ZDNet Writer Downplays Windows 10's Phoning-Home Habits

jones_supa writes: Gordon F. Kelly of Forbes whipped up a frenzy over Windows 10 when a Voat user found out in a little experiment that the operating system phones home thousands of times a day. ZDNet's Ed Bott has written a follow-up where he points out how the experiment should not be taken too dramatically. 602 connection attempts were to 192.168.1.255 using UDP port 137, which means local NetBIOS broadcasts. Another 630 were DNS requests. Next up was 1,619 dropped connection attempts to address 94.245.121.253, which is a Microsoft Teredo server. The list goes on with NTP, random HTTP requests, and various cloud hosts which probably are reached by UWP apps. He summarizes by saying that a lot of connections are not at all about telemetry. However, what kind of telemetry and data-mined information Windows specifically sends still remains largely a mystery; hopefully curious people will do analysis on the operating system and network traffic sent by it.

What about

[NotInHere]

Adding [forbes.com] to forbes links on the front page?

Re: What about

[jxander]

Have you been to that sure recently? Conveniently forgetting to link it is an act if kindness.

Not only am I bothred by the phone-home,

I am bothered by the explicit policy of tracking everything I do within my OS. That is the real issue. That is why I am leaving Windows forever.

Re:Not only am I bothred by the phone-home,

Bye.

Re:Not only am I bothred by the phone-home,

[BarbaraHudson]

And what business is of theirs what software I'm running and how often I'm using it? It's not their computer. Also, the article writer attempted to minimize the consequences by saying that you can greatly limit the amount of requests in Windows Enterprise. The majority of users are not using the Enterprise edition.

What an obvious apologist/shill.

Re:Not only am I bothred by the phone-home,

[Austerity+Empowers]

Let's even assume these are benign and not conveying any big brother information at all (which I doubt). What are these things doing and why? Don't spin it, explain it.

DNS - Well understood network fundamental (for most of us, anyway)
NetBIOS - Well understood network fundamental (mostly)
NTP - Well understood, totally optional

Spurious HTTP accesses by "probably UWP apps"? That's probably not ok, more info required.
Attempts to access a Microsoft Teredo server (and sometimes failing)? That sounds broken, turn it off.
Various cloud hosts? That's probably not ok, more info required.

That the machine is making unbidden accesses to the network at large without asking me is wrong (and OS X and most Linux distros do some of this too, although in the latter cast it is USUALLY to an update server, which I would approve but should have been asked first).

Re:Not only am I bothred by the phone-home,

[F.Ultra]

True that Ubuntu did it by default before (they have since disabled it) but you could easily disable it via the GUI settings. I disabled it and unless I actively do something with the network like surf the web with Firefox or stream music then a "sudo tcpdump -nvpi eth0" on my Ubuntu shows absolutely no connection attemps from my machine what so ever, all that I see is some other machine on the network sending broadcast ARP requests for the MAC of the defautl gateway.

f.ultra@ubuntu:~$ sudo tcpdump -nvpi eth0
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
19:49:51.946496 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:49:53.996275 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:49:56.054219 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:49:58.136104 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:50:00.221756 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:50:02.276667 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:50:04.353056 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:50:06.431986 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:50:08.520302 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:50:10.584220 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:50:12.625328 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:50:14.712258 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:50:16.782389 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46
19:50:18.856272 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell 192.168.0.249, length 46

And it goes on and on like that for hours, so no most Linux distros does not do some of this too.

Re:Not only am I bothred by the phone-home,

[The-Ixian]

Yeah, and when I read about this test for the first time this was my criticism exactly.

If you have a machine that is phoning home, you are only going to generate more connections as the software re-queues and retries the failed connections.

If you want to do a real analysis, you would allow all the connections and count/trace those.

To block everything and then count/trace, you are being inaccurate at best and disingenuous at worst.

Re:Not only am I bothred by the phone-home,

[Ravaldy]

And what business is of theirs what software I'm running and how often I'm using it?

It is their business when their business depends on it. The common complaints users have with Windows have led them there. The large amount of hardware, software variations coupled with the different user types makes it difficult to have something universal that just works 100% of the time.

My only beef with them is that they won't tell us what they collect and what are the triggers. I'm all for letting them grab data on my usage and the condition of my system. After all, it's in my best interest to help them improve the OS.

