Windows 10 To Be Installed On 4 Million US Department of Defense Computers

Mark Wilson writes: Microsoft keeps shouting about the millions of users that have switched to Windows 10, and soon the company will have another 4 million to bray about. The U.S. Department of Defense is the latest big name to give Windows 10 the seal of approval apparently unconcerned with the privacy and telemetry issues that have put off others. 4 million enterprise upgrades for Windows 10 is a real feather in the cap for Microsoft, and the aim is to get each system running the latest version of the operating system inside a year. The DoD has also announced that it is granting certification to Surface 3, Surface Pro 3, Surface Pro 4, and Surface Book devices, meaning that they now appear on its Approved Products List.

Not the same as the rest of us ..

[BarbaraHudson]

You can be pretty sure that the version that the DoD gets will not be the same wrt phoning home as us plebes are getting.

Re:Not the same as the rest of us ..

[Rockoon]

Hell, the DoD will be getting the source code.

Re:Not the same as the rest of us ..

Both of these comments are wrong. They will simply be installed and managed by people who know what they're doing, not some kids on reddit who want to prove Microsoft is evil.

Re:Not the same as the rest of us ..

You can be pretty sure that the version that the DoD gets will not be the same wrt phoning home as us plebes are getting.

That's a joke.

Based on their previous test scores on PC security, what the hell makes you think they would be overly concerned this time about desktop OS customization?

They'll get at most an enterprise version that doesn't phone home as much, which is what the rest of corporate America will be force-fed.

Re:Not the same as the rest of us ..

I work for a large company with several DoD contracts (not my department, but elsewhere in the company). We do run a customized version of Windows on our PCs. I'd be incredibly surprised if the DoD -DIDN'T- have a customized version with most of the phone-home and auto-update features removed.

Re:Not the same as the rest of us ..

[war4peace]

I can confirm this. There are administrative policies in place that can disable telemetry and related/dependent modules (e.g. Cortana).

Re:Not the same as the rest of us ..

Yeah, what the other response said. An OS that cannot be controlled by its owner/user is a failure. The creator sold it, ideally to serve the people who bought it. There is no good excuse for what Microsoft has done here. Its terrifying to hear a military control structure will be relying on this stuff, and that such a bad company is raking in money for it.

To digress, it is bad enough that they messed up their flagship OS UI to look more like a game console and failed cell phone UI.

Re:Not the same as the rest of us ..

[afidel]

Actually the DOD does get the source code(along with many other large customers and more than a few academic institutions), but in this instance that's irrelevant since the thing that makes the DOD not worry about the phone home is the same as any large institution, they'll be using the LTS branch which has the option to turn off all the telemetry beyond what's existed in Windows since XP (ie crash reporting) and then they'll use further policy to turn off even that ability just as they've had hardening guides since the Windows NT days.

Re:Not the same as the rest of us ..

[Billly+Gates]

The enterprise edition does not.

FYI they do not phone home. They collect telemetry and have been for years. They do not log in and snoop, read your documents, etc.

Re:Not the same as the rest of us ..

[stooo]

People who know what they're doing install Linux. Or BSD.

Re: Not the same as the rest of us ..

Wake the fuck up tards. As far as the gov is concerned it's employees are property and what better way to monitor them than with an os that is designed to do just that.

Re:Not the same as the rest of us ..

People who know what they're doing install Linux. Or BSD.

Abso-freakin-loutely!!

Re:Not the same as the rest of us ..

The problem is that researchers have found Windows 10 sending telemetry even after the telemetry "switch" has been turned off. Furthermore, subsequent patches have been able to turn on various features and override/change previous settings. This only becomes a manageable, trivial issue if the Pentagon contract can seriously destroy an earnings quarter for Microsoft, that Microsoft has actually assigned dedicated, competent engineers to their product, AND there is a competent team at the Pentagon which is continuously monitoring the behavior of all Windows 10 PCs. There's nothing to prevent a well placed, Chinese hacker from feeding in a virus capable of taking advantage of a Windows 10 zero-day exploit. And unlike previous versions of Windows, Windows 10 is designed for communicating information with disregard towards users prerogatives.

Re:Not the same as the rest of us ..

Only some of the telemetry is blockable.

Re:Not the same as the rest of us ..

[BarbaraHudson]

Actually, the DoD has access to the source code. This is a long-standing practice.

Re:Not the same as the rest of us ..

[afidel]

I haven't seen any research indicating that an LTSB install with appropriate policies in place leaks data. If you have any links I'd be very interested. As far as updates breaking policy, that's the whole bloody point of LTSB, you only get security updates without any of the feature updates that cause those kinds of issues. Until the second LTSB release comes out in ~18 months we won't know if there's any additional policies that will be needed (though it's likely based on what's happened in the CBB).

Re:Not the same as the rest of us ..

Know what they are doing? LOL. If I could tell you the stories....

Re:Not the same as the rest of us ..

[mitcheli]

Probably not. The US Government usually gets the corporate edition. That usually has different phone home requirements. From there, the installs are built into "standard images" which may contain a number of "customizations" usually surrounding security. From there the standard images are pushed out to subordinate organizations for installation. If Win 10 works anything like Win 7, then each installation will require a phone call into Microsoft to activate the install. But that's handled with M$ in many ways the same as it would for a large fortune 500 company.

Re:Not the same as the rest of us ..

Hate to break it to you, but Slashdot isn't really important enough anymore for dedicated PR people. It's been sold twice in the last five years, for crying out loud!

Re: Not the same as the rest of us ..

[jxander]

It will be a COTS version. Probably enterprise, though maybe not.

The real difference is that the DoD (and any major corporation) will have at least a couple people who know what they're doing. Those select few can setup firewall restrictions and windows GPOs to diminish and/or eliminate all the telemetry garbage.

Re: Not the same as the rest of us ..

[jxander]

All telemetry is blockable with proper firewall settings

Re:Not the same as the rest of us ..

And stop upvoting your own posts with your other registered accounts.

Considering I have only one account and don't think I even remember the login info for it: done!

Pro tip #1: Not everyone who doesn't immediately agree with you is a shill/apologist/cretin
Pro tip #2: Not everyone who happens to agree with someone who doesn't agree with you is a fake account
Pro tip #3: Given the mod points system used by /., it takes a lot of sustained effort to be able to vote up your own posts, so you may want to consider that the next time you want to try using that argument

Re:Not the same as the rest of us ..

Don't be silly, in real life the software installation and administration is outsourced to the lowest bidder from India or China.

Re:Not the same as the rest of us ..

Except all the people like you that appear to have no concept of network security. The DoD is quite capable of preventing these machines from talking to anything that is not explicitly approved.

If Microsoft can't talk to these machines remotely why are you terrified? My guess is also that the machines that matter have heavy security while the ones for unclassified email are probably not all that different from what we see in most offices. I had no trouble configuring Palo Alto or Sonicwall devices to stop all Microsoft traffic and I only dedicated half of a day to it. SCCM is the only server at the location that is allowed to talk to Microsoft so it can get updates which are then distributed on-schedule. This is not hard to do especially when you're talking about managing a large number of computers.

Re:Not the same as the rest of us ..

Really not much different from any mid-to-large sized business setup, actually. I speak from experience here. I'm not the Windows admin (thankfully. When we were a HP-UX shop, I was the only one required to run the whole show, with about half of my time free to do other things, but an MS zealot boss migrated us to Windows servers about 15 years back, and it now requires three full time Windows admins to run their part of the show, plus some help from me and one other some days...but that's a story for another time) but that's how it works: all of the "phoning home" takes place within the local domain, and other than DCs nothing ever needs to talk to MS for anything. The amount of money spent is absurd, but that too is a discussion for another day.

I have no love and not much use for MS, but there is so much bullshit floating around with regards to the Win 10 telemetry issue.

Re:Not the same as the rest of us ..

Large organizations use KMS or now domain activation services. No product key necessary, just gotta be in the right place at the right time with the right identity information. Activation is only valid for 2 weeks as which point it will reauthenticate with KMS.

Re:Not the same as the rest of us ..

Both of these comments are wrong. They will simply be installed and managed by people who know what they're doing, not some kids on reddit who want to prove Microsoft is evil.

How did these get modded +5. It's the DoD, of course they're not getting the same stuff we are...and of course they have the source code. If they didn't, that would be the easiest (and I thought obvious) way for spies, saboteurs, and hackers to get in.

Re:Not the same as the rest of us ..

[Aighearach]

Thanks for adding a wrong comment to balance the correct and incorrect comments you lumped together as incorrect. You managed to sway the balance over to the incorrect side, at least partially proving your point! How clever.

Yes, they do get the source code. So does India. So do major companies. Microsoft source code has always been proprietary "shared source" that is viewable by important enough parties. The conflict with OSS is about licenses and permissions, not secrets.

That said, they'll likely get the same version as everybody else, and have to add their own stuff on top to secure things. Who cares? These are office computers for regular cube workers whose employer happens to be DoD. I don't want them to spend extra on fancy secure staplers for those workers either. They need a secure proprietary OS about as badly as they need a $15k hammer.

Re:Not the same as the rest of us ..

