Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Microsoft Privacy

Windows Telemetry Rolls Out 527

ihtoit writes: Last week came the warning, now comes the roll out. One of the most most controversial aspects of Windows 10 is coming to Windows 7 and 8. Microsoft has released upgrades which enable the company to track what a user is doing. The updates – KB3075249, KB3080149 and KB3068708 – all add "customer experience and diagnostic telemetry" to the older versions. gHacks points out that the updates will ignore any previous user preferences reporting: "These four updates ignore existing user preferences stored in Windows 7 and Windows 8 (including any edits made to the Hosts file) and immediately starts exchanging user data with vortex-win.data.microsoft.com and settings-win.data.microsoft.com."
This discussion has been archived. No new comments can be posted.

Windows Telemetry Rolls Out

Comments Filter:
  • by jpellino ( 202698 ) on Monday September 07, 2015 @02:15PM (#50473065)
    surely they know what they're doing and it's all for a better customer experience.
    • Re: (Score:3, Funny)

      by Anonymous Coward

      Bollocks. Go wash your mouth out with SOAP.

    • by Teckla ( 630646 ) on Monday September 07, 2015 @02:41PM (#50473293)

      surely they know what they're doing and it's all for a better customer experience.

      Oh, absolutely! Windows 10 is great!

      So far, Windows 10 has reminded me repeatedly that I should: (1) Consider getting Office 365! (2) Consider installing Skype! (3) Should collect and use Bing Rewards! (4) That I should look into getting an Xbox! (5) That I should buy things from the Microsoft Store!

      If I didn't like to play PC games, I'd have gotten a Mac instead. Microsoft is displaying some of the most ballsy behavior I've seen since the 1990's. The outright obnoxious behavior and contempt they're showing for their users astonishes me. I feel like the old anti-competitive, monopolistic Microsoft is back.

      So much for Windows 10 being a good release. *sigh*

      • Comment removed (Score:4, Insightful)

        by account_deleted ( 4530225 ) on Monday September 07, 2015 @03:00PM (#50473453)
        Comment removed based on user account deletion
      • by yuhong ( 1378501 )

        Sounds like minor annoyances. My favorite MS fiasco from the 1990s is the OS/2 2.0 fiasco for example.

      • by Anonymous Coward on Monday September 07, 2015 @03:06PM (#50473513)

        7 was good. 8 was crap. they skipped 9. the 'good' version we should have had and went right to 10. which is crap.

        the pattern still holds and will not be fooled by the numbers.

        so now we have to wait for 11. but there won't be an 11. just forever updates to 10 sticking that windows store deeper into your ass.

      • by Anonymous Coward on Monday September 07, 2015 @03:41PM (#50473805)

        No kidding. Windows 10 is basically taking a page right from Microsoft's 1990s playbook and then amping it up to eleven. It is a blatant attempt by MS to leverage Windows to try to lock people into their other software and services, all of which except for XBox would be rightfully be abysmal marketplace failures.

        - Attempting to force excrement like Cortana, their "cloud" service crap, the shitty Windows store, subscriptions, etc. down user's throats by basically attempting to tie them into the OS.
        - For good measure, rename what should really just be called Internet Explorer 12 into Edge, and act like people won't notice.
        - Spyware ingrained into the OS on every level, and sticking basically advertisement shit right onto the miniaturized start screen that they are trying to pass off as a start menu.
        - Holding DirectX 12 hostage, because most power users would otherwise not bother upgrading from Windows 7. Then basically backporting the Spyware into Windows 7 in an attempt to get the holdouts to say "I may as well upgrade since they're spying on me anyway.

        This is the same shit that almost got MS broken up in 2000. They should have been broken up then, had justice actually been done. The United States no longer has the cojones to go after Microsoft again, but I hope that the EU catches on and smacks MS down hard for this. Not holding my breath though.

