Windows 10 Privacy Changes Appease Watchdogs, But Still No Data 'Off-Switch'

Earlier this month, Microsoft announced several privacy changes in Windows 10, but it didn't give users an option to completely opt-out of data-collection feature. The announcement came at a time to coincide with a statement by the Swiss data protection and privacy regulator, the FDPIC, which last week said it would drop its threats of a lawsuit after the company "agreed to implement" a string of recommendations it made last year. The news closed the books on an investigation that began in 2015, shortly after Windows 10 was released. Though the Swiss appear satisfied, other critics are waiting for more. The French data protection watchdog, the CNIL, was equally unimpressed by Microsoft's actions, and it served the company with a notice in July to demand that it clean up its privacy settings. In an email, the CNIL said that the changes "seem to comply" with its complaint, but it's "now analyzing more in [sic] details Microsoft answers in order to know whether all the failures underlined in the formal notice do now comply with the law." ZDNet adds: Microsoft still hasn't said exactly what gets collected as part of the basic level of collection, except that the data is used to improve its software and services down the line; a reasonable ask -- but one that nonetheless lacks specifics. Microsoft said it wants users to "trust" it. And while the likelihood that the company is doing anything nefarious with users' information is frankly unlikely, the running risk is that the data could somehow be turned over to a government agency or even stolen by hackers is inescapable. That risk alone is enough for many to want to keep what's on their computer in their homes. While changing the privacy controls is a move in the right direction, it's still short of what many have called for. By ignoring the biggest privacy complaint from its consumer users -- the ability to switch off data collection altogether -- Microsoft has favored the "just enough" approach to appease the regulators. Without a way to truly opt-out, Microsoft's repeated pledge (eight times in the blog post, no less) to give its users "control" of their data comes off as a hollow soundbite.

What gets collected

[Anonymous Coward]

what ever the NSA or their EU equivalent asks for and more just in case they need to ask for more in the future.
stop using windows if you want any semblance of privacy.
 

Trust?

[ilsaloving]

Apparently Microsoft uses the word "Trust" in the same way Apple uses the word "Courage". I still haven't figured out what either one means... only that neither correspond to what's in the dictionary.

Re:

[Anonymous Coward]

My Airpods are awesome and my enterprise version of windows has everything turned off. So meh.

Re:

[Anonymous Coward]

off isn't off is the point, your enterprise edition is still sending info to microsoft without your consent.

Re:

[davester666]

actually, for the Enterprise version (at least it was supposed to be like this), moving the slider to zero is supposed to result in no data being sent. The same setting on the version us commoners get to use still sends data to MS.

Re:Trust?

[Anonymous Coward]

This view is disgusting:

Microsoft still hasn't said exactly what gets collected as part of the basic level of collection, except that the data is used to improve its software and services down the line; a reasonable ask

Reasonable? Why should I spend my money on electricity and bandwidth to help the commercial product of a multi-billion dollar corporation? Why don't they pay people to do QA any more? Why don't they pay users if the data has business value?

Fuck that. It is NOT a reasonable ask, it's ridiculous.

Re:Trust?

[skids]

The problem is endemic far and beyond Microsoft. While the data on your PC is something people take personally, other companies performing tech support for products less often encountered by end-users are playing it fast and loose with their customer's data in the name of support.

In the networking space, if you call in any request to fix or enhance a product, the front line TAC these days has been told to have you collect a pretty thorough dump of the device configuration database. These databases are not necessarily in any sort of human readable form, but those who know what to look for can easily see that they often include private crypto keys, password hashes or sometimes even cleartext passwords, and more detail about the internal layout of the most sensitive parts of the customer's network than would be needed to solve a technical problem.

This is plausibly just because these companies have not had enough customers complain, and assigned development the task of omitting potentially sensitive data from these "tech dumps"; But it doesn't take horribly much tinfoil to imagine there could be compromised policy-setters at these companies who stand ready to step on any attempt to rectify this situation.

Finally, to top it off there is a trend to either transfer these files over email since huge attachments are no longer a problem on modern email systems, or to outsource file uploads to dropbox-ish cloud service providers.

So, it would not surprise me if there were quite a few spooks... foreign, domestic, and industrial... working at support departments in major corporations, though the more resourced agencies may not even need to do even that given the lack of hygiene exercised in transferring these files to and around the corporate TAC.

