Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Microsoft Operating Systems Privacy Windows

Security Analyst Concludes Windows 10 Enterprise 'Tracks Too Much' (xato.net) 284

A viral Twitter rant about Windows 10 Enterprise supposedly ignoring users' privacy settings has since been clarified. "I made mistakes on my original testing and therefore saw more connections than I should have," writes IT security analyst Mark Burnett, "including some to Google ads." But his qualified results -- quoted below -- are still critical of Microsoft:
  • You can cut back even more using the Windows Restricted Traffic Limited Functionality Baseline but break many things.
  • Settings can be set wrong if you aren't paying attention. Also, settings are not consistent and can be confusing to beginners.
  • You are opted-in to just about everything by default and have to set hundreds of settings to opt out, even on an Enterprise Windows system. Sometimes multiple settings for the same feature. Most Microsoft documentation discourages opting out and warns of a less optimal experience... But you can't completely opt-out. Windows still tracks too much.
  • Home and Professional users are much worse off due to limitations of some settings and lack of an IT staff... I'm not saying ditch Windows. I'm saying let's fix this. If we can't fix it, then we ditch Windows.

This discussion has been archived. No new comments can be posted.

Security Analyst Concludes Windows 10 Enterprise 'Tracks Too Much'

Comments Filter:
  • by El Cubano ( 631386 ) on Saturday May 27, 2017 @11:15PM (#54500129)

    You are opted-in to just about everything by default and have to set hundreds of settings to opt out, even on an Enterprise Windows system. Sometimes multiple settings for the same feature. Most Microsoft documentation discourages opting out and warns of a less optimal experience... But you can't completely opt-out. Windows still tracks too much.

    Correct me if I'm wrong, but isn't this essentially the definition of "defective by design?"

    The increasingly hostile and draconian moves by Microsoft simply serve to prove that the majority of Microsoft customers are in a co-dependent relationship with Microsoft: afraid that no matter how bad things are with Microsoft, they will be worse without Microsoft. It must suck to live like that.

    I know, I know. Some people cannot ditch Microsoft, but most people can and it would cost them only marginally more effort (and probably less in many cases) than they expend dealing with all the crap Microsoft is throwing at their customers these days.

    • by thegarbz ( 1787294 ) on Sunday May 28, 2017 @03:53AM (#54500593)

      Correct me if I'm wrong, but isn't this essentially the definition of "defective by design?"

      Defective by design is about intentionally not performing the intended function. For all its flaws, Windows 10 still runs windows software just as well as it ever did.

      "Deceptive by design" now that's a definition I can get behind.

      • Correct me if I'm wrong, but isn't this essentially the definition of "defective by design?"

        Defective by design is about intentionally not performing the intended function. For all its flaws, Windows 10 still runs windows software just as well as it ever did.

        "Deceptive by design" now that's a definition I can get behind.

        And, more to the point, the actual purpose of Windows 10 is to spy on the users and generate revenue from that data for Microsoft. Performing OS functions is a side-effect. In this respect, Windows 10 is functioning as designed.

    • by Elledan ( 582730 ) on Sunday May 28, 2017 @04:06AM (#54500619) Homepage
      There is a way to fix Windows and remove all control from Microsoft. This way also doesn't involve Linux and kin.

      If the ReactOS project got even 10% of the commits and money that Linux receives, it might soon become the Open Source alternative to even Windows 10, allowing everyone to ditch Windows without having to change the software they use.

      Everyone would be better off, except for Microsoft, of course, but that's their own problem.
      • If the ReactOS project got even 10% of the commits and money that Linux receives, it might soon become the Open Source alternative to even Windows 10, allowing everyone to ditch Windows without having to change the software they use.

        Even Microsoft doesn't know how complex Microsoft products work. They write specifications that literally say "do what the software does here". There is literally no chance that any reasonable amount of money or code commits could make ReactOS even a 90% replacement for Windows. It's not even 5% now. You can crash it just by booting it.

      • by Kjella ( 173770 ) on Sunday May 28, 2017 @10:24AM (#54501359) Homepage

        If the ReactOS project got even 10% of the commits and money that Linux receives, it might soon become the Open Source alternative to even Windows 10, allowing everyone to ditch Windows without having to change the software they use.

