While this is a funny headline that doesn't really follow from the article, the big point is that it isn't obvious what jobs will be destroyed, which ones will be replaced, and at which point we have a serious risk to society. The approach of "with robots, we don't need lower class labor" is spoken from an upper class perspective- what about "with robots, we no longer need capitalism to motivate people" or "with robots, we can replace most managerial positions"?
The point I'm making is that this can be spun in a lot of directions once it is real, and I think that's not getting much attention- and that will also stymie anyone trying to add automation in a sensible fashion.
There's a difference between "supports unicode" and "allows all the fucked up shit". Being able to make a standard English character like http://www.fileformat.info/inf... should be supported (did you notice how we have to write "the" with a "th" instead of just using the thorn?), but probably not hippie bullshit like http://www.fileformat.info/inf... though.
It's not unusual to see some timestamp issues. It is unusual to see a device crippled so sharply by that. It's VERY unusual for Apple to allow such a range of values- this is the same company that doesn't normally even provide options like "make unread mail appear green instead of blue" or whatever.
But most disturbing is that this would allow any source the iphone trusts for timestamps to mostly disable the phone. I'm not sure whether the iphone prefers to get data from a trusted NTP server or some part of the 3G standard, or if it supports all of that, but it implies that you could...
1- (as just some guy) Set up a wifi network that spoofs whatever the trusted NTP server is, and then assign the epoch date that way. 2- (possibly as some hackery type) Find any way to do the equivalent at a greater level. 3- (as some radio phreak) Find a way to spoof the epoch date with a bogus 3G transmitter....and of course a more sophisticated attacker could probably do more.
You seem a little overboard with your rant, but I find my id called to it nonetheless.
I particularly like your point about comparing LibreOffice to older versions of Word. That point doesn't get NEARLY enough play. Computers have gotten better, but the amount that the UI has improved in the last decade or two is nowhere close to the improvements we've seen to processing power, RAM, and most especially hard drive storage and data transfer. A step backwards in any of those areas of computing would have ramifications, but a step "backwards" in UI would make vastly less difference. LibreOffice Writer isn't as powerful as MS Office Word, but if you had to make the switch tomorrow, you'd be fine. The only thing you might regret? Inability to read and MS Word documents. The lockin, the rent seek, that's all Microsoft really has. If everyone was using LibreOffice Writer tomorrow, the world would be the exact goddamned same for everyone- they'd just pay a bit less.
Maybe the tech companies are even more central to this than it looks. Obviously, they would be behind a federal bill to protect themselves from having to fork products, even if it wasn't the right thing to do.
But there's just TONS of stories about how poor law enforcement is constantly unable to break into phones. There's no stories about this on PCs, even though that's where huge amount of the data are, and have been for many years.
The difference? PC and its competitors have always been open platforms. The government has known that there's no effective way to keep cryptography out of the hands of the bad guys- maybe with extraordinary pressure they could keep it out of the hands of the good guys, but that's it.
Phones aren't. Phones are becoming slightly more open in pieces, and there's plans for some really open phones, but there's not a huge amount of movement there. These aren't attacks as much on us as they are on the mobile software guys, because once they beat them down the push for an open phone will become substantially magnified in volume- enough to make a product that, no surprise, all the bad guys will use, indistinguishable among the medium sized wave of privacy advocates and techies. When faced with an open platform, the government could still try to ban it, but they would have no success among their target pool- and they would just succeed in griefing people.
So is this just a giant drum to scare the tech companies into paying more? It won't save any lives, obviously, and it's not otherwise that rational a play for the government. Maybe it's a bit of a threat for some cash.
You do understand this is a new crew right? Like if you had bought sourceforge a year ago, and then immediately fixed the shitware problem, you'd expect people to be happy with that, right? Well that is what happened.
You have no idea how glad this makes me. I've had that site blacklisted for years. The first time it had shitware bundled in I was done. Thank you for just straight up buying the whole goddamned thing and fixing it.
Phones don't need to be wiretap friendly, you have no obligation to forfeit privacy, and the constitution guarantees your right to privacy and free speech.
With that said, the phones are not constructed idiotically, and will wipe / key dump if attacked naively with brute force. Additionally, I don't know which phones are limited to 4 character passphrases, but it is sure as FUCK not "most". Android users can set a password, Apple users can set a password. Maybe some trivially untrustworthy shit limits your password length to 4 digits, but nothing worth using.
