Internet Explorer and Edge send the full URL of every page you visit to MS, plus your unique account ID

Topic

New Reply

I didn’t know that. https://twitter.com/scriptjunkie1/status/1152280517972299777 It all has to do with the “SmartScreen Filter,” designed to keep you
[See the full post at: Internet Explorer and Edge send the full URL of every page you visit to MS, plus your unique account ID]

7 users thanked author for this post.

rc primak, FakeNinja, Myst, WildBill, abbodi86, Sessh, GreatAndPowerfulTech

Reply | Quote

Replies

Very good to know. It’s actually quite big news. I’ve loaded Chrome, or Firefox and a rare “other”, on every computer we service or sell, while removing IE11 due to MS’s letting it rot, with a printout of February 2019 MS advice to stop using IE. New Edge has been pretty nice with great performance on two Windows 10 PC’s and one Windows 7 PC it’s being tested on. I had planned on using New Edge as the default browser on customer machines when it finally goes gold. Now, I have more homework to so as greater privacy is the goal, not less. I suspect that other smaller shops that only deal with 1000 or so computers will also be cautious. If the new kid gets the same phone home for all website treatment that the old ones receive, it will not be used.

GreatAndPowerfulTech

Reply | Quote

Relax, guys. It’s just crash data. Nothing to see here.

On a more serious note, is anyone really surprised? It has been public for seven years at least that MS collects your personal information and gives whoever they want access to it. Anything new including fully patched legacy Windows systems. I have no regrets being in Group W for this long. None. Saw this coming years ago and I’m glad this came out now. Fortunately, not many people use IE or Edge, but I don’t think for one second that this is all they’re collecting. Not even close.

1 user thanked author for this post.

FakeNinja

Reply | Quote

Good to know. For now, running Firefox on Win8.1 & updating but avoiding using IE11. If/when I upgrade to Win10 Home 1909 AKA Win10 1903 “Service Pack”, staying with Firefox; avoiding Edge & IE, whether Edge becomes Chromium-based or not.

Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...

Reply | Quote

woody wrote:

I didn’t know that.

Really?

 

woody wrote:

Internet Explorer and Edge send the full URL of every page you visit to MS,

No one else except you said “every“, because it’s not true.

(The example given was “supersecreturl”.)

 

woody wrote:

plus your unique account ID

Unique on a computer or domain, not globally, right?

If this really worries anyone, SmartScreen Filter can be disabled with a few clicks:

How to Disable the SmartScreen Filter In Windows 8 or 10

But SmartScreen blocks 13% to 21% more malicious/phishing sites than Chrome or Firefox:

Is Microsoft Edge Really Safer than Chrome or Firefox?

 

3 users thanked author for this post.

Eyke42, Lugh, doriel

Reply | Quote

Really?

I thought MS had solved this problem the same way Chrome, Firefox and others solve it – by comparing downloaded hashes. I wrote about that years ago.

“every”

There must be a whitelist inside Edge. I should say “every site except those contained on a whitelist of some sort.”

“unique”

See demize95 comment in that thread:

Given that the SID is designed to be unique, it’s more obfuscated than anonymous. Your SID is unique to you and doesn’t change unless you reinstall windows or switch devices, so it’s like if Microsoft was sending your driver’s license number up with your web requests

6 users thanked author for this post.

Elly, anita.yk, rc primak, lanceboil, Sessh, GreatAndPowerfulTech

Reply | Quote

Interesting, but not quite news. I’ve only just upgraded to ver 1809, and refused every one of the opening requests to ‘share’ my data with MS. It confirms what I’ve long suspected about these multiple ‘upgrades’: MS is keen to hoover up our data, playing catch-up with Google and Facebook.

Reply | Quote

I’ve only just upgraded to ver 1809, and refused every one of the opening requests to ‘share’ my data with MS.

Those Sharing Settings are only the beginning. This newest revelation is really about IE 11 and Win 7, but even in Win 10 with Edge, if this is all you have done, you have changed nothing of the offending behaviors cited in the OP by Woody.

-- rc primak

Reply | Quote

I think MS is a truly awful company, but in this particular case, so what if MS collects my SID when I visit URLs? Does anyone think MS doesn’t already have my SID? What are they going to do with it beyond what’s already being done with my personal data by every other corporation in America? Sell it? Spy on my URL history? Turn it over to the government? Does anyone believe the government (and not only the US government) doesn’t already have the SIDs and URL histories of almost everyone on the planet who uses the internet?