      • by Harlequin80 ( 1671040 ) on Monday September 07, 2015 @04:51PM (#50474239)

        I know this is stupid. But one of the things I don't like about Windows 10 is how it talks to me. Christ I must be getting old but I HATE the fake "I'm trying to talk to you like a friend" language that seems to pervade the system.

        One that actually made my blood boil was the "restart needed due to updates" language. I'm paraphrasing here but it was something like "Hi, I need to schedule a restart of windows to complete the upgrade. I was think about a time you don't really seem to use your computer much. How does 3am sound?"

        I obviously have some wiring wrong but that just annoys me so so much.

    • by yuhong ( 1378501 )

      To be honest, SQM is quite old (dates back to at least Office 2003), but the hosts file bypass does makes me feel bad if it is true. I just realize that a lot of the trolling is about the EULA and privacy policy though.

  • Run for the Penguin (Score:5, Interesting)

    by fluffernutter ( 1411889 ) on Monday September 07, 2015 @02:19PM (#50473089)
    I'm going Linux as soon as I have a chance. Currently enjoying Linux Mint /w Cinnamon for general use.
  • Fuck Microsoft (Score:3, Insightful)

    by Anonymous Coward on Monday September 07, 2015 @02:22PM (#50473115)

    I am sure that I won't be alone in having thiose feelings

    Dear Sataya,
        My computer is MY COMPUTER. Not yours. Not Yours to suck data from. Not yours to suck data from to sell to Advertisers.

    I have stopped using any of your products and will NEVER ever use them again until you change your data slurping policy.

    Yours,
        An Ex Microsoft developer.

  • What the fuck? Fuck you Microsoft!
  • by amiga3D ( 567632 ) on Monday September 07, 2015 @02:28PM (#50473175)

    Can't these addresses simply be blocked in the firewall?

    • by yuhong ( 1378501 )

      gHacks article was later updated to mention that.

    • Re:Firewall (Score:5, Informative)

      by chill ( 34294 ) on Monday September 07, 2015 @02:40PM (#50473281) Journal

      Yup. Or as hosts entries in your router, assuming it serves DNS up.

      The article says they ignore /etc/hosts, but that is on the Windows PC itself. A wifi router running dd-wrt and using dnsmasq reads the hosts file of the router before passing queries on up the chain.

      Go to the Administrative tab, then the Commands sub-tab and enter:

      echo "127.0.0.2 vortex-win.data.microsoft.com settings-win.data.microsoft.com" >> /etc/hosts

      Then run the command. Of course, this is assuming your DNS entries on your PCs are set to your local router and not something else like Google's DNS or your ISP's DNS.

      • Re:Firewall (Score:5, Informative)

        by epyT-R ( 613989 ) on Monday September 07, 2015 @04:03PM (#50473941)

        Your options are limited if you can't trust the network stack in the OS to do your bidding. One relatively safe way might be to block direct connectivity at the router and set up a secure proxy on the lan for use by non-microsoft browsers and anything else that needs connectivity. Windows won't have direct net access but firefox will work fine. Of course, this would require the rest of your networked software to support the secure proxy as well (most games don't for instance).

        Otherwise, the dns and ip blocks could be defeated at any time with new updates regardless if done in etc/hosts or on the router.

    • by stooo ( 2202012 )

      Yep. Until they change. Or until you take the laptop out without your firewall box. Or until MS goes past your crappy windows based firewall. etc. etc. etc...
      Just use Linux.

  • waiting for the ddos (Score:4, Interesting)

    by Indy1 ( 99447 ) on Monday September 07, 2015 @02:29PM (#50473179)

    against those 2 hosts M$ has setup to receive the data.

    Or some script kiddies to figure out that format the data is in, and flood M$ with fake data :)

    • by sosume ( 680416 )

      So you're claiming that telemetry data for hundreds of millions of users, made by the largest software company, who owns the second largest computing cloud, has just two hosts assigned for collecting that data. That is totally credible.

