Microsoft is once again tackling privacy concerns around Windows 10 today. The software giant is releasing a new test build of Windows 10 to Windows Insiders today that includes changes to the privacy controls for the operating system. While most privacy settings have been confined to a single screen with multiple options, Microsoft is testing a variety of ways that will soon change.
There have been some concerns that Windows 10 has a built-in “keylogger,†because the operating system uses typing data to improve autocompletion, next word prediction, and spelling correction. Microsoft’s upcoming spring update for Windows 10 will introduce a separate screen to enable improved inking and typing recognition, and allow users to opt-out of sending inking and typing data to Microsoft.
I doubt any of these changes will reassure people who refuse to use Windows because of privacy concerns.
Of course not, at least not until Microsoft figures out a way to keep people from moving the goalposts.
If Microsoft completely stopped collecting telemetry, many of these people would believe Microsoft just found a way to do it secretly – after all, now that there is a tool that lets you view all the telemetry Windows collects, those people still believe there is data Microsoft is hiding – a belief based on no evidence.
And then, there are the people that have the opinion that Microsoft knowing how many times you click the start menu is the same as breaking into your home to read your diary.
To be fair, can you really trust it not to send anything unless it was open source and people could go through the code to see EXACTLY what it is doing?
With a tool “oh, we show you what we collect (at least that we’re okay with you knowing what we collect…)”
The fact they started doing it in the first place is the big ‘why’.
Why is MS any different then Google, or Apple? They also collect all sorts of info, and are less transparent. The reason they started doing it is the same as MS, but for some reason, they get a pass.
Edited 2018-03-06 22:05 UTC
Google does not get a pass from me. A total and abject failure more like. They collect data on you and then sell it on to their Advertisers etc.
Apple gets a ‘Meh’ from me. You can opt out of their collection and they publicly say that anything they collect is never sold on.
These days, I go out of my way to avoid having anything directly to do with Google. Their motto has clearly (IMHO) become ‘Do Evil’ to us mere mortals.
They clearly don’t understand the meaning of ‘No’.
As for MS, their dictatorial stance on a whole load of things including updates for W10 and the way that they willy-nilly overwrite your settings during the update process clearly shows that they are in the ‘MS knows best and you will do as we say’ mode more and more.
Their data collection system that bypasses the ‘hosts’ file settings etc is just plain wrong in my eyes.
I voted with my feet and have got rid of all MS OS’s from my life. The reduction in stress I have is huge.
I’ll be ditching Office as soon as I can get around to it.
YMMV
They don’t.
Started doing what in the first place? Collecting telemetry? That’s easy: Makes it easier to find bugs and diagnose problems. There’s been plenty of examples in Windows 10 where users were afflicted by bugs in updates that didn’t show up in insider releases, that telemetry was able to provide answers for.
Why did they release the tool to examine all the telemetry? People have been asking for it, and it actually will assuage some of the distrust about the telemetry data when people are able to analyze it.
Drumhellar,
This is a dated reference, but what about the “_nsakey” that was revealed when microsoft accidentally published a debug version of the kernel?
https://www.heise.de/tp/features/How-NSA-access-was-built-into-Windo…
Microsoft tried to rebuke the accusations in public, but it never really provided supporting evidence.
The article is old. The NSA has found it easier to store their backdoors on CPUs. You may use an open source OS, but what about your CPU? They are actively finding a way and won’t stop doing that.
Unless we DIY everything, we can never be sure of anything. Open source don’t mean anything if we don’t have control over every stage of of our IT infra. Even if our PC fully is open source (both hardware and software), then what about our printers, routers, NAS, etc? See where this is going?
adkilla,
Some things are easier than others. There are lots of open source NAS and routers. I’m not so sure about printers.
Some people assume that high proprietary market share is evidence that open source is not important. However as I can personally attest to, there’s a lot of equipment where despite my efforts, I’ve been unable to locate an open source vendor and have been forced to buy something proprietary against my wishes. This is a big reason why I’m always trying to promote open hardware/software whenever I can and am extremely wary of people claiming closed platforms don’t hurt us.
All of what you said is true, but irrelevant.
It is “cool” to disbelieve– You are a sheeple if you trust anyone or anything, and an elite if you distrust everything and everyone.
The fact that society cannot stand that level of disbelief is irrelevant.