Most of us here exist within a techno-bubble. We know how to, we take the time to, and we make the effort to mitigate (although we can’t wholly prevent) the data gathering. Outside that bubble, though, the vast majority of people freely exchange all their privacy for the ability to upload selfies.

We here are like high-tech dinosaurs fondly remembering and bemoaning a world that no longer exists. Privacy as a thing was charming for a while, but it existed only within and was a reaction to a lost world. Other than cherished as a concept by nostalgia buffs who are the equivalent of Civil War Reenactors or Baker Street Irregulars, that world is gone and so is privacy. Time to let it go.

GaryK

2 users thanked author for this post.

Lugh, rc primak

Reply | Quote

What about the 98% of the country who were against overturning Net Neutrality and Internet Privacy protections? It was done anyway, but against the will of the majority of people living here. Do you think those people freely exchanging their privacy to use social media would choose to share all of that data if they could say no and still use the services? Uploading selfies is privacy given up intentionally and voluntarily.

There is still a fight going on over all this stuff and the spike in VPN usage (almost 200% increase) in response to the Net Neutrality situation shows that people DO care about their privacy. The spike continues and it’s happening worldwide. It’s not just dinosaurs, it’s a growing majority of people. Some countries have even made them illegal to prevent citizens from having privacy online and hiding their activities from government surveillance.

As long as your VPN keeps no logs of personal information (several don’t, a few have been audited to prove they don’t), so the opposite of “letting it go” is occurring fortunately. People are fighting it and they should fight it if they care at all about this stuff. Not fighting it means that people don’t care what their government is doing and never deserved internet freedom/privacy/net neutrality in the first place.

4 users thanked author for this post.

Elly, anita.yk, hyppolyte, lanceboil

Reply | Quote

Sessh wrote:

What about the 98% of the country who were against overturning Net Neutrality and Internet Privacy protections? It was done anyway, but against the will of the majority of people living here. Do you think those people freely exchanging their privacy to use social media would choose to share all of that data if they could say no and still use the services? Uploading selfies is privacy given up intentionally and voluntarily.

There is still a fight going on over all this stuff and the spike in VPN usage (almost 200% increase) in response to the Net Neutrality situation shows that people DO care about their privacy. The spike continues and it’s happening worldwide. It’s not just dinosaurs, it’s a growing majority of people. Some countries have even made them illegal to prevent citizens from having privacy online and hiding their activities from government surveillance.

As long as your VPN keeps no logs of personal information (several don’t, a few have been audited to prove they don’t), so the opposite of “letting it go” is occurring fortunately. People are fighting it and they should fight it if they care at all about this stuff. Not fighting it means that people don’t care what their government is doing and never deserved internet freedom/privacy/net neutrality in the first place.

Net neutrality is a different issue; though there are privacy implications, net neutrality is mainly about bandwidth, not privacy. As far as a “200% increase” in VPN usage, that’s again in the techno-bubble: If you have 3 people on Wednesday and 9 people on Thursday, that’s a 200% increase. Most civilians haven’t a clue about what “VPN” stands for, much less its implications, and when you explain you’ll get a blank stare or a shrug. Those of us in the techno-bubble know and care about this, but if you question the average person about “net neutrality” he or she will assume you’re talking about tuna and dolphins.

I share your frustration–just because I’m describing a tsunami doesn’t mean I’m rooting for the tsunami–but for privacy it’s simply a done deal.

Moderator Note: VPNs , Net Neutrality and political implicatons are off-topic. Please stay on topic here.

GaryK

1 user thanked author for this post.

Lugh

Reply | Quote

[Sessh]

I mentioned Net Neutrality and Internet Privacy protections separately for that reason, but they are both under the same umbrella. Your comment about VPN’s isn’t entirely accurate. While there are plenty of people who fit that mold, I know 6 or 7 people who aren’t in the least bit tech savvy, yet pay for a VPN on their mobile devices. VPN awareness is creeping into the non-techy world and they are effortlessly easy to use especially on mobile, so it’s not like you have to be tech savvy at all to use one. Of course, I also know people who don’t know and don’t care what a VPN is, but many of them wouldn’t need one anyway. Just because people like that exist does not free those who are aware of what’s going on from the responsibility to fight against it on the behalf of everyone else.

