I just got a new PC with Windows 10, replacing an older PC laptop that's a Windows 7 / Ubuntu dual-boot. (I'm running Ubuntu from a VM this time.)
Anyway, Windows 10: I was a bit shocked at all the information it sends back to Microsoft. As soon as the setup screen comes up, it gives you an option to choose "Express Install" or "Custom Install".
I chose "Custom Install", and there were about 10 privacy settings that I turned off (all on by default) before I felt comfortable using the OS. (Examples: send all search words back to MS, tie advertising info to your Windows account, etc etc)
I'm assuming most users would chose the "Express Install" without even wondering about what data they were sending back to MS.
Have you run into any articles that detail exactly what is captured and sent off of your computer? Has Microsoft release more than just a little bit of information on what they use that info for?
Not just what the setting screen and privacy policy say.
It will be impossible to know and/or verify what they're actually sending. Even if they told us exactly what the data contains, though, who will believe them?
Besides, we already know what they'll say: they'll use it for debugging and troubleshooting, to make the products better, and to enhance your user experience. In certain circumstances, they may share the data -- but only with their trusted partners, of course. In no way, however, will they use it for anything "evil".
Yep. Sadly, the only way to be one hundred percent sure your data is private is to keep it in your head. Even building your own chipsets and other components doesn't protect from physical access. So we have to choose who to trust. Currently, that's not Microsoft. If they open sourced, or at least made the code visible, Windows, I'd be a lot happier. 'Course, then I'd have to trust that the people reviewing the code knew what they were doing. Since I'd not spend the time to review the code myself....
I don't think it's impossible. Can't you intercept the traffic via a router or something to see what's in it?
"...what they'll say..."
They already said that in their privacy policy. I was wondering if they had released more details. Like "We record your voice commands and add them to a database of millions of other people making the same command so Cortana can understand people better." And, "Our voice interpretation service is provided by a trusted partner. They signed a contract that requires they take this step and this step to keep your data secure."
Well, hopefully they learned something from the NSA documents and are at least encrypting the data they're sending home now. Assuming that they are -- and are doing it properly -- then no, you can't.
Putting machines behind a firewall (or even a virtual firewall, as is possible with VMs) could help somewhat, both in determining what it's doing with the network and in blocking unwanted traffic.
Incidentally, one of the features Windows had in 2k and XP that was off by default in Vista, and lost completely in Win7, is a network status icon that shows when the OS is sending/receiving data. Very useful for troubleshooting and identifying unexpected network activity, but its removal makes it much easier for this sort of "phoning home" to go unnoticed... (I know they could've made it lie, but apparently removing it altogether was easier.)
You can see network traffic in Resource Monitor. And yes, you can block unwanted traffic at the LAN router.
pfSense VM works well as a virtual firewall. With IPv4 and IPv6 deselected on the Local Area Connection, there's no direct connectivity. In the pfSense VM, you bridge WAN to the host NIC, and attach LAN to a host-only adapter.
It is actually a very similar list to that seen in Windows 8. Windows 8 was a little bit more sneaky however, when you chose custom they were all disabled but if you select express they were enabled.
You haven't done all the things necessary to defend your privacy yet, Windows 10 has spread this stuff all over the operating system, its all enabled by default and you need to find it all.
> They pioneered sending back all your search terms (to Amazon).
You don't have to use Unity to use Ubuntu. There is an abundant choice of WMs on Linux. And besides, even if you had this turned on, it's about nothing compared to what Microsoft does.
Most of these settings are probably related to Cortana (the new Siri/Google Now like feature in Windows 10). These kind of tools that suggest information to you only really work if they have your search and location information. If you turn those options off, I guess the only thing that will be affected will be Cortana.
Also, the thing where apps may share a common advertising ID? Sounds invasive, but is actually a tiny step towards more privacy: before, apps (i.e. desktop programs) could access basically any information on your PC: Your name, your address if you entered it anywhere, your contact list, possibly your position. Nowadays, "Modern" apps can only identify you via an pseudonymous ID (if you allow it), unless they have the proper permissions.
What does annoy me is that they still obscure these settings, and fail to explain what exactly they are for. At least they made it a bit more obvious in Windows 10 that you can use it without creating a Microsoft account (using a local account).
There is a saying in Germany: Nothing is eaten as hot as it is cooked.
I seem to vaguely remember some internet story about how these embedded UUIDs were used to de-mask a person by matching an UUID from a document with a known author against an incriminating document. Or was it matching an Ethernet card's MAC address to an UUID in the .doc? Can't remember any details now.
There is very little anonymity in the real world in terms of computing at this point. You would have to be extremely careful to truly mask any electronic media being used as any kind of communication platform, online or offline.