As someone who has previously worked as a civilian contractor for the DoD, I can say that they are completely clueless when it comes to IT. They aren't concerned with Windows 10 because they don't understand the security issues that it represents.

Re:Not the same as the rest of us ..

[Aighearach]

BSD is great in a datacenter, but if the US Government came to me for *nix systems, I would make sure to give them linux because of the SE stuff and the availability of existing tooling for their secret blahblahs.

Re:Not the same as the rest of us ..

[Aighearach]

Important clients have source access, they don't have wonder or theorize or conspiricize.

Also, minimally competent IT workers have the ability to monitor network traffic.

Re:Not the same as the rest of us ..

The fact that you have to do that to keep the OS from spying and reporting on you didn't give you pause?

It is the #1 reason why Windows 10 will never touch my networks.

Re:Not the same as the rest of us ..

[RabidReindeer]

Both of these comments are wrong. They will simply be installed and managed by people who know what they're doing, not some kids on reddit who want to prove Microsoft is evil.

HA! One the one hand, you've an army (no pun intended) of people who'll cheerfully tell you that Government Can't Do Anything Right, that only the Private Sector can do things competently.

On the other hand, you've got an army of people who'll point out that we've privatized the hell out of government and the military, and that the job will likely as not be given to some pet bidder who'll outsource it to the cheapest offshore/H1-B workforce they can scrounge up.

So there's going to be a whole lot of laughter here.

Re:Not the same as the rest of us ..

Except all the people like you that appear to have no concept of network security. The DoD is quite capable of preventing these machines from talking to anything that is not explicitly approved.

Snowden, for example?

Re:Not the same as the rest of us ..

[laurencetux]

", trivial issue if the Pentagon contract can seriously destroy ... Microsoft, "

okay given that we are talking about the folks who hang out in the PENTAGRAM^h^h^hGON
im sure that the nearest airbase to the Redmond campus could have a bit of a "clerical error" during a live fire "training exercise" and then SAMS YOUR UNCLE!

Re:Not the same as the rest of us ..

I haven't seen any research indicating that an LTSB install with appropriate policies in place leaks data

Nope, you simply didn't want to read and/or believe:
http://arstechnica.com/informa...

Re:Not the same as the rest of us ..

I spent this morning trying to delete an empty folder on our production Windows Server 2012 R2. Unfortunately, "The action can't be completed because the folder or a file in it is open in another program". Are you, or do you know any of those fabled "people who know what they're doing", because there are apparently none at Microsoft, since microsoft.com suggests to reboot the computer ....to delete a folder. I sure am glad they don't suggest to buy a new computer while I am at it.

Re:Not the same as the rest of us ..

[afidel]

That article and most of the other stuff about telemetry has nothing to do with an LTSB install with anti-telemetry policies enabled. In the Windows world what you can do with the GUI on Home or Pro and what you can do on Enterprise with Group Policy are often very different things. Though in the case of Windows 10 there's a further divergence between Enterprise on the Current Branch for Business (CBB) and the Long Term Servicing Branch (LTSB).

Re:Not the same as the rest of us ..

[FlyHelicopters]

Nothing in that article indicates what version of Windows 10 they are running. If it is Home or Pro, it hardly applies to what the DoD will be using.

Re:Not the same as the rest of us ..

If you think that "knowing what you're doing" is sufficient to overcome the fiasco known as Win10, then Microsoft has a job for you.

Oh wait, maybe you already work for M$.

You really have to be living inside a reality distortion field to describe Win10 as a fiasco. And, calling everyone that disagrees with you for paid shills seems to be the new Godwin's Law here on Slashdot.

Re:Not the same as the rest of us ..

The article is about the Enterprise edition, just read it. And they do (try to) disable telemetry, but it phones home anyways. Once again, you haven' t read it, or as a fanboy you just don't want to believe it. The funny thing is that ArsTechnica is notoriously pro-MS, but they published it anyways.

Re: Not the same as the rest of us ..

Not if the firewall is written by the same people doing the telemetry.

Re:Not the same as the rest of us ..

[jenningsthecat]

Nothing in that article indicates what version of Windows 10 they are running. If it is Home or Pro, it hardly applies to what the DoD will be using.

No, not in that article; but in another case, the tester is using Enterprise: https://voat.co/v/technology/c...

Unfortunately the poster deleted his original post, but one of the commenters provided a link to an archived copy: https://archive.is/QFL8e

I sure would like to know why that post was pulled with no explanation - did the guy fuck up and not want to come clean, was he or somebody else pressured into deleting it, or was there some other reason? Anyway, I agree that DOD will probably get a version with all that nonsense disabled - but simply assuming that only the Home and Pro versions are insistent on phoning home might not be such a good idea.

Re:Not the same as the rest of us ..

"...hardening guides since the Windows NT days."

Those actually boiled down to: "Windows NT is secure as long as it is not connected to a network".
I actually was an SysAdmin back when NT got its security approval, it was quite fun to read.

Re: Not the same as the rest of us ..

[cfalcon]

INCORRECT! And you made me log in.

http://download.microsoft.com/...

This is the Government Security Program, through which they release the source code of Windows versions to governments around the world, obviously including USG, but also including Russia. Windows 10 isn't on this list at the moment, but 8.1 and 7 are, and one is pretty safe in assuming that nothing of note has changed here, and DoD will have full source code access JUST AS THEY ALWAYS HAVE.

Further, they often DO get customizations to their deliverables, so it's almost ASSURED that their version won't be the same that the rest of us have access to. In FACT the article even explicitly mentions that its ENTERPRISE in the first place- you know, the version you can't buy, because you aren't a corporation and therefore have no expectation of privacy. Even enterprise seems to still have issues with chatting, but it's the ONLY version (unlike, say, Pro) where you can in THEORY set telemetry to "none".

So BOTH points are correct- the government won't be using the same version as "us plebes" (for two reasons) and ALSO they will have source code.

And for making me log in, lemme second the "go shill on Ars" guy. Good grief.

Re:Not the same as the rest of us ..

[Gr8Apes]

Why would the DoD want it disabled? They get all the info from MS, guaranteed. Hell, it's probably a group from the NSA that's gathering it all in the first place and handing stuff they don't care about to MS. Wouldn't surprise me in the least.

Re: Not the same as the rest of us ..

[cfalcon]

> correct firewall settings ...and let me guess, you have these settings, but there's no room to include them in the margin?

I get that Windows users want everything to be fine, just more random configuration scripts, external firewall settings, services to remove from the command line, KBs to blacklist. But this level of configuration is really confusing. On Linux you get all this for free, and you never have to leave a GUI... Or set anything in the first place.

Windows is kill. I hate it too, but it's absolutely true.

Re:Not the same as the rest of us ..

[AmiMoJo]

I hope they publish the hardening guide for Windows 10.

Re:Not the same as the rest of us ..

[HiThere]

I've never been really convinced of that. It may be true, but just having it in print doesn't make it true. I'll admit that there's reasonable evidence that they have something that claims to be the windows source code, but the last time I looked deeply (admittedly this was somewhere around 1998 or 2000) they didn't have the tools to actually compile it, so there was no way to compare the binaries.

So to me it seems more honest to say they have something represented as the source code. But perhaps my information is out of date or incomplete.

Re:Not the same as the rest of us ..

[HiThere]

IIUC, the only information that we have to prove this is their public statements.

OTOH it is well known that even without intentionally providing backdoors there are often exploits which will effectively be the same thing. And if one of these should happen to be there on purpose there'd be no way to demonstrate it. I will grant that this is not the same as "phoning home". but the known "phoning home" is also known to be sufficient to provide a list of targets.

I think a lot of the disagreement about what a security violation MSWind10 is is due to sloppy language, and most of the rest is due to disagreement about what degree of coerced communication is reasonable. (And whether a sly person being able to evade the coercion is sufficient to excuse it.)

I, personally, tend to come down on the side of people not trusting MS due to past unethical actions. This is not proof that this time they are acting unethically, but it's sufficient reason to not give them any "benefit of the doubt".

Re:Not the same as the rest of us ..

[EndlessNameless]

The telemetry and other reporting features can be completely disabled in Enterprise editions of Windows 10. I strongly suspect the DoD has enterprise licensing.

I also expect they would disable the 95% of privacy-related features which can also be disabled by home users.

Re:Not the same as the rest of us ..

They won't be getting source code for long. It's illegal for governments to require access or audits to commercial source code under the TPP.

Re:Not the same as the rest of us ..

IIUC, the only information that we have to prove this is their public statements.

Just as we have only your public statements that you are not a terrorist/pedophile...

Pure FUD.

Re:Not the same as the rest of us ..

[rtb61]

Get real, who would install software with a built in key logger. Nope they are getting their own version and of course access to everyone else's version, yeah that kind of access and yeah M$ pretty fucking evil, make no mistake. You can also guarantee M$ will not be doing direct updates of those individually identified computers that is for the rest of us, custom updates for particular users and US government departments managing their own updates of their customised versions. This wholesale invasion of privacy by M$ could only occur with government backing and that is in exchange for warrant less default full access across the entire face of the planet. Not just to pull data off but also to install software, specifically targeted at dual boots or boots from say a USB stick and that means opening up firmware and bios to add bits. Really fucking evil stuff.

Re:Not the same as the rest of us ..

[Dcnjoe60]

You can be pretty sure that the version that the DoD gets will not be the same wrt phoning home as us plebes are getting.

Then it is disingenuous to say they are getting Windows 10. Instead, DoD is getting a custom version of Windows.

Re:Not the same as the rest of us ..

[Dcnjoe60]

Except all the people like you that appear to have no concept of network security. The DoD is quite capable of preventing these machines from talking to anything that is not explicitly approved.

If Microsoft can't talk to these machines remotely why are you terrified? My guess is also that the machines that matter have heavy security while the ones for unclassified email are probably not all that different from what we see in most offices. I had no trouble configuring Palo Alto or Sonicwall devices to stop all Microsoft traffic and I only dedicated half of a day to it. SCCM is the only server at the location that is allowed to talk to Microsoft so it can get updates which are then distributed on-schedule. This is not hard to do especially when you're talking about managing a large number of computers.

If you are going to use a computer with Windows 10 but prevent it from communicating with the outside world, doesn't that defeat the purpose of the automatically updating tile interface? What advantage would Windows 10 give a restricted user that Windows 7 would not? I agree it's not hard to lock down a network. It's just why use an interface specifically designed for being on an open network if that is what you are going to do?

Re:Not the same as the rest of us ..

[amiga3D]

The DoD has had some horrendous security failures. They have lowest bid contractors managing these systems and it shows. I remember when we "upgraded" to Vista and half the computers in my shop were down at any one time for...well, until Windows 7 arrived. Things improved noticeably then but still it's not anywhere near as good as the millions of dollars they pour into it should make it. I see things that make me shudder but fortunately I don't have to deal with classified information.

Re:Not the same as the rest of us ..

They do. It's unclassified, and it happens to be available on the public internet without the need to PKI-authenticate in. Not all of the hardening manuals are as easily available. You're looking for the Security Technical Implementation Guide (STIG) that DISA (Defense Information Systems Agency) puts out.

Try this:
http://iase.disa.mil/stigs/os/windows/Pages/win10.aspx

Get the .zip file (currently v1 rel2, updated 1 Feb 16), then look at the enclosed XML file. Don't worry -- it looks much better with the XSL that's with it.

Re: Not the same as the rest of us ..

Yes, the US Government will be using Windows 10 Enterprise LTSB (Long Term Servicing Branch). That is forced upon us for security reasons (it's part of the STIG). But that being said, it's the same Windows 10 Enterprise LTSB that's available to other large corporations. It's not like there's a magical "government-only" version. Clearly not what home users will be using though, agreed.

Re:Not the same as the rest of us ..

[BarbaraHudson]

Microsoft has even given code access to all the windows source code to China, over a decade ago. And they're far from the only ones:

Last month, it announced GSP agreements with Russia, NATO and the United Kingdom. Microsoft is in discussions with more than 30 countries, territories and organizations regarding the program.

That too was more than a decade ago. This is old news.

Re:Not the same as the rest of us ..

[unixisc]

You can be pretty sure that the version that the DoD gets will not be the same wrt phoning home as us plebes are getting.

I think as a bonus for converting to Windows 10, Microsoft will be happy to donate that 'home' to the DoD i.e. the DoD will be the place all computers will be phoning to

Only choices for America's enemies will be OpenBSD or GNU HURD

Re:Not the same as the rest of us ..

They already have.

Re:Not the same as the rest of us ..

[rriven]

The Military uses the Golden Master Image for Windows. There are a few changes, most notably you activate with your CAC card. Not that many people know that and countless times I come across a computer that is complaining about being non-genuine. The Secret Computers are usually always like this. Put in your CAC card and click activate, and it is a genuine install.

If they heavily modified the activation code, you can bet they modified other parts. Just because it is approved does not mean it will be used. About 9 months ago we upgraded from Server 2003 to Server 2008R2. (Both Golden Master)

The upside is if you can get the install DVD, as long as you have a valid CAC card you have unlimited copies of windows.

https://chess.army.mil/Content...
https://chess.army.mil/Content...

Re:Not the same as the rest of us ..

You're right. Fiasco is much too soft a word.

Windows 10 is the end. For me and for countless other techies. Who influence tens, hundreds, and tens of thousands of times more machines than the average newb.

Microsoft has gone way beyond full retard. All the way to Windows 1984.

Since you've already fallen in love with Big Brother, there is not really any point talking with you.

Good luck with the apocalypse.

Re: Not the same as the rest of us ..

Same enterprise version available to the public. But DoD has STIGS for Win10 now that will help to secure them.

Re: Not the same as the rest of us ..

[Thor+Ablestar]

The keyword here is "proper". It's not known beforehand what settings are proper, the next update may introduce something that needs other proper settings, and the life slowly becomes self-education about the proper settings leaving no time for work when you can simply install *BSD and forget this problem once and forever.

Re:Not the same as the rest of us ..

[The+Phantom+Mensch]

There is also a Java based STIG Viewer. http://iasecontent.disa.mil/stigs/jar/STIGViewer_2.2.jar

Re:Not the same as the rest of us ..

[KGIII]

What advantage would Windows 10 give a restricted user that Windows 7 would not?

Support past 2020. Updates for more than just security issues. Things like that. WSUS is a thing.

I understand there's a new file system, that it is optimized a bit better, will run the next generation of software, certain things can be restricted or allowed - it's not an all or nothing type of thing, and things like that.

Note: I do not actually have any Windows computers so I might have missed some other benefits.

Re:Not the same as the rest of us ..

[KGIII]

You guys say this every time a new version of Windows comes out. We see a slight uptick in questions in the forums. It dies down after about six months to a year. It's actually less of an uptick this time than I've noticed in the past.

Re:Not the same as the rest of us ..

[KGIII]

Shared Source Initiative - you too can see the source code for Windows. You can't do much with it but you can see it. You need to sign an NDA, give them a reason, and then tell them what you want to see. I've used, "Because I'm curious." You've been able to do this for about 15 years now. Just Google "Shared Source Initiative." There's even a Wikipedia article on it.

Re:Not the same as the rest of us ..

Windows 10 has an LTS branch? Do tell.

Re:Not the same as the rest of us ..

[stridebird]

processexplorer? http://technet.microsoft.com/e... Apologies if you tried that. Other utilities are available too.

Re: Not the same as the rest of us ..

[stridebird]

On Linux you get all this for free, and you never have to leave^W use a GUI

FTFY

Re:Not the same as the rest of us ..

[justthinkit]

Slashdot is a lot less active now than in the past. Threads have one-third the comments these days.

As to Windows 10, it is more painfully obvious how perfectly villainous it is. It is one thing to ship a performance dog (Vista), or an interface nightmare (Windows 8) but this is a whole new level of creepy. And that was before it was back-ported to otherwise decent (Win 7) or half-decent (Win 8 with a suitable shell, or Win 8.1) operating systems.

This is Windows up-against-the-wall-ready-aim-fire-now-go-get-the-others.

Re:Not the same as the rest of us ..

[KGIII]

Oddly enough, you were saying that same thing when XP had activation. Yet, 15 years later I'm supposed to believe that you're going to finally say that enough is enough, move to a new OS, and forgo all things Microsoft... All evidence, include the uptick on the various forums and help sites (at which I'm an active member) tells me that the numbers are pretty much on par with, maybe slightly less, the past.

Sorry, but no... I don't believe it. The desktop OS market will remain solidly in MS grips. You can howl and pretend all you want but you'll still be playing your games on Windows. It's sad, really. For starters, nobody's fooling anyone. More importantly, it's tit-easy to use Linux these days. It literally, "just works."

Re: Not the same as the rest of us ..

[jxander]

You'll never want any custom settings in a Linux build? You'd never want anything different than exactly what someone else tells you that you need?

Windows isn't perfect by any stretch. Far from it. But trying to paint the vast customization options inherent in the system as some sort of negative is just FUD.

Re: Not the same as the rest of us ..

[jxander]

... not the software "firewall" built into windows. And actual firewall. Or even just a router, though those can be a bit feature bare in the consumer level models. But consumers have the option to stick with an older version, so ...

Re:Not the same as the rest of us ..

Slashdot fun tip: If you want to help reduce Slashdot astroturfing, banning everybody who moderated your delusional and fact free comment up would be a great start!

Re:Not the same as the rest of us ..

[justthinkit]

I'm sure you meant the royal "we", but you've aimed your remark at someone who has kept a record of his.

My first comment on XP.

My second, albeit AC.

As to what I, and others, are doing...it is more like reversion. Stepping backward to older versions of Windows, run in a VM, and hosted on whatever OS. Or, of course, moving to an entirely different OS.

I wrote that first post 10 years ago. On XP. I haven't changed operating system since. I had even bought, two years back, a 10GB RAM i3770 Win8 machine. It literally sat beside me for a year. Then, a year back, I gave it away to a family member. It (Win8) is simply not as good as what I am using now (XP).

The latest telemetry/Orwellian spying was witnessed by someone unaffected.

If you can explain how I am furthering Microsoft's goals, I'd love to hear it.

Re:Not the same as the rest of us ..

[KGIII]

It was, indeed, a royal you. However, I'd like to point out the title of this thread and the subject of this thread.

No, Microsoft is not now going up against the wall. No, nobody's moving to Linux and staying there - not of any note, there's a few new users that stick it out. As I'm not a gamer, I don't really know what compels people to like games enough to stick with an OS they profess to hate.

This is not Windows up against the wall, fire, blah blah blah... This is the DoD installing Windows on 4 million machines - the exact opposite of what you're claiming.

Re: Not the same as the rest of us ..

I work for a dod organization, and we install using images derived from dvd or downloaded images just like everyone else. We just lock them down afterwards.

Re:Not the same as the rest of us ..

[justthinkit]

As another commenter humorously pointed out, the military is not worried about the telemetry because that information just comes back to them anyway. So this article is not about the military adopting Windows 10. That is merely the latest trigger for Slashdot commenters to say whatever pops into their mind about the newest Orwellian measures from Microsoft.

As to what people are doing, it is funny that you think you know, based on help desk requests. In my dozen plus years with XP, I've never submitted a help desk request.

As to what Slashdotters (and other equally tech-savvy people) are doing, this is where the real action is. And do you think you are going to be the first to know about their action(s), before they ship product?

All I want is an XP clone. I'm not even interested in Windows 7. I want Windows FOM (Free-Of-Microsoft). So I have a serious interest in ReactOS. No, it doesn't appear ready yet, but then my XP machines are still going strong.

Then there is DOSBox, etc.

Dear Microsoft,
Couple words of advice: never piss off a techie.
Regards,

Re:Not the same as the rest of us ..

[dave420]

That doesn't say it leaks data. Sure, it sends some requests to MS services, but it's not "leaking data". You might want to tone down your anger lest you get mistaken for someone with nothing of substance to say.

Re:Not the same as the rest of us ..

You're technically competent (I presume). Since about 1995, I've followed and used Linux but not exclusively. No, not at all. I'm not even a rabid hater of Microsoft and I even have a Windows phone (but no Windows computers). And, since about 1998, I've noticed a trend. This is gonna be a bit long. You have been warned. ;-)

Basically, every time a new version of Windows comes out - everyone and their kid brother says, "Enough is enough! I'm switching to Linux." (A few say *BSD or Apple but not many.) And, sure enough, you could track the uptick in downloads (if they shared that info) and, more nuanced, you could track the number of questions in the newsgroups, mailing lists, and forums.

It always happens. It happens without fail. It happened with Windows 10. (We'll get back to that.)

The most prominent and noted one was actually the OS that you like (and I'm inclined to agree but we'll get back to that too). When Windows XP came out, Windows did bleed quite a few people but, and this is important, it would appear that many of them stuck with their new choices. In other words, they started asking questions and then stuck it out and you could see them stick around and remain staunch in their choice. However, in 6 months or maybe a year the vast, vast majority disappeared, the traffic level went back down to normal, and there were fewer people downloading the updates to their distro - until the next time. And we tracked the downloads, the questions, the traffic stats, and paid attention...

Then came Vista and we had the uptick. We had the irate comments. We had the people saying that this was the end of Windows. We had people saying that they'd never go back to Windows. We had the downloads, the questions, and then we had the drop-off six months to a year later. And we discussed it and we asked the download stats and we paid attention...

Then came Windows 7 and we had the uptick, the questions, the downloads, the conversations, and you get the idea... We paid attention, we noted the number of downloads, we tracked the traffic, we paid attention to the questions... Sure enough, six months later, traffic was back to normal and the mailing lists were quiet and the forum accounts either sheepishly deleted or no longer signed in...

Then came Windows 8 and we had the same thing - including the same results as before. Oh, each time a few folks do stick with it. If I had to make an off-the-cuff estimate, I'd say it's maybe 5% - at best. Literally, 5% at best. 'Cause we've had this discussion, we've noticed the trends, we've looked at the numbers, we've seen the increase and the decline.

Then came Windows 8.1 and, once again, we see the same thing. You can go look at the numbers at DistroWatch, see the traffic at LQ, AskUbuntu, Ubuntu forums, Mint forums, Mint blogs, Fedora's mailing list, Debian's* traffic stats, BSD's uptick ('cause systemd) and all that - and we've got the torrent stats so we can see the downloads, the seeders, the leechers, and the comments... And we can check Voat, Reddit, and see the Google trends. And, sure enough, we see the same thing we saw every other time.

Then, we get to Windows 10... And we get all these comments, all this bitching, all these claims about how they're going to do the same thing they did last thing they claimed they were going to do last time. And yes, yes *you* may be different. That's okay, this is bigger than you because your comment was bigger than you. You might be an exception and I'd like to welcome you to the dark side. If you need help, I might know something or where you can get aid. Look out, some of the forums are full of dicks who will not actually help you unless you're trying to do what they want. Seriously, "Why would you want to do that?" That is a frequent response - more frequent than RTFM.

You know what is happening with it this time? Even FEWER people are downloading the distros. There is no big uptick. There is no giant swell. There is one, it's just tiny compared to the other times in

Re:Not the same as the rest of us ..

[justthinkit]

Paragraph 1:

I'm not even a rabid hater of Microsoft

For the record, neither am I. Fact is I think MS does some things exceptionally well. They just usually benefit MS more than anybody else. As for me, I mainly want to avoid an upgrade treadmill. Charge me $50/year for supported XP and I would probably go with that.

Paragraph 4/5/6/7/8: in 6 months...everyone stopped complaining

If someone steps on your toes, you grumble and then stop.

This time, with Windows 10, things are fundamentally different.

Paragraph 9: Thank you for your kind offer. Many people suck, for sure.

Paragraph 10:

You know what is happening with it this time? Even FEWER people are downloading the distros.

Just as you say my comment was "bigger than me", your data is now "bigger than you". IOW, not meaningful.

Analogy-wise, when someone punches you into unconsciousness, you do things a whole heck of a lot differently. You *don't* whine about it. Maybe you don't say a word to anybody about it. But, if you are a techie, and it is a technical KO, you route around it. That may take time, energy, money. But it happens, as sure as the rain falls.

When there is a small hiccup between people, the "bigger" one apologizes or otherwise attempts to bridge the gap, and you move on. When there is a large hiccup, a completely different dynamic kicks in.

Paragraph 13:

Look at the adoption rates, they're about where they should be.

Since this has been a remarkably civil conversation, I'll avoid a "forced adoption" rant.

Paragraph 14:

There's no up against the wall

When there is an up-against-the-wall, please tell me who is left to report on it? That has not been scared into silence that is.

IOW, when the threat changes, the response changes (as I said earlier).

Paragraph 17:

XP was a fine OS. I imagine that you could keep it reasonably secure.. You know what you're doing, I'm sure you can do it.

I think computer threats from XP-and-earlier WindowsOSes are over-estimated by a factor or 10 to 100. And the threats from newer, more NSA-friendly OSes, is 10 to 100 times worse than we think.

Paragraph 18:

I'd not recommend a novice take that approach

Agreed. And this is why the uptick is "as expected". Most are going with WinX for now.

I bet a bunch of people would pay. Say, $30/year?

Yup, pretty much the same figure I tossed out there.

Paragraph 19:

That said, Windows Vista is actually a good OS

I would call it "acceptable". I have one Vista el-cheapo workhorse that I've stripped the services out of and air-gapped. Will run fine for years, I'm sure. But I certainly wouldn't *want* to use it (and spend only minutes per week using it). All about them messing up the Z-order...

Paragraph 20:

Windows 7 is excellent

It would have been acceptable to me if they hadn't back-ported their Nazi Gestapo Stasi NSA 1984 crap to it. Even when you say you don't want any of it.

You know, maybe this is the analogy that will work to explain Windows 10. It is a tech holocaust.

Paragraph 23:

I'm not the most articulate

I think you have been most articulate. And patient.

This could be the most civilized extended conversation I've ever had on /.

the OS desktop market will not change more than 10% by 01/01/2017

Ok, that is a pretty daring wager. I'm not the betting type, but w

Re: Not the same as the rest of us ..

No, but what is a negative is that nobody wants that telemetry crap. And Microsoft make it impossible to completely turn off, to block it you need a hardware firewall loaded with a long list of ip addresses, which could change if you do updates (which you don't get a choice about unless, again, you block the update server with a firewall).

I like customisation, but reasonable defaults are a must, especially when you don't have have a choice of differently customised versions to install.

Trying to paint legitimate criticism of an unwanted feature that is purposefully difficult to disable as FUD, is inherently dishonest. If there was a clearly visible disable switch for this telemetry crap on first boot, and it actually worked, then people wouldn't complain as much, because they wouldn't have a good reason to.

Re:Not the same as the rest of us ..

[david_thornley]

How confident are you that it's the real source?

Re:Not the same as the rest of us ..

[HiThere]

Were you able to compile it, and verify that it matched the code being delivered? This is the step which was missing the last time I checked.

(I will admit that the code comparison itself has lots of gotcha's, but if you can't compile it you don't even get to that step.)

Re:Not the same as the rest of us ..

[KGIII]

I did not. As I recall, the agreement says you don't get to do much of anything except look at it. You don't get their tool-chain, you don't get everything, you only get what you ask for, and things like that. You can't edit it, share it, or even take a screen-shot of it. So, no... I did not compile it. It has also been ages since I've even asked for any but, in their defense, they gave me all that I asked for with even an absurd excuse a couple of times. I did want some OE code at one point (that's how long ago this was) as I wanted to write some code against it - formatting replies automatically and whatnot. That's the closest I ever really got to working with it. The rest was just me being nosy, curious, and borderline seeing how far I could push it. They really did send it out with the excuse, "Because I'm curious." Credit where credit is due, I guess? I was still a part of the MS MVP program at the time.

Re:Not the same as the rest of us ..

[KGIII]

I am pretty sure I was physically present (more) for the announcement. I was a guest. I am that confident. So, whatever weight that carries, that's what it is. I can not say with any certainty that it was the wrong source. I would not say that certain to be the right source. I have zero way to prove that to you and I will not make the claim with any certainty nor give any appreciable input other than that. In fact, you can stop reading here.

But, I'm pretty certain. I know the people who were there. It was us, screaming at our leads, in the MVP program, that got the source opened up - and not the crazy guys with beards and spittle. You can see how it started...

https://www.microsoft.com/en-u...

You? You gotta sign shit and become a partner, or find another license to get into - they have a bunch there, OEM works for anyone. That's free, it's how you get to the NDA Just sign up as a partner, apply as an OEM. They'll give it to you as a system builder. You know how to build a computer? Congratulations, you're a registered parter with Microsoft and you're an OEM. Now, you can access it too! You gotta sign the NDA and that's about it, I think? I got it a slightly different way, I went through the MVP program and I'm assured they're the same thing. Unless you're an MVP, you have to do it the OEM way as a partner. It's free.

That's here:

https://www.microsoft.com/en-u...

(Click on OEM thingy and get started. I gotta mention this part again --> You gotta be a Partner to do that, it should help you get it set up.)

In there are directions to get the source code. Follow 'em. You gotta request one thing at a time, pretty much. You ask for specific code. They're not just going to send you all of Windows 7 just for shits and giggles. Just make something up and ask for it in small pieces? Eventually they'll tell you now? I don't know, they've never told me no. I haven't asked for anything in a *long* time. (It has been available for a long time. It's not open source - but you can see it. You can't do much else. You can see it.)

I have no reason to doubt the code, I want to say that I was in the room when it was announced. I'm actually not sure if it was there or in an email/mailing list. There were reporters. I think we might have heard about it the night before and it was announced at a press conference on Sunday? Maybe Friday night? I am not actually sure - it was 15 years ago. Sorry but my memory is not that good. It might have been one of those days, the weekend before, the same weekend? I'm not really positive - it has been a long time. (That was the more.)

The funny thing, if you go back through my comments, I bet I've mentioned this program 100 times. LOL I'm not kidding. I've had people thanking me for telling them about it for years. I have no idea if any of them followed through. I am not kidding, I've probably pointed this out 100 times on Slashdot. Hell, I get moderated up for at least half of 'em. Someone's seeing it but almost every time I say something - someone new notices. So, I keep repeating. I have no idea if they follow up with ti, nothing. They say thanks. I looked and poked at it a couple of times back then.

That's the whole story and I do not have a vote of confidence to give you. I have no reason to distrust the code. There's everything I know. In a matter this serious, I can not nor would I accept accountability for an affirmative or negative answer about the certainty. I am not a lawyer, I am not your lawyer, you will be signing legally binding documents if you go through this process. Consult with a legal professional in your local jurisdiction prior to signing any legal documents.

That'll have to do. ;-) Sorry but that was ages ago and I went through it the MVP way, they opened at the same time. We were annoying, John was our lead, I remember that. I gave up partici

Re:Not the same as the rest of us ..

[beastofburdon]

Benefits of windows:
* can currently run more games than Linux
* not a damn thing else

Re:Not the same as the rest of us ..

[david_thornley]

Thanks. That's what I wanted to know. You seem defensive, but please understand I didn't mean it as any sort of attack, but just as away of finding out how confident you were that you were looking at the correct source, and you answered that in great detail.

Re:Not the same as the rest of us ..

[KGIII]

Oh no, if it seemed defensive that was not the intent. Not at all. Just cautious. ;-) I'll be damned if I'm going to say that I'm *certain* it is the correct code. There's no way in hell I'm putting my name and reputation (such as it is) to that statement. More like, I don't want to be in a position of being defensive - if that makes any sense.

I've no reason to doubt the veracity. It did what I needed and I had no problems with it. This being Slashdot, home of the conspiracy theorist, it could just be that they gave selective code that depended on the person requesting access. *nods* So, no... Not really defensive so much as not wanting to be in a position where I said something in error and/or need to be defensive.

I figure you won't be the only person to read the reply.

Re:Not the same as the rest of us ..

[KGIII]

So very true. At least from my view. I am not a gamer. I do not use an software that is Windows-only. I literally have absolutely no reason to prefer Windows over any other OS, other than some familiarity and that's a bit dated now. In the early 2000s, and until the middle of that decade, I was recognized and awarded the MVP from Microsoft in a few different categories. I've intimate knowledge of the OS but that's actually a drawback at this point in my life. I was not learning anything new and it was disappointing. So, I switched to using Linux exclusively because I'd simply ignore the Linux partition and boot to Windows at least 90% of the time.

Re:Not the same as the rest of us ..

Are you really so idiot as you appear to be?

Telemetry Free Version

[p0p0]

I'm assuming they've got a special version from Microsoft that isn't constantly collecting telemetry data, even when specifically disabled. They wouldn't use an OS that constantly sending information to an outside network, would they?

Oh god they probably would.

Re:Telemetry Free Version

Why would they? The telemetry goes right back to themselves.

Re:Telemetry Free Version

[guruevi]

Why would they? The decision makers probably don't even understand the concerns and none of the non-IT workers care very much. Until the data has gone to China for a half a decade will they 'find out' and then they'll start a Senate Committee to investigate the issue and after a few more years, when everyone has moved onto Windows 15, will they decide that it wasn't a good idea but it's too expensive now to switch.

Anyone concerned about security should never use Microsoft products. Most portions of our government have proven that they don't care, the only ones I see care is the NSA which regularly contributes to Linux (SELinux etc) so I think they must be running primarily that.

Re:Telemetry Free Version

[jellomizer]

Interception of data in transit.

Re:Telemetry Free Version

[avandesande]

Really- How do you know that? This view that everyone that works for government are incompetent boobs is idiotic.

Re:Telemetry Free Version

[gtall]

DoD is well-aware of the security implications. Like any other large enterprise, they must also be concerned with cost. Installing Linux across DoD and retraining staff would take years and then eejits like Ted Cruz would be braying about the high cost of government. So DoD is stuck in the same predicament as everyone else, i.e., how to ease out of MS Hell and still function.

And NSA does not set compute standards for the rest of DoD. If they did, the Air Force would never be allowed to have an offensive cyber capability.

Re:Telemetry Free Version

[afidel]

It's called the LTS branch.

Re:Telemetry Free Version

[I4ko]

Not necessary. They will apply their STIG though here from the DISA website and firewall and additional security here from the DISA website. You will be amazed on what basic throve of info you have in those, even for Chrome and some other known to phone home things.

Re:Telemetry Free Version

Presumably you have never been involved with providing software for the DoD. They are VERY aware, and I guarantee they are more knowledgeable than you...

Re:Telemetry Free Version

[frank_adrian314159]

No they wouldn't. Even if you think they are, they're not that stupid. I've worked with software manufacturers (large ones) that supply the DoD. If your software phones home, it had better work without phoning home, too. Or else you won't be used in secure environments. Plus, do you really think they don't have outgoing as well as incoming firewalls?

Re:Telemetry Free Version

Sometimes, it only takes a single, incompetent boob... ...such as the ones that hire contractors to manage their computer systems without logging their every transaction.

Re:Telemetry Free Version

Rule Title: Windows Telemetry must be configured to the lowest level of data sent to Microsoft.

Vulnerability Discussion: Some features may communicate with the vendor, sending system information or downloading data or components for the feature. Limiting this capability will prevent potentially sensitive information from being sent outside the enterprise.

Check Content:
If the following registry value does not exist or is not configured as specified, this is a finding.

Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \SOFTWARE\Policies\Microsoft\Windows\DataCollection\

Value Name: AllowTelemetry

Type: REG_DWORD
Value: 0

Windows 10 Professional may have a value of 1. The value for Off [Enterprise Only] implements the same limitations as Basic in Windows 10 Professional.

Fix Text: Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Data Collection and Preview Builds>> "Allow Telemetry" to "Enabled" with "0 - Off [Enterprise Only]" selected in "Options:".

Re:Telemetry Free Version

Only a jackass in the military would think they could reduce operational and training costs by standardizing computer systems to what consumers use. The military is training people all the time on unique and expensive hardware; they're called weapon systems. No, the real reason why the military would use commercial systems like Windows 10 is to gain access to software capable of doing things their procurement system can't make available for another 5 years. Personally, I don't grasp why they don't invest in a unit that's involved with linux/GUI design, and just standardize on a variant of SELinux.

Re:Telemetry Free Version

[ITRambo]

I don't believe that they don't care. I think they're just too lazy to give a damn. Unless ordered to do so by the boss, the boat remains stable and unrocked.

Re:Telemetry Free Version

[TemporalBeing]

Installing Linux across DoD and retraining staff would take years

They've already been using Linux for years. I believe CC/EAL5 was achieved by SuSE and Red Hat a decade or so ago now. They probably use more Linux systems than they do Windows.

Re:Telemetry Free Version

[Aighearach]

OTOH, if there is another department with lower-level access to the pipes who is altering some small percent of the data being extracted by China, then the conclusions they draw from that data might be incorrect in ways very convenient to the DoD.

Don't over-think it if you're going to under-think it. ;)

Re:Telemetry Free Version

[Aighearach]

You have two choices; accept that almost everybody are incompetent boobs, or just concede that the average are mediocre and that almost everybody are mediocre. These things might be equivalent values. If mediocre isn't incompetent, then the standard is simply so low that "competent" means "makes lots of mistakes every day; sometimes huge ones."

If your gold standard is the best person in the department, then the department is full of incompetent boobs. This is true even if the department is above-average!

For it be false would require not even trying to be good, which would in itself be professional incompetency.

Re:Telemetry Free Version

[Aighearach]

You can save a bundle on training if you don't tell them that the OS is different, you just install a window manager with the same paradigm as the old OS, and tell them "the icons are different now, but all your documents are the same."

If they ask why the splash screen for "Office" is different, don't go down that rabbit hole; just use literal words. "We have a different Office version now, but all your documents are the same."

Re:Telemetry Free Version

They are concerned with cost and source. The gov wants US-sourced stuff. Any deviation requires a waiver and approval. Getting OSS software (e.g. LibreOffice or FileZilla) approved is an easy 3-6 month process, and one of the questions asked is "is there a proprietary software available that can perform this task?". I've seen emails go around about a sudden disapproval of a security test suite because one person outside the US worked on it.

Why?

The government believes in pointing the finger at someone else. They want that support contract, no in-house expertise (to support the little guy!), and a bellybutton to point to when things go wrong.

Re:Telemetry Free Version

Corruption hides behind feigned incompetence so that view is simultaneously idiotic and totally reasonable to hold for anyone who pays attention to the news.

The greatest trick the devil ever pulled was convincing the world to never attribute to malice what could be explained by stupidity. The world has been a happier place ever since they fell for it. It's almost like the truth is depressing...

Re:Telemetry Free Version

[avandesande]

You might be right- but the idea that government workers are huddled around pentium 4s with a direct connection to the internet is stupid.

Re:Telemetry Free Version

Why would they? The telemetry goes right back to themselves.

Correction: it goes back to the boss at DoD. Ever heard of a boss monitoring the computers at work? Well this is one step further where the monitoring feature is a build into the operation system itself. No 3rd party addons required.

Re:Telemetry Free Version

[guruevi]

Although it is a fact? Perhaps not P4's any more but my local DMV has Dell's with Core M's with a "public WiFi" anyone can change the settings for. Why would the government need to replace a multi-billion firewall (EINSTEIN) if they're not directly connected to the Internet (https://en.wikipedia.org/wiki/List_of_assigned_/8_IPv4_address_blocks#List_of_assigned_.2F8_blocks_to_the_United_States_Department_of_Defense)?

Re:Telemetry Free Version

[Thor+Ablestar]

The hive of cryptic keywords needing a special education and a special documentation to understand and having no place for comments is a security breach by itself.

Re:Telemetry Free Version

[arglebargle_xiv]

I would say Microsoft is pretty brave here, deploying Windows Extra Suckage edition to a client with access to tactical nuclear weapons...

Re:Telemetry Free Version

[antdude]

Does the enterprise verision do this too?

Re:Telemetry Free Version

[Aighearach]

If they were directly connected to the internet... they wouldn't need to worry about replacing a giant firewall, because that implies they're going around it anyways. ;)

Using an internet-routeable IP address allows systems outside their intranet to talk to the gateway about specific services on specific machines. It does not imply that those machines are directly accessible from the outside; it just means that they don't need a giant NAT gateway.

It may indeed by a dubious setup. The way they appear to have it set up is not a way that I would recommend to a large client. However, you seem to speculate without understanding the details you point to. "Directly connected to the internet" is not necessarily the same thing as "has an internet-routeable address." If it can only be accessed via a gateway, the connection may or may not be considered "direct" depending on the specific architecture. There may indeed be no way to connect to it directly from the outside, but perhaps you can still send email to that IP address, as an example.

You'd have to actually have specific knowledge of their network to know. Simply knowing that they're using some large number of IP4 addresses doesn't tell you anything, even if you knew that they were assigning them to workstations.

Re:Telemetry Free Version

[thegarbz]

I'm assuming they've got a special version from Microsoft that isn't constantly collecting telemetry data, even when specifically disabled.

Like the Enterprise releases available to everyone willing to pay for it and apply group policies to it?

No need to monitor the employees

We already outsourced that to Microsoft.

Cortana

I wonder if the DOD will send their typing and inking data to Microsoft so it can get to know them better...

Re:Cortana

[war4peace]

Disabled by policy, so no.
I type from such a machine, it has Windows 10 on it but telemetry is disabled by policies.

Re:Cortana

Let's play Global Thermonuclear War.

"Would you like to play a game?"

          - Joshua

Re:Cortana

All your Windows 10 are belong to us!

self telemetry

no issue at all

And therefore, every miscreant in the WORLD!

God Save Us Now!

Microsoft telemetry

We know what you know.

Three possibilities

[LichtSpektren]

1) The DoD are getting a special spyware-free version of Windows 10. (Remember, even the standard Windows 10 Enterprise will pervasively spy on its users, despite what many Microsoft shills have flaunted.)
2) The DoD do not care that there is spyware in Windows 10, because Microsoft shares all the data with them anyway.
3) This deal was made behind closed doors months or years before Windows 10 was production ready, and as a result, nobody dared to check if Windows 10 would actually be a good product for the DoD.

Re:Three possibilities

4) The DoD has been allowed to analyze the data in the telemetry and determined that it is just UI usage rates once the Cortana voice-search was disabled.

Re:Three possibilities

[LichtSpektren]

4) The DoD has been allowed to analyze the data in the telemetry and determined that it is just UI usage rates once the Cortana voice-search was disabled.

I wonder what the other 106 domains are for, then.

Re:Three possibilities

2a) The DoD requires that there is spyware in Windows 10, because Microsoft shares all the data with them anyway, so they can do in-house surveillance on their workers as well.

Re:Three possibilities

[zlives]

seal of approval doesn't mean they are actually installing it, or installing it on the internal network or running another vm over it or wiping it and installing winXP

Re:Three possibilities

1) If you're referring to the recent router block someone did then blogged about it, please refer back to the comments on those articles about how his test was completely wrong and misleading. The 3rd biggest issues of that was the OS wasn't connected to a domain. Microsoft has said the reporting gets disabled on domain connected computers. That shouldn't be too hard to demonstrate yet know one has bothered to try.
2) Almost all businesses spy on their employees and perform man-in-the-middle attacks to counter spam, exploits, and data leaks. There's no need to get the data from a 3rd party. They install their own logging and auditing software directly on their computers.
3) For such a deal to have existed, that means Microsoft planned for 8.0 to fail and expected to release a 8.1. They knew they were going to skip 9 and regress a lot of the UI development for Windows 10. Do you really believe Microsoft is such a mastermind and is choosing to look foolish, annoy everybody, and lose market share just for laughs?

Lunatic anti-M$ people are worse than MS fanboys and marketing shills.

Re:Three possibilities

ad.doubleclick.net

Gee, I wonder...

Re:Three possibilities

[Cro+Magnon]

#4) This deal was made behind closed doors after Windows 10 was production ready (or as ready as it got), and as a result, nobody dared to check if Windows 10 would actually be a good product for the DoD.

Re:Three possibilities

[bondsbw]

There's no indication I could find that ad.doubleclick.net was listed because of Windows directly. It is likely included for convenience because it blocks the numerous sites and apps that use it, while most ad blockers only block sites in a single browser. (And because Edge doesn't yet support extensions, making the hosts file the easiest way to block ads in Edge.)

Re:Three possibilities

[AmiMoJo]

Windows 10 Enterprise doesn't spy on you. Some of the default shit that is installed by default does, just like every previous version of Windows. Uninstall and disable that and you are golden.

Presumably the DoD has done that, created an image to deploy and set their grip t policies appropriately. Since they are on the slow track where they only get security fixes, it's actually easier for them than with previous versions.

Re:Three possibilities

The 4th possibility contains the real answer:

There are SEVEN million DOD computers.
Unless my math is bad, that leaves THREE MILLION computers they decided NOT to upgrade !?!

Microsoft Misses out on 3 MILLION installs...

That sounds like it might be enough to store the good stuff on :O

Re:Three possibilities

[EndlessNameless]

The article is vague, but the DoD is moving en masse to Windows 10.

There are very important security enhancements for enterprise customers, which I assume is the reason for the big push.

http://www.theverge.com/2016/2...

Re:Three possibilities

Bullshit on all 3 points.

Re:Three possibilities

[zlives]

i agree, lots of assumptions and not enough info. sounds too much like marketing.

Re:Three possibilities

yes.

Re:Three possibilities

who cares about the telemetry. that's what firewalls are for.

Re:Three possibilities

[thegarbz]

(Remember, even the standard Windows 10 Enterprise will pervasively spy on its users, despite what many Microsoft shills have flaunted.)

[Citation Required]

Re:Three possibilities

It still shouldn't be in that list, if only because it isn't a fucking Microsoft domain (Google own doubleclick) and makes you wonder about the legitimacy of the rest of them.

Re:Three possibilities

[david_thornley]

Typically, the government is very interested in keeping its stuff secret and keeping everybody else's secret stuff also. The like the flow of secrets to be one-way.

As a government IT contractor...

[__aaclcg7560]

I love job security. Bring it on, Microsoft!

Re:As a government IT contractor...

[LichtSpektren]

I love job security. Bring it on, Microsoft!

Rather akin to a paramedic cheering whenever there's a natural disaster....

Re:As a government IT contractor...

[jellomizer]

He said he was a Government Contractor. Right in the title.

Re:As a government IT contractor...

[zlives]

which makes it more like a lawyer

Re:As a government IT contractor...

[__aaclcg7560]

Rather akin to a paramedic cheering whenever there's a natural disaster.

More like whack-a-mole on Ground Hog Day.

Re:As a government IT contractor...

[ohearn]

Right there with you. Not looking forward to when the organization I support eventually makes the swap. They have already stated that they will, but not a timeline for it yet. At least in the DOD world, a lot of Win10's phoning home can be stopped by simply blocking the appropriate ports on the organization's perimeter firewalls (and praying that it doesn't lead to the OS deactivating itself)

Re:As a government IT contractor...

Except those affected are less likely to you know, die when windows 10 gets installed and goes haywire (By what magnitude is another matter entirely)

Re:As a government IT contractor...

[dontbgay]

Your sig just got a lot more ironic.

Re:As a government IT contractor...

Or you license Windows properly and use KMS so you don't have to worry about Windows losing activation.

Re:As a government IT contractor...

[Aighearach]

Rather akin to a paramedic cheering whenever there's a natural disaster....

I don't care if they cheer while running for their smock, I care about if they run out in the street and try to save my ass.

Re:As a government IT contractor...

Paramedic wouldn't cheer. Lawyers, though. Well, no cheering, just shark-like smiles.

Microsoft blog post on this

[weedjams]

https://blogs.windows.com/wind...

Re:San Bernardino Shooting Story Shot Full of Hole

Lol. Everything is a "false flag" now. This seems to be the stylish phrase in conspiracy theory right now. Remember, it used to be reptilians, and before that, it was the illuminati.

Ten years from now...

as Manhattan Island is marked off-limits for a geologic timescale, "how could we have been so foolish?"

The telemetry goes right back to themselves.

[JcMorin]

I think this is mostly correct. :)

Re:The telemetry goes right back to themselves.

Assuming someone else doesn't find a way to hack into the telemetry "features" and redirect that information to a less than friendly, and less than microsoft, recipient. That's part of the real problem behind all this intrusive spying Microsoft's doing. It makes a big ass honeypot for criminals to try to crack. Now that the US government is being added to the honeypot, I wouldn't doubt foreign hacking groups are probably going to be stepping up their game.

Re:The telemetry goes right back to themselves.

If not themselves, then most certainly the NSA...

DoD? What about the Department of Navy?

[IT.luddite]

Gotta wonder if this will replace all those XP machines that the Navy still has? http://tech.slashdot.org/story...

our secrets are safe with us?

makes at least as much sense as hymens?

Re:Linux fails again.

Very droll, prime minister.

Officially Certified Surfaces?

They better be getting hardened Surface devices...my experience with these things is that they're the some of the most fragile things ever. The Wifi/Bluetooth card is wonky, and the hardware is highly prone to malfunction. We've had about a 65% rate of needing to send these in under the warranties for various issues.

Yes, some users are not gentle with them. Yes some devices come back obviously dropped. But the Surfaces Pro 3's have been nothing but headaches for me, and the Pro 4's are even worse.

Re: Linux fails again.

How is it a failure of Linux that the federal RFPs always state that "only a Microsoft solution will be accepted?"

Thanks to linux

The pentagon get 4 million "free" upgrades ;-)

Re:Thanks to linux

[bobbied]

Worth every penny they paid for it.....

Actually, I don't believe the volume license terms gives you the right to just upgrade all your windows 7 boxes to 10 like the full up individual licenses we have on hardware for home and small business use. The DOD will be paying for this mainly because they likely use volume licenses to start with and pay yearly for the privilege. There may not be much change in their license costs though, as Microsoft is clearly advantaged when they can more easily drop support for the older stuff and cay drop the teams of developers required. I'm sure Microsoft made the DOD an offer they couldn't refuse price wise...

Re:Thanks to linux

[EndlessNameless]

Software Assurance provides the right to upgrade to newly released versions of Windows. If they have it, they can upgrade at will.

If the enterprise doesn't have SA, they have to buy new Windows licenses like everybody else when a new version comes out.

If the DoD bought and maintained SA on its licenses, then it was eligible to upgrade its installations the day Windows 10 was released.

I have to deal with this where I work, so I know Microsoft publishes the Windows ISOs to their volume licensing site that day.

Star Wars...

I felt a great disturbance in the Force, as if millions of hackers suddenly screamed out in glee....

Re:Star Wars...

...Chinese hackers...

Re: Linux fails again.

If you can answer the question *why* the federal RFPs always state that (without copping out to some lame conspiracy theory), then you will have your answer, grasshopper.

Windows 10 To Be Installed...

[wonkey_monkey]

Windows 10 To Be Installed On 4 Million US Department of Defense Computers

They didn't want it; it's just going to happen.

Re:DoD? What about the Department of Navy?

[jfdavis668]

They are replacing them as fast as possible. The Navy is a big organization.

Re:DoD? What about the Department of Navy?

[bobbied]

Unlikely if they host legacy applications which will cost money to port forward to 10.

I'm aware of a lot of legacy applications which continue to run on OS choices as old as Windows 98 and likely will for as long as somebody can find hardware that Windows 98 can run on. Sometimes it's just too expensive to port and validate legacy applications and you take the security risks of running unsupported operating systems.

In the case of the Navy, they are still depending on Nuclear Missile systems designed in the 60's and built in the 70's for our nation's defense. One could imagine the whole system hasn't been substantially changed in 40+ years. Why are we surprised that they have legacy applications running on XP? I'm guessing there is stuff out there which is far older upon which our nation's defense rests.

"another 4 million to bray about"

[LichtSpektren]

bray
noun
1.
the loud, harsh cry of a donkey.

Sounds about right....

Re:"another 4 million to bray about"

Um yeah, that's why they wrote it. What is your point anyway?

Cortana

[dstyle5]

Let's play Global Thermonuclear War.

and china and russia

[WindBourne]

thanks the DOD for all of the future information that they will be passing on to them.

And we are boned.....

[Lumpy]

North Korea will start something and we will be unable to respond...

It's the beginning of the end people..... Doom...... DOOOOOOOOOOOOoOOOOOOOOooOOOOoOOooooooommmmm.......

It's the network

The DOD network doesn't let one packet go where it doesn't say it's allowed. I am sure that these are only allowed to play on the most insecure layer.

Enterprise can turn off telemetry

[Ryan+McLaughlin]

As stated here http://windowsitpro.com/window...

and here https://technet.microsoft.com/...

enterprise users can turn off telemetry. Everyone else only gets to set it to basic.

Manage your telemetry settings You can manage your telemetry settings using the management tools you’re already using, such as Group Policy, MDM, or Windows Provisioning. You can also manually change your settings using Registry Editor. Setting your telemetry levels through a management policy overrides any device-level settings.
You can set your organization’s devices to use 1 of 4 telemetry levels:
Security (only available on Windows 10 Enterprise, Windows 10 Education, and Windows 10 IoT Core (IoT Core) editions)
Basic
Enhanced
Full

Re:Enterprise can turn off telemetry

Enterprise users are told they can turn off telemetry. There will even be settings marked, roughly, "turn off telemetry". But will the software respect the settings?

And will every software update ever made to the software never ever ever turn telemetry back on? You know, like updates did to Windows 7 and 8, even for users who had opted out of Microsoft's Customer Experience Improvement Program?

You may bet your home computer on it. You may even bet your company's computers on it. Should we bet our country's defense on it?

Re:Enterprise can turn off telemetry

enterprise users can turn off telemetry.