Re:

[skids]

A difference of degree only, with the trend going in the wrong direction in both cases. Neither is acceptable.

Re:

[skids]

The point being, that dump is not human readable, and almost nobody at the company can really tell you "it has no keys in it" because they don't know, nevermind how to redact the keys. Basically you are left with two options: redact every bit of binary data that could possibly contain a key, possibly breaking the dump in a way that prevent TAC/engineering from using it (say, if they have a visualization tool that needs to load it, or they want to replicate by loading it onto test equipment.) Or, second opt

Re:

[stooo]

>> Basically you are left with two options ...
Nope
You have 4 options
1) & 2) as you mentionned
3) reproduce the issue on a pristine PC without any sensitive data, send this dump.
4) Use Linux.

Re:

[skids]

3) is sometimes an option... license keys or hardware inventory can get in the way here. It's also pretty labor intensive.
4) generally isn't as there are not enterprise-grade open-source alternatives (and often custom hardware, many
times already running a custom linux.)

Re:Trust?

[UnknownSoldier]

> Apparently Microsoft uses the word "Trust" in the same way Apple uses the word "Courage". I still haven't figured out what either one means..

MS Trust: "I'm altering the deal. Trust I don't alter it any further." DUN DUN DE DUN.

Apple Courage: "It is easy confuse to Courage with Stupidity -- we did. If you're stupid enough to spend yet more money on over-priced wireless crap to replace the gear you already have, we have the courage to sell it to you."

Re:

[Anonymous Coward]

Microsoft wants you to trust its product despite the fact that the product betrays you. That isn't hard to understand.

They have no intention of making it trustworthy. They just want to do spin doctoring and social engineering to get people to accept it the way Microsoft wants it to be, rather than the way the users want it to be.

Makes perfect sense that they would do this, given their position and incentives.

Re:Trust?

[LVSlushdat]

/puts on tinfoil hat

I wonder how long it will be before those of us who refuse to use corporate/closed-source operating systems on our computers will be put on a watch list by the government, and subjected to things that terrorists are subjected to...

As far as I'm concerned, you don't need a tin-foil hat to think that this may not be *too* far down the line...

Re:

[stooo]

>> I wonder how long it will be before those of us who refuse to use corporate/closed-source operating systems on our computers will be put on a watch list by the government ...

In most government the watchlist is no more. it's been replaced by an opt-out list containing a few names of top politicians.
Every now and then, these top politicians find out that the opt-out list is ignored, and it's funny that they are furious about it.

In other words : WE ARE ALL CONSIDERED TERRORISTS ALREADY.

Re:

[Trogre]

The word "courage" when applied to Apple means much the same as describing people in our community as "gifted" or "special".

For example, the decision to not release a Mac Mini or MacBook Pro that could take more than 16 GB RAM in 2016 was a very courageous move. As is sticking a fork in a power socket and licking it.

Re:

[ilsaloving]

I wish I could mod on the same article I post to. This so deserves a +1.

Of course

[Anonymous Coward]

That's all Microsoft wants out of Win 10, why they were willing to give it away for free. They want what Google has with Android, a funnel for all your data that they can use to tune their algorithms for search, and (probably) pin advertisements to you

Re:

[Actually, I do RTFA]

I actually think they want the 30% of all software you install even more than the data./p.

Windows "telemetry" = Only use Linux Mint

[gestalt_n_pepper]

Seriously. Why bother with Windows 10 if it's going to spy on your activity?

Why bother with Windows 10?

Why bother with Windows X?

Re:

[Anonymous Coward]

Why bother with any OS? Oh yeah, that's where my software lives

So much software is Windows only or works on Windows "best" (emulation is spotty and under-performing on avg)

It's a platform some of us have to live with

Re:

[Anonymous Coward]

So I've switched to Linux Mint from Windows, a few months ago, because of advice similar to this.

Just recently, I've tried to upgrade the Linux kernel from 4.4 to 4.8 in Linux Mint 18.1

The upgrade process failed, because of problems recompiling some VirtualBox thing or other,
but it was not protected by some sort of transaction to only allow activation on success.

End result: major borkage and a broken boot - I now have to boot using a USB drive with a separate copy of Linux

And since the Linux Mint guys haven

Re:

[Anonymous Coward]

I don't have anything against linux mint (i've even contributed some bits) but the most important thing in an operating system is support, and expecting 100% perfect update and/or other support on linux mint in kinda naive, since its maintained by a small group of people, most of the work being done from one guy. People with no desktop linux experience should use something better backed by more people like Ubuntu, Debian or Fedora.