More people care about this and are becoming aware of it than you think. VPN usage is going up even more sharply in countries where censorship and surveillance are more prevalent, but are significantly increasing worldwide. People do use them for other reasons, but all involve getting around government censorship and restrictions of the flow of information while being able to do so virtually anonymously. I don’t agree that it’s a done deal at all. That is far too much of a defeatist a view for me especially since there is good reason to believe otherwise.

I think that it was estimated that 90 million people in China use VPNs and many of them are ordinary people. You have to use one just to get over the great firewall. Regular folks in Indonesia have to use VPN’s just to access social media. This isn’t restricted to just tech people because the forces pushing people to use VPNs extend far beyond the techie world.

Moderator Note: VPNs , Net Neutrality and political implicatons are off-topic. Please stay on topic here.

Rebuttal Note: You’re right, my bad. Got carried away with the discussion there.

• This reply was modified 4 years, 4 months ago by Sessh.

Reply | Quote

“Net neutrality” had almost nothing to do with privacy and everything to do with using bandwidth for commercial purposes that you didn’t bother paying for.

2 users thanked author for this post.

Lugh, gkarasik

Reply | Quote

[rc primak]

Just one last rebuttal — privacy was in fact the reason people jumped on the VPN bandwagon when Net Neutrality was threatened and abandoned.  That was the main thrust of all those tech publication articles about setting up a VPN at the time. ISP and DNS servers “phone home” behaviors and other privacy concerns were discussed. That was also why many people, myself included, switched DNS providers at that time.

I’m sure there’s another forum thread or topic area where we can discuss these issues at more length.

-- rc primak

• This reply was modified 4 years, 4 months ago by rc primak.

1 user thanked author for this post.

Elly

Reply | Quote

I noticed several days ago that IE, on My Win 7 pro computer, appears to log any activity on the computer whether you use IE or not.   I just checked it and deleted any history.  It had logged today’s activity on the computer even though I did not even open IE till I checked it.  I would like to know a safe method of removing IE from the computer without causing an issue with the rest of the operating system.  I only have IE on the computer because some websites I have to use will only accept IE or Chrome and not the Firefox that I use as the browser.  If I can remove IE, to hopefully eliminate the logging and snooping.   Then I’ll have to put on Chrome.    Would it be possible for an explanation of how to safely remove IE and what does it do to the rest of the operating system?  Thanks very much.

Reply | Quote

To my knowledge, it is not possible to remove IE11 from Win7 and still have a working system. It can be disabled, but this is working against your goals because then IE11 will not update to repair newly “discovered” vulnerabilities. I wanted to answer that part to the best of my ability. Because what I really want to ask is…

Your solution to stop snooping by Microsoft is to install…
CHROME ?

Where you choose to place your trust is a personal decision. So I am not trying to insult you. I want to describe my own reaction to your proposed solution. I found it humorous. And I did wonder if you were posting a joke without the laugh track to let others know that laughing was appropriate.

3 users thanked author for this post.

anita.yk, rc primak, b

Reply | Quote

It’s possible to disable IE11, but that does leave a security gap, in that you downgrade to the previous IE version.

See @martinbrinkmann’s article on ghacks.net for further details:

This removes Internet Explorer 11 from the Windows 7 system and replaces it with the version of the browser that was installed before it. On my system, Windows 7 Pro 64-bit, that was Internet Explorer 8. You can then keep using that browser, or update to Internet Explorer 9 or 10 instead.

1 user thanked author for this post.

rc primak

Reply | Quote

And all those previous versions are unsupported. So, while operational, it is as you say a large ravine in the security profile. I was lazy in using the abbreviation IE11 to stand for Internet Explorer in all its versions, because it is the only currently supported version. For a few more months.

Yes, extended licenses; yes, pay more money for longer support periods; etc. But for the average single user who is considering the pros and cons of IE against Chrome (browser), this will all become meaningless next winter.

Extending comment beyond current scope. This is (one of) the flaw in comparing Win7 group W to the prior experience of using XP after EoL. The browser engine that is integral to the OS is not continued in future editions of the OS. It is being abandoned. Ironically replaced in due time by a stripped version of Chrome. (discussion of how stripped Chromium truly is would be far, far off topic here)

For personal use of data that belongs only to you this is no problem. Win7 and IE11 should still “work” in February and March 2020, and beyond. But if anyone else relies on the integrity of your system for the security of their data, please be clear that you will be UN-supported. This creates a liability you may want to consider, even when thinking of your own private data.