First, I'll make sure I can still visit the site ad-free. There's always a workaround to this kind of malice, after all. It's entirely possible to hit Forbes with an adblocker up, for instance, via a quick google for a nice set of variables to set clientside.
Then, I'll probably just subscribe. I hate ads so very much that I refuse to view them entirely, but 4.5 $/month is not an out of line amount to ask. It's a bit on the high side for a magazine, but not absurd. I can probably afford 52 dollars a year: I can't afford whatever ruinous financial or emotional decisions advertisements will inflict on me.
I like shitting on Windows apps as much as the next guy, but if you can replace a library on the drive, aren't you just going to like... win? Maybe there's more protection on real systems, but it's a binary that gets run with the permissions and privileges of whatever is running it. Can someone explain to me how this is a larger concern, and what was done to patch the security of this?
It stands to reason that if you can overwrite a dll, you can overwrite a lot of stuff, same as with an.so or something. Is it something where in Windows its easy to overwrite the DLL in the first place?
> The methodology in this story set telemetry to "basic" instead of disabling it.
That doesn't appear to be correct. Linked article states: "I have chosen the customized installation option where I disabled three pages of tracking options"
It's possible that the ability to select "disabled" for telemetry instead of basic isn't in the three pages of tracking options, I guess. That's news in and of itself though, lol.
> Other users have reported that fully disabling telemetry and shutting down non-essential services does reduce the outbound traffic to only Windows Update.
So your point is that you can't disable telemetry during the installation, but there's some unspecified stuff that you can maybe do to turn it off later, if you have the Enterprise version they won't sell you? Sounds super.
> I don't see anyone arguing that Google not respecting privacy justifies Microsoft not doing so.
All of these were posted AFTER my post about how we could expect to see a bunch of people saying this hop into the thread.
All of them posted AC.
When this is brought up nowadays, you can pretty much count on these posts showing up. Almost always as AC, and almost always singing you a song about how Resistance Is Futile and how Everyone Is Equally Bad. It's like a bullet point in a disinfo packet or something, it's creepy. And yea, they showed up on schedule.
So no, it's not a strawman or logical fallacy. It's a prediction of what would happen, that was proven true in this very thread. Watch for it next time man, you'll see.
"The real issue is directing outrage mostly at Microsoft when there are plenty of others who deserve criticism for their practices"
No, that's not the "real issue". As I've stated: 1- The fact that phones suck is not a good reasons for desktops to suck now too. 2- There's no inevitable progress or deals associated with spying or spyware, no benefit to the user. 3- Microsoft makes this stunningly hard- I would actually argue impossible- to turn off. Other OSes really DO have toggles that turn this off- Microsoft has a huge nest of options that don't fully disable it (for sure and for reals on Pro and Home, and maybe now on Enterprise). 4- People don't have the same types of data and programs on a phone as they do on a desktop. Those that make due with only a phone generally don't HAVE the features that a PC offers in their life. 5- Windows 10 is aggressively marketed to existing desktop users. Without reading pages of legalese you have no idea that you are transitioning from a desktop OS that you paid for into some new abortion where you are the product and your everything is available to analysis. I would argue this goes further- even a brand new PC purchase is often made with the assumption that what you have on your box is actually private.
> If you don't like Windows invading your privacy, you have the option to install Linux. Unlike your statement that Apple could modify their privacy policy at any time, that doesn't hold true for Linux.
I'm not trying to sell you an iphone dude. I'm just saying that if you buy a phone right now and you choose Apple, they are CURRENTLY doing the "right
Gods we had a stoned empire monkey b infection at my high school. It hit my home PC, and I had to claw that bastard out of the MBR. Risky days for sure.
Not all viruses deleted data, is the point. MANY viruses were not able to generate personal gain in any way, and didn't destroy all your files.
There was one that replaced all the "Microsoft" on your hard drive with "Machosoft". Just a global search and replace in every text file and binary. Machosoft DOS prompts and everything.
Malware wasn't a term yet because it wasn't needed.
Your three basic types of infection are virus, worm, and trojan horse. Viruses make copies of themselves, and in an era where it was EXTREMELY common to move binaries around from one machine to another, this was a very effective manner of transmission. You didn't need an existing vulnerability for a virus to work, because you were tricked into executing the code. Everyone will ALWAYS be one social engineering attack away from a computer virus. A worm also replicates itself, requires some kind of exploit or issue, and also requires network connectivity. You are very likely safe from worms almost all the time, because you run very few things like a server- and the few that you do run are not ubiquitous, nor as generally vulnerable. A trojan horse is much more targeted, because it doesn't replicate itself.