      • Where you went at the end was a good point, but I thought you were going somewhere else initially - "telemetry data for hundreds of millions of users" is effectively Microsoft DDOS'ing itself already, not many people could really generate significantly more traffic to the collection sites already beyond what it will naturally be getting.

  • by QuietLagoon ( 813062 ) on Monday September 07, 2015 @02:32PM (#50473199)
    The more data harvesting Microsoft performs, the less helpful for me Windows becomes.

    .
    I have a notebook that is used mainly for web browsing and email. Linux Mint was installed on that notebook (replacing Windows 7) over this past weekend.

    It's been a couple of years since I had looked into Linux Mint, and I was very surprised at how far it has come. While I foresee the need to do a few more tweaks with Linux Mint in order to make it more comfortable, I see no need to revert to Windows on this notebook.

    What really pissed me off about the data harvesting that Microsoft is doing with these updates is how Microsoft callously has ignored any wishes I had previously stated regarding my preferences for not harvesting data from my computers.

    • Re: (Score:3, Insightful)

      by srmalloy ( 263556 )

      "The more you tighten your grip, the more systems will slip through your fingers."

    • by sosume ( 680416 )

      > What really pissed me off [..] is how Microsoft callously has ignored any wishes I had previously stated regarding my preferences [..]

      Are you sure you used the correct e-mail address?

    • by Anonymous Coward on Monday September 07, 2015 @03:51PM (#50473867)

      What really pissed me off about the data harvesting that Microsoft is doing with these updates is how Microsoft callously has ignored any wishes I had previously stated regarding my preferences for not harvesting data from my computers.

      > "This package updates the Diagnostics and Telemetry tracking service to existing devices. This service provides benefits from the latest version of Windows to systems that have not yet upgraded."

      Please, Microsoft, explain the benefits that are provided. You want to know why some of us wear tinfoil? Because words like "experience," "benefits," and "improvements" have been twisted into precisely the opposite of what they used to mean.

      > Included in this update: ...Reduces the network connections on a Windows system that doesnâ(TM)t participate in the Customer Experience Improvement Program (CEIP).

      If the customer has opted out, not one motherfucking byte should be transmitted. Not even the DNS query for the telemetry servers. What part of THE USER HAS OPTED OUT does Nadella not understand?

      And just to amplify that "not one motherfucking byte" concept -- NSA doesn't give a shit about what I fap to, PLA doesn't give a shit about my 8-bit microcomputer geeking, and FSB doesn't give a shit that I think Putin is a dick -- the point remains that even things as innocuous as error reporting have been, and will continue to be, used as attack vectors [threatpost.com] by state-sponsored actors.

      The user must, at all times, be able to make the tradeoff between usability and security, because once again, Microsoft has erred.

    • by Solandri ( 704621 ) on Monday September 07, 2015 @07:24PM (#50475139)

      What really pissed me off about the data harvesting that Microsoft is doing with these updates is how Microsoft callously has ignored any wishes I had previously stated regarding my preferences for not harvesting data from my computers.

      What else is new? Every couple months I have to deal with forms from my banks and credit cards asking if they can share my person info for marketing purposes. Never mind that I've told them no every single time. Every year they ask again, and require me to re-state "no", sign it, and stuff their irregularly-sized response sheet in one of my envelopes (no pre-addressed envelope provided), pay for postage, and take the time to drop it in a mailbox. And if I forget to do it, that is assumed to be equivalent to me giving them permission to sell my info to advertisers. Because the law says they're supposed to assume I want my private info to become public unless I explicitly tell them no every year.

  • The hosts file bypass makes me feel bad if it is true, but thank MS for listing the hostnames at least.

  • by Golden_Rider ( 137548 ) on Monday September 07, 2015 @02:36PM (#50473249)

    I know, I am crazy, I actually READ the article. And this info is in there:

    Now they have been launched the positive news is KB3075249 and KB3080149 have been classed as ‘Optional’ in Windows Update. This means they won’t install without Windows 7 and Windows 8 users giving them express permission to do so (a key difference to Windows 10).