2 users thanked author for this post.

anita.yk, rc primak

Reply | Quote

My intent on installing Chrome is to be able to use the websites that I need to as I described in the original post.  I would prefer not to install Chrome but do not know if it tracks your activity the way that IE does when you do not use it.   Anyone know who Chrome tracks you if it is not being used.  I would only use it on the websites that require it’s usage which would be about 2 times a year.  I still believe that you could remove IE from Win 7 because there was in the past the requirement for Microsoft to allow other browsers on the system.  If I am able to remove IE, it won’t matter if it is updated to repair any newly discovered vulnerabilities since it will not be on my system.   At this point, I am looking for advice on how to do this.

Reply | Quote

You can remove access to IE from the GUI (see @Kirsty ‘s post above), but it cannot be removed completely from the system as it is used by other system processes. And if you so disable it, it does not get updates and thus leaves your system vulnerable.
Keep looking for advice – they will just tell you the same thing.

3 users thanked author for this post.

anita.yk, walker, rc primak

Reply | Quote

Allowing competing browsers onto an operating system that is using IE internally, is a different matter than removing IE from the the system that requires it to operate. I know this is difficult to understand from headlines of years ago. Microsoft does not make it easier to understand, because they have no advantage in showing everyone how Windows works on the inside.

I now see your request is in earnest, and am glad that you appear unharmed by my previous post. Nevertheless, I offer my apology for misreading you. More thoughts on this were posted in response to Kristy, above. Too many Anonymous comments are confusing, so I will bow out. (Also reCAPTCHA gets increasingly picky with frequent posting. Might be observer bias)

Reply | Quote

[rc primak]

I would prefer not to install Chrome but do not know if it tracks your activity the way that IE does when you do not use it. Anyone know who Chrome tracks you if it is not being used.

It does continue to run in the background. Just as bad as if not worse than IE or Edge. Google sells everything you do with its browser, usually before you can close the browser window or tab. And CCleaner often reports that Chrome is still running when no open, visible Chrome window is showing. This prevents cleaning the tracks Chrome leaves behind, until the browser is force-closed, which CCleaner thankfully can and will do. Also, Chrome by default to my knowledge, once completely closed in the background, does not by default automatically restart in the background, as Edge and possibly IE 11 do.

Also note — when you sign out of your Google Account (GMail, e.g.) you are not really signed out, at least if you used their Chrome Browser to get in. You also have to “remove this account” in the browser, which is a whole other two-step process. I’ve been burned by that “gotcha” several times, before I figured out what they were doing to me (and everyone).

If you use Google Search, similar issues arise. I recommend DuckDuckGo as an alternative, and the Firefox or Waterfox web browser as an MS alternative. Even these may not be totally private, but they are the best I’ve seen reviewed for Windows. Linux on the other hand has more private options… just saying’…

-- rc primak

• This reply was modified 4 years, 4 months ago by rc primak.
• This reply was modified 4 years, 4 months ago by rc primak.

2 users thanked author for this post.

anita.yk, hyppolyte

Reply | Quote

rc primak wrote:

It does continue to run in the background

No, Chrome does not run in the background after closing the browser and so doesn’t collect any data.

Reply | Quote

I think what @RC-Primak meant was ‘continue running background apps when Chrome is closed’ 🙂
Which IIRC can be turned off in advanced settings (from memory when I tested the Brave Browser a while back)

Win8.1/R2 Hybrid lives on..

Reply | Quote

Alex5723 wrote:

rc primak wrote:

It does continue to run in the background

No, Chrome does not run in the background after closing the browser and so doesn’t collect any data.

It often does (depending on installed extensions), because “Let Google Chrome run in the background” is enabled by default:

HOW-TO Stop Google Chrome from Running in the Background After Closing it

2 users thanked author for this post.

