Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Privacy Microsoft Programming

Visual Studio 2015 C++ Compiler Secretly Inserts Telemetry Code Into Binaries (infoq.com) 421

Reader edxwelch writes: Reddit user sammiesdog discovered recently that Visual Studio 2015 C++ compiler was inserting calls to a Microsoft telemetry function into binaries. "I compiled a simple program with only main(). When looking at the compiled binary in IDA, I see a call for telemetry_main_invoke_trigger and telemetry_main_return_trigger. I cannot find documentation for these calls, either on the web or in the options page," he wrote. Only after the discovery did Steve Carroll, the dev manager for Visual C++ admit to the "feature" and posted a workaround to remove it.A Microsoft spokesperson confirmed the existence of this behavior to InfoQ, adding that the company wil be removing it in a future preview build. For those who wish to get rid of it, the blog writes: Users who have a copy of VS2015 Update 2 and wish to turn off the telemetry functionality currently being compiled into their code should add notelemetry.obj to their linker command line.
This discussion has been archived. No new comments can be posted.

Visual Studio 2015 C++ Compiler Secretly Inserts Telemetry Code Into Binaries

Comments Filter:
  • MS Spyware (Score:5, Insightful)

    by allo ( 1728082 ) on Friday June 10, 2016 @09:04AM (#52288085)

    No escape.

    • by goombah99 ( 560566 ) on Friday June 10, 2016 @09:37AM (#52288365)

      Boy this is at the scale of the Ken Thompson attack. Compilers that insert backdoors

      http://c2.com/cgi/wiki?TheKenT... [c2.com]

      • by goombah99 ( 560566 ) on Friday June 10, 2016 @10:03AM (#52288609)

        So one can imagine a case where a program crashes and sends telemetry to microsoft from inside a secure computing enviornment or otherwise exports secret bussiness data. This could invalidate MS from all government computing.

        • by HiThere ( 15173 )

          s/could/should/

          I note the claim that this only stores stuff locally, so it MAY not be that serious. Depending. But this has no business being there at all, and it adds hooks that could be activated later.

        • by eth1 ( 94901 )

          So one can imagine a case where a program crashes and sends telemetry to microsoft from inside a secure computing enviornment or otherwise exports secret bussiness data. This could invalidate MS from all government computing.

          It wouldn't just affect MS software, but anything from anyone with any component built with MS development tools, anything built by tools built by MS dev tools, etc.

      • by Geoffrey.landis ( 926948 ) on Friday June 10, 2016 @10:06AM (#52288651) Homepage

        Reading through the long Reddit thread, it looks as if the "telemetry" call saves the telemetry data locally; it does not seem to export it. So it's hard to call it "inserting backdoors".
        From https://www.reddit.com/r/cpp/c... [reddit.com]

        [–]flashmozzg 68 points 1 month ago
        Apparently it's only VS15 feature. It logs at least when your app is executed. You can access logs via logman and tracerpt. Some investigation was done here recently: (lang: Russian) https://habrahabr.ru/post/2813... [habrahabr.ru]

        [–]sammiesdog[S] 30 points 1 month ago
        Are the logs a local feature (i.e. stays on the user's computer)?
        And can it be disabled?

        [–]flashmozzg 29 points 1 month ago
        Seems to be that way. At least right now they only keep main invoked/returned, exit/abort called and such. Nothing serious.
        The suggested way to disable it is adding this to your project:

        extern "C"
        {
                void _cdecl __vcrt_initialize_telemetry_provider() {}
                void _cdecl __telemetry_main_invoke_trigger() {}
                void _cdecl __telemetry_main_return_trigger() {}
                void _cdecl __vcrt_uninitialize_telemetry_provider() {}
        };

      • by ljw1004 ( 764174 ) on Friday June 10, 2016 @12:11PM (#52289659)

        Boy this is at the scale of the Ken Thompson attack. Compilers that insert backdoors

        http://c2.com/cgi/wiki?TheKenT... [c2.com]

        No it's not. Ken Thompson's work was beautiful and subtle - a compiler disguised all evidence of its backdoor even when you write code to search for these backdoors or when you compile the compiler itself.

        If Ken Thompson had gone on stage to say "hay guys I made a compiler which inserts a call at the entrypoint of your program" -- well, that's trivial.

        • Ken Thompson's work was beautiful and subtle - a compiler disguised all evidence of its backdoor even when you write code to search for these backdoors or when you compile the compiler itself.

          True. But that works only when there's one compiler available for a particular language. If you bootstrap a compiler with three independent compilers, the backdoor is highly unlikely to persist into all three according to "Diverse Double-Compiling" by David A. Wheeler [dwheeler.com]. Compile the compiler A with multiple compilers B, C, and D, and then compile A with (A compiled with B), (A compiled with C), and (A compiled with D), and you end up with (A compiled with A), (A compiled with A), and (A compiled with A). If they're identical, then B, C, and D have either no backdoor or an identical backdoor. Which is more likely?

