Microsoft Denies Windows 8 App Spying Via SmartScreen 198
An anonymous reader writes "Microsoft has denied Windows 8 SmartScreen is spying after research by Nadim Kobeissi indicated otherwise." Whether it's "spying" or not, Microsoft is collecting certain information with SmartScreen — the key is what's done with it: The article quotes a Microsoft spokesperson: "We don’t use this data to identify, contact or target advertising to our users and we don’t share it with third parties."
Is it possible to downmod an entire submission? (Score:3, Interesting)
Because this particular story needs to be marked "-1, Flamebait".
Its My IP Microsoft, I'll send ya a bill! (Score:0, Interesting)
I charge $10,000 USD for a 1 year subscription to my metrics. Where shall I send the bill?
Re:Disable it! (Score:5, Interesting)
Just read the Ars Technica article. [arstechnica.com] The Slashdot headline is ridiculously slanted, as was the previous story.
While I disagree with it in principle - I'd rather it be local, like how Firefox uses a local version of the bad-sites list, this is not in any way unusual or awful behavior, and it's mostly a good idea, and Microsoft has been completely open about how and why they're doing this and giving you an easy way to turn it off. It is not some privacy invading nightmare. Microsoft is not keeping track of what programs you download (unless, obviously, you get them through the Microsoft store.)
Slashdot stories are becoming more and more ridiculous. The summaries are never even worth reading anymore.
Re:Disable it! (Score:4, Interesting)
The check box appears on first account setup, so any use buying a new PC will see it too.
The choice should be Opt-in, rather than Opt-out. This is just like their old "everything is enabled" features. It's not hard to have a screen pop up asking you if you want this info reported to Microsoft. Then you say "Yes or no. Then if you are okay, click on that yes, if not, nothing happens.
Re:Disable it! (Score:5, Interesting)
There are a whole load of "suddenly technically knowlagable" people dissembling here (I'd hate to say shills; but somewhere someone is feeding in disinformation).
Now let's have a look at some of the language being used in the Ars Technica article.
"some estimates" implies that there wold be uncertainty; that Microsoft wouldn't be able to say 100% that you were using a piece of software. Maybe it is Tor; maybe it's actually Tornado the game. The implication is a humal level of uncertainty which just doesn't apply.
"which IP addresses" implies that Microsoft would not know who you are. This shows an even greater level of deception. It's even trying to imply that your information may not be linked, if, for example, you change IP addresses. Microsoft has your software registration. Microsoft knows about your usage of Bing. Microsoft has your passport account. If any company other than Google can link your IP address to a particular person; that company is Microsoft.
Compared to this Ars Technica article, Slashdot is a haven of technical superiority and higher journalistic ethics and integrity. Maybe Anonymous Coward could set up a journalism course for the guys at Ars Technica.
Finally let's look at Microsoft's statement in the article (N.B. we don't get told what question this is an answer to; note that it might potentially be Microsoft answering to a question about their web sites in which case Ars Technica is again doing the deception; let's take it at face value however).
The entire point of this service is to build up a "historical" database of executables. It works by identifying those downloads which are known and safe by how often they are downloaded and builds up a "reputation". Ars Technica describes this as "anonymised" without going into details. If you think that they don't at least have the IP network address then I have a bridge to sell you. Let me explain a simple exploit for you: before releasing your malware, repeatedly download it on each of your computers Microsoft will sign it as as having a good reputation. Microsoft's only possible defence against this is to ensure that it knows, at least to some level, which IP addresses used which software.