MS in has recently shown interest in listening to the community and it's important we keep prying them for that information so that we can eventually feel at ease about what's happening.

Re:Not only am I bothred by the phone-home,

[nairnr]

No only that, some requests are "Am I connected to the Internet" types which are all about determining the status of your machine rather than calling big brother to report something.

The true measure would be to allow it and packet dump/trace it.

Re:Not only am I bothred by the phone-home,

[WaffleMonster]

Eeh. Let's not overblow this once again. It does not track everything that you do. The telemetry means only basic things like how many times you have started specific UWP apps and so on.

The following statement cannot be overblown: None of Microsoft's business what I do with my computer. If they refuse to respect their customers it won't be long before they have none.

Re:Not only am I bothred by the phone-home,

[Ol+Olsoc]

It is their business when their business depends on it. The common complaints users have with Windows have led them there.

Bullshit. Microsoft's wholesale spying, backdoors and keylogging sure as Jerry Sandusky boinks little boys is just wrong. It's no solution, as witnessed by the wonderful breakage that W10 has inflicted upon users. All the phoning home hasn't changed that a bit.

Since I have exactly one program that I need Windows for, I have a Windows 10 machine. The machine sits by itself, with only that program running, and nothing else. No email, no browser, only that program. It wouldn't even be connected to a network if it didn't have to use IP to a piece of hardware. So it can phone home that boring shit all it wants.

If the price of using Microsoft is them having every bit of data they want on all user's computers, screw 'em, along with the websites that insist I have to allow them to install maladware on my computer.

But tell me. Since I have isolated my W10 computer form the others, does Microsoft need to know what is on my other computers as well? Do I need to install a phonehome program for OSX and Linux to report to Redmond and anyone else they and you demand?

Re:Not only am I bothred by the phone-home,

[Ol+Olsoc]

The true measure would be to allow it and packet dump/trace it.

That might not give the results the ZDnet writer was told to get.

Re:Not only am I bothred by the phone-home,

[Calydor]

So if I buy a TV made by, say, Samsung or Philips, that gives them carte blanche to record and store everything I say or do in my living room?

wtf is this article

[LichtSpektren]

Apparently it's some apologism for Windows 10, but an unbelievably poor one. "Oh no, no no! Please don't panic because Windows phones home to over 100 different servers even when you turn the telemetry off. It's probably, eh... nobody's quite sure, but I'm sure everything will be okay!"

Re:wtf is this article

[DogDude]

"Panic"? Really? Why would one "panic", even if it were somehow true that MS decided to collect all of the information about everybody on the planet? That doesn't seem like a response of a mentally stable person.

Re:wtf is this article

[OzPeter]

Apparently it's some apologism for Windows 10, but an unbelievably poor one. "Oh no, no no! Please don't panic because Windows phones home to over 100 different servers even when you turn the telemetry off. It's probably, eh... nobody's quite sure, but I'm sure everything will be okay!"

Is this another one of those quizzes where the answer is "People who did't read TFA"?

Either you read the TFA and are totally mis-representing what was in it, or you didn't read TFA. Because in TFA it clearly identifies and describes the network traffic that was identified by the Voat user and points out 1) how innocuous it is, 2) how bad the methodology was, and 3) How Forbes sensationalized it.

If you have counter points then make them.

Re:wtf is this article

[Ogive17]

So disagreeing with a conclusion is being an apologist?

Does Win10 phone home? Yes.
Does Win10 phone home at the rate that was originally reported? No.

Is Win10's rate different from other OS rates?

Re:wtf is this article

[LichtSpektren]

I'm pretty sure if you recorded to connections from your MAC or Linux desktop, and didn't filter out normal expected traffic, you'd be APPALLED at the tracking taking place. connections do not equal tracking.

Since my OS is open source, I can see exactly what information is being sent out. However, Microsoft does not disclose what information is being sent to 107 of the domains that Win10 contacts, nor do they explain why all of those domains are contacted even when you manually configure Win10 not to.

Re:wtf is this article

[icebike]

Apparently it's some apologism for Windows 10, but an unbelievably poor one.

Look, anything from Ed Bott will always be along those lines. Ed Bott doesn't actually exist. His computer is has a direct link from Microsoft's PR department which submits all his stories. Oh, sure there is this guy who shows up at the office once in a while. But his salary is mysteriously paid via an obscure credit to ZDNet bank account, he's long ago forgotten his real name, he plays Microsoft Solitaire all day, then drives home to an empty house, watches MSNBC all evening and gets up and does it all again tomorrow. One of these days he will be reprogrammed, but today is not that day, and so the story remains the same from Ed, decade after fawning decade.

