Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Analyst Concludes Windows 10 Enterprise 'Tracks Too Much' (xato.net)

Posted by EditorDavid on from the opting-out dept.

A viral Twitter rant about Windows 10 Enterprise supposedly ignoring users' privacy settings has since been clarified. "I made mistakes on my original testing and therefore saw more connections than I should have," writes IT security analyst Mark Burnett, "including some to Google ads." But his qualified results -- quoted below -- are still critical of Microsoft:
  • You can cut back even more using the Windows Restricted Traffic Limited Functionality Baseline but break many things.
  • Settings can be set wrong if you aren't paying attention. Also, settings are not consistent and can be confusing to beginners.
  • You are opted-in to just about everything by default and have to set hundreds of settings to opt out, even on an Enterprise Windows system. Sometimes multiple settings for the same feature. Most Microsoft documentation discourages opting out and warns of a less optimal experience... But you can't completely opt-out. Windows still tracks too much.
  • Home and Professional users are much worse off due to limitations of some settings and lack of an IT staff... I'm not saying ditch Windows. I'm saying let's fix this. If we can't fix it, then we ditch Windows.

13 of 284 comments (clear)

  1. Let's ditch Windows, huh? by MindPrison · · Score: 1, Informative

    >I'm not saying ditch Windows. I'm saying let's fix this. If we can't fix it, then we ditch Windows.

    Well, maybe you can do what I do... ...I run Windows 10 on a separate SSD, and run Linux daily on my Main M2. NVMe.

    --
    What this world is coming to - is for you and me to decide.
    1. Re: Let's ditch Windows, huh? by thundercattt · · Score: 3, Informative

      Or keep Windows nicely tucked away in a VM.

  2. Optimal Experience by Darinbob · · Score: 4, Informative

    The problem with optimal experience is that Microsoft means their own experience not that of the users. Optimal for them means that the customers are eyeballs for advertisers and with easy to access to data for analytics. Optimal experience for the actual users means that they can turn off Microsoft's control, nothing ever defaults to opt-in, and they don't get tracked or advertised to.

  3. Re: Better Solutioin by thundercattt · · Score: 4, Informative

    Been a Linux user since XP, never looked back.

  4. Re:Will you finally get to work already? by David_Hart · · Score: 2, Informative

    WTF are you talking about? Linux works perfectly fine. Seriously. It really does.

    The problem with Linux isn't that it doesn't work, it does, and usually quite reliably. The problem is, and I think that this is what the OP meant, that it just isn't user friendly.

    Installing drivers are not automatic, like the are for most devices under Windows today. Finding applications to take place of existing Windows applications, including financial apps, are much more difficult. Granted, as more companies provide web based apps this becomes less of a concern. Finally, Linux still doesn't have major gaming support. If you want to play the latest high end games then you need a PC running Windows (Yes you can buy console systems, that's a different discussion).

  5. Re: one file disable by Anonymous Coward · · Score: 5, Informative

    Unfortunately it is well documented that Windows 10 ignores the hosts file for "telemetry"

  6. Re:Defective by design? by thegarbz · · Score: 5, Informative

    Correct me if I'm wrong, but isn't this essentially the definition of "defective by design?"

    Defective by design is about intentionally not performing the intended function. For all its flaws, Windows 10 still runs windows software just as well as it ever did.

    "Deceptive by design" now that's a definition I can get behind.

  7. Re:Defective by design? by Elledan · · Score: 5, Informative

    There is a way to fix Windows and remove all control from Microsoft. This way also doesn't involve Linux and kin.

    If the ReactOS project got even 10% of the commits and money that Linux receives, it might soon become the Open Source alternative to even Windows 10, allowing everyone to ditch Windows without having to change the software they use.

    Everyone would be better off, except for Microsoft, of course, but that's their own problem.

    --
    Site & blog: http://www.mayaposch.com
  8. Re: You can't fix this. by orbit500 · · Score: 3, Informative

    EU GDPR is set to stick a giant spanner in windows 10 as it is doing with Facebook and Google data slurping. Check out the current cock blocking Redmond is getting on this and we're still a year out. Fines range up to 4% of global trade turnover, more than enough to brown trouser the board. Either they comply or quit the EU market. And that means any inbound EU data handling, not just EU based licence holders.

  9. Re:BS by iampiti · · Score: 5, Informative

    Yes, only Microsoft can fix Windows, but they won't do it unless they feel threatened.
    When the PS4 and Xbox one were about to be released Microsoft revealed that the Xbox would require constant connection to the Internet to play. They players revolted and Sony said they wouldn't do it. Microsoft (correctly, IMO) sensed that could be a fatal blow to their console and backtracked really fast.
    Something of that caliber would have to happen for they to remove all the spying in Windows. What could that be? I can only think of mass migration of governments and big companies. Alas, that is very unlikely to happen.
    In the end this is just another thing that shows how bad monopolies can be (In this case is a monopoly in the sense of "OS that can run Windows software and drivers", ReactOS could theoretically be an alternative but realistically they'd need billions of dollars to get close to Windows).

  10. Re:BS by zifn4b · · Score: 5, Informative

    Window 10 does track too much, and you can't even opt out of it.

    True, you can't opt out of it within Windows which is pretty much unethical in my book. There are third party tools available (like Spybot Antibeacon) where you really can turn it off.

    Know what the problem is? Remember all that talk about big data being the next big thing? It's here and all this "telemetry" data is being sold because it is considered very valuable.

    --
    We'll make great pets
  11. Re: BS by Anonymous Coward · · Score: 2, Informative

    Spybot Antibeacon is decent, but best paired with W10Privacy.

    Here's the thing about Win10 though: changing general settings, registry keys, and group policy settings isn't enough. You also have to block many domains and ip's of various Microsoft telemetry servers! The thing still spits out data even with every conceivable setting and tweak utilized!

    W10Privacy includes adding firewall rules and hosts file entries to achieve this. I suggest copying those entries and blocking them at the gateway as well. Even then, every time a new MS patch comes out, I discover yet another process sending out unfocumented data to yet another telemetry server. It's fucking ridiculous.

  12. Re: Defective by design? by Brockmire · · Score: 3, Informative

    You don't understand why Google became Google. They don't sell YOUR data, they tell advertisers THEY know a guy who might want their widget. They'll take a cut for showing their ad for their widget. This is different than selling a list of names and contacts where some small percentage is actually interested, this gets higher results because the targets generally are interested in the widget and have higher buy through rates.