Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Shares Windows 10 Telemetry Data With Third Parties (betanews.com)

Posted by msmash on from the privacy-woes dept.

An anonymous reader shares a report: To help with the smooth running of Windows 10, and to get an idea of how users interact with the operating system, Microsoft collects telemetry data, which includes information on the device Windows 10 is running on, a list of installed apps, crash dumps, and more. Telemetry data recorded by Windows 10 is, in a nutshell, just technical information about the device the OS is on, and how Windows and any installed software is performing, but it can occasionally include personal information. If you're worried about that, the news that Microsoft is sharing telemetry data with third parties might concern you. Microsoft recently struck a deal with security firm FireEye to provide access to Windows 10 telemetry data, in exchange for having FireEye's iSIGHT Threat Intelligence technology included in its Windows Defender Advanced Threat Protection service. WDATP is an enterprise security product that helps enterprises detect, investigate, and respond to advanced attacks on their networks and is different from the free version of Windows Defender. The upsides of the deal are obvious for both Microsoft and FireEye, and enterprise customers will certainly benefit from the partnership. It's not known exactly what data Microsoft has made available to FireEye, but in a detailed TechNet article on its telemetry gathering the software giant originally said: "Microsoft may share business reports with OEMs and third party partners that include aggregated and anonymized telemetry information. Data-sharing decisions are made by an internal team including privacy, legal, and data management."

17 of 175 comments (clear)

  1. Shocking turn of events by Anonymous Coward · · Score: 3, Insightful

    ...not really, you buy their product and then they sell you as a product.

  2. Although I would never trust them.. by ChodaBoyUSA · · Score: 2

    ...it is too bad they do not offer a paid version of the OS without the spyware. This behavior is the best thing to happen for Apple sales in a long time.

    1. Re:Although I would never trust them.. by Anonymous Coward · · Score: 2, Insightful

      That means they would have to loudly announce they have a spyware version.

      As it is, the vast majority of people don't know Windows is sharing their data. They just know Windows 10 forced itself on to their computer and kinda sucks.

    2. Re:Although I would never trust them.. by ilsaloving · · Score: 2

      They do. It's enterprise edition. Currently only available to companies with Software Assurance, but they are apparently planning on making it available to us plebes on a subscription basis ($8/month, I believe)

    3. Re:Although I would never trust them.. by JustAnotherOldGuy · · Score: 4, Insightful

      "You can change the level under Diagnostic and usage data and also set the Feedback frequency to Never if you simply want to opt out."

      To be frank, I don't believe you can actually "opt-out" of the monitoring and telelmetry, no matter what they claim.

      I bet you could turn off every single telemetry-related setting and disable all of the "Diagnostic and usage data" widgets, and Windows would still be found to be sending all sorts of info back to Microsoft.

      I just don't believe a word Microsoft says about monitoring or not monitoring users anymore, period.

      --
      Just cruising through this digital world at 33 1/3 rpm...
    4. Re:Although I would never trust them.. by JoeyRox · · Score: 2

      It's also available via an MSDN subscription.

    5. Re:Although I would never trust them.. by fbobraga · · Score: 2

      Yes. They should be good Socialists like Google. Or the government of Venezuela.

      Booth your examples are badly incorrect (government of Venezuela can be socialist only in the name, like in "Democratic Republic of North Korea" or the name of the nazi party in Germany before WWII)

    6. Re:Although I would never trust them.. by Dutch+Gun · · Score: 2

      Correct. That's just "Feedback frequency". You can't opt-out of telemetry completely, according to their own settings. You can only set "Diagnostics and usage data" to "Full (recommended)", "Enhanced", or "Basic."

      This is the part that really bothers me. I'm completely fine with whatever default settings there are, but users should be able to turn it off. It wouldn't have even hurt Microsoft, since most people wouldn't have bothered, but instead they feel the need to force some minimal levels of data collection on everyone.

      --
      Irony: Agile development has too much intertia to be abandoned now.
    7. Re: Although I would never trust them.. by TheFakeTimCook · · Score: 2

      Basically every high end windows product blows an equivalently priced mac out of the water. Thats why everyone has spent the last few years complaining about apple, and why the latest refresh has been such a disappointment for people.

      ...and that must by why the latest refresh of the MacBook Pro are breaking all Sales Records, right?