Re: wtf is this article

Only if you opt in during the installation

Re:wtf is this article

[DRJlaw]

I'm not quite sure why you broke out into an inane babbling rant, but the rebuttal article on ZDNet is failed apologism because even the author admits he has no idea what information Microsoft is collecting. He's assuming (because he trusts MS, you see) that the data is anonymized and only used for this or that, but notice how many times he says "possibly", "could", etc.? It's all speculation.

No, it is not. It is a successful critique of the claim that there were "thousands" of attempts to contact Microsoft to allegedly report nasty telemetry data, when at least 2/3rds were not telemetry data. That's a significant fact to the rest of us.

TFA: of all, 602 connection attempts were to 192.168.1.255, using UDP port 137. That's the broadcast address where Windows computers on a local network announce their presence and look for other network computers using the NetBIOS Name Service. It's perfectly normal traffic.

If you can't even figure out that non-routable broadcast traffic cannot report information back to Microsoft, why should we accept the Forbes speculation while rejecting the ZDnet non-speculation concerning that broadcast traffic, similar DNS lookups to a local router, etc.? If the frequency of the supposed attempts was unimportant, then why was it the focus of so much of the reporting?

Don't accuse others of "insane babbling rants" when you not only have no idea what Microsoft is collecting, but actively refuse knowledge of what is going over the wire. The ZDnet author didn't extend much trust to Microsoft, but simply reported that the huge number reported in connection with the telemetry issue was primarily sensationalistic claptrap.

TFA: And yes, there is certainly some telemetry data in there.
* * *
But we don't know, because Mr. Crust didn't actually do any traffic analysis.

So do some, instead of engaging in your own chicken-little-like repetition of others' insane babbling rants.

Re:wtf is this article

[canajin56]

Not only that, but asshatA called 192.168.1.1 a non-private internet address.

Re:wtf is this article

[Sax+Russell+5449D29A]

That feature is not enabled by default. When you install Debian, you have to specifically select that you *want* to enable that particular functionality.

Re:wtf is this article

[AmiMoJo]

I did this test properly last year. Didn't save results, so maybe I'll repeat it and post the results.

Long story short, if you properly disable all the live stuff after install (live tiles, Windows Store apps, search bar, nothing tricky or requiring registry edits) the only traffic is Windows Update. Telemetry on application crash, but in Enterprise you can disable it.

The crash telemetry is the only nasty bit, because of the potential for information leakage. I'll test Pro next time, see if it can be disabled.

Relax folks, not every Win10 packet is spying data

[JoeyRox]

This is supposed to be comforting?

Re:Why not capture with wireshark and analyze?

[LichtSpektren]

Sure, traffic is probably encrypted, but since your system is encrypting it, surely there's a way to discover the keys and find out exactly what data is being sent.

I personally don't have either the time nor the kernel hacking skills to pull it off, but I'm sure somebody could.

Your system encrypts it with Microsoft's public key before it is send out. Microsoft accepts the information and decrypts it with their private key.

If you could know what the OS was doing with the info before it is encrypted, you could find out what's being sent out; but (to my knowledge) that's impossible to know.

What kind of telemetry

[Dunbal]

They gave away at least a few billion dollars' worth of revenue when they gave away Windows 10 for free. So the kind of telemetry they are collecting is at least worth a few billion dollars. Anyone who says different is lying. There is no free lunch.

Re:What kind of telemetry

[LichtSpektren]

They gave away at least a few billion dollars' worth of revenue when they gave away Windows 10 for free. So the kind of telemetry they are collecting is at least worth a few billion dollars. Anyone who says different is lying. There is no free lunch.

I would like to augment your point by commenting that Microsoft isn't just *giving* Win10 away, they're *foisting* it as hard as it can, likely breaking quite a few laws in the process.

So that means the profit they're expected to make off of people running Win10 must vastly exceed the cost of making Win10, AND the cost of fighting off all the lawsuits in the process of ramming Win10 onto peoples' computers. One could argue that perhaps they're expecting all that profit to come from people being exposed to the built-in advertisements and the Windows Store, or people so pleased with the OS that they run out and buy a Surface/Xbox/WinPhone, but does anybody really believe that?