The internet is truly a wilderness of mirrors where reality has ceased to have any useful meaning.
I’ve always found it entertaining that people can believe that a company like Microsoft is capable of incredibly complex and devious conspiracies, when the company’s history is actually littered with examples of poorly kept secrets. Even the NSA has been unable to conceal the full extent of their operations, but somehow, a company like Microsoft is (apparently) capable of all kinds of super sekret information gathering without anyone noticing, or blowing whistles.
Grat,
(Dis)belief is not exactly a choice. One may choose to hide one’s real beliefs in order to act “cool”, but one cannot just change those beliefs on command. Experience and knowledge play a big part when it comes to what to believe.
It is a fact that Microsoft collects huge amounts of personal telemetry data, regardless of your consent.
Trust is usually earned. If you trust anything that does not respect your rights, then I would venture that you are naive.
What Microsoft is doing is not very complex or devious. It is simply an invasion of privacy. Google does it. Apple does it. They are making a clear choice not to respect your constitutional and basic human right. If you are lax about it, then you are part of the flock of the vast majority.
Edited 2018-03-07 21:56 UTC
The government does it, your ISP does it, every web advertiser does it, Facebook, Google, and Apple does it– Nothing you do on the web is a secret. Accept it, and move on.
Microsoft is, theoretically, being more transparent than any of those organizations, so why the hatred for Microsoft?
By the way, thanks for using the word “flock” to prove my point.
grat,
But it’s NOT just microsoft…it never has been. In fact even in the post to which you responded, tomchr explicitly named apple and google guilty as well. As patrix pointed out, this seems to happen a lot when some company goes under the microscope: “Why the hatred for <X>? Why aren’t we criticizing <others>?” The truth is that every week we DO criticize google, apple, facebook, etc. Just because it’s microsoft’s turn doesn’t mean we’re giving other companies a pass. People CAN criticize microsoft without being hypocrites about it!
grat,
Excuse me, but you are contradicting yourself.
First you find it amusing that other people believe in company conspiracies. Next you state that you are not at all surprised about the Snowden releases, since you yourself found the stories over the years credible (i.e. former conspiracy stories). Lastly, you clearly state that ‘everyone’ is doing it and nothing you do on the web is a secret. It seems to me that you are the paranoid one.
I am not at all concerned about conspiracies and paranoia. I am concerned with Microsoft’s abuse of privacy, since this is done at operating system-level. Windows 10’s privacy settings have been found “not trustworthy” by experts, organisations and authorities.
The fact that governments, coorperations, ISPs et al. are abusing your rights as well does not excuse them from moral or legal ramifications.
How about standing up for your rights for a change?
One more thing, beliefs are not something you pick up at Walmarts at $10 discount. You either have faith or you don’t. Beliefs can’t change facts. Facts, however, should change your beliefs.
No one else is. I live in Florida– I’m not even protected by the 4th amendment (within 100 miles of border). My electronic devices aren’t subject to protection under the 4th or 5th amendment, and daily, people give Facebook more information about their private lives than the government could accumulate in a decade.
I would cheerfully join the bandwagon, and be part of a pro-privacy crusade– except people are attacking Microsoft for privacy issues, when they ought to be going after Facebook, Google, and Apple.
Right idea, wrong target.
grat,
I still don’t think we disagree on much in terms of facts, but you keep repeating this narrative that microsoft are the only ones being criticized…that’s unjustified, we criticize google/facebook/apple all the time. If you want to criticize these companies, that’s fine, most of us will heartily agree with you, but saying other companies invade people’s privacy is a bad rebuttal against microsoft’s own non-consensual data collection.
Edited 2018-03-09 18:04 UTC
Forget.
If you already explained one time as clearly as you did and someone insist on ignoring, or he/she already has its mind set or does not pay the needed attention on what others have to say.
Hm, more like what we’re told by others in our ~group / ~peer pressure… (most glaring example: religions tend to basically disregard experience or knowledge)
And at least some ( http://www.osnews.com/permalink?654315 ) of the conspiracy theorists / believers in Your Microsoft Overlords also think at other times, when it suits them, that MS is totally incompetent as an organisation… ( http://www.osnews.com/permalink?653972 )
They also could have released a complete specification of telemetry traffic so everyone interested could create an own parser / analyzer / monitor for that data. Relying on closed-source “solutions” to monitor closed-source systems sending undocumented traffic and then expecting trust… well, that just doesn’t seem right.