Re:

[green1]

Ever phoned Microsoft for "support"? how'd that go for you? If you're lucky they told you to re-install. more likely you couldn't even find a human to talk to.

People talk about commercial software having support, but it doesn't (Unless you're an enterprise license with thousands of seats, and even then you pay dearly for very little in the way of support). The forum posts you can find for any linux distro offer far more support than anything any commercial software company produces.

Re:

[stooo]

>> End result: major borkage and a broken boot
Yeah. For mint, the recommended and fully supported upgrade path is a fresh install.
If you upgrade it the other way, it's risky, and you knew it, you checked the box with the red warnings before.

Anyway,the fresh install on Mint is two times quicker than the update, so why bother with the update ??????

My recommendation (through GUI):
On first install, create 4 partitions :
sda1 : root, 40 GB
sda2 : empty, 40GB
sda3 : swap, 4GB
sda4 : /home

When upgrading, install

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Anonymous Coward]

> "But that tracking can be easily disabled!" or "But that tracking is off by default!"

These are perfectly reasonable mitigations.

Also, it is not reasonable to pretend that a thing that Ubuntu did is somehow "Linux", even if they were still doing it. You know what spies on you? Red Star Linux. But that's not a very reasonable thing. If you don't like the Ubuntu/Amazon thing, then leave it off or turn it off, or just simply don't use Ubuntu. Arch doesn't have that problem. Or Fedora, or Debian, or o

Re:

[Anonymous Coward]

It's dangerous to think that somehow Ubuntu is somehow better in this regard.

FTFY. Canonical doesn't represent the whole of Linux or open source software. Also being open source means you can remove or add anything you want. Can you point me to the source code for Windows 10?

Then there's Firefox's telemetry, too.
There's also the Homebrew open source project, which supports data collection, and stores it in Google Analytics

Firefox and Homebrew's spyware is 100% optional. You also have access to the source code, so you can yank it completely out if you want to. In addition, neither of them are operating systems with full access to everything.

If you can't see the difference between always-on spyware in an operating system from a mul

Re:

[Anonymous Coward]

You also have access to the source code, so you can yank it completely out if you want to.

Another misconception.
0.000023425% of the userbase actually has the ability to do something more than point and click to start the application. Since you evidently missed this, please post your repository where you've already done the work, so the majority of the userbase can download it. thanks.

Until Data Collection is 100% Removed...

[Steve Jackson]

This CAREER IT TECHNICIAN, will NEVER recommend it. Currently, we Recommend its REMOVAL from all workstations, and a regression to a safer, less intrusive, more compatible OS, that isn't able to uninstall things to make way for its own broken updates... Win 10 has uninstalled the following applications from our Users systems WITHOUT permission or ANY user interaction required... 1. Quickbooks. 2. Sage Accounting 3. Wintac (HVAC CRM) 4. Connectwise (IT CRM) All uninstalled from multiple systems, without permission, causing DAMAGE to several of our Business Class Environments, and taking 4 clients networks DOWN, as they primarily used Quickbooks. When its down they cannot function. It also damaged the Wintac Database, by uninstalling it WHILE IT WAS OPERATING! Win10 is by far and wide the VERY WORST thing ever produced and sold as an OS!

Re:

[Anonymous Coward]

Thank you for your sage advice, Career Captain CapsLock!

Re:

[JaredOfEuropa]

Does the pro / enterprise edition even do automatic updates or uninstalls? At least those versions allow you to disable it through a Group Policy. Or does your "business class" environment run on a bunch of Windows 10 Home machines?

Re:Until Data Collection is 100% Removed...

[Steve Jackson]

So, in order to get Microsoft to stop doing something it shouldn't be doing in the first place (Uninstalling software WITHOUT asking) I have to spend more man hours and labor? Because that sure sounds like what you are saying... Keeping in mind that we have close to 1000 business customers, thats going to be AN AWFUL LOT of GP changes... Say 500 Hours to complete them all... So I assume Microsoft is ready and willing to cover this expense? And no dip shit, we dont roll out HOME in a business class environment. BUT on that same note, not every small business in america has an ENTERPRISE level environment, or even a Server for that matter. Or did you now know this? :-D

Re:

[JaredOfEuropa]