So these three things are still good terms for malicious software, but then other things started happening. You might be fooled into installing a piece of software that does bad stuff, but it was mentioned in the EULA. It's not a trojan horse, because you said you were ok with it. It's not a virus, because it doesn't replicate itself and because you said you were ok with it. It's not a worm in any event. Possibly, you browsed to a site with a 0 day exploit in your javascript, and then got infected that way. Is that a trojan horse? Not really, because you didn't choose to run it. It isn't replicating, so it's not a virus or a worm. What is it?
Now we have the general term malware, and we have the old subsets underneath it, as well as new ones. We didn't need to call it "malware" back then, because we had so few infection vectors compared to today, that malware simply couldn't do what it could now- the newer types of malware simply couldn't exist back then, without javascript and flash and internet explorer and always-on IP networks to help them out.
> So, we're going to rightly complain about Microsoft invading privacy, but we're going to make excuses for Android. That's bullshit.
No it isn't. Again, the two things are not equivalent, and the fact that phones suck at privacy is NOT reason to go make desktops suck at privacy too.
I don't give Google a free pass. But if Google gets brought up while we are rightfully bashing Microsoft, there's normally ONE reason: to try to normalize Microsoft's behavior. This makes the conversation into a useless expenditure of effort.
The fact is, Microsoft is generally worse than Google about privacy, even if you count Android. But that conversation is this back and forth between someone who is more opposed to keyloggers and serious envelope information leakage about what local applications are used when ("transmit a packet when notepad opens") versus someone who is more opposed to a mostly blind search finding some keywords and displaying sketchy adds because you were discussing a naked singularity in your email. The original shill post is long gone, and the nerds have descended into fighting over which shitty approach is more shitty.
It's meaningless.
If someone had an article about comparing the different forms of exploit info being used against their customer, THAT would be the appropriate place for it.
But for it to come up in this thread, and any other thread about Microsoft is OFF FUCKING TOPIC. Windows 7 (fresh install, don't add the telemetry KBs) isn't a total pile of shit on privacy. Windows 10 absolutely is. Google has NOTHING to do with this!
Also related: You have two main options when it comes to Android spying. The first is to root your phone and fix it, which has a host of downsides- now you are sysadminning your phone, now it's a hobby box as well as production for you, etc. If you are passionate, you will probably do that. The second is to use a goddamned iPhone, which everyone pretends is just as bad on privacy but it really isn't. This isn't a great argument point, however- Apple is perpetually one patch away from having ruinous privacy policies, because they are such a proprietary solution. So you have options even within the "phone" field.
And again- THE FACT THAT PHONES SUCK DOESN'T MEAN WE SHOULD THROW OUR HANDS UP AND ACCEPT THAT DESKTOPS SUCK TOO NOW.
It's a false equivalence, it's offtopic, it devolves the conversation, it's fucking WRONG in the first place (because Microsoft is way shittier than Google with what it is collecting), and that's why it's a top tier shill argument that I see trotted out in every fucking Microsoft thread. It's so clearly from List_of_bullshit_to_post_when_we_get_called_out.txt that it's stupid.
The technical preview did push your directory up to Microsoft. I can't find anything in the EULA still giving them permission to do that for the release version though.
Anything you type can go up to Microsoft. That's the input personalization thing, and the EULA means you grant this permission in general. If your emails are kept on outlook, then they also have them, and have a nest of excuses about when to divulge them (including law enforcement, of course, but also just if they make agreements with third parties). Contents of select documents? Well, the crash reports contain this, obviously, but also "Microsoft collects and uses various types of data, such as your device location, data from your calendar, the apps you use, data from your emails and text messages, who you call, your contacts and who you interact with on your device." Probably if you turn off input personalization and getting to know you and Cortana this gets turned off... are you sure though? EULA still in force, who knows.
The default settings for Windows 10 do everything except the hard drive index thing, and it used to do that too in the tech preview.
"...we share personal data among Microsoft-controlled affiliates and subsidiaries. We also share personal data with vendors or agents working on our behalf for the purposes described in this statement..." "We may also disclose personal data as part of a corporate transaction such as a merger or sale of assets."
"Finally, we will access, disclose and preserve personal data, including your content (such as the content of your emails in Outlook.com, or files in private folders on OneDrive), when we have a good faith belief that doing so is necessary to:
Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies... Protect our customers......protect the rights or property of Microsoft..."
