Slashdot Mirror
A Breakdown of the Windows 10 Privacy Policy
WheezyJoe writes: The Verge has a piece on Windows 10 privacy that presents actual passages from the EULA and privacy policy that suggest what the OS is capturing and sending back to Microsoft. The piece takes a Microsoft-friendly point of view, arguing that all Microsoft is doing is either helpful or already being done either by Google or older releases of Windows, and also touches on how to shut things off (which is also explained here). But the quoted passages from the EULA and the privacy policy are interesting to review, particularly if you look out for legal weasel words that are open to Microsoft's interpretation, such as "various types (of data)", diagnostic data "vital" to the operation of Windows (cannot be turned off), sharing personal data "as necessary" and "to protect the rights or property of Microsoft". And while their explanations following the quotes may attempt an overly friendly spin, the article may be right about one thing: "In all, only a handful of these new features, and the privacy concerns they bring, are actually in fact new... Most people have just been either unaware or just did not care of their existence in past operating systems and software." Even pirates are having privacy concerns and blocking Windows 10 users.
If you're running automatic updates on 7 or 8 you already have the same "telemetry" components as well. Check for installation of 3035583, 2952664, 2976978, 3021917, 3044374, 2990214, 3022345, 3068708, all of which are windows 10 related components. It seems that the last two are the diagnostics/telemetry ones with the others having more questionable intent.
Microsoft describes these updates (https://support.microsoft.com/en-us/kb/3068708) as honoring the CEIP choice and only doing the spying if the user has opted in. At least at this time however the server that microsoft identifies (vortex-win.data.microsoft.com) will have active connections even on machines where the CEIP choice was set to opt-out.
I'm sure once this gets some more media attention Microsoft will claim that they're storing the data just in case you change your mind, and that they wouldn't think of abusing it until then.
Swiss Pirate Party initiated an inquiry into Windows 10 privacy policy.
The end result of which (if it does not pass Swiss scrutiny) would be an official recommendation to prohibit purchase.
Two articles I found since yesterday that contradict statements in the summary:
* previous versions of Windows now spy on you becuase of recent MS updates: http://www.hakspek.com/securit...
* They still spy on you after you turn the "features" off: http://arstechnica.com/informa...
No! This was explained over and over again, if you upgrade in the first year your Windows 7/8 key becomes a permanent Windows 10 key for that device. You won't have to install Windows 7/8 before installing Windows 10 again.
Look under Settings/Privacy
There is a switch, which reads 'Send Microsoft info about how I write to help us improve typing and writing in the future'
This the collection of keystroke data. They can do anything they want with this. Definitely makes it even more creepy to log in to someplace else on a Windows 10 box.
Another thing which is standard practice is to list all kinds of serious and unlikely reasons they'll use your data, followed by 'or any other legal purpose' which does not mean for some 'legal' matter, which it's meant to sound like, but for ANY purpose which is not SPECIFICALLY ILLEGAL. Which means anything.
You can turn off the keystroke thing, but Microsoft routinely resets preferences, including privacy preferences, when you run an update. So you have to keep checking it and make sure it's off. However, I doubt very much if it matters. You're sending EVERYTHING to Microsoft and they can use it for any purpose.
Microsoft stores your hardware configuration on their servers as a hash after the free upgrade to Windows 10. After that you can clean install any time you want as long as you have the same motherboard. They call this hardware based digital entitlement. I've already done a clean install of Windows 10 and it activated within a few minutes. When installing cleanly make sure to click on "skip" then it asks for a product key or the install will be borked. Even when MS makes things simple they overly complicate them.
Remove the following updates (if installed already)
KB971033 Description of the update for Windows Activation Technologies
KB2952664 Compatibility update for upgrading Windows 7
KB2990214 Update that enables you to upgrade from Windows 7 to a later version of Windows
KB3021917 Update for Windows Customer Experience Improvement Program
KB3022345 Update for customer experience and diagnostic telemetry
KB3035583 Update installs Get Windows 10 app in Windows 8.1 and Windows 7 SP1
KB3044374 Update that enables you to upgrade from Windows 8.1 to a later version of Windows
KB3068708 Update for customer experience and diagnostic telemetry
KB3075249 Update that adds telemetry points to consent.exe in Windows 8.1 and Windows 7
KB3080149 (update for CEIP and telemetry)
---
run cmd as administrator
sc stop Diagtrack
sc delete Diagtrack
*Task Scheduler Library:
Everything under "Application Experience"
Everything under "Autochk"
Everything under "Customer Experience Improvement Program"
Under "Disk Diagnostic" only the "Microsoft-Windows-DiskDiagnosticDataCollector"
Under "Maintenance" "WinSAT"
"Media Center" and click the "status" column, then select all non-disabled entries and disable them.
*services.msc:
"Remote Registry" to "Disabled" instead of "Manual".