  3. Of course they do. by fahrbot-bot · · Score: 4, Insightful

    Duh.

    /thread

    --
    It must have been something you assimilated. . . .
  4. Microsoft does respect user privacy by Anonymous Coward · · Score: 5, Informative

    I was a software engineer in Windows Client, back in the good old Vista days. Microsoft's telemetry relies on Event Tracing for Windows (ETW), the lowest latency logging mechanism possible in the operating system, and the ETL files produced therein are usually post-processed by a performance analyst or software engineer to review timing, call stack, and memory utilization. Older OS tools like Dr. Watson were components of the Windows Customer Experience Program, and we would get crash dumps and other data from people who opted in.

    Once, I wanted to look directly at a willing customer's machine remotely so I could gather some more information and do a debugging session. Remember, this was a willing customer who volunteered for this in his crash report. To do this, I had to go to a special training class on privacy and get permission from my management chain, just to look at the crash dump info.

    This except is from Microsoft's current telemetry policy, found here: https://technet.microsoft.com/itpro/windows/manage/configure-windows-telemetry-in-your-organization

    These are the same policies we had to follow then. We really had to follow them, or be fired. It's real.

    However, before more data is gathered, Microsoft’s privacy governance team, including privacy and other subject matter experts, must approve the diagnostics request made by a Microsoft engineer. If the request is approved, Microsoft engineers can use the following capabilities to get the information:

            Ability to run a limited, pre-approved list of Microsoft certified diagnostic tools, such as msinfo32.exe, powercfg.exe, and dxdiag.exe.

            Ability to get registry keys.

            All crash dump types, including heap dumps and full dumps.

    1. Re:Microsoft does respect user privacy by QuietLagoon · · Score: 4, Insightful

      If Microsoft did respect user privacy, then Microsoft would not collect the telemetry data in Windows 10 and subsequently sell that data to third parties.

    2. Re:Microsoft does respect user privacy by Anonymous Coward · · Score: 3, Insightful

      The bullshit floweth over. If MS is so concerned with privacy, then why can't I as a paying customer shut the fucking telemetry off?

      Privacy only works as a policy implemented from top to bottom with no holes in between. I don't give two flying fucks whether you had to go to a "special training class". That just enforces the fact that the wall you speak of was indeed the strongest link in the entire privacy chain.

      The weakest? Do I even need to say it? Constantly sending data over the public internet to the mothership's server with no way for the client to opt-out without being a $1mm+ enterprise customer. Duh.

      Oh, and let's not even talk about the misleading Win 10 upgrade box that forced millions of computers to buy into this constant spying bullshit with no way out. And sneakily turning the privacy option buttons back on after the user applied a (forced) update.

      Marketing drives your revenue so you guys are a marketing company first and foremost, a software company distant second. Don't try to make it sound like you guys are all "engineery" and shit when it comes to privacy in the customer's best interest.

      Windows 10 is all about adjusting the customer's privacy level to that which maximizes Microsoft's revenue.

  5. Re:Can we moderate front page stories now. by Anonymous Coward · · Score: 3, Insightful

    If it were up to me, stories about Windows spyware would be in the news constantly. Why shouldn't it be? Do you want people to forget that it's there?

  6. Re:Go figure... by Dorianny · · Score: 5, Informative

    I found it funny that the Windows 10 Anniversary Update can't install on any of my systems at home because the updater thinks my SSD's are USB sticks and it won't install on USB sticks.

    That's a problem with the firmware on SSD's that were released to work with the Windows 7 broken SSD support. SP1 fixed SSD support unfortunately the workaround used by the SSD manufacturers for pre SP1 made them appear as removable devices. Most SSD manufacturers released firmware updates to address the issue. I would check to see if there are firmware updates for yours even if you don't intend to upgrade to windows 10.

  7. Re:Flabberghasted! by DogDude · · Score: 2

    RTFA:
    You can change the level under Diagnostic and usage data and also set the Feedback frequency to Never if you simply want to opt out.

    --
    I don't respond to AC's.
  8. Re:Flabberghasted! by ilsaloving · · Score: 4, Informative

    Except that's not true (unless Microsoft has changed their minds again).

    The lowest Microsoft will permit you to go is Basic unless you are using Enterprise Edition.