Visual Studio 2015 C++ Compiler Secretly Inserts Telemetry Code Into Binaries (infoq.com)

← Back to Stories (view on slashdot.org)

Visual Studio 2015 C++ Compiler Secretly Inserts Telemetry Code Into Binaries (infoq.com)

Posted by msmash on Friday June 10, 2016 @02:00AM from the Microsoft-things dept.

Reader edxwelch writes: Reddit user sammiesdog discovered recently that Visual Studio 2015 C++ compiler was inserting calls to a Microsoft telemetry function into binaries. "I compiled a simple program with only main(). When looking at the compiled binary in IDA, I see a call for telemetry_main_invoke_trigger and telemetry_main_return_trigger. I cannot find documentation for these calls, either on the web or in the options page," he wrote. Only after the discovery did Steve Carroll, the dev manager for Visual C++ admit to the "feature" and posted a workaround to remove it.A Microsoft spokesperson confirmed the existence of this behavior to InfoQ, adding that the company wil be removing it in a future preview build. For those who wish to get rid of it, the blog writes: Users who have a copy of VS2015 Update 2 and wish to turn off the telemetry functionality currently being compiled into their code should add notelemetry.obj to their linker command line.

30 of 421 comments (clear)

Min score:

Reason:

Sort:

MS Spyware by allo · 2016-06-10 02:04 · Score: 5, Insightful

No escape.
1. Re:MS Spyware by Assmasher · 2016-06-10 02:21 · Score: 4, Interesting
  
  Found in release builds.
  
  --
  Loading...
2. Re:MS Spyware by bondsbw · 2016-06-10 02:48 · Score: 4, Informative
  
  Do you think that "debug performance telemetry" should be in a mission critical embedded application build in release mode? Do you?
  I don't believe any mission critical application (or any production application) should be built in unreleased software.
  That said, I'm pretty pissed about this, Microsoft is screwing themselves over by withholding things like this until they get found out, and by not making it a simple obvious setting that remains the way you left it. I'm ok with the idea of telemetry, but that should be my decision, not theirs. I'm not ok with how they push it on everyone. Doing this to developers is burning some of the only good bridges they have left.
  
  --
  All my liberal friends think I'm a conservative, all my conservative friends think I'm a liberal.
3. Re:MS Spyware by Anonymous Coward · 2016-06-10 03:11 · Score: 4, Insightful
  
  Quote from wiki
  "Visual Studio "15" Preview 2 was released 10 May 2016."
  In other words, this isn't a final MS product. Think of it as more of a beta. Aka the other poster titling it "unreleased". He meant more than it's not a retail build. It also has telemetry. However it's still inexcusable that MS did this without notification. So MS is at fault here. And I don't believe for a minute they would have removed it before final build. See win 10.
  On the other hand, it's also a STUPID move for developers to program production applications in a preview product.
  Production meaning, you are deploying it, you are giving it to customers, you are selling it, etc.
  No one with a clue should have released any software built in this non final build version.
  Doing anything in a preview/beta product you run huge risks of a screwup biting you on the butt.
  EXACTLY LIKE THIS .
  So if anyone had used this to release production software, they would be at fault for doing it with preview/beta crap from MS.
4. Re:MS Spyware by bondsbw · 2016-06-10 03:31 · Score: 4, Informative
  
  You seem to have stopped before reading to the end of the sentence. I went on to say:
  
  but that should be my decision, not theirs.
  It's the same reason you give feedback for beta software, you want to help make the final product better. Either way, regardless of whether it's automated, it should still be your choice.
  
  --
  All my liberal friends think I'm a conservative, all my conservative friends think I'm a liberal.
5. Re:MS Spyware by cfalcon · 2016-06-10 03:38 · Score: 5, Insightful
  