So basically, they'll disclose your data for almost any goddamned reason, including making an agreement with a third party to disclose your data to them in exchange for money.
And what data in question?
"Microsoft collects and uses data about your speech, inking (handwriting), and typing on Windows devices to help improve and personalize our ability to correctly recognize your input."
" It also includes associated performance data, such as changes you manually make to text..."
Microsoft also tries to guard you from Malware, a noble purpose... but in doing so it can leak pretty much all of your URLs.
The statement you respond to is not quite correct because the line about the "indexes of your harddrives and other storage devices" appears to be specific to the technical preview. But other than that, yea, it's pretty much spot on.
I'm currently dual boot still, to a 7 install that I turned off ALL updates for. I use it for posting to trusted sites (obviously that works in Linux) and video games at this point, and man I wish I had a better solution for those games. The lack of security updates will eventually make the web too risky for the Windows drive, if it hasn't already (serious browsing is already relegated to Linux). I've considered an OS X setup on a second computer, but that only solves SOME of my games. Looking towards the future, I've stopped buying new Windows games, instead grabbing a PS4 and Wii-U. Hopefully that will tide me over to an era where Vulkan exists and has a game or two I'm really into on Linux. I like to play a few games a lot these days, instead of many games a little, so game devs that make a great Windows game and port it nowhere are really cramping my style.
On the bright side, I spend so much more time in Linux now that I'm already vastly less concerned than I was before- in the next couple months I plan to remove all my data not needed for gaming from the Windows partition (I already should have copies). That will make it basically "boot unpatched xbox OS", and it wouldn't be able to attack my Linux drive without truly extraordinary measures (UEFI virus, targetted attack, etc- stuff I'm not personally concerned about, though it would still be better to have more security than less)..
> so you trust your platform firmware? Do you have the source?
First, some people DO have the firmware source. But you are correct that you can't get it for most things. Second, firmware has a much harder time of being written maliciously- it can happen, and it's a worthy fear, but it's nowhere near as ludicrous as what a malicious OS can do to you. The biggest fear about firmware is that it has a backdoor that can be triggered remotely and load bad code- something that hasn't been observed in the wild yet, nor leaked as a capability. Until a year ago, I wasn't even concerned about it being a possibility, but once we saw all the strange backdoors in goddamned everything... I'm now of the opinion that all firmware should be inspectable, and there needs to be a trusted ROM as well (actual ROM, not the dynamically reflashable stuff).
But again, this is a possible threat only. The OS situation is something you can and should be able to address today, to address known and extant data leaks.
Ubuntu is not "just as bad"- there's a toggle for the search thing, and it's unpopular enough that it's being removed. More relevantly, Ubuntu isn't Linux- it's not even the most popular Linux!
OS X is a harder case. To my knowledge, OS X doesn't leak data like this. But I'm not an expert enough on it to know for sure. Certainly I can't easily find references to inescapably bad privacy stuff for OS X. I can't promise OS X is private like a Linux or a BSD, but I can tell you for sure that they send nothing like Microsoft, because their EULA grants nowhere near the carte blanche that Microsoft's does.
> If MS was collecting information like that wouldn't they be in equally as much trouble?
NO! Read your Windows 10 EULA. It points to the privacy agreement, and that says that you give legal permission for all your keystrokes to be sent to Microsoft, along with pretty much everything else. Microsoft believes they are covered legally- the EULA grants vastly more invasive stuff than the software provides... so far...
Not yet it won't. That's the game the Windows users are playing right now- a bunch of firewall settings. Some data is passed ignoring hosts files, so there's talk about an application firewall so you can keep using Windows.
Of course, all Microsoft has to do is a throw Switch-A and everything changes and all those guys have to change their block settings, or throw Switch-B and your system stops working if it hasn't spied on you in a while.
But in the meantime, Windows users are so desperate that they are basically considering building and using a guard.
Slashdot Mirror
While this is a funny headline that doesn't really follow from the article, the big point is that it isn't obvious what jobs will be destroyed, which ones will be replaced, and at which point we have a serious risk to society. The approach of "with robots, we don't need lower class labor" is spoken from an upper class perspective- what about "with robots, we no longer need capitalism to motivate people" or "with robots, we can replace most managerial positions"?
The point I'm making is that this can be spun in a lot of directions once it is real, and I think that's not getting much attention- and that will also stymie anyone trying to add automation in a sensible fashion.
Maybe it's more like, 10% of women are prostitutes, and 90% of men will just stay home with their sex bots. That adds up to 50% jobs destroyed!