Microsoft shouldn't be forcing these updates by default, sure. But they did, and it was hardly a secret so you could have taken action beforehand and disabled the updates before they caused disaster. By the way, removing programs only happens on major updates of Windows, which should be treated as any major upgrade: with tests, rollback plans, and contacting the vendors of mission critical software about known compatibility issues. Those updates certainly should not be automatic... or be allowed by an admin

Re:

[Steve Jackson]

"Microsoft shouldn't be forcing these updates by default, sure. But they did, and it was hardly a secret so you could have taken action beforehand and disabled the updates before they caused disaster. " Thats NOT realistic. Across a customer base of almost 1000 businesses, and 3000 residential, it would have taken us over 3 years to shut them all off. We estimated 1 full YEAR just for the commercial workstations. (Thats REAL WORLD, not some bullshit statement like the ones you make that are CLEARLY bullshit

Re:

[JaredOfEuropa]

I'm not defending MS, as an IT guy I lay the blame for this crap at their feet. But if I were paying someone to manage my IT for me, I'd expect them to prevent this stuff rather than clean up after it. Out of interest, how were you handling updates and upgrades before MS forced them upon you in Windows 10?

Re:

[Steve Jackson]

Considering in that time we could omit individual updates (which is no longer possible without a WSUS box), these things were almost a mute point. We allowed most, and ignored the optional until an issue requiring a specific update is required. Considering before Win10 we had NEVER had programs FORCIBLY UNINSTALLED or DISABLED by updates. They may have broken a dll or registry entry from time to time, but this is easily fixed by a rollback of 1 day. All of our servers are loaded with Continuum and follow a

Re:

[Steve Jackson]

I love how you totally abandoned any further debate... It's ok, you didn't come prepared. We Understand. :-D

Re:

[Steve Jackson]

How's that -1 working out for ya? LMMFAO!

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Steve Jackson]

I didn't know your ass was fat NI__ERpenisbestPENIS... But I can guess that you are a super-fucktarded liberal scumbag from your name... Do the world a favor and Kill Yourself... (See no KYS, so you don't have to make a shitty "Egg on your own face" guess!) :-)D

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Steve Jackson]

Its amazing how much you suck at debate and troll unending :-) What the matter too many words for your tiny liberal brain to digest? FYI, I did actually answer your question. You just phrased it in the 1st person... Meaning YOU no ME... But again, you seem to be FAR too ignorant to understand this. :-D

Re:

[Steve Jackson]

*(edit) meaning You not Me...

Re:

[Unknown User]

Sue them. If what you say is true, you'll win.

Re:

[Steve Jackson]

I don't have 5 years to waste, nor a few hundred thousand dollars to even attempt such a thing... Name a single poor person or middle class person that YOU KNOW, that has won a case against a Fortune 500 Corporation... Then list your sources... As It most certainly made the news.

Re:

[antdude]

What will you replace with? :(

Re:

[Anonymous Coward]

The parent actually makes a good point, and I don't doubt your rebuttal. However!

Microsoft promised that there would not only be "one" Windows and that everyone would receive forced updates.

But that's not actually the case. What they are doing is rolling out updates across different users at different rates. So actually, the parent poster could be 100% correct, and so can you, and it's all down to Microsoft using everyone who isn't an "Enterprise" customer as their QA department.

They're being complete fucks

Re:

[Steve Jackson]

"As someone who uses ConnectWise every damned day (it's seriously torture), and on a laptop running Win10Pro, I can state unequivocally that you're full of shit." I have those logs if you like... Dumbass... Unless you were there how praytell do you "Know" this that you Claim to? http://www.howtogeek.com/24358... [howtogeek.com] And specifically... It was SCREENCONNECT that it uninstalled... http://forum.screenconnect.com... [screenconnect.com] So, yeah... Yer a serious dumbass, who shoots from the hip a lot... I can tell. Sage, isn't actual

Re:

[Ayanami_R]

I see a lot of comments like this all over the net. People claiming things that are wasy to prove false, or are false on the surface. I wonder if someone is astroturfing, or if MS hate is STILL that strong?