Alex5723, Bluetrix

Reply | Quote

I am far from a techie, but my observation is that, as another post says, you can not uninstall/delete IE.  Also, it seems that IE and “windows explorer” appear nearly the same to your OS – (I use Win7 home premium and have not installed ANY MS update since about March 2018 and experience ZERO system issues) – I have never used IE.  Any browser I use, Firefox, Pale Moon, Vivaldi, Opera… I take time to go to time to “Internet Properties” on the Win7 OS and delete everything. If I fail to do that for a few days, browsing slows a little & when I do delete, the little “deleting browsing history/data/cookies”  boxes stay active for quite some time. Even if I use is Firefox exclusively, and it’s set to delete it’s browsing history/cookies/etc when I close it each time! IE still acts like it collects & hangs on to it despite my Firefox default set to delete it….  It’s not a big deal to me about MS collecting my info, it’s just that SO MUCH data is collected and logged/stored on my computer that it is a drag on my ‘resources’ until I delete what I can of it. These folks here helped me clear out Gb’s of worthless .cab & temp files that I thought disk clean-up & other actions were supposed to do!!! temp files from 2009!!! temp?!!! ha…

2 users thanked author for this post.

Chessie, rc primak

Reply | Quote

There are 3rd party applications that clean up all the garbage that accumulates, mostly from browsing and also form installing updates. The one I use is part of my anti-virus software, Webroot SecureAnywhere. Since I started, some six years ago, using first a previous application from the same company, then this one, some 260 GB of disk space have been cleaned. That is more than 1/3 of the total disk space installed. Particularly large are the number of bits cleaned  that are left behind by the regular monthly Windows patching. But one must always be really careful when choosing 3rd party software that gets anywhere close to the disk drive or the Register. Many sad stories are told about people who were not careful enough… I think that this is a topic interesting enough that it might deserve having a whole thread dedicated to it, unless there is one already I do not know about.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

These utilities can’t clean the browser caches or other leftovers until the browser processes and services are paused or shut down. CCleaner at least is honest and warns users about this, offering to close the browser for cleaning purposes. But if it is an auto-restarting process or service, it gets cleaned, then starts right back up in the background. I don’t know about IE 11 under Win 7, but Edge under Win 10 is set up this way. It takes a lot of Brain Salad Surgery to completely thwart this autostarting behavior.

-- rc primak

Reply | Quote

I only have IE on the computer because some websites I have to use will only accept IE or Chrome and not the Firefox that I use as the browser.

I was not aware that any sites still selectively block all Firefox users. Are you sure this is still the case? User Agent Switching and not using certain ad blocking extensions might help.

-- rc primak

Reply | Quote

There’s a few things which still rely on outdated methods… regular Firefox doesn’t do in-browser Java any more, and Flash is a similar problem but also still required for some things. (At least a few weeks ago there still were some national railways in Europe where buying tickets online required Flash, and then there are old appliances that require in-browser Java…)

And then there’s some of the weirder SharePoint integration and all… and then some of the weirder “Enterprise(tm) Integration” things.

IE still does handle those. Sure, it’s possible to replace most of them individually, but that requires a bunch of other add-on software and tends to be tedious.

rc primak wrote:

These utilities can’t clean the browser caches or other leftovers until the browser processes and services are paused or shut down.

Which is a direct result of a design decision made way back… Windows general file handling semantics, that is. Open files are locked in. It became apparent long ago that the Unix way is more useful in modern systems, but changing that part of Windows core logic would be a fairly major thing…

Reply | Quote

I think this is an early example of the progressively more usual approach of moving things to the Cloud that need, or may benefit from fast checking. While MS is now days oriented to doing “everything on the Cloud”, it is far from being unique in this, in the present case with IE: the anti virus I use (and this is, again, not unusual for an AV these days) checks for bugs in hashes of my files it sends to and processes in the Cloud,  and warns me about any malicious thing it finds, offering various alternative ways of dealing with them. This makes the security scans of my PC much faster than if they were made locally, as used to be the case in earlier times. The only reason I can see for being concerned here is how secure does MS keep the browsing information it collects, assuming it keeps the data, which I really hope it does not do. But perhaps MS is not transparent enough about this?

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

Contrary to what might be inferred from the Headline, this is SID (local machine), not MS Account ID (Cloud).

-- rc primak

Reply | Quote

It is my understanding that the issue discussed here is something that happens only while using IE to browse. My own solution: never to use IE for browsing, as there are other browsers available, some perhaps more deserving of user’s trust (I mostly use Waterfox). IE does other things for running of the OS, separate from it’s use as a Web browser, as pointed out already by others here, so uninstalling is not a practical option. Fortunately and as far as I know, those other things are not relevant to this discussion.