    On the flip side KB3068708 is classified as ‘Recommended’ which means Windows 7 and Windows 8 PCs with Windows Update set to automatic will install it by default. That said for the update to appear in the first place you will need to be a participant in Microsoft’s Customer Experience Improvement Program, an opt-in program which already has you agreeing to send user data to the company.

    • ...Microsoft’s Customer Experience Improvement Program, an opt-in program...

      I've read about instances where the "opt-in" was not really at the customer's discretion or direction.

      .
      I've also experienced first-hand where Microsoft has changed update settings on my computers so that the tracking updates would be downloaded and installed, even though I had previously explicitly said that I did not want that to happen.

      So the problem with the article you cite is that it seems to think that Microsoft actually follows preferences that are set by customers on customer PCs.

    • Is the article correct?

      According to the settings in OneNote, I'm not opted in to CEIP, but I can still see KB3068708 in the update list. Additionally, it is Optional, not Recommended.

      Perhaps what the article meant is that it only shows up in Recommended if you are enrolled, and is Optional otherwise.

  • One of the most most controversial aspects of Windows 10

    I guess that could be a typo...

  • by Anonymous Coward on Monday September 07, 2015 @02:46PM (#50473337)

    IMPORTANT ONE IS GROUP POLICY (gpedit.msc):

    Go to Computer Configuration, Administrative Templates, System
    Internet Communication Management, Internet Communication Settings

    ENABLE (to turn it on, it is a disabler)

    "Turn off Windows Customer Experience Improvement Program"

    ---

    TO REMOVE THE BOGUS OPTIONAL TELEMETRY HOTFIXES MANUALLY:

    Open command prompt
    Type powershell
    issue these commands

    ---

    TO SEE WHAT ONES ARE INSTALLED:

    get-hotfix -id KB3035583, KB2952664,KB2976978,KB3021917,KB3044374,KB2990214

    ---

    TO UNINSTALL THEM (these for sure, per url next below):

    wusa /uninstall /kb:3035583
    wusa /uninstall /kb:2952664
    wusa /uninstall /kb:2976978
    wusa /uninstall /kb:3021917
    wusa /uninstall /kb:3044374
    wusa /uninstall /kb:2990214

    per http://www.ghacks.net/2015/04/... [ghacks.net]

    ---

    DESCRIPTIONS OF EACH (these uninstalled properly):

    KB3068708 (Telemetry)
    KB3075249 (Telemetry)
    KB3080149 (Telemetry)

    KB3022345 (Telemetry)
    KB2977759 (Windows 10 Upgrade preparation)
    KB3021917 (Windows 10 Upgrade preparatioon + Telemetry)
    KB3035583 (Windows 10 upgrade preparation)

    ---

    I GOT "NOT INSTALLED ON THIS COMPUTER" ON THESE INITIALLY SINCE I HAD IE11 installed (PROBABLY ONES FOR IE9/10/11):

    KB3075249
    KB3080149
    KB2505438
    * KB2670838 (See IE 9/10/11 notes below)
    KB3044374
    KB2990214 (Windows 10 Upgrade preparation)
    KB2505438 (Although it claims to fix performance issues, it often breaks fonts)
    KB2976978 (Windows 10 Upgrade preparation)

    ---

    I GOT "NOT INSTALLED ON THIS COMPUTER" ON THESE (*PRIOR* TO PULLING KB2670838 which is IE 11):

    * KB2670838 (This update often breaks AERO on Windows 7 and makes some fonts on websites fuzzy. A Windows 7 specific update only
                            (do not install IE10 or 11 otherwise it will be bundled with them, IE9 is the max version you should install to avoid this).