Also, I guess this person uses no smartphone as well, as ALL of those collect data, even with a custom ROM and rooting and other protections, the black box known as the cell radio has you tracked anyway, so that is certainly not 100% removed. I guess no social media at all, and no gmail, dropbox etc. iOS,

Re:

[Steve Jackson]

You are correct. My Social Media Account Status = 0 Social media is the LARGEST Demographic of hackers and swindlers on the earth. Anyone using it is a sucker being worked over. With daily BS reels, Misinformation, and a STRONG liberal Bias. Facebook being the MOST egregious Offender there. My Cell phone, is as you say. "As secure as it can be" while still being tied to a snitch network... But if someone wants to watch me play angry birds, more power to them. They are welcome to see who I call, and for how

Re:

[MightyMartian]

You're just pissed because the hardcoded callback IPs make your host file software redundant, at least so far as Win10 goes (and, so far as I understand it, Win7 and 8/8.1 as well).

I'll sit back now and wait for you to stalk me for a few hours. Watching you get unhinged and demonstrate your manic phase with grandiose claims and threats.

Re:

[Steve Jackson]

Whatever helps you sleep better troll. FYI, no fucks were given. You were already properly rebuked... :-D

Re:

[Steve Jackson]

I love all the personal attacks... The serve ONLY ti highlight the weakness of your debate skills... Oh, and where pray tell did I misinform? I stated that "You may feel however you like to sleep better - Which cannot be misinformation, as it contains no information. I stated that "No fucks were given" - which they certainly weren't, so strike two... I stated also that You were already properly rebuked. - As in you have already been responded to and we are ignoring the attempt at trolling further So, WHE

Re:

[Steve Jackson]

EDIT - *they serve only to

Re:

[Steve Jackson]

You are correct. I mistook him for Mighty... My Bad.

Re:

[Steve Jackson]

Sorry about that. You are correct. Thankfully, I have been reminded of the results of assumption :-) (I'll slow down!) thx!

Re:

[Steve Jackson]

Says the troll whose life has no value to anyone... LoL

I called this already

[El Cubano]

I will simply refer you to my comment in last week's discussion on "Microsoft To Enhance User Privacy Controls In Upcoming Windows 10 Update": here [slashdot.org]

Bottom line: Microsoft's only objective was "get people to quit trashing us openly". Of course, the current state very well could have been their desired end goal and they went extreme from the outset to give them room to appear to compromise. Either way, whether or not it was planned, they make themselves look (comparatively) like the good guys.

Re:

[TimothyHollins]

Heh, funny world we live in.

"From now on, I'll only beat my wife on the weekend"

Partnership with US government

[Anonymous Coward]

This is clearly a partnership with the US government in expanding its surveillance practices. Free access to all emails on their servers and now it's free access to everyone's computers, key logs, data and documents. Microsoft knew exactly what they were doing, just as well as the US government.

Re:

[gweihir]

This much is dead obvious.

Makes me want to...

[iampiti]

Makes me want to keep writing "F**k you Microsoft" in the Cortana search box over and over. Maybe that way they'll get the message.

Trust me.

[fahrbot-bot]

Microsoft said it wants users to "trust" it.

I hear that a lot from companies and people -- like some newly elected officials -- and it always makes my ass twitch.

Re:

[fahrbot-bot]

... it always makes my ass twitch.

In a good way?

Unfortunately, generally no.

"frankly unlikely"?

[sacrilicious]

ZDNet adds: ... And while the likelihood that the company is doing anything nefarious with users' information is frankly unlikely ...

This quote is a case of somebody writing something to just fit a grammatical template, rather than thinking about what they're writing. Substantiate that wild speculation, ZDNet, or turn in your beard-stroking license asap.

Re:

[Black LED]

ZDNet and especially Ed Bott are Microsoft puppets. It's not surprising that they would try to handwave this sketchy behaviour.

It's not "trust" in the Merriam-Webster sense ...

[scunc]

Microsoft: We know what our users want!

Users: How? You haven't asked us about anything.

Microsoft: Oh, we know--trust us ...
-------
All Power to the NT Overlords!

Do they really know what users want?

[Ginguin]

I am sure Microsoft has smart people who know how to sift through data to make future decisions, but I can see it going wrong (and have seen it go wrong).

Camera pans over boardroom:
Data Guy: "Did you know user data shows that consumers spend less than 0.1% of their computer time in the control panel?"
Executive: "It must not be important and takes up a lot of developer time. Remove it!"
Programmer: "Um... can we, maybe, not do that?"
Executive: "Just KILL it! Also, you're fired!"

Re:

[Actually, I do RTFA]

This is the least objectionable use for the data. If it was truly and irreversibly anonymized, I wouldn't have a problem with MS datamining trends to give users what they want.