That's a false dichotomy nowadays. Corporations have learned that, even if you pay, they can still get away with having you be the product.
For that matter, Windows 10 isn't free for a bunch of people either, while FOSS, which is typically as far as you can get from being the product, is most often gratis.
Yeah, old days. Now when installing Windows 10, we have to choose custom install and make many unchecking at least to be able to say "if they do what they say, they won't track me"..
Switched from Microsoft products in 1999, back when Palladium started. That was offensive enough. This is downright disgusting.
I always ask co-workers how much liberty Windows users are willing to sacrifice to continue using their systems. Seems even I underestimated with Windows 10.
>I always ask co-workers how much liberty Windows users are willing to sacrifice to continue using their systems.
You do realize we live in an era of smartphones, facebook and cloud services. Those liberties have been given up already. Window is looking downright open these days.
Windows is not really open, has never has been and never will be. In fact it is getting worse. There's always a black box at the bottom of every stack trace, a secret in every corner and a cost to every solution be it time or money.
Users, myself included, use it because we're stuck.
I'm in the fortunate position to not need Windows for anything other than the odd game. The GNU/Linux desktop has been fulfilling my needs for over a decade now.
In today's internet-centric world, there is little need to have Windows around for anything other than very specific jobs - for the average user.
many of us have avoided (or selectively/safely used) the accessories of this era, because we value our liberties.
Seychelles/Iceland-based cloud storage providers, and rk3xxx-based mobile devices (with VoIP) keep us relevant and reasonably modern while preserving our rights.
First post here. I've been lurking for a few months. So, hello.
I'm ashamed of myself for exactly this reason. It's no better than smoking. I know it's not good for me but I keep doing it out of apathy and convenience. I know my way around a Linux machine well and have a few production nodes under my command but they never make it to the desktop. There's always some proprietary protocol in the way be it a VPN, remote desktop connection or product I have to integrate with. I'd really love to just shake it tomorrow.
It's harder to walk away than not to get into this situation in the first place. Now it's a burden.
Not trying to persuade you either way but if you do move and try Wine for those applications it'd be much appreciated if you would update the Wine Application Database.
It's more that my customers are using it so I have to meet them half way. If I have a greenfield, I'll probably do it in tcl/tk or python/wx but I'm stick maintaining old win32 and winforms stuff for people.
My win32 stuff worked in wine about 7-8 years ago now which was nice.
I remember Palladium[1] too. It seems back then people were far more concerned about locked-down devices than they are today, where the majority are willing to accept anything that is advertised as being "more secure" - even secure against them. The media's constant reporting of hacks and leaks certainly doesn't help... I wouldn't consider myself a conspiracy theorist, but this "security culture" today really makes me wonder if it's all part of a plan towards an Orwellian society.
There was a higher bar to access back then. Today devices are made for and used by almost everyone. People haven't become less concerned in total, it's just that there are more people that never cared in the first place using technology.
The truth is that for most users, a locked down device is simply more secure. By controlling the environment tightly, the manufacturer can be sure to exclude malicious software. For example, how easy is it to install a keylogger on an iPhone?
Allowing users to bypass security mechanisms will ensure they get bypassed. Wasn't it Facebook that was having users compromised by attackers tricking users into running code in the console? If iPhones shipped with a special security bypass button or something, it wouldn't be long before people became accustomed to using it and we'd be back to user devices being rooted left and right. This seems like a difficult problem to work around, if we want users to have a "worry free" experience.
I find it disgusting and unfortunate, but I recognize that my desires are not representative of the general market.
This is a stupid comparison, If thats the intention to compare it to how and what the internet is used for today.
get off the hate train. you want to hate Microsoft, you had best hate Google, Apple and many other companies out there
And we do. Hating on Microsoft in no way diminishes hate for all of the other violators. Hate is not governed by the laws of thermodynamics, there is enough warranted hate in the universe for them all, and then some.
But there's a bit more to it than that.
The marketplace has apparently decided privacy is not worth paying for.
Microsoft is conceding this point.
Perhaps what the market values can be adjusted by creeping people out on a personal level by demonstrating just how much information they are giving away?
Or perhaps the market is revealing that privacy in general has very little value?
(Same issue with open computing vs. closed devices)
Interestingly, this seems to have been accidental. UUIDs were generated using MAC addresses to ensure some uniqueness, but I guess nobody ever realised the implications.
There are many reasons to choose Windows. For example, Excel is by far the most powerful spreadsheet app. But using Windows where privacy matters is foolish. And trying to lock it down is pointless.
If you need Windows for work, or gaming, or whatever, fine. But dedicate a machine to it. And use a different machine for private stuff, running VirtualBox in Debian. Or Qubes, if you're seriously paranoid ;)
Frankly I find the list of reasons to choose Windows is growing ever shorter. I find Windows 10 to be revolting, and the list of reasons to buy it seems to be:
* Games
* Industry-specific apps like AutoCAD
99% of Excel users would be satisfied by Google Docs or LibreOffice.
