Does Windows 10's Data Collection Trade Privacy For Microsoft's Security?

jader3rd shares an article from PC World arguing that Windows 10's data collection "trades your privacy for Microsoft's security." [Anonymized] usage data lets Microsoft beef up threat protection, says Rob Lefferts, Microsoft's director of program management for Windows Enterprise and Security. The information collected is used to improve various components in Windows Defender... For example, Windows Defender Application Guard for Microsoft Edge will put the Edge browser into a lightweight virtual machine to make it harder to break out of the browser and attack the operating system. With telemetry, Microsoft can see when infections get past Application Guard defenses and improve the security controls to reduce recurrences.

Microsoft also pulls signals from other areas of the Windows ecosystem, such as Active Directory, with information from the Windows 10 device to look for patterns that can indicate a problem like ransomware infections and other attacks. To detect those patterns, Microsoft needs access to technical data, such as what processes are consuming system resources, hardware diagnostics, and file-level information like which applications had which files open, Lefferts says. Taken together, the hardware information, application details, and device driver data can be used to identify parts of the operating system are exposed and should be isolated into virtual containers.
The article points out that unlike home users, enterprise users of Windows 10 can select a lower level of data-sharing, but argues that enterprises "need to think twice before turning off Windows telemetry to increase corporate privacy" because Windows Update won't work without information about whether previous updates succeeded or failed.

Crowdsourced Security

So we are all essentially honeypots for Microsoft Security. Good to know.

Re:Crowdsourced Security

[skids]

There is no such thing as a customer anymore, only unpaid beta testers.

Re:Crowdsourced Security

[Motherfucking+Shit]

You got it. After Microsoft fired all their QA testers, the SDLC concept for Windows 10 seems to be:

• * Insiders are the alpha testers, but at least they volunteered for that.
• * The general public are unwitting surveillance subjects and beta testers. Microsoft will Do The Needful to your computer whether you want it done or not. These mandatory patches can make your computer stop working, blue screen, lose data, or somehow fuck up previously perfectly working peripherals at any time. You can't decline a patch even if you know in advance it's going to fuck you up!
• * Only Enterprise users get the finished product and they have to pay through the teeth for that privilege. Whatever patches didn't fuck up millions of consumer PCs may eventually make their way here.

Add in the telemetry/spying and the only winning move is not to play.

Re:Crowdsourced Security

[butzwonker]

Actually, Windows 10 is less secure than any previous version of Windows, because it is almost impossible for any administrator to distinguish legitimate outbound network traffic from that of trojans and viruses. If Microsoft published a definitive list of all servers their software connects to without asking the user, explain what it does and what it transmits, and allowed you to block the traffic at will, then maybe it would be more secure. But right now, no way. It opens so many connections, it's impossible for anyone outside Microsoft to know what's really going on. (Don't forget that allegedly Microsoft-owned can also be hijacked, e.g. by direct attack on Microsoft's infrastructure or by DNS poisoning.)

No

[smooth+wombat]

Next question. Do I get to see the telemetry of Microsoft employees since I or my employer is the one paying their salaries?

After all, seeing how they use Windows 10 might help my organization improve its service to its customers.

MS is completely wrong

[melting_clock]

Telemetry should be able to be switched off entirely, on all Windows installs, so that our right to privacy in respected. Many of the apps that I use include telemetry but I only use those that provide an option to disable their telemetry, even though I will allow telemetry from some trusted apps. MS have repeated demonstrated that they cannot be trusted and it is scary that the released an entire OS that is actually spyware. In any case, it means that Windows 7 will be the last version I allow to be installed on any computer I own.

If Windows update doesn't work without telemetry, that is a demonstration of MS incompetence and a very bad design decision. Linux is my main OS and it sends no telemetry for updates, while still managing to install updates. Those Linux updates also cover every piece of software I have installed in that OS, not just OS updates.

Re:MS is completely wrong

[Sipper]

Telemetry should be able to be switched off entirely, on all Windows installs, so that our right to privacy in respected.

I agree; sharing of data online should be an opt-in operation rather than something that for the most part cannot be completely opted-out-of. Microsoft's EULA allows for sharing any data they collect with third-parties, and there are reports that they already have and are continuing to do so. There are those that are proponents of what Microsoft is doing, saying that it's "good" for the OS, however if any open-source operating system were to do what Microsoft is doing, it would receive a lot of criticism for sharing data without opt-in consent.

There is some relief to be had however: on Windows 10 Pro and above the Telemetry service can be disabled. The service is named "Customer User Experiences and Telemetry". Look in "Administrative Tools" in "Services" and stop + disable it. The way to verify that the service is disabled is to look at the hidden folder %Program Data%\Microsoft\Diagnostics before-and-after stopping and disabling the service; before stopping the service the encrypted files there cannot be deleted because they're "in use", after stopping the service the files can be deleted and don't return.

