it's that simple.
So you would not mind sharing your credit card infos. Or your social security number if you're in the US?
Also I bet you like going around naked outside when the weather is right.
I for instance don't care if my conversations are end-to-end encrypted, or if my financial transactions are anonymous. I do care if any random employee can just pull up my data, or if the company that's storing that data abuses its position and pushes ads in my face based on what date I have on their servers.
Common sense protection like payment method tokenization and SSL connections are the norm already, I don't want regression.
In the end, I meant that the privacy conversation should be moved into more concrete terms as an invasive ads discussion, not turned into something more abstract about which discussion is meaningless.
I really value my privacy, and it's not that I have anything to hide. I think that's a stupid argument for less privacy. If we're not careful, they'll start installing microphones and cameras to monitor you - for the improvement of your security and service, of course!
I can't help but think of the analogy of the frog and the pot, with the boiling water. We're all in the pot and the heat is just being turned up slowly, so we're not aware of what's happening to us.
The amount of data social media collects on people is a wet dream for any autocratic state.
The default setting should be opt-in, not out-out.
Linux, OSS.
"Required diagnostics" seem reasonable: https://learn.microsoft.com/en-us/windows/privacy/required-d...
Do note that "optional diagnostics" seem to include collecting filenames/authors/modification dates for Office files; the names of installed and removed applications, hardware information (with serial numbers), process execution history, Start Menu pins, app usage history, and more: https://learn.microsoft.com/en-us/windows/privacy/windows-di...
Add TPM and UEFI, and the CPU and chipset backdoors, and it's a real horrorshow down at the hardware level, too.
Privacy concerns may well be overblown if one were able to objectively assess facts. Perhaps Windows 11 is the most secure OS Microsoft have ever produced :)
But I would still not use or trust it, for reasons the frog would not ride on the scorpion's back, no matter how desperately it wants to cross the river.
I've lived long enough to witness all of Microsoft's shenanigans, the hostile takeovers, the insults to free software, the lies, the threatening behaviour, the bribery, court cases, criminal convictions and fines. Insomuch as a company can be, Microsoft are unethical to the core. Indeed they are the paradigmatic untrustworthy company.
If you were to offer me a water-tight mathematical formal proof that Microsoft's code was secure and private, I would still choose to use to use something else.
Frog on top of a scorpion is a recipe for flat scorpion.
Security != Privacy
But, that doesn't mean the concerns are unwarranted.
That's why I first started using Linux around 1994. I was concerned about my privacy, and I've been viewed a paranoid freak. I feel like Cassandra.
2. When a company tells you that their product protects your privacy, what they mean is that they will try to be the only ones that have personal data about you (and that private data about you can only be bought from them). NOT that you will have any privacy.
----
How you go forward? Best way is to stop using the internet. Go live in a cabin in the woods. (I'm only half joking.)
If you live in Europe you can ask for your account and data to be deleted, but that doesn't affect the companies that your data was sold to, nor anon / aggregate statistics your data is part of.
To have privacy about what you do/think/like in the future, you can try Linux, but you're not safe even there. Firefox will track your internet activity (can be disabled) and there is spyware such as Ubuntu's popularity-contest package that monitors and reports what you run on your Linux machine.
If you want to keep using Windows, the best way would be to wipe your HDD, install clean, activate it, update it (or not), and then cut the direct internet connection. From then on, use a whitelist filtering proxy as the only possible internet access. No DHCP or any usable gateway. I'm using this and is a pain to manage. I have to manually add to the whitelist every new site I want to visit (it gets easier after a while).
Another way to do it is to have an non-filtering but password-protected proxy, and don't tell Windows about it. Firefox can use a proxy that is different than Windows' proxy setting. This way you can navigate the web without allowing Windows access to the internet.
I'm half tempted to! But that's not going to work in the real world for me.
Jeez, Firefox... https://www.privateinternetaccess.com/blog/the-firefox-brows....
> use a whitelist filtering proxy as the only possible internet access
How does this work in practice?