A Breakdown of the Windows 10 Privacy Policy

WheezyJoe writes: The Verge has a piece on Windows 10 privacy that presents actual passages from the EULA and privacy policy that suggest what the OS is capturing and sending back to Microsoft. The piece takes a Microsoft-friendly point of view, arguing that all Microsoft is doing is either helpful or already being done either by Google or older releases of Windows, and also touches on how to shut things off (which is also explained here). But the quoted passages from the EULA and the privacy policy are interesting to review, particularly if you look out for legal weasel words that are open to Microsoft's interpretation, such as "various types (of data)", diagnostic data "vital" to the operation of Windows (cannot be turned off), sharing personal data "as necessary" and "to protect the rights or property of Microsoft". And while their explanations following the quotes may attempt an overly friendly spin, the article may be right about one thing: "In all, only a handful of these new features, and the privacy concerns they bring, are actually in fact new... Most people have just been either unaware or just did not care of their existence in past operating systems and software." Even pirates are having privacy concerns and blocking Windows 10 users.

Re:Windows 10, it's free

[U2xhc2hkb3QgU3Vja3M]

It's NOT FREE damnit, stop posting this nonsense.

Sent from Windows XP.

weasel words = gaping hole

Posting anon for obvious reasons.

In a former life, there was some question about what and how far an org could go into customer data that was collected through remote telemetry or use of cloud services. A couple years ago, legal counsel informed us that we could capture, examine, and retain essentially any customer data, because any security-related review fell under the clauses about use of customer data for "enhancement of customer experience", to which the customer consented in the EULA. This is why some entities feel very free to capture any data they want from endpoint computers and effectively lie about it in marketing documents: because end-users consented to a free-for-all in the prior/overriding legal license.

Vital diagnostics

Exactly how vital can they be if the fucking computer still works with no Internet connection?

7 and 8 too

If you're running automatic updates on 7 or 8 you already have the same "telemetry" components as well. Check for installation of 3035583, 2952664, 2976978, 3021917, 3044374, 2990214, 3022345, 3068708, all of which are windows 10 related components. It seems that the last two are the diagnostics/telemetry ones with the others having more questionable intent.

Microsoft describes these updates (https://support.microsoft.com/en-us/kb/3068708) as honoring the CEIP choice and only doing the spying if the user has opted in. At least at this time however the server that microsoft identifies (vortex-win.data.microsoft.com) will have active connections even on machines where the CEIP choice was set to opt-out.

I'm sure once this gets some more media attention Microsoft will claim that they're storing the data just in case you change your mind, and that they wouldn't think of abusing it until then.

Re:Windows 10, it's free

No, I think his point is more like "Never look a gift horse in the mouth while its trying to mount you." Or something like that.

Re:Windows 10, it's free

[dafradu]

No! This was explained over and over again, if you upgrade in the first year your Windows 7/8 key becomes a permanent Windows 10 key for that device. You won't have to install Windows 7/8 before installing Windows 10 again.

Re:Closed-source operating systems

The advice is to use a possibly compromised operating system over a guaranteed compromised operating system.

Do you have a better suggestion for those who has to use windows?

Re:Windows 10, it's free

[Alumoi]

UPgrade, you moron. You upgrade from Windows 10 to Windows 7!

Re:Doesn't explain the "Telemetry Update" to 7 and

Remove the following updates (if installed already)

KB971033 Description of the update for Windows Activation Technologies
KB2952664 Compatibility update for upgrading Windows 7
KB2990214 Update that enables you to upgrade from Windows 7 to a later version of Windows
KB3021917 Update for Windows Customer Experience Improvement Program
KB3022345 Update for customer experience and diagnostic telemetry
KB3035583 Update installs Get Windows 10 app in Windows 8.1 and Windows 7 SP1
KB3044374 Update that enables you to upgrade from Windows 8.1 to a later version of Windows
KB3068708 Update for customer experience and diagnostic telemetry
KB3075249 Update that adds telemetry points to consent.exe in Windows 8.1 and Windows 7
KB3080149 (update for CEIP and telemetry)

---

run cmd as administrator

sc stop Diagtrack
sc delete Diagtrack

*Task Scheduler Library:

Everything under "Application Experience"
Everything under "Autochk"
Everything under "Customer Experience Improvement Program"
Under "Disk Diagnostic" only the "Microsoft-Windows-DiskDiagnosticDataCollector"
Under "Maintenance" "WinSAT"
"Media Center" and click the "status" column, then select all non-disabled entries and disable them.

*services.msc:

"Remote Registry" to "Disabled" instead of "Manual".

It's pretty bad.

[SuricouRaven]

Get a packet sniffer on Windows ten. You can't run calculator without MS knowing.

Seriously. Try it. Every time you run any of the new-style apps, including calculator or the image preview, it opens up a brief encrypted TCP connection to a MS licensing server. I have a video: https://www.youtube.com/watch?...

Just ignore the bit about photoDNA at the end - that was a theory on my part that I've now determined is unlikely. It's not actually reporting on images, it's reporting on every time the image previewer is loaded. Or calculator, or sound recorder, or quite a few other things. I'm not sure that's much better.

I had quite a bit of fun at the weekend with wireshark seeing just what a freshly-upgraded no-software-installed Windows 10 reports, after setting every privacy option I could find to private. The answer is pretty much everything. Even if you disable searching from the start menu, it still executes the search - it just doesn't display the results. It fetches updates for the default tiles on the start menu (weather and news) even after you remove the tiles. It establishes mysterious TLS connections frequently that I can't identify the purpose of - some of them might be checking for updates, but I doubt it check for upgrades every few minutes.

Don't trust in my paranoia. Install wireshark and look for yourself.

The good news is that Windows 10 firewall can be made to block almost everything with a deny rule and a list of IP ranges. The bad news is that it's quite tricky to do so without also blocking windows update, Bing, the Windows store (No great loss) and I suspect a few Azure hosts.

What is really happening

[execthis]

From a meta point of view, what is really happening? If nothing else, there is some kind of breakdown between reasonable expectations of people who use Windows and the actions of Microsoft. Aside from particulars of what exactly is being or not being collected, Microsoft handled this poorly by not anticipating that many people are rightfully highly sensitive to data collection/telemetry/tracking issues, and the fact that it is being disclosed only via EULA legalese doublespeak only damages the situation by orders of magnitude.

Microsoft needs to have a press conference and set up a special page for users concerned about privacy and who want to know more about telemetry/tracking. You do not address users' concerns by blowing them off, but by engaging them.

In this day and age it is reasonable to expect that a complex system such as an OS actually needs to communicate with central servers for reasons related to routine the operation of the system. But what are those routine things?

All we get from EULA's is BS.