I just have doubts about the truly or irreversible part, even if they claimed anonymity.

Trust

[darkain]

The opposite of trust? Anit-Trust. Ya'know, that thing Microsoft already violated?

I only want an operating system

[OrangeTide]

Is that too much to ask? I'd like to pay some money in exchange for software to abstract my hardware into a platform and allow application to run. That is of course the kernel and drivers as well as the libraries and services necessary for applications.

I don't want advertisements, data mining, or even a bundled web browser. I do want security updates and timezone updates, please don't stop updating timezones with the excuse that an older operating system version is "unsupported".

If this were a free market, we could pay money in exchange for the goods and services we want. Assuming we can agree on a price, but I doubt even a million dollars would could get Microsoft's attention.

Re:I only want an operating system

[Bob the Super Hamste]

Oh come on it isn't like they could just create some tz data files and update that. How would the system ever know what one to use and how could users be expected to keep them up to date?

Re:

[El Cubano]

If this were a free market, we could pay money in exchange for the goods and services we want. Assuming we can agree on a price, but I doubt even a million dollars would could get Microsoft's attention.

It is a free market. What you describe actually exists. In fact, something better than what you describe exists: Linux. It may seem tired, but there are literally dozens of distributions out there. Some have corporate backing (e.g., RedHat, SuSE), others are developed by a community (e.g., Debian), and others are the result of heroics by primarily one individual (e.g., Slackware). The point is that there are so many options, some which will take your money, others of which will not.

Many of those Linux

Re:

[OrangeTide]

Yes, I've been using Linux as my primary OS for over 20 years (really!). But Linux is not equivalent to Microsoft Windows.

I can get chicken sandwiches from Wendy's, McDonalds, etc. and I tend to frequent those establishments instead of Chick-Fil-A. But of course there is a huge amount of choice for fast food, and they are generally equivalent to each other ignoring basic taste preferences.

If I want to run a Windows application should I use anything except Microsoft Windows to run it? Could I use Wine? Perha

Re:

[iampiti]

Yeah, I also want that. Microsoft can only pull this crap because many important pieces of software only run on Windows (obviously, they know).
If 99% of software was cross platform they'd have to give people what they want instead of giving us what Microsoft wants

Re:

[OrangeTide]

My dream is that when most software is available on iOS and Android that Microsoft will lose their hold over us.

Of course then we'll be locked into Apple, Amazon and Google app store ecosystem and will not be able to develop and sell software without Apple and Google's say so.

And it will never happen

[IWantMoreSpamPlease]

Win10 was designed *from the ground up* with telemetry and spayware/malware/whathaveyou in mind.

You will never get them to "turn it off", at best you'll get "minimal" and it will require 3rd parties to fix (if they can, closed source and all that)

Why use it to begin with, if you have the option, use anything else, but not Win10.

Trust them

[Cro Magnon]

It will make it a lot easier for them if you just trust them. Not better for you, but certainly better for them.

i call bs

[Anonymous Coward]

Microsoft still hasn't said exactly what gets collected as part of the basic level of collection, except that the data is used to improve its software and services down the line; a reasonable ask...

Unless the OS is free, its not a reasonable ask. Period.

So how *does* one turn off telemetry completely

[TimothyHollins]

As the title says, how do /.ers turn off W10 telemetry completely? I've seen many solutions, but none seem to be successful in both allowing updates to come through and blocking *all* telemetry.

Re:

[green1]

And that's the trick. It's easy to block all the telemetry by simply blacklisting all the MS servers at the firewall. The issue is that also blocks updates.

Pick your poison....

Of course you ask what /.ers do. They don't run Windows in the first place!

Re:

[gweihir]

Simple: Do not use Win10 or never connect it to a network. Anybody else that thinks they can reliably "turn of telemetry completely" in the face of missing documentation and forced updates is just kidding themselves. There is a good reason no well-known security researchers have come up with reliable recipes to do it, they know and understand this. It is also extremely telling that there are no good analyses of what actually gets sent out there: It is both difficult to do and the data could change completel

SSL Decrypt?

[acoustix]

Just curious, but is anyone running SSL decryption on their networks where they could see this traffic leaving the network? Would they be able to see the traffic in plain text to see what is being reported to Microsoft?