  > Debug performance telemetry? Yep. Clearly spyware.
  While Microsoft offers a profiler, this is NOT that. I'm puzzled how someone could could confuse the two. Profilers / debuggers / all manner of code analysis tools are all hooks that allow the developer (not Microsoft) to analyze how something works in development. They are usually stripped out of release builds, but, more importantly, are only ever present at the convenience of the developer.
  The mysterious telemetry calls are not even claimed by MICROSOFT to be debugging or profile hooks. "The event data can only be interpreted if a customer gives us symbol information (i.e. PDBs) so this data is only applicable to customers that are actively seeking help from us and are willing to share these PDBs as part of their investigation. ". This means that the hooks make data available to a telemetry subsystem, on production code, which Microsoft can usefully access in some fashion- while to make use of this in any way would require a developer to know about it (it is not publicized), contact the "right" part of Microsoft (which no one knows), and ask to use the data Microsoft has been collecting about their shipped code, using an undocumented system to gather unknown data.
  If this was in any way benign:
  1- It would have been documented: you'd know what it gathers
  2- Microsoft would offer this data to the developer in some fashion, including what it is
  3- It would have been opt-in: you'd have to link in the telemetry, instead of linking it OUT.
  4- It wouldn't be present in secret on ALL code Microsoft compiles. This affects run times in some fashion, even if you ignore the massively spooky privacy issues.
  5- The data wouldn't be available for Microsoft's use, but not the developer: what right do they have to gather data on your code as you build it, much less on your code as it runs for your customer?
  This whole thing gets crazier. That Microsoft is putting hooks into as much code as they can may actually be illegal, or it may be buried in some document- all I know is, this is just what has been FOUND so far. Every couple weeks, someone finds more stuff. All of it is found by acting on some highly technical layer Microsoft hasn't been able to obscure yet. How much more is there? We really have no way to know.
6. Re:MS Spyware by pagebt · 2016-06-10 03:55 · Score: 5, Interesting
  
  It is documented. When this whole windows 10 is spyware thing started, I started searching. The telemetry is exactly that. how many times an application is run. For how long? did it exit clean or with errors? etc... Microsoft has been giving speeches @ Dev conferences for a while now shopping this new feature set. Not a secret. it it a service called "Application Insights" https://www.visualstudio.com/e... Nothing secret, an apparently an advertised service. Another way to make money for Microsoft, not spyware for nefarious purposes.
Apparently... by ChodaBoyUSA · 2016-06-10 02:04 · Score: 5, Insightful

Microsoft has shed all pretense of shame and is adamant to infect everything with their spyware/malware behavior. This is very unfortunate. They keep removing any remaining reason to stick with Windows over OSX or Linux. Sad.
1. Re:Apparently... by geoskd · 2016-06-10 02:36 · Score: 5, Interesting
  
  Or I could freely go to linux and ditch 99% of my software.
  Fortunately, that is simply not true. The vast majority of software will run under Linux in one way or another. The only major exceptions are games, and even many of those will work.
  The reality that Microsoft has been FUDing around for years is that Linux really is a viable alternative for almost every windows use case.
  Many people have a single application that will not run under windows. Something work related or a specific game. I have two such applications, and I am constantly reminding the developers of those applications that it is a race to see which happens first: they get a Linux version working or one of their competitors gets a Linux version working. I am a relatively small fry, but I am not the only one asking about it. In the mean time, I have two PCs. I have a Linux machine that does my day to day heavy lifting, and I have the windows machine that only ever turns on when I need to run one of those applications (about once or twice a month). The windows Box had automatic updates turned off and gutted the GWX, so I can never again trust it exposed to the network, which is fine because it will never again *be* exposed to the network. I added the cost of the hardware to the cost of the two software packages and that is the end of it.
  It should be noted that the free ( as in freedom ) versions of things I need run just fine on a core 2 quad with 2GB of ram, whereas the windows machine had to be an i5 or better with 4GB just to keep from pissing me off.
  Most everything from a users perspective in Ubuntu is pretty simple. Although I would call myself a power user, I rarely have to resort to that level to get things done, and even then, its mostly related to experimentation and learning. For just about everything I have tried to do, a google search for "apt-get xxx" finds exactly what I want.
  The user interface in Ubuntu is "good enough for grandma". With the advent of smartphones and tablets, and the radical differences between how windows works and tablets work, people have been primed to be able to learn some simple differences in UI pretty quickly. Almost everyone I have exposed to Ubuntu has taken to it easily enough. The one exception was completely computer illiterate before we started, and it took him a little longer than otherwise, because computers and tablets / etc... were all new to him.
  
  --
  I wish I had a good sig, but all the good ones are copyrighted
2. Re:Apparently... by johnnys · 2016-06-10 02:44 · Score: 4, Interesting
  
  What he said.
  A few years ago, I handed a netbook to my 80-year old father-in-law. He was used to a Windows PC, but he was visiting and he wanted to check the BBC website. After about 10 minutes I asked him if he knew that it was running Linux (Xubuntu) and he was surprised, as he had no problems at all doing just what he wanted to do.
  So Linux on the desktop Just Works. It is a genuine and viable alternative to anyone who wants to use a system that isn't continually monetizing *you* as the product to everyone's benefit except you.
  