It is remarkable that this way of implementing safe browsing with IE in the Cloud is being discussed now, after years of being a known built-in function of successive versions of IE. At the same time, it is somewhat reassuring that while, according to the blog, it has been a known issue for years, at the same time and as far as I know, it has not caused in all these years any obvious problems that would have raised enough suspicions to attract IT security experts’ scrutiny resulting in their issuing serious warnings. Maybe someone here knows otherwise and might care to correct me if I am mistaken?

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

Oscar, the trouble is, at least in Win 10, the MS web browser is an auto-start item. And so are its background services. They also automatically restart after the browser is closed. It takes a lot of Brain Salad Surgery to remediate these behaviors, well beyond the skills of the average home user.

So, in the background, the browser is still alive — at least alive enough to phone home, and to prevent its cookies, trackers, caches, etc. from being cleaned by third party products like Glary Utilities and CCleaner. (At least CCleaner gives a warning when it can’t clean the caches. Then it offers to shut down the browser for real in order to do its cleaning. After which, the browser processes automatically restart all over again.)

-- rc primak

1 user thanked author for this post.

wavy

Reply | Quote

I wonder if this applies to Chromium Edge. I’ve been using it on Windows 7, and have been very pleased with how it behaves despite being a Canary version. It has become my daily driver in fact.

Chromium Edge has its own SmartScreen setting, namely Windows Defender SmartScreen: with this setting, there is no indication, as there is with the IE setting, that information is sent to Microsoft for processing. Since it doesn’t say, I’ll assume that it does, and have now turned it off (and will rely on Malwarebytes and regular Defender, and use Firefox for any doubtful sites.)

Reply | Quote

anonymous wrote:

I wonder if this applies to Chromium Edge. I’ve been using it on Windows 7, and have been very pleased with how it behaves despite being a Canary version. It has become my daily driver in fact.

Chromium Edge has its own SmartScreen setting, namely Windows Defender SmartScreen: with this setting, there is no indication, as there is with the IE setting, that information is sent to Microsoft for processing. Since it doesn’t say, I’ll assume that it does, and have now turned it off (and will rely on Malwarebytes and regular Defender, and use Firefox for any doubtful sites.)

According to the folks at Bleeping Computer, the new Chromium-based Edge sends the full un-hashed URL but no longer sends the SID. The rest of the linked article is interesting as well…

1 user thanked author for this post.

b

Reply | Quote

According to the folks at Bleeping Computer, the new Chromium-based Edge sends the full un-hashed URL but no longer sends the SID. The rest of the linked article is interesting as well…

Let’s hope the New Edge when it finally reaches RTM status retains this limitation. We’ve seen MS do otherwise with other feature changes in the recent past. Just sayin’…

-- rc primak

Reply | Quote

[doriel]

Correct me if I am mistaken, but some URL contain sensitive data. PHP uses URL to pass on variables. I think including login and password sometimes? When logging to your account on PHP website?

PHP parses URL to get variables. If these premises are true, Microsoft can see your login data?

example from PHP tutorial

http://username:password@hostname:9090/path?arg=value#anchor

Which video I watched? I look at URL and I can tell you that you watched video with ID = yvTd6XxgCBE

http://www.youtube.com/watch?v=yvTd6XxgCBE

Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise

HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

PRUSA i3 MK3S+

• This reply was modified 4 years, 4 months ago by doriel. Reason: grammar

Reply | Quote

Internet Explorer and Edge send the full URL of every page you visit to MS, plus your unique account ID

This headline brought me to the Comments. Woody, the use of “Your Unique Account ID” sounds like your Microsoft Account is somehow involved in the information being sent. This raised the question of whether Smart Screen Filtering or Windows Defender Smart Screen Filtering needs you to be logged in with a Microsoft Account in order to protect your system?

The answer of course is, No. This newest “discovery” has nothing to do with Cloud Accounts. SID is not to be equated with “your unique Account ID”, as the latter might imply a Microsoft Account ID.