Re:What kind of telemetry

Windows isn't the Microsoft cash cow. It's the framework that Microsoft needs to keep popular to let their cash cow graze. The competition to Windows come in three different pricing options: free (Linux and others), hidden initial cost and $30 each upgrade (OSX), or roughly five billion dollars (Oracle, Sun, whoever). Since none of them are fully compliant with Microsoft's actual money making process, Microsoft needs Windows to be common. This pushes the price they can demand for Windows toward $0.

Other side, maintenance. The cost to Microsoft to maintain 3 different generations of operating system is significantly worse than the cost to maintain one generation of operating system. Someone with the actual numbers could run the math and see what the actual cost to Microsoft is in pushing Windows 10, what the decrease in potential revenue is, and what the decrease in maintenance expenses would be. I would not be at all surprised if the decrease in maintenance cost would outweigh the loss of theoretical revenue within half a year.

As for the telemetry and unavoidable communications, if anyone was actually concerned with learning what those contained, someone would've set up a packet sniffer just watching a single PC running 10 and announced their findings. Maybe someone is working on that, but I haven't seen anything about it.

Re:What kind of telemetry

[bfpierce]

Usage statistics for windows users is easily worth that much to the UI/UX and Application development people at Microsoft on it's own.

Then you can add in all that information being rolled into Bing and the targeted advertising they can potentially do.

Re:What kind of telemetry

[hairyfeet]

Actually allow me to correct your correction as MSFT is giving away absolutely nothing as a full version (not the "super duper extra spyware" insider edition) of Windows 10 Requires a legal key from 7 or 8 which currently costs as of this writing between $100-$200 dollars and there are several reports of users trying to go back to Windows 7 after the 30 days to find THEIR KEYS ARE NOW INVALIDATED. I can attest to this being true as I've had to talk to more damned third world MSFT flunkies than I ever cared to thanks to this very issue.

So the REAL cost of Windows 10 is currently between $100- $200 USD, that is the cost of the Windows 7 or 8 key you are giving up by taking this "free OS" and not going for the super duper extra spyware insider edition......sorry but that is the most fucking expensive "free OS" I've ever seen in my life and why we need to kill that "Oh its free you can't complain" bullshit because that is what it is, total bullshit!

Re:No worse than iPhone

[Penguinisto]

You can't even listen to music on OS X or iPhone without the software contacting Apple.

Actually, yes I can.

Re:No worse than iPhone

[LichtSpektren]

You can't even listen to music on OS X or iPhone without the software contacting Apple.

I'm quite tired of this nonsense rebuttal. When you use an Apple application, it contacts Apple's servers to see if there are updates available--you can turn that off as well. In contrast, when do you even the most mundane things in Win10 (with the telemetry turned off, mind you), the OS contacts over 100 different domains: https://github.com/WindowsLies...

Why the fuck does Win10 contact telemetry.appex.bing.net, ad.doubleclick.net, and watson.live.com whenever you open the fucking Notepad?

Re:Relax folks, not every Win10 packet is spying d

[Overzeetop]

Well, since the article is a reaction to "Windows is sending your more personal information back to MS *thousands* of times per day," I'd say yes. It's not so much about comfort as a realistic approach to evaluating what is sent.

My computer phones home to Google thousands of times a day, too. Of course, it's getting my mail, my calendar, and other data, along with the telemetry it's collecting. But, you know, I should be absolutely petrified that Google is spying on me with all that data going back and forth. I suppose.

poison the data

[frovingslosh]

Some of use don't have the luxury of not using Windows, either because we need to run applications that are only on Windows or we work with or support others who cannot be forced off Windows. What we really need is a hardware firewall that blocks all access to Microsoft domain names and IP addresses. Or even better one that sends bad data to Microsoft. Maybe a nice little distributed computing project would be to know what data Microsoft is collecting and the write and distribute software that keeps feeding Microsoft bogus data to make their data collection less useful. If enough people ran such software, and I believe a lot of people would gladly do it no matter if the were Windows or Linux users, Microsoft might get the message and cut this out.

Re:poison the data

[jenningsthecat]

...What we really need is a hardware firewall that blocks all access to Microsoft domain names and IP addresses.