There are firewall rules concerning the "Customer User Experience and Telemetry" service that can be disabled too -- but (from what I've read) supposedly disabling these rules won't block the service from the Internet. i.e. similar to how some sites cannot be blocked via "hosts" file entries because Microsoft has hardcoded certain names/IPs in their DNS resolver, supposedly there are certain hardcoded bypasses to the firewall as well.

It's possible to get Windows Update working over Tor, BTW. Windows Update unfortunately only understands an HTTP proxy, not Socks5, so another proxy (such as Privoxy, which is open source) is required to forward traffic to Tor via Socks5. Windows Update follows the proxy set by 'netsh winhttp set proxy IP:PORT;exception_list' (which requires being run from an Admin command prompt). Then firewall rules to block all traffic not coming from the Tor daemon. Verification via packet sniffing or via 'Tcpview' from SysInternals. Unfortunately what I see after all that is there is still some System-level traffic that accesses the 'Net directly, i.e. bypassing the firewall, so this still doesn't seem to be 100% trustable. (Not that it could be, anyway, given that Windows is not open source.)

Re:MS is completely wrong

[AmiMoJo]

The safest option is to delete/rename the "Diagnostics" directory and then create an empty file called "Diagnostics". Remove system level privileges from it (only your user account has access) for good measure. Then even if an update or Windows Defender or whatever re-enables it, it won't be able to create any data to send.

The system level stuff that bypasses proxies is there to prevent viruses simply setting up a proxy to prevent Windows Defender and Windows Update working. Similarly they will ignore entries in the hosts file and in fact ignore DNS completely under some circumstances. It's been that way since 98, but seems kind of redundant these days when hopefully all updates are signed.

Sounds like a pretext to me...

[gweihir]

Because that could be done with a fairly small number of users, no need to spy on all of them. Anyways, while I would pay money for Win10, it would have to be the LTSB-version, because spying can be fully turned off and no new "features" all the time. As at the moment there seems to be no way to get LTSB as private user or small business, I will stay on Win7 for anything that needs Windows (Office, gaming) and try to move everything else to Linux, where I at least have control over what gets sent to the distro (nothing). In the worst case I will get a gaming-only PC with Win10 (no email, no browsing, no work) in a few years, jail Office in a no-network Win7 VM and do everything else on Linux.

Re:No, ABMers. No. For the last time. NO.

Helping the creators and coders of the OPERATING SYSTEM you use though the use of limited anonymous data it can only help.

Until they happen upon some supposedly anonymous data that ends up connecting you personally to WrongThink. Of course, your "re-education" may be seen as a bug fix by those who decide what WrongThink is.

Proprietary software never discloses the truth.

[jbn-o]

You're getting upset about the wrong thing because you apparently believe that software proprietors can be trusted. Ultimately who would tell you that a particular variant of Windows allows you switch some privacy-busting feature off? The proprietor — the very party you can't trust to tell you the truth.

Structurally no proprietor is any different in this regard: they're all untrustworthy by default no matter what they tell you a feature is for, how to disable that feature, or whether you can trust them with your data. The free software movement has been saying this for decades. More recently, Windows Telemetry had a preference setting which meant nothing (any updates to which falls into the trap described above), and the underlying structural problem with proprietary software remained as-is including software you don't even know is running on a proprietary OS. Snowden also clued us all into how Apple, Microsoft, Google, and so many other businesses are "partners" with spy agencies. There's really no good reason for tech-literate people not to know better than to trust proprietary software and argue from the perspective that the proprietor should mistreat you a little less.

The same PR talk crap that everyone else does.

[XSportSeeker]

Stop skirting around the theme and get to the point: the fact that data collection is obligatory and there is no option to completely disable it is the problem itself. Data collection in Windows systems have always been there more or less, the problem is how it became something that cannot be disabled, which is bad specially for companies with sensitive data.

I don't care if Microsoft can post updates faster and enhance security with it, the way they figure that out is the company's own responsibility. Stuff like that cannot be pinned down as something users should be responsible for, specially for OSs that are still essencially commercial in nature.

This has always been the problem with data collection schemes, and it'll continue being regardless if Microsoft PR talks it'll improve the experience or not. It's the same crappy excuse that all companies that profit on data collection use. All of them say the exact same thing. So I couldn't care less on what Microsoft PR declares they'll do with it, it doesn't diminish the disgust in any way. Privacy has always been a matter of principle, not on what some company says it'll do after the fact.

