Slashdot Mirror
A Breakdown of the Windows 10 Privacy Policy
WheezyJoe writes: The Verge has a piece on Windows 10 privacy that presents actual passages from the EULA and privacy policy that suggest what the OS is capturing and sending back to Microsoft. The piece takes a Microsoft-friendly point of view, arguing that all Microsoft is doing is either helpful or already being done either by Google or older releases of Windows, and also touches on how to shut things off (which is also explained here). But the quoted passages from the EULA and the privacy policy are interesting to review, particularly if you look out for legal weasel words that are open to Microsoft's interpretation, such as "various types (of data)", diagnostic data "vital" to the operation of Windows (cannot be turned off), sharing personal data "as necessary" and "to protect the rights or property of Microsoft". And while their explanations following the quotes may attempt an overly friendly spin, the article may be right about one thing: "In all, only a handful of these new features, and the privacy concerns they bring, are actually in fact new... Most people have just been either unaware or just did not care of their existence in past operating systems and software." Even pirates are having privacy concerns and blocking Windows 10 users.
... you just don't "know" you like it? They did this promotion where they sat old people in front of vista machines asked them to derp around on it and then asked them if they liked it... they all said they did... and MS basically said "everyone saying they don't like vista is wrong/a troll/ignorant/etc"... remember that?
Well... same thing seems to be happening again. Consumers are saying "we have problems with these features and we'd like them fixed"... and MS is again saying "I hear you saying you don't want it but I think you're just saying you want me to tell you about how great they are again until you change your mind.
No.
https://youtu.be/dROwEc4VyJA?t...
I've decided to stop wasting my time responding to AC trolls/sockpuppets... so if you want a response from me... login.
Basically, I think Microsoft is simply trying to get as much early adopter as possible, get lots of bug reports and fix the bugs/exploits in a timely manner. That could seriously speed up the rate of companies willing to upgrade their computers from Windows 7.
And as always, if something's free, it means you're the merchandise here. I don't blame Microsoft trying to make a buck of your back, you're free to stay on your current Windows version or look for an alternative product that suits better your needs...
Over twenty years ago there was a FreeBSD-hacker with the following signature: "Do not trust an operating system you don't have sources for".
Though I was then a fresh FreeBSD convert myself, the maxim seemed a little too radical to me... Not any more.
If you absolutely must use Windows, get a stripped-down variant via a Russian or Chinese torrent (there are reputable ones, which will not infect you). If you don't want to rob Microsoft, send them a check... But best is to just get an OS, for which sources are also available.
In Soviet Washington the swamp drains you.
Microsoft, since its only product is software, has to go to great lengths to protect and extend that property base. "Extend" here is Googly data mining.
Apple, on the other hand, makes money by selling you the hardware. The protection is the physical ownership of the device. You might not believe Apple when it says "we don't want your personal information", but you have to respect that they're not depending on either data or software to make the great majority of their revenue.
This may not be a popular opinion, but I trust Microsoft more than Google, Apple -way more- than Microsoft, and the NSA more than any commercial company.
Get a packet sniffer on Windows ten. You can't run calculator without MS knowing.
Seriously. Try it. Every time you run any of the new-style apps, including calculator or the image preview, it opens up a brief encrypted TCP connection to a MS licensing server. I have a video: https://www.youtube.com/watch?...
Just ignore the bit about photoDNA at the end - that was a theory on my part that I've now determined is unlikely. It's not actually reporting on images, it's reporting on every time the image previewer is loaded. Or calculator, or sound recorder, or quite a few other things. I'm not sure that's much better.
I had quite a bit of fun at the weekend with wireshark seeing just what a freshly-upgraded no-software-installed Windows 10 reports, after setting every privacy option I could find to private. The answer is pretty much everything. Even if you disable searching from the start menu, it still executes the search - it just doesn't display the results. It fetches updates for the default tiles on the start menu (weather and news) even after you remove the tiles. It establishes mysterious TLS connections frequently that I can't identify the purpose of - some of them might be checking for updates, but I doubt it check for upgrades every few minutes.
Don't trust in my paranoia. Install wireshark and look for yourself.
The good news is that Windows 10 firewall can be made to block almost everything with a deny rule and a list of IP ranges. The bad news is that it's quite tricky to do so without also blocking windows update, Bing, the Windows store (No great loss) and I suspect a few Azure hosts.
Excuse #1 - Google, Apple..etc are doing it too. This is what 5 year old children say when they get caught doing something they know they shouldn't while their brother (Google) or sister (Apple) does not (this time). If you don't understand why this is a completely nonsensical position try following defense in court.. "yes your honor ... I was drinking and driving but everyone else I was with did it too so its ok."... Go ahead...see what happens.
Excuse #2 - ALL of your data is necessary to provide a feature. Examples like Siri, Cortana, Google voice are often paraded around. They need to rummage through your address book to know who "Frankenstein" is before they can call ... Need to know what's in your calendar and where you are at...right? Well no... your "Intelligent Agent" needs to know. There isn't any reason said agent can't execute locally and provide the same services if user prefers not to upload a list of all of their acquaintances and agendas to Microsoft. These systems are architected the way they are because spying is profitable not because they maximize value to end users. Your phone can know your at the florist without sending your location to Microsoft. Your phone can remind you to pick up flowers when you call someone. It isn't impractical or unrealistic to implement. It just isn't profitable.
Excuse #3 - Browser information leaks... Chrome, Firefox, IE keep thinking up new excuses with mostly negative to users to get a piece of everything you are doing with every revision. Some of this shit is offensive blatant one finger salute ...Sending your searches to bing even when you don't use bing.... Uploading your browsing history to Microsoft...there is no rational excuse for this and I can't believe anything approaching a majority of people want this to happen by "default" for any reason.
Excuse #4 - You can turn it off - Coupled with intentional UX design blurring demarcation between local and internet promoting accidental leakage and turns the leakage spigot to 11 by default knowing most users won't know, care or understand enough to change settings which increasingly are ultimatums or don't actually stop data leakage they purport to stop. Now the pot is really starting to heat up... Now Microsoft is retroactively saying fuck you people we will collect shit and there is nothing you can do about it. That they have the gall to say this to their *customers* I personally find amazing.
--
"Finally, we will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary."