Microsoft Telemetry Collection, Explained

New submitter Poohsticks writes: There's a nice breakdown of the updated information from Microsoft about what they are doing with the telemetry data that Windows 10 is collecting (original Technet article here) by Chris Williams at The Register. Interesting finds that better explain what's happening with that data (and how to control it).

SubjectsInCommentsAreStupidCauseTheSubjectIsTFA

[lesincompetent]

Very little is explained. And there's no OFF setting.
Fuck Microsoft, hard.

Re:SubjectsInCommentsAreStupidCauseTheSubjectIsTFA

[buck-yar]

Found this on reddit:

I've seen theres a lot of speculation on whether the observed network connections from Windows 10 with privacy options on are actually spying or not, and figured some actual evidence would be in order.

Anyone can recreate this for themselves:

                Fresh install of Windows 10.
                Set all privacy options to off, disable cortana, disable web search
                Ensure all updates are done. Close all programs.
                Install Fiddler, and enable HTTPS sniffing. (If you use wireshark, you wont be able to view the HTTPS)
                Press stream in fiddler.
                Click the windows search bar, type any letter, watch the HTTPS session to bing.com appear.

Im still trying to figure out exactly what it is that it is transmitting, but its for sure sending a user-agent string that identifies itself as Cortana.

Some observed behaviors:

                Clicking on a link from an application (in this case, a download link from within Fiddler) submits the URL you are visiting to urs.microsoft.com.
                Opening applications-- even with SmartScreen disabled-- opens sessions to apprep.smartscreen.microsoft.com and, among other things, submits the hash of the application. EDIT: Apparently you must also disable smartscreen in edge. Even so, it will initiate a connection to w.apprep.smartscreen.microsoft.com
                Typing anything into the search bar will, regardless of settings, initiate an HTTPS session to www.bing.com. It will transmit a cookie, though so far I have not seen anything in there that looks like keystroke monitoring, as the only thing that appears to change between attempts is an HV section of the cookie. It appears to be downloading javascript, and submitting identifying data (screen resolution, install date, SID). The URL it uses is https://www.bing.com/manifest/... [bing.com]
                Opening the settings app and going into account options sometimes opens a session to public-family.api.account.microsoft.com:443. I suppose this would be expected.

Stop Writing Software for Windows

Most people here have been commenting with something like "Stop Using Windows", but I think this is the wrong message.

Considering the audience here on Slashdot, the true message to share and discuss is: "Stop Writing Software for Windows".

My software company has just ruled out all future Windows development. Yes, that means we'll lose some clients, and yes, that means we will have some customer training issues to resolve. But compared to the clusterfuck that is Windows10, it was actually a pretty easy decision for us to make. If Microsoft wants to be a part of the future of software development then they will need to continue to push .NET onto cross platform, and clean up that Mono license so that we can all use it with confidence. Otherwise, Microsoft software development is dead. Sure, not now, not in five years, but this is it: the beginning of the end.

So stop writing software for Windows and watch the world change...for the better.

Re:Stop Writing Software for Windows

[Voyager529]

Do they still write software for Windows? [...] I think if you have 3 pages of anti-virus software and 1 page of education titles, that's a dead OS! There's still quite a few games for Windows, but nothing like the choice on Steam.

Yes, plenty. It's just not sold on Newegg.

Every law firm I do work for uses a program called Worldox to keep case documents together, and most use TimeMatters to keep track of their billable hours.

While Electronic Medical Records are usually done via a website of some kind, the software that runs the X-Ray machines and 101 other medical diagnostic devices all run on Windows. So do Dentrix and Dexis, the software that probably runs your dentist's office.

The applications used by auto mechanics to diagnose issues with cars, like Mitchell, is almost all Windows-only.

While browser-based CRM applications like SugarCRM are making definite inroads, a number of companies are still locked into Act.

Quickbooks runs on Windows, and if you think Microsoft has a lock-in with Office, you have yet to see the death stares that you'll get at the mention of the possibility of moving away from Quickbooks...and the browser based alternatives are not drop-in replacements just yet.

Some very new, low-volume startup restaurants can use iPads as point-of-sale machines, but the vast majority of PoS systems are Windows specific, especially if they need to integrate with other software.

While there was an article last week about doing audio engineering on Linux, Windows and OSX are the places where you'll find formal support from the hardware developers and plug-in creators, and the story repeats itself for video creation.

Most reasonably-sized offices have had their furniture layout rendered in something like 20/20 Giza, which conveniently segues me to the whole cottage industry around AutoCAD.

The LED marquee signs in storefront windows and the scoreboards at sporting events have their content designed and uploaded with something like Venus 1500, and the intelligent lights at those ballgames may well be controlled with Lightjockey or Compushow - even many of the dedicated hardware lighting boards run on an embedded version of Windows.

Your local moderate-sized accounting firm probably uses something like ProsystemFX Engagement, which is kinda like Git for accounting ledgers. Circling back to Office, much of the value-add for the heavy users is not necessarily that LibreOffice isn't as good as Excel, but that there are many Excel-specific plug-ins that pull data from other places and streamline layouts.

The list of niche industry-vertical software that's Windows only is about as large as your most recent Yellow Pages - virtually every industry has a handful of software vendors specializing in that niche. If you're a software developer, sure, Eclipse, notepad and a web browser are interchangeable on basically everything, so writing C++ code on one OS is basically the same experience as writing C++ on another. Even server-side, Samba shares on Windows Server and Samba shares on FreeNAS are functionally identical to end users. The long tail, on Windows, is a very powerful thing - and you won't see that software for sale on Newegg.

Ok, let's suppose its all true.

[Z80a]

We're still talking about a lot of basically untested internet aware services running on your background that have a microsoft tier of security, which means it is probably exploitable the hell and back, and basically identical on every single windows 10 box.

That sounds like a gros michel banana scenario here pretty much, where someone with evil intentions would be able to abuse one of those flaws and pretty much wipe out a large quantity of windows 10 machines if not all of em in a whim.

Re: Ok, let's suppose its all true.

[gstoddart]

That's a FUD stretch. There's been no suggestion that any telemetry stuff accepts inbound connections.

Sorry, but that is complete and utter bullshit .. or at least, there is an indirect mechanism:

Full is where things get a little dicey, depending on how much you prize your privacy. If your system reports back strange crashes that Microsoft techies can't get their heads around, they can request extra data from your machine, which Windows 10 will hand over under remote control if management approves. This extra information can include some of your files so the engineers can recreate the exact crash in their labs using your data and apps. Microsofties can also run diagnostic tools on your system to gather more evidence. Here's Microsoft's explanation of the process:
Before more info is gathered, Microsoft's privacy governance team, including privacy and other subject matter experts, must approve the diagnostics request made by a Microsoft engineer. If the request is approved, Microsoft engineers can use the following capabilities to get the information:
Ability to run a limited, pre-approved list of Microsoft certified diagnostic tools, such as msinfo32.exe, powercfg.exe, and dxdiag.exe.
Ability to get registry keys.
Ability to gather user content, such as documents, if they might have been the trigger for the issue.

If Microsoft engineers can request information about your machine -- like we're meant to believe they're sitting around looking for problems on everybody's machine -- then that either has to be a push to you, or on your next upload you get sent a payload which says "gather the following".

But you'll notice it says "remote control" and provides a mechanism to run programs - which tells me there is now a mechanism to remotely control machines and run software. Like that won't get exploited real quick.

They're using this because Windows 10 is essentially an extended fucking beta where they're building it as they go, and want to measure how much of a shit job they're doing.

And if most versions can't select the Security only policy, what's to say that it won't be long before you can't deselect full?

Sorry, but Microsoft has given themselves the right to do remote administration and data gathering ... and for all but the ones which can select Security, they'll do it in such a way that they can personally identify you. Oh, and apparently they'll gather some of your documents as well.

No fucking way we can trust them with this, because as soon as they have the ability to tell your computer to package up some data and send it to them, some asshole in law enforcement is going to demand they misuse it. And don't say they won't, because that's exactly the kind of shit law enforcement and the security agencies are doing. No way they won't show up with an NSL demanding information and forbidding Microsoft from admitting to it.

There needs to be a setting which says "you mayyro.slashdot.orgumstances collect any information as I do not consent to it". If there isn't, Windows 10 is going to cause Microsoft headaches they can't even begin to imagine ... starting with any country which has privacy laws that a fucking EULA can't overrule.

Some of what is described should be illegal for them to do. In fact, in some places, I'm pretty sure it is.

Personally, I don't care

[jenningsthecat]

The founder of the company has sided with the DOJ against Apple. And Microsoft seems only to have gotten worse since Gates handed over the reins. That tells me all I need to know about Microsoft's trustworthiness as far as user privacy is concerned. Even if telemetry truly can be fully disabled, who's to say it won't be re-introduced without notice? Microsoft is sneaky that way.

I almost wish I was still a Windows user so I could quit in protest, but I moved to Linux almost 10 years ago and haven't looked back. I feel for those who are stuck with it, for whatever reason. I never thought I would say this, but if my only two choices were Apple and MS, I'd choose Apple.

Telemetry = spying END OF DISCUSSION.

[TractorBarry]

> what they are doing with the telemetry data that Windows 10 is collecting ?

They're spying on you with no way to turn it off. That *IS* what they're doing. Windows 10 *IS* spyware. let's go through the questions... again...

1 Downloads itself to your machine without you specifically asking for it ? YES

2 Aggressively attempts to install itself taking over your computer in the process ? YES

3 Sends unknown and/or encrypted data to unknown third parties ? YES

4 Sends personally identifying information to unknown third parties ? YES

5 Easy to remove ? NO

Hmmm... Looks like spyware, smells like spyware, walks like spyware and talks like spyware. Windows 10 *IS* spyware.

Anyone willingly using it is a moron. Microsoft shills go f**** yourself.

Re:A Nice Breakdown from Microsoft!!

[PetiePooo]

A new record! The top post immediately invokes Godwin's Law. WTG!!!

All references to that aside, though, holy cow! Let's not make it easy for anyone, and make sure those running the cheapest versions have no choice...

No thanks.