I am indeed mostly happy with LibreOffice Calc, or even Gnumeric. But I'm aware of no other spreadsheet app that calculates on multiple CPU cores. Or gracefully handles spreadsheets well north of 50MB. Windows overall may be revolting, but Excel is a beautiful thing.
I always wonder why people think using Google Docs is more secure and private than Excel and being on Windows. I mean, lets just imagine you're hoping no one is stealing all your data and monitoring you. On one hand, you have Windows and Excel which are closed source and could be sending all that information. On the other hand you have Google Docs hosted on a cloud infrastructure by a company which specializes in searching, indexing, and extracting information from documents. Thanks to technical limitations from it's feature set it records every movement, change, and action forever in the document.
So you run something 10 times worse on a Free OS? You pretty much now only have the option of Libre Office. And to be fair, if Libre Office was good enough you wouldn't have mentioned Google Docs. It works, but it's not Google Docs or Excel.
I have witnessed two different trials of Google Apps for "regular" office workers. In my experience, the number of Excel users satisfied with Google's offering is a lot closer to 0% than 99%.
Nah, it wasn't just that, although certainly that was one component of it.
Excel has developed into a mini-platform of sorts, where users do all kinds of things with it. Time cards, expense reports, order sheets, office floorpans, generic lists, by-hand Gantt charts, etc etc. And other tools -- even similar ones that are supposed to be 'Excel-compatible' like Apple Pages or Google Sheets -- don't really work with many Excel documents 'in the wild'.
The real killer feature of Excel is Excel-compatibility. That's the only reason I personally use Excel -- because, for various reasons mostly outside of my control, I sometimes have to use documents created in Excel. E.g., my employer's vacation day reporting form is created in Excel by HR, and hell no Google Sheets doesn't work with it. (Actually, even the Mac version of Excel also doesn't work with it -- I fire up VMWare whenever I need to fill one out.)
Nothing other than Excel really works perfectly with Excel documents.
I think that was the biggest reason for the failure of the two Google Apps trials I witnessed.
(But there is also the fact that Excel was massively more feature-packed, reliable, and performant than Google Sheets -- which I think is still the case today. I personally use it because I enjoy the ubiquitous access cloudy-cloud-cloud nature of it, but I don't think that wins for many users, especially those who really mainly just use it at their desk at work anyway.)
68 comments
[ 3.5 ms ] story [ 128 ms ] threadAnyway, Windows 10: I was a bit shocked at all the information it sends back to Microsoft. As soon as the setup screen comes up, it gives you an option to choose "Express Install" or "Custom Install".
I chose "Custom Install", and there were about 10 privacy settings that I turned off (all on by default) before I felt comfortable using the OS. (Examples: send all search words back to MS, tie advertising info to your Windows account, etc etc)
I'm assuming most users would chose the "Express Install" without even wondering about what data they were sending back to MS.
I really think iOS is the only OS has really done permissions right on the 3rd party level and on the OS level.
I vote KaOS as the base: http://kaosx.us
I've never done a graphical debian install. how does it compare to KaOS?
Not just what the setting screen and privacy policy say.
Besides, we already know what they'll say: they'll use it for debugging and troubleshooting, to make the products better, and to enhance your user experience. In certain circumstances, they may share the data -- but only with their trusted partners, of course. In no way, however, will they use it for anything "evil".
"...what they'll say..." They already said that in their privacy policy. I was wondering if they had released more details. Like "We record your voice commands and add them to a database of millions of other people making the same command so Cortana can understand people better." And, "Our voice interpretation service is provided by a trusted partner. They signed a contract that requires they take this step and this step to keep your data secure."
Incidentally, one of the features Windows had in 2k and XP that was off by default in Vista, and lost completely in Win7, is a network status icon that shows when the OS is sending/receiving data. Very useful for troubleshooting and identifying unexpected network activity, but its removal makes it much easier for this sort of "phoning home" to go unnoticed... (I know they could've made it lie, but apparently removing it altogether was easier.)
pfSense VM works well as a virtual firewall. With IPv4 and IPv6 deselected on the Local Area Connection, there's no direct connectivity. In the pfSense VM, you bridge WAN to the host NIC, and attach LAN to a host-only adapter.
You haven't done all the things necessary to defend your privacy yet, Windows 10 has spread this stuff all over the operating system, its all enabled by default and you need to find it all.
https://www.reddit.com/r/Windows10/comments/3f38ed/guide_how...
You don't have to use Unity to use Ubuntu. There is an abundant choice of WMs on Linux. And besides, even if you had this turned on, it's about nothing compared to what Microsoft does.