InfoWars is run by a person who literally claimed that the reason President Obama proposed airstrikes in Syria was so he could take technology so he and fellow “globalists” could become immortal cyborgs and rule the world from their “flying jetcopters and Air Force Ones”. Sadly, that is very run-of-the-mill material for InfoWars and for Alex Jones.
I absolutely distrust everything that is on that page, as should you.
And that includes everything they post about actual, legitimate government conspiracies, because what they post is going to be utter bullshit and still not based in truth.
And, honestly, I stopped reading your post there. I have never encountered a person who both read InfoWars and actually honestly cared about facts and evidence.
You’re concluding nonsense. I didn’t even read that page. See actual reason above. Please don’t try to create relationships where there are none. Thank you.
Being “Open Source” never stopped Chromium from downloading backbox binaries on Debian that could listen in on your microphone.
It did, because the behaviour was noticed very quickly and fixed.
But this Chromium “feature” wasn’t really noticed thanks to its open source nature…
But it does make it so that people can more easily know about it.
The advantage of open source regarding spyware is not that spyware is harder to include in it, but that it is harder to hide in it.
Don’t be ridiculous. Even if it were open source, no one is going to audit every line of that code before they run it. You have to trust the rest of the community, and your distributor (Canonical, Red Hat, etc) and even then you can’t be guaranteed someone in the chain won’t put something in later. If you audit every single line of code that runs on your machine, good for you. The rest of us have a job and a real life to worry about, so there’s just as much trust required as there is with Microsoft or any other closed company.
Well, hopefully those people are not using Windows 7, if they’re that paranoid.
As for the ‘FOSS or death’ crowd, they would never use anything proprietary anyway, so their opinions don’t matter much in this regard.
Drumhellar,
To be fair though, even trivial evidence like that can be used in court. Beyond that, it’s also a matter of principal, some of us just don’t want corporations monitoring us at all. Microsoft has no business monitoring me in my home against my wishes no matter how innocuous it claims the data collection is.
There is a list of IP addresses that MS use for data collection available on the Internet. AFAIK, it changes after each update but add all those addresses to your external firewall and see how many connection attempts are blocked. It is staggering even from someone just doing a bit of web browsing (not using IE or Edge naturally).
Doing that was enough to tell me that they have clearly crossed the line. No one in their right mind can persuade me that that amount of data is related to bug reporting unless Windows 10 is the buggiest bit of software ever written.
{I’ll put my tin-foil hat away now}
It may not be the buggiest software Microsoft have released, but it’d definitely not the best from a UI perspective. Much of this data could be UI anylitics, which may explain the volume of data
Well, if it’s not the buggiest thing ever written, it’s certainly up there.
For people who’ve actually *used* Windows 10, it’s pretty damned solid, and as a rule, not too difficult to track down what’s crashing on the rare occasions something starts misbehaving.
It’s certainly less buggy than KDE (akonadi remains a disaster that requires frequent hand-holding).
I use it every weekday at work, but by all means, continue to be a jackass if it makes you feel superior.
So, we don’t know what they collect, but if they give you some tool that shows you something, then suddenly i). you know what they collect, ii). you believe what they collect is what the tool shows you, iii). everyone else is crazy tinfolhatter. The one thing you’re right about is that there’s no evidence, but that goes both ways, and this issue is clearly not one of belief. There’s no absolute way to tell what they collect, thus, there’s no way anyone could believe anything about it. You could disable telemetry service, but again, there’s no evidence that’s the only way they collect anything, plus, they have a habit of renaming services for fun’s sake.
My point is, unless we know for sure, which we don’t, there’s no reason to believe anything they try to convince us about. But this is not a Microsoft/Win-specific issue, you’d do better take everything with a grain of salt.
You’re so full of BS, it’s unbelievable.
First of all, you can never know if this wonderful “a tool that lets you view all the telemetry Windows collects” actually shows all the data that Windows collects and sends.
Secondly, if Microsoft was completely honest, they would just let the “Off” switch for data telemetry. No ifs, no whats, just “Off”.
Thirdly, Microsoft made sure that you cannot stop telemetry by 1) adding offending domains to `hosts` 2) by blocking the offending collection servers in their own firewall – IOW, they completely broke and infringed on all the networking rules and RFCs.