You can set your organization’s devices to use 1 of 4 telemetry levels:
Security (only available on Windows 10 Enterprise, Windows 10 Education, and Windows 10 IoT Core (IoT Core) editions)
Basic
Enhanced
Full

But what is the Security level? It doesn't suggest that it's an equivalent of Off. Looking further into the Microsoft link you provided, you can see what the Security level is.

It includes 3 classes of data:

Connected User Experience and Telemetry component settings (which cannot be shut off)
Malicious Software Removal Tool (which you can turn off somehow)
Windows Defender (which you can turn off somehow)

I find it horrible that the setting with the word Telemetry cannot be disabled. YMMV.

Re:Enterprise can turn off telemetry

[Ryan+McLaughlin]

You did not give an exact quote so it is easy to misunderstand. Here is an exact quote

Security. Information that’s required to help keep Windows secure, including info about the Connected User Experience and Telemetry component settings, the Malicious Software Removal Tool, and Windows Defender. This level is available only on Windows 10 Enterprise, Windows 10 Education, Windows 10 Mobile Enterprise, and IoT Core.

My understanding is that "info about the Connected User Experience and Telemetry component settings" is only going to provide info on what settings you chose, so if you chose the security setting, Microsoft will know.

Re:Enterprise can turn off telemetry

[thegarbz]

But will the software respect the settings?

Yes because Microsoft shits on regular users but happily licks the boots of volume licensors.

As long as you have the unlimited

Ability to tax why not waste it like that.
If I were in charge we would have a roll our own federal flavor of Linux.
In desktop server and main frame.

Re:As long as you have the unlimited

And then you still need to deploy and support applications that only run on Windows. Or build your own applications. Either of which will make your endeavor a huge money sink.

MS to DoD:

[some+old+guy]

All your bases are belong to us!

Makes sense

The US government spying on itself.

Re:DoD? What about the Department of Navy?

Thankfully, none of those nuclear missile systems are dependent upon any variant of Microsoft products. While continued Windows XP usage is unfortunate, I really doubt they're running anything critical; they're just exploit vectors.

Re: San Bernardino Shooting Story Shot Full of Hol

[jxander]

That's just what the illuminati want you to believe.

It looks like you are trying to

[Snufu]

vaporize a nation. Would you like help?

-- Nuke from orbit.
-- Do not nuke from orbit.

Re:It looks like you are trying to

[jbeaupre]

And clicking on the Cancel button will do nothing.

Seriously, what is it with MS dialogs where the Cancel button does nothing. WTF?

Re:It looks like you are trying to

[bobbied]

Would you prefer an "ARE YOU SURE?" dialog that only has the "OK" button?

Well of course

Well of course the US government is going to buy Windows 10 (enterprise edition, with a lot of firewalling and deep knowledge of how the software works).

And of course this is going to be presented as proof that Windows 10 isn't a spying nightmare.

But of more interest to me would be a list of countries whose defense departments will NOT adopt Windows 10 (except perhaps for strictly offline applications). I bet the list is long ... and growing.

Cortana Speaks..

[nanospook]

"The only way to win.. is not to play"

Promotion

[saccade.com]

So which former general just got promoted to Microsoft Executive VP of Government Sales?

Re:Promotion

[bobbied]

There are rules for this kind of thing... Microsoft will be in serious trouble if they do what you suggest, as will that former general...

And I Imagine It Goes Something Like...

*update pop-up*

Do you want to know where ISIS is? Click here to proceed!

*click, install begins*

Sorry, but...

1. I'm not interested in Windows 10. It does not work for me.
2. I'm not planning to attack the US. Nor have I any meaningful defense if attacked by them. Thus, the DoD simply does not exist for me.
3. At work, W7 is showing (heavy) signs of failure, possibly related to M$' need that we pay them more (again).
4. I'm happy as clam with Linux, except for UEFI (aka M$) and systemd (AFAIU a necessary evil to lessen distribution developers workload).

I've been noticing a lot of news about M$ as of late (even before /. being sold).

Maybe I'm biased, but I'd like to read more news about Linux applications (for instance) and less about how to circumvent Windows many, many problems.

TIA, sincerely,

AC.

Re:Sorry, but...

Systemd a necessary evil?
There's a big difference between creating standardized interfaces for managing boot/crgroups/whatever and replacing all the basic daemons with your own version.

Re:Sorry, but...

Why does it exist?

The current view AFAIU is that it helps the distro folks do their work. I can't even fathom whether this is true or not. Objectively what happens is that some base distributions (Fedora, Debian, Ubuntu) adopted it and a lot of derivatives followed these.

What I know is that systemd doesn't help as an end-user; it also makes some good tutorials obsoletes. This happens from time to time in Linux, like those about network commands.

Can I complain? Realistically, those guys which make the distros I use are kinda heroes in my view. They do for free what others won't do even for money. I trust they wouldn't adopt systemd were it not for some meaningful advantages it may bring.

But I'd sure want more discussion about the benefits...

hair

Look at all these spastic comments from the Linux Hippy community.

Wanna know why the DoD is buying windows? Hair cuts.

Linux Hippy, you want a fat contract, then get a hair cut and show up looking like a citizen.

Col. Flag out.

Translation

[CanadianMacFan]

We couldn't figure out how to stop Windows 10 from installing so we're just going with it.

Wow, that's... amazing

[idontgno]

I would LOVE to see what the DODI 8510.01 RMF C&A package for this deployment would look like. Hell, the Ports, Protocols, and Services mapping alone would be breathtaking. (And, frankly, very useful for us mortals to study to find the other privacy backdoors the geek press hasn't cottoned on to yet.)

Let me clarify that last. To gain certification and accreditation to deploy a new software or hardware technology to a DoD network, you have to fully disclose all long-haul network access, down to which ingress or egress ports (or service numbers) using what transport protocol. All of them. So Microsoft's "phone-home" bullshit would have to be completely, explicitly, and accurately mapped.

*happy dance*

Well, a geek can dream.

Just what we need!

[mark_reh]

First the Republicans refuse to do their jobs and now they can be joined by the computers!

Number 5

[Bruce66423]

A number of senior administrators in the DoD have been offered jobs at MS...

Re:DoD? What about the Department of Navy?

posting AC, but as a Navy organization, we have until Jan 2017 to upgrade all of our machines to Win 10. We can apply for a local-organization 1-year waiver to push it back to Jan 2018. Then after that, if another waiver is needed, we have to go to the DoD CIO for an additional waiver. Those won't happen much.

As part of a software team that is porting stuff to Win 10...yes, it's not trivial, especially when your compiler is several iterations out of date, which you're forced to upgrade first.

In Soviet Russia...

[Thor+Ablestar]

... the Polite Men In Green use the MSVS (Modulnaya Sistema Vooruzhennyh Sil - Modular System of Armed Forces). It's basically hardened Linux and I've seen it on torrents (had no time to check it). Moreover, they use SPARC computers so unless the malware is cross-platform it has no chance to survive. Also, MSVS can work on much weaker equipment than Windows 10.

In Soviet Russia, WIndows activates YOU!

[Thor+Ablestar]

In other words, if I work in a large Soviet Russian military organization and something becomes wrong (WWIII for instance. Or just an idea of your Congress to apply more sanctions) the Windows installations would work 2 weeks and then fail.

Anyone remember what a network is

Having been IN a service branch with an MOS of 25B, I would like to point out that everyone is forgetting, these systems will all be on one or more DoD networks, where NO traffic is going directly to MS. It will ALL be heavily filtered multiple times before it can get out the door, and I guarantee telemetry won't be going. Do anyone of you babbling about Win10's info gathering remember what the hell a network is? What about a firewall? Proxy? Packet filter? Anyone?

As for the surfaces, they won't be getting a rating for heavy field use like a Panasonic toughbook (AN/GYK50 aka the "geek50")....

A Huge Waste of our Tax Dollars

What a huge and senseless waste of taxpayer dollars. This money could be spent in far better ways (not the least of which would be fixing patent and copyright laws and processes) rather than bolstering a monopoly that employs criminal extortion as a standard business practice.

Re: Linux fails again.

[armanox]

Actually, there isn't a good why. For a lot of solutions there are plenty of Microsoft competitors that provide products that are at least as good as the Microsoft solution.

Widnows 10 does not exist in a vacuum!

A lot of people that think they know more than they do are getting bent out of shape by the DoD deploying Windows 10, potentially (just saying, did not see a whole lot of Windows 8 machines in *my* Service). Don't forget, the OS doesn't live in a vacuum. There are going to be network controls in place to prevent the egress of data *regardless* of the operating systems running on the network. And there are limited numbers of entry points to the public Internet that are all closely monitored.

Windows 10 can try to siphon data all it wants. If your layer 7 edge device is configured properly, it can't establish a tunnel back to the world anyways...

Candy Crush included?

Did they also approve Candy Crush Soda Saga which apparently is installed by default in Windows 10 Enterprise? At least it is in our company. Microsoft still handles the design policy of their operating systems like a bunch of fucking amateurs.

Pro != Enterprise

Who wrote this summary? Pro, with its telemetry, != Enterprise, with its options to turn telemetry off