I recall reading within the past week, (probably in connection with Office 365), that some functionality was simply broken when telemetry was disabled beyond what the OS itself allows users to disable. Perhaps that breakage only applies to Microsoft applications; but if it doesn't already apply to third party programs, and indeed to the OS proper, I'm sure Microsoft will fix that 'oversight' sooner-rather-than-later in a mandatory update.

Or even better one that sends bad data to Microsoft. Maybe a nice little distributed computing project would be to know what data Microsoft is collecting and the write and distribute software that keeps feeding Microsoft bogus data to make their data collection less useful.

I think with Windows 10 we're seeing the advent of a brand of distributed computing in which 'error checking' takes place between MS servers and your computer. MS gets to define what an 'error' is; if the data your computer sends back to the mothership isn't what MS is expecting, they will simply discard it. And they may disable part or all of your OS functionality as well. Coming up with an algorithm which can successfully fool Redmond while sending false information might be quite a programming exercise.

...Microsoft might get the message and cut this out.

Not a chance. The only thing that will get Microsoft's attention is customers jumping ship in droves. And we all know that ain't gonna happen. Too many people don't understand where this is all going, and most of the rest simply don't care.

Re:poison the data

[ledow]

Just VM it and stop pissing about.

Then you can run your Windows-only app, have a built-in firewall in the hypervisor that can do whatever you need, you can use your original hardware, you can run other systems that are more privacy-respecting for your day-to-day activities, your licences almost certainly already cover such use, and everything from 8 Pro upwards allows you to use Hyper-V to do just this.

Re:poison the data

[jabberw0k]

we work with or support others who cannot be forced off Windows

If you help perpetuate such environments, you are being an Enabler in an abusive relationship. Stop doing that.

Re:"No big deal"

It looks more like thousands of examples of DNS, NTP, NetBIOS and other perfectly normal and required traffic for any system that is connected to a network or the internet. I mean nearly all of these examples are basic network functionality. Most of the rest are things like OS updates, application updates, applications downloading scheduled data (weather, news, etc.). I know this is /. and we are all supposed to hate MS and Winblow$ like it's still 1999, but can we at least TRY to apply some logic and reasoning to our hating?

This is exactly what's wrong with Slashdot

The article claiming Windows 10 telemetry phoned home a ridiculous amount of times even when disabled was false. The user who conducted the experiment set telemetry to basic rather than turning it off. Furthermore, some of the apps that might make connections, what's known as the Windows out of the box experience, were not disabled. Furthermore, the router was configured to drop all outbound connections. As a result, the failed attempts to connect resulted in retrying or connecting to different mirrors over and over again. For some services like Windows Update this is completely reasonable behavior, otherwise they'd be vulnerable to a denial of service attack against the update server. The methodology exaggerated the amount of connections made by Windows while not even properly disabling telemetry. These are the facts. One reputable Slashdot user noted that when telemetry was disabled fully in the Enterprise version of Windows and all of the other apps were disabled, the only outbound connections were, in fact, Windows Update.

Despite the facts, Slashdot users complain about any story that suggests that Windows 10 telemetry isn't as severe as it's made out to be and accuse the authors of being Microsoft shills. Furthermore, these Slashdot users get modded up, and the parent is at +4 insightful. It seems that facts are optional in these discussions, and that's a shame. Those who make such false claims about Linux distros such as Ubuntu are rightly accused of being trolls and modded accordingly. But doing that to Microsoft is insightful.

Those of you who post such things and mod up such posts should be ashamed of yourselves. If privacy advocates want to be taken seriously, the discussions need to be based on facts instead of FUD. There are real issues with Windows telemetry namely that users are automatically opted in without being prompted, that Microsoft hasn't disclosed what data are sent to them, and that only the Enterprise versions of Windows 10 can fully disable the telemetry. These are real issues. But when there's so much FUD and misinformation, it damages the credibility of those who raise very legitimate objections. You should be ashamed of yourself for posting false information because it does a disservice to those with very real concerns about privacy.

Re:Acceptable Phone Home

[Stan92057]

I agree but the people who downloaded and installed windows 10 agreed to something very different. Linux Free and Microsoft Free are 2 very different things. Personally i don't feel bad for any person who choose to install win 10 they can/could have always uninstall it. IMO the only people who have a complaint are the business/persons who bought licances/ deals they paid for win 10. They should have the say on everything the OS collects and data mines. BTW do you know what Linux any distro collects?