As for IE running in the background, this is the default behavior for Edge and possibly IE in Windows 10. In Windows 7, it depends on whether recent MS Updates have inject this auto-start into the Windows Services for Windows 7. Towit, whether Win 7 now has an auto-starting Service for IE the way Win 10 has for Edge. If either statement is true, then one has to reconfigure the Service (and possibly the Windows Registry) to reclassify the IE or Edge Service and other Processes as Manual Startup, not Automatic Startup. And some item(s) might have to be removed from the Windows Startups list using either msconfig or the Win 10 settings. There might in Win 10 Pro even be a Group Policy setting or two to change.

Note that these are not new behaviors for Edge in Win 10. Only newly noticed for IE 11 in Win 7, fully patched.

I hope I have helped clarify what may be going on, instead of just muddying the waters by not understanding where’s the beef here.

Whether or not the final upgraded Edge with Chromium Engine web browser will continue these and other obnoxious behaviors, remains to be seen. The transition may not take place until mid-2020 at the earliest, so we all have plenty of time to study and discuss the developments between now and then.

Thanks to everyone who is keeping on top of this topic!

-- rc primak

1 user thanked author for this post.

doriel

Reply | Quote

Windows Defender SmartScreen.

Windows Defender SmartScreen helps protect you when using our services by checking downloaded files and web content for malicious software, potentially unsafe web content, and other threats to you or your device. When checking a file, data about that file is sent to Microsoft, including the file name, a hash of the file’s contents, the download location, and the file’s digital certificates. If Windows Defender SmartScreen identifies the file as unknown or potentially unsafe, you will see a warning prior to opening the file. When checking web content, data about the content and your device is sent to Microsoft, including the full web address of the content. If Windows Defender SmartScreen detects that content is potentially unsafe, you will see a warning in place of the content. Windows Defender SmartScreen can be turned on or off in Settings.

https://privacy.microsoft.com/en-us/privacystatement#mainsecurityandsafetyfeaturesmodule

Reply | Quote

[Mele20]

You are talking about those Windows 10 users who ignorantly get a Microsoft Account when they set up a new computer. I can’t imagine why a knowledgeable user would do that. We use a Local Account and avoid having Edge run at Start or start running again after it is exited.

As for Smart Screen who that is knowledgeable uses it?! It’s spyware.

Besides, as of 1809 (I’m on 1803), Edge can be completely and safely removed from a computer. Why would anyone on 1809 and above keep it especially as it is getting married to Google?

• This reply was modified 4 years, 4 months ago by Mele20.

Reply | Quote

Maybe that Windows “spying” is the reason, why are IE and Edge so frustratingly slow. By the time Microsoft spies us and sends unnecessary kilobytes, other web browsers just finished loading the webpage 🙂 didnt they 🙂

Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise

HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

PRUSA i3 MK3S+

Reply | Quote

Mele20 wrote:

Besides, as of 1809 (I’m on 1803), Edge can be completely and safely removed from a computer. Why would anyone on 1809 and above keep it especially as it is getting married to Google?

Edge will be Chromium-based, not Chrome-based. It will not have direct Google ties.

Chromium <> Chrome

2 users thanked author for this post.

rc primak, b

Reply | Quote

Don’t depend on it…

-- rc primak

Reply | Quote

rc primak wrote:

Don’t depend on it…

Microsoft and Google are competitors, making money off the same kind of data harvesting. Why would Microsoft put a Google foundation under any of its products?

Reply | Quote

[rc primak]

Because Chromium is still owned by Google.

Open-source does not mean GNU/Public License or MIT License when you are working under Windows. Microsoft could do what it has done in the past — use some of the Chromium source, rewrite and extend its features with Microsoft code, then patent the result as a Microsoft invention. That’s how Netscape Navigator lost out to Internet Explorer.

SCO and Novell have done this with UNIX, and Redhat and Suse have done this with Linux. Google itself plans to do something like this with its upcoming Crostini, which is a Linux fork. All have in the beginning paid lipservice to the original patent holders or the true open-source community, then taken what they wanted, recoded it just enough, and patented the results as their own works.

-- rc primak

• This reply was modified 4 years, 4 months ago by rc primak.

1 user thanked author for this post.

Elly

Reply | Quote

Well the UNIX case is really rather more complicated than that… (for a long time it was source-included for licensees, not open source.)

Fun fact, you don’t actually need any shared program code to qualify as UNIX, all you need is the interfaces… and certification fees.

Being able to fork the code and add your own changes is a critical ability with open source. It’s just, there’s a kind of a problem when those changes make the final product depend on a closed and possibly expensive component…

Reply | Quote