Slashdot Mirror
Vista is Watching You
greengrass writes "Are you using Windows Vista? Then you might as well know that the licensed operating system installed on your machine is harvesting a healthy volume of information for Microsoft. In this context, a program such as the Windows Genuine Advantage is the last of your concerns. In fact, in excess of 20 Windows Vista features and services are hard at work collecting and transmitting your personal data to the Redmond company."
It's a little OT, but truth is an absolute defense to slander. Slander is, by definition, untrue.
It's just: Windows Update, Web Content, Digital Certificates, Auto Root Update, Windows Media Digital Rights Management, Windows Media Player, Malicious Software Removal/Clean On Upgrade, Network Connectivity Status Icon, Windows Time Service, and the IPv6 Network Address Translation (NAT) Traversal service (Teredo).
And Activation, Customer Experience Improvement Program (CEIP), Device Manager, Driver Protection, Dynamic Update, Event Viewer, File Association Web Service, Games Folder, Error Reporting for Handwriting Recognition, Input Method Editor (IME), Installation Improvement Program, Internet Printing, Internet Protocol version 6 Network Address Translation Traversal, Network Awareness (somewhat), Parental Controls, Peer Name Resolution Service, Plug and Play, Plug and Play Extensions, Program Compatibility Assistant, Program Properties--Compatibility Tab, Program Compatibility Wizard, Properties, Registration, Rights Management Services (RMS) Client, Update Root Certificates, Windows Control Panel, Windows Help, Windows Mail (only with Windows Live Mail, Hotmail, or MSN Mail) and Windows Problem Reporting are the main features and services in Windows Vista that collect and transmit user data to Microsoft.
Speedy thing goes in; speedy thing comes out.
Sorry, I left out: Activation, Customer Experience Improvement Program (CEIP), Device Manager, Driver Protection, Dynamic Update, Event Viewer, File Association Web Service, Games Folder, Error Reporting for Handwriting Recognition, Input Method Editor (IME), Installation Improvement Program, Internet Printing, Network Awareness (somewhat), Parental Controls, Peer Name Resolution Service, Plug and Play, Plug and Play Extensions, Program Compatibility Assistant, Program PropertiesCompatibility Tab, Program Compatibility Wizard, Properties, Registration, Windows Control Panel, Windows Help, Windows Mail (only with Windows Live Mail, Hotmail, or MSN Mail), Windows Problem Reporting, Windows Defender, Support Services, and Internet Explorer 7.
"This extensive enumeration is not a complete illustration of all the sources in Windows Vista that Microsoft uses to gather end user data"
Your ad here. Ask me how!
Kina as many other Asian nations is moving towards Linux. They don't want to pay M$-tax and they espesialy don't want MS or NSA spying on them.
On Windows time service:
The NTP Protocol is described here. I can't verify that they haven't implemented the evil NTP protocol (not running Vista), but I don't see why i should trust the author after listing this one.
http://games.cedega.com/gamesdb/ check it out, add it as a bookmark.
For the perfect anti-Unix, write an OS that thinks it knows what you're doing better than you do and let it be wrong.
They already do that with the "Report this bug to Microsoft?" screens that pop up in XP every time a program crashes...And frankly, I SHOULD be able to opt out if I choose to do so. Hell, they should want me to be able to opt out, so if I do something and crash a program, I don't send them weird data.
The OP is right; this is a precursor to a subscription based OS; that's microsoft's dream, where everyone just pays the OS tax on a monthly/yearly basis, and gets "free" upgrades on a once-a-decade cycle.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
Exactly. Its a blanket catch all so that they have their asses covered. Each of those features sends certain amounts of data to performs its function.
For those wondering why the Games folder sends data, its to get the rating for the game and download additional information about the game (like the box art). There are many personalization features in Vista, and they're actually pretty cool.
Such traffic can always be blocked at an external firewall. Even the most basic router will let you blacklist IPs/domains. Short of colluding with router makers, there is nothing Microsoft can do about this.