          Of course, all this requires that source code for A be available to the public or at least to a person trusted by the public to release compiler binaries. This is true of TCC, GCC, and Clang, not so much for Microsoft C++.

      • by AntronArgaiv ( 4043705 ) on Friday June 10, 2016 @01:17PM (#52290153)

        Boy this is at the scale of the Ken Thompson attack. Compilers that insert backdoors

        http://c2.com/cgi/wiki?TheKenT... [c2.com]

        No, I think that requires one more level of indirection -- reinserting the backdoor in the compiler when it is recompiled without the backdoor.

    • Re: (Score:2, Informative)

      by Anonymous Coward

      Microsoft Telemetry - dedicated to fast-tracking the confirmation of Richard Stallman as public visionary.

    • Oh, I think there's an 'escape' available: Stop using Microsoft products entirely. Also, Microsoft needs to be brought up on charges for violating anti-hacking laws. Their compiler is, by default, inserting unwanted and malicious code into other people's code. I think that qualifies as 'hacking' under the anti-hacking laws, doesn't it? Where's the indictments against Microsoft for this and all the other malicious things they've been doing?
  • Apparently... (Score:5, Insightful)

    by ChodaBoyUSA ( 2532764 ) on Friday June 10, 2016 @09:04AM (#52288089)
    Microsoft has shed all pretense of shame and is adamant to infect everything with their spyware/malware behavior. This is very unfortunate. They keep removing any remaining reason to stick with Windows over OSX or Linux. Sad.
    • Re:Apparently... (Score:5, Interesting)

      by Aighearach ( 97333 ) on Friday June 10, 2016 @01:47PM (#52290367)

      I've been saying for awhile, post-anti-trust MS has finally realized that they can't leverage a monopoly and so don't gain from having lots of users/followers/fans who won't subscribe. They're in an intensive process right now to drive away the people who don't want to be part of their subscription-based future. Those people are just a dead weight to them, an expense, a liability. They're not the only option, they can't leverage being the default, and there is not significant financial value in being the default anymore. They can't use it to coerce additional payments or higher rates from wholesalers, so there isn't value in it.

      This is probably intentionally designed to drive away people who like to use their compiler, but consider subscription-style information flows to microsoft to be "spyware." Those people will never ever pay for the type of services that MS is building their future around. They are just past lovers who are guaranteed to become disgruntled and angry at some point, because MS has grown in a different direction than them, chosen a new and different lifestyle. It is time for these people to move on, find a new compiler, find a new OS, etc.

  • by flyingfsck ( 986395 ) on Friday June 10, 2016 @09:05AM (#52288095)
    I suppose MS will learn from this and hide it better in the future.
    • Bingo (Score:5, Interesting)

      by Anonymous Coward on Friday June 10, 2016 @09:18AM (#52288205)

      A Microsoft spokesperson confirmed the existence of this behavior to InfoQ, adding that the company wil bel removing it in a future preview build

      ...because it was finally discovered. If it hadn't been discovered, does anyone honestly think they would be removing it? Of course not.

    • by null etc. ( 524767 ) on Friday June 10, 2016 @09:55AM (#52288533)

      I suppose MS will learn from this and hide it better in the future.

      Or, they'll just update their operating system to dynamically inject telemetry into every executable that runs.

      Ooops, I hope I didn't just give Microsoft a new idea. Wait, they're probably already thought of it, and more.

  • by Thud457 ( 234763 ) on Friday June 10, 2016 @09:10AM (#52288137) Homepage Journal
    Ken Thompson [cmu.edu] must be spinning in his grave!

    1984 wasn't intended as an instruction manual.
  • by bazmail ( 764941 ) on Friday June 10, 2016 @09:13AM (#52288151)
    Embedding malware via their compiler? Wow a new low

    No matter how Nadella tries to spin things and give them a new image, MS still sucks worse than ever.
    • by Anonymous Coward on Friday June 10, 2016 @09:43AM (#52288409)

      Embedding malware via their compiler? Wow a new low

      No matter how Nadella tries to spin things and give them a new image, MS still sucks worse than ever.

      The moment I'll believe that Microsoft has created a product that doesn't suck is when they start selling vacuum cleaners.

    • No matter how Nadella tries to spin things and give them a new image, MS still sucks worse than ever.

      I think you're exaggerating, but only slightly. This is probably on par with some of their other, sleaziest moves from years past.