  --
  Sometimes the "writing on the wall" is blood spatter...
3. Re:Apparently... by Aighearach · 2016-06-10 06:47 · Score: 4, Interesting
  
  I've been saying for awhile, post-anti-trust MS has finally realized that they can't leverage a monopoly and so don't gain from having lots of users/followers/fans who won't subscribe. They're in an intensive process right now to drive away the people who don't want to be part of their subscription-based future. Those people are just a dead weight to them, an expense, a liability. They're not the only option, they can't leverage being the default, and there is not significant financial value in being the default anymore. They can't use it to coerce additional payments or higher rates from wholesalers, so there isn't value in it.
  This is probably intentionally designed to drive away people who like to use their compiler, but consider subscription-style information flows to microsoft to be "spyware." Those people will never ever pay for the type of services that MS is building their future around. They are just past lovers who are guaranteed to become disgruntled and angry at some point, because MS has grown in a different direction than them, chosen a new and different lifestyle. It is time for these people to move on, find a new compiler, find a new OS, etc.
Next time it will be hidden better by flyingfsck · 2016-06-10 02:05 · Score: 5, Insightful

I suppose MS will learn from this and hide it better in the future.

--
Excuse me, but please get off my Pennisetum Clandestinum, eh!
1. Re:Next time it will be hidden better by null+etc. · 2016-06-10 02:55 · Score: 4, Insightful
  
  I suppose MS will learn from this and hide it better in the future.
  Or, they'll just update their operating system to dynamically inject telemetry into every executable that runs.
  Ooops, I hope I didn't just give Microsoft a new idea. Wait, they're probably already thought of it, and more.
Re:FUD - no, TREASON by scsirob · 2016-06-10 02:10 · Score: 5, Insightful

"It is just a way...." Really? REALLY??!? What the h*ll is Microsoft thinking.
Their compiler should do one thing and one thing only. Take the source and translate its instructions into machine code, so the computer performs the instructions as described in the source.. Nothing less. Nothing more. They have NO excuse whatsoever to include extra stuff to their benefit. Just that fact that you defend this behaviour is scary.

--
To Terminate, or not to Terminate, that's the question - SCSIROB
Re:FUD by MightyMartian · 2016-06-10 02:11 · Score: 5, Insightful

If it's telemetry it's bad. Period.
Imagine writing highly secure software only to find out the fucking compiler is placing a telemetry backend into the binary. Regardless of the purpose or intent out destination, it's bad.

--
The world's burning. Moped Jesus spotted on I50. Details at 11.
MS still the shitheel of the tech world by bazmail · 2016-06-10 02:13 · Score: 5, Insightful

Embedding malware via their compiler? Wow a new low

No matter how Nadella tries to spin things and give them a new image, MS still sucks worse than ever.
1. Re:MS still the shitheel of the tech world by Anonymous Coward · 2016-06-10 02:43 · Score: 5, Funny
  
  Embedding malware via their compiler? Wow a new low
  No matter how Nadella tries to spin things and give them a new image, MS still sucks worse than ever.
  The moment I'll believe that Microsoft has created a product that doesn't suck is when they start selling vacuum cleaners.
Re:HOLY FREAKIN' FRIP-FROP! by vadim_t · 2016-06-10 02:13 · Score: 5, Funny

He's not dead yet.
g++ adds same feature! by Anonymous Coward · 2016-06-10 02:13 · Score: 5, Funny

Little known fact: g++ has had the same ability to insert spyware for a long time. It's described about line 39885 of the manpage. All you have to do is invoke is via:
g++ --mrelocate --use-upper-reg-halfs --insert-telemetry-libs --mnetwork-lib --include-nsa-stubs --include-fbi-stubs --omit-eff-stubs --no-powerpc --no-fpu --disable-optimization --use-network-capture-prologs --fuck-snowden --section215-includes --fort-meade-includes --fiveeyes-libs --use-eschelon-libs --omit-greenwald-reporting --prism --enable-gchq-sharing myfile.cpp -o myfile
That does the same thing as Visual Studio. Easy peasy. Dunno why Microsoft always acts like they invented everything.
Bingo by Anonymous Coward · 2016-06-10 02:18 · Score: 5, Interesting

A Microsoft spokesperson confirmed the existence of this behavior to InfoQ, adding that the company wil bel removing it in a future preview build
...because it was finally discovered. If it hadn't been discovered, does anyone honestly think they would be removing it? Of course not.
Re:FUD - no, TREASON by Viol8 · 2016-06-10 02:27 · Score: 4, Insightful

Debugging symbols and hooks should be an OPT IN you idiot. Even if they're harmless they slow down the program and make the binary larger.
Now we know by Alumoi · 2016-06-10 02:35 · Score: 5, Funny

What compiler MS used for Windows 10.
'We did not add any telemetry in Windows 10. It was the compiler, I tell you.'
Ken Thompson Attack by goombah99 · 2016-06-10 02:37 · Score: 5, Insightful

Boy this is at the scale of the Ken Thompson attack. Compilers that insert backdoors
http://c2.com/cgi/wiki?TheKenT...

