Security Analyst Concludes Windows 10 Enterprise 'Tracks Too Much'

A viral Twitter rant about Windows 10 Enterprise supposedly ignoring users' privacy settings has since been clarified. "I made mistakes on my original testing and therefore saw more connections than I should have," writes IT security analyst Mark Burnett, "including some to Google ads." But his qualified results -- quoted below -- are still critical of Microsoft:

• You can cut back even more using the Windows Restricted Traffic Limited Functionality Baseline but break many things.
• Settings can be set wrong if you aren't paying attention. Also, settings are not consistent and can be confusing to beginners.
• You are opted-in to just about everything by default and have to set hundreds of settings to opt out, even on an Enterprise Windows system. Sometimes multiple settings for the same feature. Most Microsoft documentation discourages opting out and warns of a less optimal experience... But you can't completely opt-out. Windows still tracks too much.
• Home and Professional users are much worse off due to limitations of some settings and lack of an IT staff... I'm not saying ditch Windows. I'm saying let's fix this. If we can't fix it, then we ditch Windows.

Defective by design?

[El+Cubano]

You are opted-in to just about everything by default and have to set hundreds of settings to opt out, even on an Enterprise Windows system. Sometimes multiple settings for the same feature. Most Microsoft documentation discourages opting out and warns of a less optimal experience... But you can't completely opt-out. Windows still tracks too much.

Correct me if I'm wrong, but isn't this essentially the definition of "defective by design?"

The increasingly hostile and draconian moves by Microsoft simply serve to prove that the majority of Microsoft customers are in a co-dependent relationship with Microsoft: afraid that no matter how bad things are with Microsoft, they will be worse without Microsoft. It must suck to live like that.

I know, I know. Some people cannot ditch Microsoft, but most people can and it would cost them only marginally more effort (and probably less in many cases) than they expend dealing with all the crap Microsoft is throwing at their customers these days.

Re: Defective by design?

[teg]

Most people don't give a crap about use privacy.

Proof: just a small uprising (mostly online by the same people who complain) when net neutrality and privacy rules were obliterated

More proof:

• Android market share. Remember, for Google the user is the product.
• Other Google products, like gmail, maps etc
• Facebook

All of which have a business idea of knowing as much as possible about you, so they can monetize you effectively.

Re:Defective by design?

[thegarbz]

Correct me if I'm wrong, but isn't this essentially the definition of "defective by design?"

Defective by design is about intentionally not performing the intended function. For all its flaws, Windows 10 still runs windows software just as well as it ever did.

"Deceptive by design" now that's a definition I can get behind.

Re:Defective by design?

[Elledan]

There is a way to fix Windows and remove all control from Microsoft. This way also doesn't involve Linux and kin.

If the ReactOS project got even 10% of the commits and money that Linux receives, it might soon become the Open Source alternative to even Windows 10, allowing everyone to ditch Windows without having to change the software they use.

Everyone would be better off, except for Microsoft, of course, but that's their own problem.

Re: Defective by design?

[AmiMoJo]

This "you are the product" meme is stupid. When you watch TV, you are not the product even though they sell advertising on it. The relationship is clearly more complex than that.

In Google's case, there is relatively little lock-in to their products. Farm animals can't leave, they belong to the farmer. It's trivial to switch to another search engine, to another mapping site, to another email provider. Google doesn't even mind if you install uBlock and Privacy Badger from their official Chrome extension repo. If Google annoys users too much, or doesn't offer them something compelling to stay, their advertising business becomes worthless.

Yes, they are selling advertising targeted ads. But they don't allow individual users to be targeted or for advertisers to access user data directly, only in aggregate via the tools that Google provides. That's not a simple "you are the product" relationship.

Re:Defective by design?

[Highdude702]

You can crash it just by booting it.

I see that got that part of windows to work correctly... O.o

Re:Defective by design?

[Kjella]

If the ReactOS project got even 10% of the commits and money that Linux receives, it might soon become the Open Source alternative to even Windows 10, allowing everyone to ditch Windows without having to change the software they use.