        Said no person with experience reverse engineering ever, at no point has trying to chase your proprietary competitor's blobs ever worked. WINE does an okay job running some Windows software, LibreOffice does an okay job opening some MS Office documents but you'll never repeat every quirk, bug and obscure functionality. You'll never get a fully working replacement for DirectX that isn't DirectX, not without 10x the resources Microsoft used to write it to reverse engineer it. That's not 10% of the Linux resources, probably more like 1000%. The only workable solution long term is to get people over to new, open standards like web apps written for W3C compliant browsers instead of IE6, games using Vulkan instead of DirectX, cross platform tools like qBitTorrent instead of uTorrent and so on.

        Look at git, the version control software to develop Windows is now created by Linus Torvalds, what better endorsement can you get than the competition eating your dogfood? Look at all the cloud solutions booming because you can just spin up another Linux instance on demand without licensing worries. You don't win by mimicking the old, you win by delivering something new and better. And even if someone builds proprietary stuff on top of it (OS X, Android, Tivo etc.) you keep gaining ground. Even if the pace is somewhat glacial I never had the feeling open source went backwards, even if you look at stuff like Firefox then Chrome is mostly open source through Chromium. It would be a helluva lot less work to fork that than to start over. Tools like ASP.NET Core is being open sourced, Apple has open sourced Swift, for more and more of low-level infrastructure closed source just isn't kosher anymore.

    • You are opted-in to just about everything by default and have to set hundreds of settings to opt out, even on an Enterprise Windows system. Sometimes multiple settings for the same feature. Most Microsoft documentation discourages opting out and warns of a less optimal experience... But you can't completely opt-out. Windows still tracks too much.

      Correct me if I'm wrong, but isn't this essentially the definition of "defective by design?...

      If you're looking for what's defective, that would be a society that happily gives up their digital soul in exchange for paying nothing for products and services. If you recall, Microsoft initially gave away Windows 10 for free in order to accelerate deployment.

      And the free gimmick works every fucking time because consumers are far too ignorant to understand that they no longer buy products for a reason; they are the product.

      The popularity of the free price tag also goes to show just how much consumers gi

    • by zifn4b ( 1040588 )

      Correct me if I'm wrong, but isn't this essentially the definition of "defective by design?"

      Nope. It was designed that way so your data could be harvested and aggregated with everyone else's to be sold. It's a very profitable business.

    • by Dunbal ( 464142 ) *

      afraid that no matter how bad things are with Microsoft, they will be worse without Microsoft.

      Also known as "battered user syndrome".

      • Also known as "battered user syndrome".

        When all you've got is a deep frier, everything looks like browbeaten Timbit [wikipedia.org] tempura.

        42 years now, and still haven't changed the original oil.

    • by hey! ( 33014 )

      "Defective by design" is another way of saying the vendor and client have conflicting interests in their requirements for the product.

    • by gweihir ( 88907 )

      Very true on all points. I do however know of one pretty large organization (> 50K employees), that has scrapped all plans to move to Win10, due to both security concerns (against MS modeled as attacker) and the constant UI changes. As soon as Win7 enterprise becomes non-viable, they will move everybody to web-terminals (that will most assuredly not run an MS OS). Since many corporate application landscapes these days are web-based anyways, they cannot be the only ones planning that.

  • by Anonymous Coward on Saturday May 27, 2017 @11:25PM (#54500151)

    The problem isn't Windows. The problem isn't even Microsoft.

    The problem is that we don't have strict laws governing the protection of user data. There needs to be serious and utter consequences for pulling this sort of shit. The sort of consequences that would make any shareholder board go "holy shit, let's not fucking do that". Until that happens, absolutely nothing is going to change. You might be able to pressure Microsoft into releasing a patch or two that appears to offer some sort of reprieve, but then they'll get back to doing exactly what they've been doing before, and probably torque down the screws just a little bit tighter while they're at it.