What the actual fuck

[kuzb]

Even after the moronic voat user was shown to have completely screwed up the entire test slashdot is here referencing it yet again as fact? The new editors - just as shitty as the old ones.

Re:What the actual fuck

[thegarbz]

Even after the moronic voat user was shown to have completely screwed up the entire test slashdot is here referencing it yet again as fact? The new editors - just as shitty as the old ones.

a) timothy is not a new editor.
b) this article is talking about how garbage the results are.
c) old users still the same bitchy unappeasable old users.

Re:The Reality of the Situation

[The-Ixian]

FYI, in a corporate environment, if you are running Windows 10 Enterprise, you have more control (via GP) to disable telemetry.

In anything other than Enterprise, setting the telemetry to "0 - don't send telemetry" is equivalent to setting it to "1 - Send limited telemetry".

But even still, in a corporate environment, there are other ways to block this kind of thing. I am thinking ACL's on the firewall or layer 7 (application) rules in the firewall. But you could also maintain internal DNS that loops back certain MS domains.

I wouldn't be surprised if someone came up with a DNS service at some point that does this.

Re:"No big deal"

[bruce_the_loon]

NetBIOS over TCP is still a core part of Microsoft networking and the broadcasts allow the various machines running Windows or SAMBA to discover each other without needing a central directory server. It is still implemented because it is a useful API with decent backward compatibility with everything back to 95/98.

This isn't the old NetBIOS Frames line protocol from the extremely old days, rather the service layer protocol that handles the discovery, negotiation and authentication parts of peer-to-peer file and printer sharing in Windows.

Re:Why not capture with wireshark and analyze?

[ArmoredDragon]

Well, son, there are three possible scenarios:

- They are using a symmetric key (doubtful)
- They are using assymmetric keys to negotiate a symmetric key on the fly
- They are using asymmetric keys for the whole transmission

The first two can be figured out with some kernel patching, or even just firing up a VM and watching for the symmetric key.

The third would involve patching the kernel to replace Microsoft's public key used for encryption with your own public key that you can then decrypt with a private key. Or just flat out disable the encryption entirely.

Either way it's done, you'd also need to have another host emulate Microsoft's server responses to see how the exchange takes place, and simply capture what is being sent, and analyze.

Re:Ok so what about the other 2000?

[KGIII]

I don't use Windows on my computers (I do have a Windows phone) so I don't have a dog in this fight but... Err... You know what telemetry is, right? I mean, you can (and should) be able to turn it off if you want and off should mean off - no questions asked. But, umm... If they don't know how you use the OS then they won't be *likely* to consider your use-case when they make changes. They won't know that you're one of the people with that video card and having that problem so they won't fix it if you don't send crash reports. They won't be able to optimize their personal assistant thing if you don't let them have that personal data.

Now, to be clear, I'm a firm believer in off means off. But, it's incumbent on you to know what the outcome of your choices may be. Oh, they might get enough reports about that driver and video problem but what if your peers also shut it off? This goes in both directions, actions have consequences. I don't know what the outcome will be but I'm pretty sure they're actually pretty good at collecting (and by lack of reports to the contrary) securing this telemetry data. Where I using Windows, I'd probably let them have the data - though I'd be pretty pissed if off didn't mean off. (I'm kinda big on that - off is off and on is on, it's an honesty thing.)

One other thing to note... Since the days of 95, but more pronounced with 98, there tends to be a big swing in the direction of people who are moving to Linux. Six months or so later, they're gone from the forums and the .ISO download numbers are back to normal. In a year, they've turned into rabid supporters of the OS they were so against. I have been watching and expecting a huge swing in numbers. (I seed well over 100 distros - the last time I counted there were 144, it's not an exact metric so I also look at the sites that offer their stats like DistroWatch.)

You know what I've seen? Not a whole hell of a big jump in numbers. Lots of noise. I see a lot of that. But the numbers don't seem to indicate any huge swings, perhaps fewer now than when 8 and 8.1 dropped. I'd not be surprised if someone could get and crunch the numbers and they turned out that this uptake isn't all that high with Linux right now. So, people don't actually seem to be pissed off about this at the level where they're jumping ship.

I dunno... Were I still using Windows, this might have been enough to make me bail. It's not that I dislike the telemetry. It's that I want off when I say off. If I can't trust my OS to do that, what can I trust it for?