There's a difference between "supports unicode" and "allows all the fucked up shit". Being able to make a standard English character like http://www.fileformat.info/inf... should be supported (did you notice how we have to write "the" with a "th" instead of just using the thorn?), but probably not hippie bullshit like http://www.fileformat.info/inf... though.
It's not unusual to see some timestamp issues. It is unusual to see a device crippled so sharply by that. It's VERY unusual for Apple to allow such a range of values- this is the same company that doesn't normally even provide options like "make unread mail appear green instead of blue" or whatever.
But most disturbing is that this would allow any source the iphone trusts for timestamps to mostly disable the phone. I'm not sure whether the iphone prefers to get data from a trusted NTP server or some part of the 3G standard, or if it supports all of that, but it implies that you could...
1- (as just some guy) Set up a wifi network that spoofs whatever the trusted NTP server is, and then assign the epoch date that way. ...and of course a more sophisticated attacker could probably do more.
2- (possibly as some hackery type) Find any way to do the equivalent at a greater level.
3- (as some radio phreak) Find a way to spoof the epoch date with a bogus 3G transmitter.
You seem a little overboard with your rant, but I find my id called to it nonetheless.
I particularly like your point about comparing LibreOffice to older versions of Word. That point doesn't get NEARLY enough play. Computers have gotten better, but the amount that the UI has improved in the last decade or two is nowhere close to the improvements we've seen to processing power, RAM, and most especially hard drive storage and data transfer. A step backwards in any of those areas of computing would have ramifications, but a step "backwards" in UI would make vastly less difference. LibreOffice Writer isn't as powerful as MS Office Word, but if you had to make the switch tomorrow, you'd be fine. The only thing you might regret? Inability to read and MS Word documents. The lockin, the rent seek, that's all Microsoft really has. If everyone was using LibreOffice Writer tomorrow, the world would be the exact goddamned same for everyone- they'd just pay a bit less.
Maybe the tech companies are even more central to this than it looks. Obviously, they would be behind a federal bill to protect themselves from having to fork products, even if it wasn't the right thing to do.
But there's just TONS of stories about how poor law enforcement is constantly unable to break into phones. There's no stories about this on PCs, even though that's where huge amount of the data are, and have been for many years.
The difference? PC and its competitors have always been open platforms. The government has known that there's no effective way to keep cryptography out of the hands of the bad guys- maybe with extraordinary pressure they could keep it out of the hands of the good guys, but that's it.
Phones aren't. Phones are becoming slightly more open in pieces, and there's plans for some really open phones, but there's not a huge amount of movement there. These aren't attacks as much on us as they are on the mobile software guys, because once they beat them down the push for an open phone will become substantially magnified in volume- enough to make a product that, no surprise, all the bad guys will use, indistinguishable among the medium sized wave of privacy advocates and techies. When faced with an open platform, the government could still try to ban it, but they would have no success among their target pool- and they would just succeed in griefing people.
So is this just a giant drum to scare the tech companies into paying more? It won't save any lives, obviously, and it's not otherwise that rational a play for the government. Maybe it's a bit of a threat for some cash.
Just a thought.
You do understand this is a new crew right? Like if you had bought sourceforge a year ago, and then immediately fixed the shitware problem, you'd expect people to be happy with that, right? Well that is what happened.
You have no idea how glad this makes me. I've had that site blacklisted for years. The first time it had shitware bundled in I was done. Thank you for just straight up buying the whole goddamned thing and fixing it.
Well, I think that version still has ads. I think that's the print version only, right? This sounds like a new ad-free option for their website.
Phones don't need to be wiretap friendly, you have no obligation to forfeit privacy, and the constitution guarantees your right to privacy and free speech.
With that said, the phones are not constructed idiotically, and will wipe / key dump if attacked naively with brute force. Additionally, I don't know which phones are limited to 4 character passphrases, but it is sure as FUCK not "most". Android users can set a password, Apple users can set a password. Maybe some trivially untrustworthy shit limits your password length to 4 digits, but nothing worth using.
First, I'll make sure I can still visit the site ad-free. There's always a workaround to this kind of malice, after all. It's entirely possible to hit Forbes with an adblocker up, for instance, via a quick google for a nice set of variables to set clientside.
Then, I'll probably just subscribe. I hate ads so very much that I refuse to view them entirely, but 4.5 $/month is not an out of line amount to ask. It's a bit on the high side for a magazine, but not absurd. I can probably afford 52 dollars a year: I can't afford whatever ruinous financial or emotional decisions advertisements will inflict on me.