If they want to go that route, fine, keep sending data back and making it harder and harder for clients to dial back on that shit. But don't expect users to change their views if they are not willing to back down. Windows 10 will keep having and deserving the image of being an OS that spy on it's users. And that's exactly what it does. It's extracting data from people's desktop, doing it's best to make that invisible, and taking away options to disable it.

Much like they forced the Windows 10 update down lots of people's throats using some very dirty tactics, there's no excuse for what they are doing with ads and with stealing user data. I don't care if they say it's anonymized or whatever, I don't want my desktop sending anything back, period. People who are against this trend don't want to hear your promises on what you'll do with the data, we don't care. We're going for alternative routes that are not opting for data collection. That's it.

Re:It is.

[currently_awake]

I'm sure the money they get paid by police/NSA more than pays for the loss of customers.

Subscription model

[ArtemaOne]

This is all a push to get people on the subscription model. Windows 10 Enterprise can disable it, and costs $7 a month. This is what Microsoft has been working toward for quite a while, and did it already with Office 365. If you want to continue to use Windows, they either make their money off your data, or a subscription fee. It's really that simple.

Re:Subscription model

[fahrbot-bot]

If you want to continue to use Windows, they either make their money off your data, or a subscription fee. It's really that simple.

You sure it's one or the other? I'm betting MS will collect your subscription fee *and* money off your data.

Re:No, ABMers. No. For the last time. NO.

Oh stop whining, shill. If Microsoft wants my data to help their business, then they can fucking PAY ME for it.

Privacy *is* security. Without privacy, you cannot have security because they are one and the same.

Legally, this is the breaking point

[hyades1]

So when I offer a client confidentiality, it's supposed to be between him/her and me...Oh, and those guys over there at Microsoft. The guys who have already proved they'll roll over for any of the US letter agencies (and probably the government of Communist China among many others), and who have proved in the past to be embarrassingly incapable of "not fucking up".

Not happening.

My business computers will never, ever have Windows 10 on them. And that is one of my selling points.

Re:No, ABMers. No. For the last time. NO.

[Ol+Olsoc]

Don't like it? Don't use it. Stop crying and stop whining.

and no, this isn't a post about President Trump.

I don't! I stopped using Windows 10, and you know what? HIghly recommended, the telemetry is one thing, bad enough, but the fact that their updates bitch up the computer is every bit as bad.

If I have to give up my privacy, I want a computer that always works. Otherwise, it's security through inoperation.

Re:No, ABMers. No. For the last time. NO.

[MasseKid]

Everyone would be fine with it if it was actually anonymous data. However, it's been proven time and time again the anonymousness of the data is easily uniquely identifiable.

Re:Opposite of security - more people know your st

[ArtemaOne]

That would never happen, like TSA would never be caught trading X-ray scans of passengers of all ages on the internet. It was designed so that's against a rule, so it wont ever occur!

Re:No, ABMers. No. For the last time. NO.

[Opportunist]

Never before has "those that give up freedom for security deserve neither" has been truer, and more blatantly obvious. We gave up our privacy and what did we get in return? An OS where every update has become a gamble whether it's going to boot up after again or whether we have a brick now. An OS that is STILL every bit as insecure as every predecessor.

Re: No, ABMers. No. For the last time. NO.

[Opportunist]

Equating Windows 10 to a prison is an interesting concept, I have to give you that.

But you have it backwards. In a prison, the crooks are locked up inside while the law abiding people are on the outside and guarding them.

Re:No, ABMers. No. For the last time. NO.

[stooo]

>> Does Windows 10's Data Collection Trade Privacy For Microsoft's Security?
Microsoft , privacy and security all 3 in the same sentence.
That can't be. Microsoft does not trade anything. Microsoft takes.

Re:You never had any privacy on windows

[BlueStrat]

Correction:

"You never had any privacy." Full stop.

Not with mysterious government cameras appearing on utility poles, "Stingray" type cell-site MITM units used by local PDs, even being near others with cellphones/tablets/etc, ALPR systems, biometric ID matching, NSA/TLA/Five-Eyes data-slurping anything they can, etc etc etc.

The ways in which individuals can be and are tracked if/when authorities wish makes an amazingly-long list.

Not saying you should accept this crap from MS, just the opposite. Just pointing out that this is only one small front in a huge war for your private data and thoughts and who has control of them, the individual or TPTB. Information is power and they mean to be hold a monopoly on their control of it and remove any ability for the individual to make choices about what they share.

Strat

Re: No, ABMers. No. For the last time. NO.

[UnknowingFool]

False dichotomy: Your premise is that Trump won't start a war with Russia. Someone who is so thin skinned as to be butt-hurt by SNL is more likely to start a war over trivial reasons.