Said no person with experience reverse engineering ever, at no point has trying to chase your proprietary competitor's blobs ever worked. WINE does an okay job running some Windows software, LibreOffice does an okay job opening some MS Office documents but you'll never repeat every quirk, bug and obscure functionality. You'll never get a fully working replacement for DirectX that isn't DirectX, not without 10x the resources Microsoft used to write it to reverse engineer it. That's not 10% of the Linux resources, probably more like 1000%. The only workable solution long term is to get people over to new, open standards like web apps written for W3C compliant browsers instead of IE6, games using Vulkan instead of DirectX, cross platform tools like qBitTorrent instead of uTorrent and so on.

Look at git, the version control software to develop Windows is now created by Linus Torvalds, what better endorsement can you get than the competition eating your dogfood? Look at all the cloud solutions booming because you can just spin up another Linux instance on demand without licensing worries. You don't win by mimicking the old, you win by delivering something new and better. And even if someone builds proprietary stuff on top of it (OS X, Android, Tivo etc.) you keep gaining ground. Even if the pace is somewhat glacial I never had the feeling open source went backwards, even if you look at stuff like Firefox then Chrome is mostly open source through Chromium. It would be a helluva lot less work to fork that than to start over. Tools like ASP.NET Core is being open sourced, Apple has open sourced Swift, for more and more of low-level infrastructure closed source just isn't kosher anymore.

Re: Defective by design?

[Brockmire]

You don't understand why Google became Google. They don't sell YOUR data, they tell advertisers THEY know a guy who might want their widget. They'll take a cut for showing their ad for their widget. This is different than selling a list of names and contacts where some small percentage is actually interested, this gets higher results because the targets generally are interested in the widget and have higher buy through rates.

You can't fix this.

The problem isn't Windows. The problem isn't even Microsoft.

The problem is that we don't have strict laws governing the protection of user data. There needs to be serious and utter consequences for pulling this sort of shit. The sort of consequences that would make any shareholder board go "holy shit, let's not fucking do that". Until that happens, absolutely nothing is going to change. You might be able to pressure Microsoft into releasing a patch or two that appears to offer some sort of reprieve, but then they'll get back to doing exactly what they've been doing before, and probably torque down the screws just a little bit tighter while they're at it.

Unfortunately, with the USA now gunning for net neutrality, I doubt anything like this would ever happen. Corporations have too much money and nobody gives a shit about the user. As long as the users keep paying for stuff (because they "have no choice" or don't want to slightly inconvenience themselves), nothing will ever change.

So you better get used to it, because Windows 10 is just the start.

Re: You can't fix this.

[orbit500]

EU GDPR is set to stick a giant spanner in windows 10 as it is doing with Facebook and Google data slurping. Check out the current cock blocking Redmond is getting on this and we're still a year out. Fines range up to 4% of global trade turnover, more than enough to brown trouser the board. Either they comply or quit the EU market. And that means any inbound EU data handling, not just EU based licence holders.

Optimal Experience

[Darinbob]

The problem with optimal experience is that Microsoft means their own experience not that of the users. Optimal for them means that the customers are eyeballs for advertisers and with easy to access to data for analytics. Optimal experience for the actual users means that they can turn off Microsoft's control, nothing ever defaults to opt-in, and they don't get tracked or advertised to.

Better Solutioin

[Murdoch5]

It's call Linux and it's vastly superior in almost every way to Windows. Don't worry about Windows 10, just switch to the worlds best Desktop Operating system.

Re: Better Solutioin

[thundercattt]

Been a Linux user since XP, never looked back.

We?

[PinkyGigglebrain]

" If we can't fix it, then we ditch Windows."

"We" can't fix MS Windows, only Microsoft can.

Any one think they will?

Re: Let's ditch Windows, huh?

[thundercattt]

Or keep Windows nicely tucked away in a VM.

Re: Will you finally get to work already?

[DavidPetersonHarvey]

My business runs entirely on Linux. So does NASA. Those cute little Rovers that we have on Mars right now, Linux. Oil companies use special security Hardened versions of Linux to run the oil wells. If all these organizations are running Lenox just fine, the problem must be with you. :-)

PlayOnLinux is the killer app

[xeno]

Yep, linux linux linux... all us geeks can rant about the virtues and advantages, but at the end of the day, the rank and file want to run office and a web browser. MS Office is the lock-in that sells Windows... and while Wine promised to solve that it's way too complex for most people. Enter PlayOnLinux, which makes common Windows software installation just as simple as on Windows. Point, click, install. Holy $#%@ it just works, and ALL that Windows telemetry is gone, because Windows is gone. And I don't miss it.