    Unfortunately, with the USA now gunning for net neutrality, I doubt anything like this would ever happen. Corporations have too much money and nobody gives a shit about the user. As long as the users keep paying for stuff (because they "have no choice" or don't want to slightly inconvenience themselves), nothing will ever change.

    So you better get used to it, because Windows 10 is just the start.

    • EU GDPR is set to stick a giant spanner in windows 10 as it is doing with Facebook and Google data slurping. Check out the current cock blocking Redmond is getting on this and we're still a year out. Fines range up to 4% of global trade turnover, more than enough to brown trouser the board. Either they comply or quit the EU market. And that means any inbound EU data handling, not just EU based licence holders.
      • by gweihir ( 88907 )

        As this process is slow, it may take until 2018 to happen. But they are definitely working on it, and I think this time around they will not take any crap from MS. And what MS is currently doing is already illegal, so the first thing we see may be that MS is hit with a massive fine and threatened with more and a potential prohibition on sales of their defective product.

    • The problem isn't Windows. The problem isn't even Microsoft.

      The problem is that we don't have strict laws governing the protection of user data...Corporations have too much money and nobody gives a shit about the user.

      Uh, not quite.

      The root cause of all this is users don't give a shit about privacy.

      That is the true problem.

      That is the reason Windows and many other products are given away for "free", turning the user into the product.

      That is the reason nothing will ever change. Users have to actually give a shit in order to start demanding strict laws to protect them.

      • by swb ( 14022 )

        In a lot of ways, this almost begs for a kind of public health type of response.

        In years past, most people would have willfully chosen poisonous product X for its low cost and rejected more expensive non-poisonous product Y. Or they would have rejected tax increases for improved sanitation or water filtration for the same reasons. Or they chose the patent medicine with an opioid versus the one with just sugar.

        I don't know that we ever really made the masses more intelligent than they are now about these i

        • by west ( 39918 )

          The trouble is that for a sizable segment of society, their privacy+eyeballs is the only asset they have to sell.

          Making Microsoft, Google, et al start charging for everything (or raise their prices in order to make up for the loss of revenue) is going to flat out deny services to those who can't afford them (or are unbanked and have no access to credit cards).

          Sure, adding $100-$200 a month to my bills (in the form of micro-transactions, subscriptions, etc.) to protect my privacy (and only have anonymous ads

    • The problem is that we don't have strict laws governing the protection of user data.

      I disagree. Don't get me wrong, I'm usually not a proponent of the idea of "the invisible hand", but I think the larger problem is vendor lock-in. I think there should be more laws to protect user data, but more importantly, I think we need to find ways to make sure people have real options.

      For example, to this day, I can't use a non-Windows operating system for my work computer. Or at least, I need a Windows VM to run a few Windows applications for which I have no non-Windows version available. Ideall

    • by AmiMoJo ( 196126 )

      I'm still hopeful that we will see a Windows 10 N version for the EU, with this crap disabled.

      • by gweihir ( 88907 )

        The EU is slow, but something is brewing. MS already had to make changes for the Swiss Data Privacy Commissioner and, since that guy is certainly talking to his EU counterparts, I am pretty sure that one was a test-balloon. Both the French and the Germans have already announced they are investigating. In the end, MS will have to switch all telemetry off by default, because what they are currently doing is illegal.

        EU law states that absolutely every data collection must have a positive agreement by an inform

  • >I'm not saying ditch Windows. I'm saying let's fix this. If we can't fix it, then we ditch Windows.

    Well, maybe you can do what I do... ...I run Windows 10 on a separate SSD, and run Linux daily on my Main M2. NVMe.

  • Optimal Experience (Score:5, Informative)

    by Darinbob ( 1142669 ) on Saturday May 27, 2017 @11:35PM (#54500175)

    The problem with optimal experience is that Microsoft means their own experience not that of the users. Optimal for them means that the customers are eyeballs for advertisers and with easy to access to data for analytics. Optimal experience for the actual users means that they can turn off Microsoft's control, nothing ever defaults to opt-in, and they don't get tracked or advertised to.