Re:

[AHuxley]

Given the past help? (12 July 2013)
Recall the PRISM slides and the years for each US brand?
https://en.wikipedia.org/wiki/... [wikipedia.org]
"Microsoft handed the NSA access to encrypted messages"
https://www.theguardian.com/wo... [theguardian.com]
If you want a secure OS find one. Use Microsoft for games and DirectX 12 support.
Let Microsoft enjoy the computer game feedback on Windows 10.
Do any real computing with a more secure OS.

Go ahead, Microsoft

[PPH]

Read my data.

Enjoy your PTSD [slashdot.org].

First

[Anonymous Coward]

... wants users to "trust" ...

First, Microsoft has to treat us like users: People who have sensitive data, want to know what their tools (computers) are doing with the rest of the internet, don't have to use your products (although the ubiquity of MS Office and vertical market software make that difficult) and yes, pay for the products you make.

Trust requires trustworthiness

[gweihir]

MS has none. They have engaged in criminal acts to screw over customers and competitors. Lying to their customers is something they routinely do. They have shown time and again that they feel zero obligations to their customers.

Anybody trusting MS is stupid. They do not deserve trust. They must make legally binding accurate and complete statements about the data they collect, what it is being used for, and how it is secured against unauthorized access. And if they violate any of these assurances, it must be

Re:oh yes I DID!

[omnichad]

Where have you been for the last two years? MS uses hard-coded IPs to avoid any messing around with DNS.

Re:

[Bob the Super Hamste]

So you don't black hole those IPs and hosts at the router/firewall level?

Re:

[omnichad]

What does that have to do with a HOSTS file? Very good job on regurgitating that knowledge, but maybe make sure it's relevant next time.

Re:

[Bob the Super Hamste]

Mostly just a tongue in cheek comment.

Re:

[Motherfucking Shit]

So you don't black hole those IPs and hosts at the router/firewall level?

How will you ever know if you got them all? Malware authors have evolved techniques like rotating their C&C to different IPs based upon to the current UTC time. Microsoft has 20+ million IPs [he.net] to pick from, and those are just the ones with their name on them. You can't block them all without taking out all of Azure, which hosts lots of legit non-MS services.

Re:

[exomondo]

That only works if you carry your router with you everywhere you take your computer. That would be a totally feasible thing if someone produced a micro router/firewall that was the size of a bluetooth dongle, but I haven't been able to find anything like that yet.

Why are you running Windows 10 anyway? If you really need to run it for some specific applications then just dual boot, yes it's slightly inconvenient but that is the price of privacy.

Re:

[exomondo]

Well given we're talking about blacklisting IPs that Windows sends information to and that you are looking for (haven't been able to find) a micro router/firewall I'd say it's pretty reasonable assumption that you do or that you would like to run Windows 10. If not then why bother? Just use the hosts file on Linux.

Anyway ok, you're not running Windows 10, no big deal. The suggestion still stands for anybody who does need to run it for whatever reason.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:oh yes I DID!

[MightyMartian]

I don't think there's anything illegitimate about it. It's just that he's mentally ill, and that the software in question really doesn't work where an OS or software manufacturer hard codes callback IP addresses. I went to his page about six months ago, and was fascinated to see screenshots from what was either XP or Server 2003, which said a lot not only about the software, but about APK's state of mind. He's also made a number of posts over the years that suggest he's a good old fashioned netkook, maybe the last of that ancient breed. So, like all good netkooks, he has a fixation, which in his case is his obsession with the hosts file.

Re:

[david_thornley]

Lots of software developers are somewhere on the autism spectrum, and are classified as high-functioning ASD. Personally, I also have dysthymic disorder (essentially chronic low-grade depression that's gone through two name changes since my diagnosis), and people seem to trust what I write.

Re:

[david_thornley]

You probably wouldn't notice me as being ASD or depressive. Lots of us are quite adept at looking normal. I'm being open with it because it's unlikely to hurt me (not any worse than it has already; I've already been denied insurance).

People depend on stuff I've written for safety purposes. They haven't regretted it.

Re:

[david_thornley]

I've got the diagnoses. Therefore, I'm mentally ill, although it usually doesn't show. I also have some physical illnesses you won't notice by looking at me. I'm reasonably healthy for my age, and I know a lot of contemporaries who are worse off, but I'm not in perfect health.

I'm emphasizing this because I really hate "mentally ill" being used as an insult, and it often is. APK does not necessarily have a mental illness; APK might just be an asshole, which is not a category in DSM-V. There are menta