Fourthly, they could have made data collection Opt In rather than a hundred layers of semi-working (mostly not) Opt Out.
There’s just one way not to leak your personal data with Microsoft: you do not run Windows 10 (corporate users enjoy the LTSB Enterprise Edition but let’s just not talk about it right now – SOHO users cannot legally run it).
Have you ever looked at the page MSFT has for corps on how to turn off the spying in Enterprise? Its like 41 PAGES long and the majority of it? Yeah it doesn’t work in Windows 10 Home and Pro, sorry, its exclusively for Win 10 Enterprise.
Here read for yourself and enjoy, according to MSFT it will take 57 MINUTES just to go through it and again, most of the things require tools simply not available to Windows 10 Home and Pro users, sorry.
Yeah so ask me again why we don’t buy their bullshit?
https://docs.microsoft.com/en-us/windows/configuration/manage-connec…
The fact that you broadly classify everything in this document as “spying” shows that you are either unwilling or incapable of having a thoughtful discussion on the subject.
To you, everything is spying, including:
1) The Map app’s ability to download maps
2) An application’s ability to use your camera
3) Automatically setting the time
etc.
Yes. Using your choice of words, you consider automatically setting the system clock to the correct time as “spying.”
A quick glance shows that the majority of these settings actually have nothing to do with data being sent to Microsoft’s servers. if you had even bothered to scroll past the headline, you might have noticed.
Many of these settings are indeed available in Pro and even Home editions, and actually do not require special tools.
So, do you understand why I don’t buy your bullshit?
Drumhellar,
Meh, it’s just information, no need to call it BS. When you think as a hacker does, you begin to see ways that even legitimate channels can be exploited.
No. I’m calling it BS. What he said was a significant misrepresentation of what he actually presented.
Seriously, Apple, Google and Microsoft all collect on their mobile operating systems immense amount of data. There’s not really much that can be done about that on any platform except Android, which is released in open source mode (most of the os except drivers from vendors), but even then, that means you’d have to re-image the phone with the clean, audited version. Since the drivers are not open source, that means that your device could just be a nice PDA and that’s about it, unless someone takes the time to write drivers for devices as well.
I only know of Copperhead, and they’re still not as open as one would like.
That’s some disturbing situation.
Just for the record, you don’t need any future release to opt-out from this type of data collection. The feature is clearly explained to you at setup time but, should you want to check or change your mind afterwards:
Settings -> Privacy -> Speech, Inking & Typing
The “magic toggle” is there and, in all fairness, it seems to me that they’re really upfront about what enabling certain features entails.
If you don’t trust Microsoft to respect your choice… well, that’s another thing altogether but, as someone else has posted, then why do Apple and Google usually get a pass?
RT.
They don’t get a pass. Each different article gets comment pointing out the same thing, always about the other companies. Collect them all and nobody gets a pass.
AS for Microsoft, the reason to not trust them is “why now, and not when they released it?”
The deed is already done, and it’s tainted the OS… And will take a while to regain goodwill if it’s even possible.
As I said, it’s nothing new and opting out has always been possible — since release 1511 and later, in fact. But don’t take my word for it, just grab an ISO and see for yourself. You don’t even need a license key to complete the installation.
But realize that if you want to talk to Cortana/Siri/Google and have them do stuff for you they need to dig into your computer to check calendar, address book, installed applications, and so on. The same goes for auto completion and suggestions as you type.
Of course you don’t have to like it and nobody, not even Microsoft, is forcing you to use any particular feature, but to act all surprised and indignant is rather naive — if not downright biased.
RT.
patrix,
This is so true. I notice it quite a lot. It’s like how the president and his representatives are constantly pivotting to divert legitimate criticism (esp kellyanne conway). It’s so painfully blatant at times when they deflect and avoid serious accusations by blaming hilary or obama instead of seriously addressing the criticism as it applies to them. This can be infuriating to someone trying to stay on point, to say the least, but obviously that’s the intention. I don’t know if it’s coincidental or not, but I am noticing this tactic more in online discussions. Maybe I am just becoming more perceptive of it too.
Edited 2018-03-07 15:39 UTC
In what way do they get a pass? I think most privacy concerned people know that they should avoid MS, Apple, and Google as much as possible.
But I think I will still be using spybot anti-beacon as a little extra cover my butt