    • by Z00L00K ( 682162 )

      Unfortunately one side-effect is also that if they don't get the data from all users then their experience data is getting skewed. So this means effectively that if only morons don't disable the telemetry and everyone else do, then they base their decisions on the user experience morons has and make an operating system suitable for morons based on that.

      But we do need to tell them that we don't like being tracked all the time. There are limits to how far a government may go in many modern countries, but rare

  • Better Solutioin (Score:5, Insightful)

    by Murdoch5 ( 1563847 ) on Saturday May 27, 2017 @11:41PM (#54500191) Homepage
    It's call Linux and it's vastly superior in almost every way to Windows. Don't worry about Windows 10, just switch to the worlds best Desktop Operating system.
    • Re: Better Solutioin (Score:5, Informative)

      by thundercattt ( 4205847 ) on Saturday May 27, 2017 @11:49PM (#54500209)
      Been a Linux user since XP, never looked back.
    • I want to. Really, I do. For about half the tools I use there's replacements in Linux. Nearly everything else works great in a locked away Windows VM.

      And now please solve the last bastion that Windows has: Games.

      Games are, odd as it may sound, tricky. Hard, if possible at all, to run in a VM, many don't work well in Wine and very few (at least outside the Indie circuit) run natively on Linux.

      • Majority of newer games do get supported under Wine. Unless you're playing the Original Diablo or something, you're good to go.
      • by gweihir ( 88907 )

        Same here. I think when Win7 goes out of support, I will just go dual-system with a KVM switch, and the only thing on the Windows machine being games. For Office (which I occasionally need), I will just go for an non-networked VM on Linux. It is truly sad that the mainstream-OS has now to be treated basically as malware.

    • by DogDude ( 805747 )
      That's cute.
  • by whoever57 ( 658626 ) on Saturday May 27, 2017 @11:43PM (#54500195) Journal

    I'm not saying ditch Windows. I'm saying let's fix this. If we can't fix it, then we ditch Windows.

    We already know it's unfixable. What's the delay in ditching Windows?

    I think that, for many people, if running Windows required the user to endure an electric shock, they would still not ditch it. They have such little imagination that an alternative is possible.

  • We? (Score:5, Insightful)

    by PinkyGigglebrain ( 730753 ) on Saturday May 27, 2017 @11:44PM (#54500197)

    " If we can't fix it, then we ditch Windows."

    "We" can't fix MS Windows, only Microsoft can.

    Any one think they will?

    • Start with the restricted baseline, and remove the stuff meant to prevent this from being useless, like the CRL checks. That's how we fix it. Oh, and document minor deviations that people may want like Defender av updates.

      When that fails, patched binaries, signed if needed via Let's Encrypt.

      And then we fix by ditching it. Wine or ReactOS or dump it completely.

    • by gweihir ( 88907 )

      I think they may not be able to either.

  • Home and Professional users are much worse off due to limitations of some settings and lack of an IT staff...

    I haven't fixed anyone's computers in years since I started charging $300 per hour.

    • Hahaha I had to do the same thing.
      • Hahaha I had to do the same thing.

        A coworker went a step further by requiring his customers to order and pay for their replacement parts through Best Buy so he can pick them up. No money comes out of his pocket for the replacement parts and he doesn't get stuck with a $300 video card because someone cancelled the job.

  • Sad to read another article about painful writhing over using Windows.

    Ditch Windows.

    • by MrL0G1C ( 867445 )

      10x more games for windows, for the meantime I can stick with 7, I'm still waiting for 3rd parties to fix the giant feces known as windows telemetry in win10.

      'Basic level' - they collect so much they say it'd take 149 min's just to read what type of info it collects:
      https://docs.microsoft.com/en-... [microsoft.com]

  • by xeno ( 2667 ) on Sunday May 28, 2017 @12:15AM (#54500271)
    Yep, linux linux linux... all us geeks can rant about the virtues and advantages, but at the end of the day, the rank and file want to run office and a web browser. MS Office is the lock-in that sells Windows... and while Wine promised to solve that it's way too complex for most people. Enter PlayOnLinux, which makes common Windows software installation just as simple as on Windows. Point, click, install. Holy $#%@ it just works, and ALL that Windows telemetry is gone, because Windows is gone. And I don't miss it.