Man the axis labels really make that lol
I like shitting on Windows apps as much as the next guy, but if you can replace a library on the drive, aren't you just going to like... win? Maybe there's more protection on real systems, but it's a binary that gets run with the permissions and privileges of whatever is running it. Can someone explain to me how this is a larger concern, and what was done to patch the security of this?
It stands to reason that if you can overwrite a dll, you can overwrite a lot of stuff, same as with an .so or something. Is it something where in Windows its easy to overwrite the DLL in the first place?
> The methodology in this story set telemetry to "basic" instead of disabling it.
That doesn't appear to be correct. Linked article states:
"I have chosen the customized installation option where I disabled three pages of tracking options"
It's possible that the ability to select "disabled" for telemetry instead of basic isn't in the three pages of tracking options, I guess. That's news in and of itself though, lol.
> Other users have reported that fully disabling telemetry and shutting down non-essential services does reduce the outbound traffic to only Windows Update.
So your point is that you can't disable telemetry during the installation, but there's some unspecified stuff that you can maybe do to turn it off later, if you have the Enterprise version they won't sell you? Sounds super.
> I don't see anyone arguing that Google not respecting privacy justifies Microsoft not doing so.
In this thread:
http://tech.slashdot.org/comme...
"Google does this a lot more than Microsoft and no one says anything on that."
http://tech.slashdot.org/comme...
"Apple and Google are doing the exact same things with iOS and Android"
http://tech.slashdot.org/comme...
"You guys really have such a big problem with this? Because Google and the NSA are doing far worse."
http://tech.slashdot.org/comme...
"how is this different from Google, Facebook or any cloud service"
All of these were posted AFTER my post about how we could expect to see a bunch of people saying this hop into the thread.
All of them posted AC.
When this is brought up nowadays, you can pretty much count on these posts showing up. Almost always as AC, and almost always singing you a song about how Resistance Is Futile and how Everyone Is Equally Bad. It's like a bullet point in a disinfo packet or something, it's creepy. And yea, they showed up on schedule.
So no, it's not a strawman or logical fallacy. It's a prediction of what would happen, that was proven true in this very thread. Watch for it next time man, you'll see.
"The real issue is directing outrage mostly at Microsoft when there are plenty of others who deserve criticism for their practices"
No, that's not the "real issue". As I've stated:
1- The fact that phones suck is not a good reasons for desktops to suck now too.
2- There's no inevitable progress or deals associated with spying or spyware, no benefit to the user.
3- Microsoft makes this stunningly hard- I would actually argue impossible- to turn off. Other OSes really DO have toggles that turn this off- Microsoft has a huge nest of options that don't fully disable it (for sure and for reals on Pro and Home, and maybe now on Enterprise).
4- People don't have the same types of data and programs on a phone as they do on a desktop. Those that make due with only a phone generally don't HAVE the features that a PC offers in their life.
5- Windows 10 is aggressively marketed to existing desktop users. Without reading pages of legalese you have no idea that you are transitioning from a desktop OS that you paid for into some new abortion where you are the product and your everything is available to analysis. I would argue this goes further- even a brand new PC purchase is often made with the assumption that what you have on your box is actually private.
> If you don't like Windows invading your privacy, you have the option to install Linux. Unlike your statement that Apple could modify their privacy policy at any time, that doesn't hold true for Linux.
I'm not trying to sell you an iphone dude. I'm just saying that if you buy a phone right now and you choose Apple, they are CURRENTLY doing the "right
Gods we had a stoned empire monkey b infection at my high school. It hit my home PC, and I had to claw that bastard out of the MBR. Risky days for sure.
Not all viruses deleted data, is the point. MANY viruses were not able to generate personal gain in any way, and didn't destroy all your files.
There was one that replaced all the "Microsoft" on your hard drive with "Machosoft". Just a global search and replace in every text file and binary. Machosoft DOS prompts and everything.
Malware wasn't a term yet because it wasn't needed.
Your three basic types of infection are virus, worm, and trojan horse. Viruses make copies of themselves, and in an era where it was EXTREMELY common to move binaries around from one machine to another, this was a very effective manner of transmission. You didn't need an existing vulnerability for a virus to work, because you were tricked into executing the code. Everyone will ALWAYS be one social engineering attack away from a computer virus. A worm also replicates itself, requires some kind of exploit or issue, and also requires network connectivity. You are very likely safe from worms almost all the time, because you run very few things like a server- and the few that you do run are not ubiquitous, nor as generally vulnerable. A trojan horse is much more targeted, because it doesn't replicate itself.