Also, the thing where apps may share a common advertising ID? Sounds invasive, but is actually a tiny step towards more privacy: before, apps (i.e. desktop programs) could access basically any information on your PC: Your name, your address if you entered it anywhere, your contact list, possibly your position. Nowadays, "Modern" apps can only identify you via an pseudonymous ID (if you allow it), unless they have the proper permissions.
What does annoy me is that they still obscure these settings, and fail to explain what exactly they are for. At least they made it a bit more obvious in Windows 10 that you can use it without creating a Microsoft account (using a local account).
There is a saying in Germany: Nothing is eaten as hot as it is cooked.
For that matter, Windows 10 isn't free for a bunch of people either, while FOSS, which is typically as far as you can get from being the product, is most often gratis.
I always ask co-workers how much liberty Windows users are willing to sacrifice to continue using their systems. Seems even I underestimated with Windows 10.
You do realize we live in an era of smartphones, facebook and cloud services. Those liberties have been given up already. Window is looking downright open these days.
Most people don't care. Features are more important than FOSS when consumer software is concerned.
Users, myself included, use it because we're stuck.
In today's internet-centric world, there is little need to have Windows around for anything other than very specific jobs - for the average user.
Seychelles/Iceland-based cloud storage providers, and rk3xxx-based mobile devices (with VoIP) keep us relevant and reasonably modern while preserving our rights.
There are more of us than you think.
I'm ashamed of myself for exactly this reason. It's no better than smoking. I know it's not good for me but I keep doing it out of apathy and convenience. I know my way around a Linux machine well and have a few production nodes under my command but they never make it to the desktop. There's always some proprietary protocol in the way be it a VPN, remote desktop connection or product I have to integrate with. I'd really love to just shake it tomorrow.
It's harder to walk away than not to get into this situation in the first place. Now it's a burden.
https://appdb.winehq.org/
My win32 stuff worked in wine about 7-8 years ago now which was nice.
[1] https://en.wikipedia.org/wiki/Next-Generation_Secure_Computi...
Allowing users to bypass security mechanisms will ensure they get bypassed. Wasn't it Facebook that was having users compromised by attackers tricking users into running code in the console? If iPhones shipped with a special security bypass button or something, it wouldn't be long before people became accustomed to using it and we'd be back to user devices being rooted left and right. This seems like a difficult problem to work around, if we want users to have a "worry free" experience.
I find it disgusting and unfortunate, but I recognize that my desires are not representative of the general market.
all it takes is one skilled user to make all the dumb ones their slaves.
Or perhaps the market is revealing that privacy in general has very little value?
(Same issue with open computing vs. closed devices)
If you need Windows for work, or gaming, or whatever, fine. But dedicate a machine to it. And use a different machine for private stuff, running VirtualBox in Debian. Or Qubes, if you're seriously paranoid ;)
* Games * Industry-specific apps like AutoCAD
99% of Excel users would be satisfied by Google Docs or LibreOffice.
I am indeed mostly happy with LibreOffice Calc, or even Gnumeric. But I'm aware of no other spreadsheet app that calculates on multiple CPU cores. Or gracefully handles spreadsheets well north of 50MB. Windows overall may be revolting, but Excel is a beautiful thing.
So you run something 10 times worse on a Free OS? You pretty much now only have the option of Libre Office. And to be fair, if Libre Office was good enough you wouldn't have mentioned Google Docs. It works, but it's not Google Docs or Excel.
Excel has developed into a mini-platform of sorts, where users do all kinds of things with it. Time cards, expense reports, order sheets, office floorpans, generic lists, by-hand Gantt charts, etc etc. And other tools -- even similar ones that are supposed to be 'Excel-compatible' like Apple Pages or Google Sheets -- don't really work with many Excel documents 'in the wild'.
The real killer feature of Excel is Excel-compatibility. That's the only reason I personally use Excel -- because, for various reasons mostly outside of my control, I sometimes have to use documents created in Excel. E.g., my employer's vacation day reporting form is created in Excel by HR, and hell no Google Sheets doesn't work with it. (Actually, even the Mac version of Excel also doesn't work with it -- I fire up VMWare whenever I need to fill one out.)
Nothing other than Excel really works perfectly with Excel documents.
I think that was the biggest reason for the failure of the two Google Apps trials I witnessed.
(But there is also the fact that Excel was massively more feature-packed, reliable, and performant than Google Sheets -- which I think is still the case today. I personally use it because I enjoy the ubiquitous access cloudy-cloud-cloud nature of it, but I don't think that wins for many users, especially those who really mainly just use it at their desk at work anyway.)
[0] http://wps.com/
source: https://www.reddit.com/r/Windows10/comments/3f38ed/guide_how...