*sigh* back to work...
Rather than using DNS - put a *nix box between your XP and M$ - voila, instant access, and I'm sure there are plenty of packet sniffers out there...
I wish I had a witty
If you want to remove the "report this to microsoft". Then right click My Computer > Properties, select the Advanced tab, select the Settings button (third one down under Startup and Recovery) and un-tick the send an Admin alert. Also on the "error reporting" button at the bottom of the Advanced tab, just select the "disable error reporting, but notify when critical errors occur"
Cannot remember off the top of my head which one stops the "report to Microsoft" pop-ups, but with both you can rest easy and not get the annoying pop-ups each time. Hope this helps
... is that any Microsoft system is NOT owned by the 'buyer'- it is Microsofts' as they are licensing it to the 'users'. Microsoft can do what they wish as owners of said software. So I can't see what people get bothered about, really - what do you expect from something you do not and cannot ever, ever own, no matter how much you think you do (or even how much you spend on it too).
The Gramm-Leach-Bliley Act otherwise known as GLBA controls how businesses collect, use, and distribute non-public information, and provides for penalties for the misuse of that information. Having managed IT for a bank, I can tell you that this act is serious stuff.
Microsoft's attorneys are not stupid. They know if they collect non-public information, they are bound by GLBA to protect that information. That includes audits of any systems that store or transmit that information.
It would cost Microsoft way more money to collect non-public information from its users than it could make by using or selling that information. Also, it would expose Microsoft's products to outside auditor scrutiny, possibly even requiring the source code of its products to be inspected.
For these reasons, Microsoft does not want to collect non-public information from its users.
-ted
Let's assume for one moment that what you are saying is correct (although I don't believe for one moment that it is), then since these are independent applications, then it's very easy to disable or uninstall them if you don't like them phoning home. So, pray tell, how would you do this in Windows where the "phoning home" is being done by a stealth application that's running as part of the intrinsic underlying OS.
Also, you're turning this into a "Windows vs Linux" discussion which is an overly simplistic viewpoint. Open Source applications are subject to constant peer review meaning that any suspicious "phoning home" would be rapidly identified and brought out into public attention. I can't comment on YaST as I don't use SuSE Linux but I suspect, as a commercial entity, they are interested in user information but since there are a myriad of Open Source applications that run on Windows also, this is more a case of Open vs Closed Source, not Windows vs Linux.
So, you might charaterize things less harshly as follows : Linux tries to let you keep your personal information private but all of your work product is public, and Windows keeps all of your work product private but your personal information is public.
Sorry, but that's utter trash. Aside from stability, "free beer" and customisability, the main reason I use Linux as my primary OS choice is that it allows *ME* to take responsibility for protecting *MY* information and does not allow me to dump that responsibility into the hands of some private entity.
I am one of the first people to volunteer to take part in surveys and information gathering excercises because when I am *ASKED* to provide information and have the choice of what information to and not to provide, it can be very useful to someone who is designing or marketting a product or service. But I am *NOT* going to let someone just take that information - and if that means never using Vista then so be it...
Gentoo Linux - another day, another USE flag.
The point being made earlier in the thread was that this doesn't always work, because the IP addresses for certain services (Windows Update is one, IIRC) are hard-coded and the hosts file is never checked by Windows when resolving these addresses.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
> to be taxed for the data collection/transmit.
TRANSMIT is a verb. You were looking for the noun, TRANSMISSION.
HP drivers are pathetic. The printer driver for my printer is a 600mb minimum install (the 'enhanced' software is another 500mb). Every 3 or 4 minutes a console window flashes on the screen - their phone home software is a console app and they haven't even bothered to hide the window.
Oh and that's just for the printer.. the scanner part of the driver is nonfunctional on vista (despite the driver being the latest vista driver), and the whole thing won't install on OSX (a small (for them) 250mb driver) because they stopped supporting it after 10.4.2 and it's hardcoded to reject a version higher than that.