    THESE RE-APPEAR AFTER UNINSTALLING IE11 RIGHT ON RESTARTING & CHECKING WINDOWS UPDATE:

    * KB2952664 (Windows 10 Upgrade preparation prior to IE9/10/11 install)
    * KB3021917 (Windows 10 Upgrade preparation prior to IE9/10/11 install)
    * KB3068708 (Windows 10 Upgrade preparation prior to IE9/10/11 install)
    * KB3092627 (Windows 10 Upgrade preparation prior to IE9/10/11 install)

    ---

    run cmd as administrator

    sc stop Diagtrack
    sc delete Diagtrack

    ---

    *Task Scheduler Library:

    Everything under "Application Experience"
    Everything under "Autochk"
    Everything under "Customer Experience Improvement Program"
    Under "Disk Diagnostic" only the "Microsoft-Windows-DiskDiagnosticDataCollector"
    Under "Maintenance" "WinSAT"
    "Media Center" and click the "status" column, then select all non-disabled entries and disable them.

    *services.msc:

    "Remote Registry" to "Disabled" instead of "Manual".

    APK

    P.S.=> And "There ya go"... apk

    • Re: (Score:3, Funny)

      by Anonymous Coward

      Did an APK post just get modded UP? Did I not survive the trip to the bathroom?

    • by Anonymous Coward on Monday September 07, 2015 @03:07PM (#50473519)

      So much for the (bogus) argument that Linux is harder to install and maintain; that Linux requires too much command line work to get it working.

  • by PPH ( 736903 ) on Monday September 07, 2015 @02:50PM (#50473365)

    There will be one, right? Or will Microsoft's executives risk arrest and charges of espionage when they travel overseas?

    • by Sibko ( 1036168 )

      Any country those execs will want to visit are already owned by the US.

      Like they'd get a say in how their own laws are enforced. :^)

  • Can anyone suggest a good home router that will allow me to block all traffic to the IP addresses of vortex-win.data.microsoft.com and settings-win.data.microsoft.com (not sure if hosts is being ignored and the URL addresses are still being resolved or if the IP addresses are hard-coded in the malware). I would like multiple options and the ability to compare price and other features as well. The ability to statically lock a mac address to a local IP address (through DHCP) is a must (amazingly not all route

    • by PPH ( 736903 )

      And once some people have this properly configured, please report your experiences.

      Will Windows just throw up a bunch of nag screens? Will it become crippled? Or perhaps refuse to run altogether?

      • by Indy1 ( 99447 )

        no issues blocking the 2 hostnames. I use a linux box as my router/firewall in my home network, and have blocked em. Neither my Win7 or Win10 boxes complain a bit.

      • Or perhaps refuse to run altogether?

        It damn well better not refuse to run all together. Not unless Microsoft discloses that Windows now requires a full time Internet connection. I think that I still have the right to take my computer to a location where I don't have Internet access and still expect a crappy Microsoft experience.

    • http://pfsense.org/ [pfsense.org] is one such option.
      • Really? Prices starting at $300 for a minimal router with no wifi and one local port (no built-in switch)? I think I'm still looking.
  • Microsoft Care (Score:5, Insightful)

    by FrostedWheat ( 172733 ) on Monday September 07, 2015 @03:09PM (#50473531)
    Microsoft used to just hate Mac and Linux users. Good to see they're expanding that to Windows users too, they where beginning to feel left out.
  • "...add customer experience and diagnostic telemetry..."

    They didn't say that the 'customer experience' would be a good one. Sounds almost like airlines touting their coin-operated lavatories as somehow adding to the 'customer experience', as nobody forgets the experience of not having a couple of spare quarters at 40,000 feet and three hours to go until to landing.

  • Can someone post a fix? I'm more into the embedded side of things so while I have half an idea, I wouldn't know if it worked or not.
  • Please someone sue, we'll be sharpen our axes and lighting torches.