--
Some drink at the fountain of knowledge. Others just gargle.
1. Re:Ken Thompson Attack by Geoffrey.landis · 2016-06-10 03:06 · Score: 4, Informative
  
  Reading through the long Reddit thread, it looks as if the "telemetry" call saves the telemetry data locally; it does not seem to export it. So it's hard to call it "inserting backdoors".
  From https://www.reddit.com/r/cpp/c...
  
  [–]flashmozzg 68 points 1 month ago
  Apparently it's only VS15 feature. It logs at least when your app is executed. You can access logs via logman and tracerpt. Some investigation was done here recently: (lang: Russian) https://habrahabr.ru/post/2813...
  [–]sammiesdog[S] 30 points 1 month ago
  Are the logs a local feature (i.e. stays on the user's computer)?
  And can it be disabled?
  [–]flashmozzg 29 points 1 month ago
  Seems to be that way. At least right now they only keep main invoked/returned, exit/abort called and such. Nothing serious.
  The suggested way to disable it is adding this to your project:
  extern "C"
  {
  void _cdecl __vcrt_initialize_telemetry_provider() {}
  void _cdecl __telemetry_main_invoke_trigger() {}
  void _cdecl __telemetry_main_return_trigger() {}
  void _cdecl __vcrt_uninitialize_telemetry_provider() {}
  };
  
  --
  http://www.geoffreylandis.com
2. Re:Ken Thompson Attack by ljw1004 · 2016-06-10 05:11 · Score: 5, Insightful
  
  Boy this is at the scale of the Ken Thompson attack. Compilers that insert backdoors
  http://c2.com/cgi/wiki?TheKenT...
  No it's not. Ken Thompson's work was beautiful and subtle - a compiler disguised all evidence of its backdoor even when you write code to search for these backdoors or when you compile the compiler itself.
  If Ken Thompson had gone on stage to say "hay guys I made a compiler which inserts a call at the entrypoint of your program" -- well, that's trivial.
3. Re:Ken Thompson Attack by AntronArgaiv · 2016-06-10 06:17 · Score: 4, Informative
  
  Boy this is at the scale of the Ken Thompson attack. Compilers that insert backdoors
  http://c2.com/cgi/wiki?TheKenT...
  No, I think that requires one more level of indirection -- reinserting the backdoor in the compiler when it is recompiled without the backdoor.
Re:HOLY FREAKIN' FRIP-FROP! by geoskd · 2016-06-10 02:47 · Score: 5, Funny

He's not dead yet.
True, but if this doesn't give him a massive stroke, I don't know what will.

--
I wish I had a good sig, but all the good ones are copyrighted
Re:Where's the outrage over Firefox's telemetry? by Aruta · 2016-06-10 02:49 · Score: 5, Insightful

Difference, and it's a whopping one, is that the Firefox telemetry is fully documented on, shock-horror, the mozila site. You get it clear and simple, and if you don't like it, you don't use it.
The MS stuff was undocumented, and now they are making up BS excuses as to how it's for the developer's benefit.

--
This universe shipped by weight, not by volume. Some expansion of the contents may have occurred during shipment.
Classified or secure operations invalidated by goombah99 · 2016-06-10 03:03 · Score: 5, Interesting

So one can imagine a case where a program crashes and sends telemetry to microsoft from inside a secure computing enviornment or otherwise exports secret bussiness data. This could invalidate MS from all government computing.

--
Some drink at the fountain of knowledge. Others just gargle.
David A. Wheeler Defense to Ken Thompson Attack by tepples · 2016-06-10 07:13 · Score: 4, Interesting

Ken Thompson's work was beautiful and subtle - a compiler disguised all evidence of its backdoor even when you write code to search for these backdoors or when you compile the compiler itself.
True. But that works only when there's one compiler available for a particular language. If you bootstrap a compiler with three independent compilers, the backdoor is highly unlikely to persist into all three according to "Diverse Double-Compiling" by David A. Wheeler. Compile the compiler A with multiple compilers B, C, and D, and then compile A with (A compiled with B), (A compiled with C), and (A compiled with D), and you end up with (A compiled with A), (A compiled with A), and (A compiled with A). If they're identical, then B, C, and D have either no backdoor or an identical backdoor. Which is more likely?
Of course, all this requires that source code for A be available to the public or at least to a person trusted by the public to release compiler binaries. This is true of TCC, GCC, and Clang, not so much for Microsoft C++.