So these three things are still good terms for malicious software, but then other things started happening. You might be fooled into installing a piece of software that does bad stuff, but it was mentioned in the EULA. It's not a trojan horse, because you said you were ok with it. It's not a virus, because it doesn't replicate itself and because you said you were ok with it. It's not a worm in any event. Possibly, you browsed to a site with a 0 day exploit in your javascript, and then got infected that way. Is that a trojan horse? Not really, because you didn't choose to run it. It isn't replicating, so it's not a virus or a worm. What is it?
Now we have the general term malware, and we have the old subsets underneath it, as well as new ones. We didn't need to call it "malware" back then, because we had so few infection vectors compared to today, that malware simply couldn't do what it could now- the newer types of malware simply couldn't exist back then, without javascript and flash and internet explorer and always-on IP networks to help them out.
> So, we're going to rightly complain about Microsoft invading privacy, but we're going to make excuses for Android. That's bullshit.
No it isn't. Again, the two things are not equivalent, and the fact that phones suck at privacy is NOT reason to go make desktops suck at privacy too.
I don't give Google a free pass. But if Google gets brought up while we are rightfully bashing Microsoft, there's normally ONE reason: to try to normalize Microsoft's behavior. This makes the conversation into a useless expenditure of effort.
The fact is, Microsoft is generally worse than Google about privacy, even if you count Android. But that conversation is this back and forth between someone who is more opposed to keyloggers and serious envelope information leakage about what local applications are used when ("transmit a packet when notepad opens") versus someone who is more opposed to a mostly blind search finding some keywords and displaying sketchy adds because you were discussing a naked singularity in your email. The original shill post is long gone, and the nerds have descended into fighting over which shitty approach is more shitty.
It's meaningless.
If someone had an article about comparing the different forms of exploit info being used against their customer, THAT would be the appropriate place for it.
But for it to come up in this thread, and any other thread about Microsoft is OFF FUCKING TOPIC. Windows 7 (fresh install, don't add the telemetry KBs) isn't a total pile of shit on privacy. Windows 10 absolutely is. Google has NOTHING to do with this!
Also related: You have two main options when it comes to Android spying. The first is to root your phone and fix it, which has a host of downsides- now you are sysadminning your phone, now it's a hobby box as well as production for you, etc. If you are passionate, you will probably do that. The second is to use a goddamned iPhone, which everyone pretends is just as bad on privacy but it really isn't. This isn't a great argument point, however- Apple is perpetually one patch away from having ruinous privacy policies, because they are such a proprietary solution. So you have options even within the "phone" field.
And again- THE FACT THAT PHONES SUCK DOESN'T MEAN WE SHOULD THROW OUR HANDS UP AND ACCEPT THAT DESKTOPS SUCK TOO NOW.
It's a false equivalence, it's offtopic, it devolves the conversation, it's fucking WRONG in the first place (because Microsoft is way shittier than Google with what it is collecting), and that's why it's a top tier shill argument that I see trotted out in every fucking Microsoft thread. It's so clearly from List_of_bullshit_to_post_when_we_get_called_out.txt that it's stupid.
The technical preview did push your directory up to Microsoft. I can't find anything in the EULA still giving them permission to do that for the release version though.
Anything you type can go up to Microsoft. That's the input personalization thing, and the EULA means you grant this permission in general. If your emails are kept on outlook, then they also have them, and have a nest of excuses about when to divulge them (including law enforcement, of course, but also just if they make agreements with third parties). Contents of select documents? Well, the crash reports contain this, obviously, but also "Microsoft collects and uses various types of data, such as your device location, data from your calendar, the apps you use, data from your emails and text messages, who you call, your contacts and who you interact with on your device." Probably if you turn off input personalization and getting to know you and Cortana this gets turned off... are you sure though? EULA still in force, who knows.
The default settings for Windows 10 do everything except the hard drive index thing, and it used to do that too in the tech preview.
> Let's not start spewing FUD like that before we actually know what is stored in the packets sent to Microsoft.
Ok AC, you reign in those accusations. The rest of us will discuss how to disable the keylogger:
http://thehackernews.com/2015/...
And be sure to disable these KBs in Windows 7 and 8:
http://thehackernews.com/2015/...
And be sure to download stuff that stops it, for now, maybe:
https://www.reddit.com/r/Windo...