To keep it short: I set up Linux Mint and ran updates (about 10 min total install time, from bare metal), installed PlayOnLinux (about three clicks into the Software Manager app), then used that to install MS Office (including Visio), registered and all. The Cisco VPN works (of course), the browsers are faster (of course) and work well with corp apps, and MS Office just works. Tons of other stuff Just Works(tm). Corp IT never hears from me, all the tools just work, everything's much faster, and I didn't have to do ANYTHING at the CLI -- in fact, it was easier and much faster than typical interminable Windows setup processes. It's beyond me why people still put up with the stress of Windows, or insist that it's easier (it's not) or more secure (*snort*).

Re: one file disable

Unfortunately it is well documented that Windows 10 ignores the hosts file for "telemetry"

Ditch proprietary software. Not just Windows.

[jbn-o]

I'm not saying ditch Windows. I'm saying let's fix this. If we can't fix it, then we ditch Windows.

You should be saying ditch proprietary software precisely because nobody but the proprietor (the very party you can't trust) is legally allowed to fix this (where the word "fix" is a fix from the user's perspective, of course, since the software already works as the proprietor has programmed it to work). That's what proprietary software means and that power over the user is why proprietors distribute their software without respecting a user's freedoms to run, share, and modify the software at any time for any reason. The system's behavior can change at any time, so even if someone monitors what a particular variant of a non-free, user-subjugating OS does now that can change later. Perhaps the software only does something bad under conditions one doesn't typically reach, or maybe an update changes how the software behaves. Furthermore, said software updates don't have to come through an updating program which seeks a user's approval before installation (such as Windows Updates).

The GNU Project has no shortage of proprietary Microsoft malware and that includes universal backdoors, snooping on user's activities, ignoring user's settings on so-called 'privacy' settings, and sending identifiable data to Microsoft and third parties ("even if a user turns off its Bing search and Cortana features, and activates the privacy-protection settings").

Re:BS

[davester666]

While the guy might not be a world-class IT specialist, he does report the truth. Window 10 does track too much, and you can't even opt out of it.

Unfortunately, the last sentence of the summary is delusional. There is only one company that can "fix" it, and they refuse to.

Spybot anti-beacon

[nospam007]

Spybot abti-beacon fixes mst of it, even if it can't kill cortana.

https://www.safer-networking.o...

Re:BS

[iampiti]

Yes, only Microsoft can fix Windows, but they won't do it unless they feel threatened.
When the PS4 and Xbox one were about to be released Microsoft revealed that the Xbox would require constant connection to the Internet to play. They players revolted and Sony said they wouldn't do it. Microsoft (correctly, IMO) sensed that could be a fatal blow to their console and backtracked really fast.
Something of that caliber would have to happen for they to remove all the spying in Windows. What could that be? I can only think of mass migration of governments and big companies. Alas, that is very unlikely to happen.
In the end this is just another thing that shows how bad monopolies can be (In this case is a monopoly in the sense of "OS that can run Windows software and drivers", ReactOS could theoretically be an alternative but realistically they'd need billions of dollars to get close to Windows).

Re:BS

[zifn4b]

Window 10 does track too much, and you can't even opt out of it.

True, you can't opt out of it within Windows which is pretty much unethical in my book. There are third party tools available (like Spybot Antibeacon) where you really can turn it off.

Know what the problem is? Remember all that talk about big data being the next big thing? It's here and all this "telemetry" data is being sold because it is considered very valuable.

Re:BS

[LVSlushdat]

The *REAL* problem is you can use the Antibeacon tool to turn off the spyware aspects of Windows, but every time you get another "update" or new version from MS, they default those spyware aspects back on, so you're playing an endless game of "whack-a-mole" trying to keep MS's nose of your bidness.. I used/supported Windows for 20 years as a sysadmin, and never really trusted MS, but since Windows 10 came out, ANY trust I may have had for MS has evaporated. When I retired in 2010, I moved all of my computers over to Linux and thats where they'll stay..