    To keep it short: I set up Linux Mint and ran updates (about 10 min total install time, from bare metal), installed PlayOnLinux (about three clicks into the Software Manager app), then used that to install MS Office (including Visio), registered and all. The Cisco VPN works (of course), the browsers are faster (of course) and work well with corp apps, and MS Office just works. Tons of other stuff Just Works(tm). Corp IT never hears from me, all the tools just work, everything's much faster, and I didn't have to do ANYTHING at the CLI -- in fact, it was easier and much faster than typical interminable Windows setup processes. It's beyond me why people still put up with the stress of Windows, or insist that it's easier (it's not) or more secure (*snort*).
    • and while Wine promised to solve that it's way too complex for most people. Enter PlayOnLinux, which makes common Windows software installation just as simple as on Windows

      You know that PlayOnLinux is a layer on top of Wine, right? You are using Wine.

      • So? What matters is that it makes using Wine much easier and user friendly.

        This is exactly the only problem Linux still has that keeps it from breaking out into the world: You still need to know a thing or two about the machine you're using. Yes, that should be a good thing. Actually, it should be a requirement. Sadly, most people neither do know a thing or two about the machines they're using, they also do not want to learn. And there is unfortunately an OS that supports their laziness.

        And just as people c

    • and ALL that Windows telemetry is gone, because Windows is gone.

      That's a dangerous assumption to make. MS Office could include its own telemetry.
      Since you told us you did the registration, it connected to MS servers at least once already.
      Did you take steps to isolate it from the internet afterwards?
      If not, how can you be sure it doesn't spy on you?

      • Hold on - am I getting this right? Using Wine to Run Microsoft Office? Too bad there isn't a Linux solution.
    • ...Wine promised to solve that it's way too complex for most people. Enter PlayOnLinux....

      PlayOnLinux is just a front-end to WINE. While is may increase your success a bit, it's still limited by WINE's abilities.

  • Sadly, Windows is a brand, a familiar name to pretty much everyone. Linux is getting there too, but the unfortunate part is Linux has a reputation of being 'geeky, technical, difficult to use, not for end-users.' Which is really sad and completely wrong, the Linux Mint team have put together one of the easiest to use systems I've seen. It's not perfect, but it's definitely easy to use.

    Linux needs to work on it's reputation with the general public. I'm not sure how we go about doing that other than educa

    • It's changing. Windows is a household name, yes, but it becomes more and more something that people despise for two reasons. First, for a real one, because they get to hear time and again "bad news" about it. Privacy? Shady business tactics? Nah. Malware. Crypto trojans. And it does only happen to Windows users. No Linux user reports any problems, no MacOS has ever been affected. Yes, technically they could if those OSs had any market share interesting to the crypters, but ... folks, why shouldn't we use th

    • S

      Mint has a long way to go, however. Out of the box it's fantastic, but installing anything becomes quickly overwhelming for end users.

      I hear ya Bro! I damn near died when I opened Synaptics and then I'm telling you the facking program made me enter my password - again, fer crissakes! Then I had to search through all of these gaddamned programs and get this - click on the one I wanted. Then it was scary, when a new screen popped up and told me it had to install some other programs - wut dafuk? Sounds like a virus or sumpin from the roooshians!

      Finally I just gave up, asked for prayers from me friends on facebook and cried myself to sleep.

    • by gweihir ( 88907 )

      Microsoft might self-destruct if they push Windows S too hard, that is just a nightmare. That'll drive everyone toward Linux in a hurry. Please do it, Microsoft. Push Windows S harder.

      I do hope so. The Windows "Shit" edition should make it clear even to the dumbest user.

  • I'm not saying ditch Windows. I'm saying let's fix this. If we can't fix it, then we ditch Windows.

    You should be saying ditch proprietary software precisely because nobody but the proprietor (the very party you can't trust) is legally allowed to fix this (where the word "fix" is a fix from the user's perspective, of course, since the software already works as the proprietor has programmed it to work). That's what proprietary software means and that power over the user is why proprietors distribute their software without respecting a user's freedoms to run, share, and modify the software at any time for any reason. The system's behavior can change at any time, so even if someone monitors what a particular variant of a non-free, user-subjugating OS does now that can change later. Perhaps the software only does something bad under conditions one doesn't typically reach, or maybe an update changes how the software behaves. Furthermore, said software updates don't have to come through an updating program which seeks a user's approval before installation (such as Windows Updates).