The EULA states that you agree to have your keystrokes sent and such:
https://privacy.microsoft.com/...
"...we share personal data among Microsoft-controlled affiliates and subsidiaries. We also share personal data with vendors or agents working on our behalf for the purposes described in this statement..."
"We may also disclose personal data as part of a corporate transaction such as a merger or sale of assets."
"Finally, we will access, disclose and preserve personal data, including your content (such as the content of your emails in Outlook.com, or files in private folders on OneDrive), when we have a good faith belief that doing so is necessary to:
Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies... ...protect the rights or property of Microsoft..."
Protect our customers...
So basically, they'll disclose your data for almost any goddamned reason, including making an agreement with a third party to disclose your data to them in exchange for money.
And what data in question?
"Microsoft collects and uses data about your speech, inking (handwriting), and typing on Windows devices to help improve and personalize our ability to correctly recognize your input."
" It also includes associated performance data, such as changes you manually make to text..."
Microsoft also tries to guard you from Malware, a noble purpose... but in doing so it can leak pretty much all of your URLs.
The statement you respond to is not quite correct because the line about the "indexes of your harddrives and other storage devices" appears to be specific to the technical preview. But other than that, yea, it's pretty much spot on.
I'm currently dual boot still, to a 7 install that I turned off ALL updates for. I use it for posting to trusted sites (obviously that works in Linux) and video games at this point, and man I wish I had a better solution for those games. The lack of security updates will eventually make the web too risky for the Windows drive, if it hasn't already (serious browsing is already relegated to Linux). I've considered an OS X setup on a second computer, but that only solves SOME of my games. Looking towards the future, I've stopped buying new Windows games, instead grabbing a PS4 and Wii-U. Hopefully that will tide me over to an era where Vulkan exists and has a game or two I'm really into on Linux. I like to play a few games a lot these days, instead of many games a little, so game devs that make a great Windows game and port it nowhere are really cramping my style.
On the bright side, I spend so much more time in Linux now that I'm already vastly less concerned than I was before- in the next couple months I plan to remove all my data not needed for gaming from the Windows partition (I already should have copies). That will make it basically "boot unpatched xbox OS", and it wouldn't be able to attack my Linux drive without truly extraordinary measures (UEFI virus, targetted attack, etc- stuff I'm not personally concerned about, though it would still be better to have more security than less)..
> so you trust your platform firmware? Do you have the source?
First, some people DO have the firmware source. But you are correct that you can't get it for most things. Second, firmware has a much harder time of being written maliciously- it can happen, and it's a worthy fear, but it's nowhere near as ludicrous as what a malicious OS can do to you. The biggest fear about firmware is that it has a backdoor that can be triggered remotely and load bad code- something that hasn't been observed in the wild yet, nor leaked as a capability. Until a year ago, I wasn't even concerned about it being a possibility, but once we saw all the strange backdoors in goddamned everything... I'm now of the opinion that all firmware should be inspectable, and there needs to be a trusted ROM as well (actual ROM, not the dynamically reflashable stuff).
But again, this is a possible threat only. The OS situation is something you can and should be able to address today, to address known and extant data leaks.
Ubuntu is not "just as bad"- there's a toggle for the search thing, and it's unpopular enough that it's being removed. More relevantly, Ubuntu isn't Linux- it's not even the most popular Linux!
OS X is a harder case. To my knowledge, OS X doesn't leak data like this. But I'm not an expert enough on it to know for sure. Certainly I can't easily find references to inescapably bad privacy stuff for OS X. I can't promise OS X is private like a Linux or a BSD, but I can tell you for sure that they send nothing like Microsoft, because their EULA grants nowhere near the carte blanche that Microsoft's does.
> If MS was collecting information like that wouldn't they be in equally as much trouble?
NO! Read your Windows 10 EULA. It points to the privacy agreement, and that says that you give legal permission for all your keystrokes to be sent to Microsoft, along with pretty much everything else. Microsoft believes they are covered legally- the EULA grants vastly more invasive stuff than the software provides... so far...
> Will Win10 stop working?
Not yet it won't. That's the game the Windows users are playing right now- a bunch of firewall settings. Some data is passed ignoring hosts files, so there's talk about an application firewall so you can keep using Windows.
Of course, all Microsoft has to do is a throw Switch-A and everything changes and all those guys have to change their block settings, or throw Switch-B and your system stops working if it hasn't spied on you in a while.
But in the meantime, Windows users are so desperate that they are basically considering building and using a guard.