For a while now I've been telling people to avoid HP like the plague because their drivers are is spyware infested bug ridden crap.
He works in an FDA regulated environment, not works for the FDA. There are several companies that are heavily regulated by the FDA. I used to work for a pharmaceutical research company and almost every piece of software requires some kind of validation in order to protect no only the the pharmaceutical companies, but also the patients as well.
While most IT environments can install Patches and Service Packs and Updates at will, this is not the case for FDA regulated companies. The update or patch will be installed on a system that has no access to any real data, each step of the installation is documented down to each mouse click complete with screen shots, then the installation is performed following that document by a person who didn't write the initial instructions, and they will then take screen shots of their installation. Then once it has passed the installation steps, then there are instructions written up for each thing that needs to be tested and validated, that is also complete with screen shots, and each mouse click and keyboard entry. Those instructions are sent to someone else who goes through each step, and takes screen shots along the way, and if that passes, it can then go on to production where the installation is performed, with screen shots, and a final series of tests, with screen shot is also done. All the documents are printed out as the FDA hasn't completely allowed electronic storage.
So where the normal IT guy clicks download/install and maybe makes a log of it. A simple windows update in an FDA regulated environment will produce a mountain of paperwork. If anything along the line has the potential of revealing any confidential information against FDA regulations, then the software will be rejected. Vista at this point has been rejected so far.
I read Slashdot for the headlines, because the headlines, unlike the articles, are usually original and never duplicated
Well how about reading Windows Update Privacy Statement from here http://technet2.microsoft.com/windowsserver/en/lib rary/3998fef5-4e07-4128-881d-754375b679121033.mspx ?mfr=true or updated version from Windows Update site from here http://www.update.microsoft.com/microsoftupdate/v6 /default.aspx?ln=en-us. And if you are paranoid enough, just add TCP dump to somewhere on your network to see what's really submitted, don't know if it's encrypted though.
You don't know what you don't know.
and what it sends back to Microsoft. It's opt-in. Windows Customer Experience Improvement Program and Resulting Internet Communication in Windows Vista
Activation - Annoying anti-piracy check. This is the worst of the group, because it can't be turned off.
Customer Experience Improvement Program (CEIP) - Optional feedback program.
Device Manager & Driver Protection & Dynamic Update - Gives you an option to scan for updated drivers.
Event Viewer - Optional, If you click the 'get more information' it sends a query for, (get this) more information.
File Association Web Service - Same as above.
Games Folder - Downloads pictures and ratings for your games.
Error Reporting for Handwriting Recognition - Optional error reporting..
Input Method Editor (IME) - I assume it's looking for new language packs.
Installation Improvement Program - Optional error reporting.
Internet Printing - Not sure on this one, I assume it's a driver check. Unless they're talking about the Internet printing service that prints your photos. If so, then duh, grow up.
Internet Protocol version 6 Network Address Translation Traversal, Network Awareness (somewhat), Peer Name Resolution Service - Read how these servcices work, they require an Internet server.
Parental Controls - I believe it's tied to the phishing filter.
Plug and Play, Plug and Play Extensions, Program Compatibility Assistant,Program Properties--Compatibility Tab, Program Compatibility Wizard, Properties, - Driver updates, compatibility updates.
Registration - Marketing, optional
Rights Management Services (RMS) Client - DRM as bad as activation
Update Root Certificates - Automatic updates for SSL certs.
Windows Control Panel - Not sure which panel
Windows Help - Optional Online help
Windows Mail (only with Windows Live Mail, Hotmail, or MSN Mail) - Well duh, hotmail calls microsoft?
Windows Problem Reporting - Optional error reporting.
With the exception of Activation and the RMS client, both of which are useless, these are useful Internet services, feel free to turn them off or actually answer NO, when asked.
Stop making this into a 'oooh, they're spying on me'. They're spying the same way Slashdot is spying on you when you post a message.