    The GNU Project has no shortage of proprietary Microsoft malware [gnu.org] and that includes universal backdoors, snooping on user's activities, ignoring user's settings on so-called 'privacy' settings, and sending identifiable data to Microsoft and third parties ("even if a user turns off its Bing search and Cortana features, and activates the privacy-protection settings").

  • Just enjoy Microsoft for games.
    Let Microsoft track all the hours spent playing games.
    Anything of value use a real OS.
    Why risk all the malware, CIA, NSA code and other security services?
    • by gweihir ( 88907 )

      Indeed. As soon as Win7 goes out of security-support I am doing that. Not quite sure how yet, but possibly just by using two machines and a KVM switch. Alternatively, if Graphics passthrough works well by then, I might jail Win10 in a VM.

  • I want to zig-zag here a bit. We all agree that MS is doing it wrong with telemetry on Windows 10. So then, fellow Slashdotters, what is the right (or at least, righter) way to do it?

    • Do we make it opt out or opt in? If it's opt out then most people unknowingly participate, which increases the chance of telemetry seeing something it shouldn't. If it's opt in then most people unknowingly don't participate, and the pool of telemetry-enabled systems will be very small and biased towards power users.
    • What's okay
    • by Megane ( 129182 )

      Do we make it opt out or opt in?

      The problem right now is that it is neither. Opt-out would be an improvement.

    • by swb ( 14022 )

      A big problem with telemetry in my opinion is that it's being used as a form of retroactive quality control, encouraging rapid version cycling and the release of immature code.

      I don't think they're using telemetry to identify edge cases that reasonable testing wouldn't catch, they're using it to find common problems that thorough testing would identify. I have a hard time believing that edge cases can even be found in the fire hose of data presented by mass telemetry. I'd wager it takes pretty serious ana

    • Very roughly speaking, the more you understand how your users use your software, the better you can optimize it for their needs.

      You don't actually think that is why they are doing it, do you?

  • The author puts the difficulty of opting-out in term of numerous, confusing, and hard-to-find settings that need to be changed.

    All of these settings must be stored in a database somewhere on the HD, why not create something that directly edits the values and automates the process?

  • Spybot anti-beacon (Score:4, Interesting)

    by nospam007 ( 722110 ) * on Sunday May 28, 2017 @04:06AM (#54500615)

    Spybot abti-beacon fixes mst of it, even if it can't kill cortana.

    https://www.safer-networking.o... [safer-networking.org]

  • As I am a gamer, unless Vulcan makes Linux version of most games a reality by the end of security support for Win7, I cannot fully get rid of it. But I will likely go for one machine for gaming only and a Linux box for everything else. Alternatively, if graphics passthrough works well by then, I will jail Win10 in a VM on a Linux base. But there is no way in this universe I am going to give Win10 access to my email, browsing, and other things.

  • I doubt they would permit this data leaving their networks. Same for some law firms and any other orgs working with sensitive data.
  • Where's the info? This article is about a Twitter rant, but then has no actual information in it. This was a waste of my time to even look at.
  • I caught Microsoft fucking my entire system over when I got new hardware and HAD to go with Windows 10 - after installing Windows 10 (Legit license) I had to install an audio driver.

    Naturally, the driver prompts me to reboot.

    First fucking thing it does - go straight into the "Updating computer, please wait."

    It wasn't updating. What it was doing was scanning my hard drive and wiping out anything that wasn't Microsoft-related - EVERYTHING in my Windows.old directory was wiped out - my music player (which was

  • by sad_ ( 7868 ) on Monday May 29, 2017 @05:45AM (#54504611) Homepage

    easy, just fork the code and remove all those tracking bits...
    what is that? you can't do that?
    well then there is nothing you can do to fix it, so ditch windows.

Know Thy User.

Working...