  • by Anonymous Coward on Friday June 10, 2016 @09:13AM (#52288155)

    Little known fact: g++ has had the same ability to insert spyware for a long time. It's described about line 39885 of the manpage. All you have to do is invoke is via:

    g++ --mrelocate --use-upper-reg-halfs --insert-telemetry-libs --mnetwork-lib --include-nsa-stubs --include-fbi-stubs --omit-eff-stubs --no-powerpc --no-fpu --disable-optimization --use-network-capture-prologs --fuck-snowden --section215-includes --fort-meade-includes --fiveeyes-libs --use-eschelon-libs --omit-greenwald-reporting --prism --enable-gchq-sharing myfile.cpp -o myfile

    That does the same thing as Visual Studio. Easy peasy. Dunno why Microsoft always acts like they invented everything.

  • When you consider that MS backdoored OS, compromised compiler is, comparatively, much lesser sin.
    • When you consider that MS backdoored OS, compromised compiler is, comparatively, much lesser sin.

      Not at all. I can avoid their OS. I have almost no way of knowing what binaries were compiled by VS.

      • Realistically, is anybody likely to use the Microsoft toolchain to compile software for any platform other than Windows? I doubt it. Therefore, considering the fact that Windows 10 (and patched versions of 8.1 and 7) are spyware at the OS level anyway, this compiler-trojaned-application issue is only of real concern among users of carefully-unpatched older Windows versions.

      • by ceoyoyo ( 59147 )

        Easy enough. Just avoid their OS, it gets you two for one. Or do VS binaries run on other OSes now?

  • by __aaclcg7560 ( 824291 ) on Friday June 10, 2016 @09:30AM (#52288315)
    You would think that the IDE would be smart enough not to insert extraneous calls for trivial programs.
    • by Dwedit ( 232252 )

      You're going to get junk for every trivial program no matter what. It includes the CRT or runtime library into all statically linked programs, no matter how much of the CRT or runtime library it actually needs.
      The only way to not get junk is to turn on "ignore all default libraries", which is tough to do, but possible. You lose a lot of features of the compiler, such as the built-in standard library, converting floats to ints, etc.

      Here's a minimal Hello World program that includes no junk whatsoever:
      #incl

  • Now we know (Score:5, Funny)

    by Alumoi ( 1321661 ) on Friday June 10, 2016 @09:35AM (#52288347)

    What compiler MS used for Windows 10.
    'We did not add any telemetry in Windows 10. It was the compiler, I tell you.'

    • Reminds me of those scammers that call people and say "Hi we're from Microsoft and we found a virus on your computer. Do you want us to clean it?" Then they pass the phone to somebody in the sales department to piddle some 'antivirus suite' (really malware). The scammer technically didn't sell you anything so he's not liable for it; he just told you something (outrageous it may be) and forwarded your call to somebody to sell you something.
  • So far so bad (Score:4, Insightful)

    by Impy the Impiuos Imp ( 442658 ) on Friday June 10, 2016 @09:39AM (#52288379) Journal

    I see a call for telemetry_main_invoke_trigger and telemetry_main_return_trigger

    Did he ever find out what feed_all_keystrokes_and_web_sites_to_nsa does?

    There is no return version of this, because history shows a nation never returns from it.

  • It's so heartwarming to see the long-theorized 'backdoor the compiler' attack finally gaining commercial acceptance and enterprise support!
  • And this shows you why access to the source code is not enough to audit software.
  • "Telemetry! Telemetry! Telemetry!" seems to have been the decree screamed from the ivory tower of MS leadership to the devs crafting Win10.

    Seems like desperate flailing to maximize profits from the terminally declining Windows hegemony.
  • There needs to be a law, if one can not be found that already can already cover this, but "faithful" generation of object code from source code is, by definition, what a compiler does. There MUST be *some* product law that covers intentionally inserting functionality without the user's knowledge.

    • by swb ( 14022 )

      Doesn't the law generally exclude software from "fitness for a particular purpose" and "free from defects"?

      It used to seem that these were exclusions that let them just sell buggy software with no consequences, I'd imagine they figure it allows them to insert spyware, too.

      I weep for the idea we'll never get a comprehensive privacy law that makes this and all the other forms of commercial electronic surveillance without extremely explicit permission illegal. The major technology players are too invested in

  • Most of now have privacy policies where we disclose what data we collect and what we do with it. If that disclosure is defective, you're in legal jeopardy for failure to disclose. Thanks for the poison pill, MS!

    And, haven't they considered that the whole Apple/FBI thing might have implications for them and their developers, just maybe? If not legal issues, then PR at the very least? Stunning!

  • by DoofusOfDeath ( 636671 ) on Friday June 10, 2016 @11:46AM (#52289447)

    I assume that Microsoft compiles its shipping products with some form of Visual C++.

    Does anyone know if these telemetry calls are made inside those products? For example, inside Microsoft's shipped versions of SQL Server?

    And if so, does this mean using those products for handling HIPPA or PCI workloads is illegal?

  • The function could have been "windows_10_forced_install"

Every nonzero finite dimensional inner product space has an orthonormal basis. It makes sense, when you don't think about it.

Working...