  • will MS Windows be used in this household nor at work. This is the straw that broke this camel's back. Damn you to Hell Microsoft ... bless you (insert flavor here) linux. Moving on.
  • Solutions (Score:3, Informative)

    by JimDarkmagic ( 1339257 ) on Monday September 07, 2015 @04:00PM (#50473923)

    I was looking at this recently; this should turn off and block much of it:

    Turn off CEIP, Uninstall updates, and then hide telemetry updates to prevent re-install:
    http://www.pcworld.com/article... [pcworld.com]
    Note: my "CEIP" setting was opted-out, but I still received two of those updates. So the "you don't get these updates if you're not in CEIP" assertions are incorrect, at least in my case.

    Turn off CEIP reporting services:
    https://pubs.vmware.com/view-5... [vmware.com]

    I kept having that "Update Windows 10" (GWXUX) service crash, so I turned it off using the registry update at the end of this article, leaving myself the opportunity to reverse the process and upgrade later if desired:
    http://www.howtogeek.com/21885... [howtogeek.com]

    If you want to block windows 10 telemetry using a quick and dirty private DNS server, along with ad and malware blocking, install dnsmasq on a computer (maybe a raspberry pi if you're going for cheap, I'm using a VM on a test bed computer in bridged mode for this experiment):
    https://www.linux.com/learn/tu... [linux.com] ...and block using an amalgamation of HOSTS files from here:
    https://github.com/StevenBlack... [github.com]

    It's a python script that gets a few HOSTS files on the net and de-duplicates them into a mega crap-blocker list. The resulting list includes tens of thousands of DNS lookups that will be blocked at the perimeter of your network, so it could cause some web pages or software to break they depend on sites blocked by these lists. You can prepare you own windows 10 specific HOSTS file using entries from http://someonewhocares.org/hos... [someonewhocares.org] and those listed in articles about this issue if you feel paranoid. Windows can side-step your hosts file, but not your DNS server!

    Stating the obvious: you'll want to leave the quick and dirty DNS behind your firewall/router, not expose it to the Internet.

  • "others cannot be disabled or stopped that easily, for instance because of hardcoded host and IP address information that bypass the Hosts file of the operating system." MicroNSA must really really want to keep tabs on you.
  • The second MS started pulling this Windows 10 shit weeks ago (and I discovered they had downloaded 4GB to my hard drive), I disabled automatic updates and uninstalled the offending KBs. Touch wood I haven't had MS install any crap to my Windows 7 box since then.

  • by Knightman ( 142928 ) on Monday September 07, 2015 @04:45PM (#50474199)

    I'm just waiting for the first malware that will co-opt all the telemetry to spy on users...

  • by JustAnotherOldGuy ( 4145623 ) on Monday September 07, 2015 @05:38PM (#50474529) Journal

    I'm so glad I'm not on Win10. With any luck, I never will be.

    This blatant crap of tracking every click, every mouse movement, every site, etc etc etc is mind boggling in the fact that they would even propose doing this, let alone brag about it.

    "Telemetry"? I think the word they really want is "spying".

  • by Mark4ST ( 249650 ) on Monday September 07, 2015 @06:58PM (#50474979) Homepage
    I am definitely in favour of sharing all of my usage data, provided that I get paid for it. I only do surveys for cash. If I had a financial stake in it, I wouldn't dream of asking someone for their opinion without providing compensation.
  • by Irate Engineer ( 2814313 ) on Monday September 07, 2015 @07:17PM (#50475103)

    XP EOL'd and I was considering going to Windows 7 (which was a pretty good release, until now), but just before I pulled the trigger, Windows H8 rolled out and the shit storm that followed convinced me that Microsoft left the rails and wasn't listening to its users anymore.

    I feel like I just stepped aboard one of the Titanic's lifeboats just before the band started playing "Nearer my God to Thee." Whoever is still aboard the HMS MS is properly fucked.

    Actually, I think most don't care, and they will happily part with all their data, public and private. They won't regret the decision until it fucks them, at which point they can't roll it back.

    Using Linux Mint now - try it!

Avoid strange women and temporary variables.

Working...