The inside scoop on Windows snooping

Topic

New Reply

Microsoft won’t give us any decent documentation about its telemetry/snooping efforts. Ed Bott, on the other hand, has lots of contacts on the Windows
[See the full post at: The inside scoop on Windows snooping]

Reply | Quote

Replies

I read the linked Znet article. It refers very specifically to data collected that helps MS determine if there are any problems associated with products, apps, programs and services that are not working properly on W10. I would say that most individuals would agree that this is acceptable and beneficial. It is not an invasion of privacy.

The data collection that most people are concerned about, specifically on W10, is what Bing and Cortana accesses. Email content should be off limits. Further more, Cortana with Reachit is beyond what most would consider appropriate access. Reachit, which is available from the MS Store does not state that you need to give the company permission to cloud-store a full map of all your hard drives—to say nothing of the fact it apparently geotags your documents.

Data collected that is sold to third parties has still not been clearly articulated. To whom do they sell and what is the data that they sell ? Personalized ads come to mind. Also, MS states that they share collected data with their partners (W01 EULA). What is that data and wo are the partners are they referring to ?

Currently, Apple says that they are fighting to protect the privacy of their users from Government over-reach. No, they are protecting their brand. Apple is not an advocate of user privacy, no more than Microsoft, Facebook or Google is. The media, certain activiist drones and the uniformed public have swallowed this false narrative hook, line and sinker. The data on a phone or cloud, in a criminal investigation, is not private.

As far as W7 goes, I would expect that a lot of the W7 patches have a good deal of hidden data collection in them, but MS has declined to release that information. It is not just big businesses that runs 32bit apps that can only run under W7. Small business, manufacturing, specialized Industries, hospitals, research labs and universities do too. W10 can not accommodate them right now and it is very expensive to convert them over. MS is probably probing W7 systems to determine their propensity. Home users should be less effected. This is merely for the benefit of MS. Znet has chosen to ignore the disturbing aspects of the snooping

Reply | Quote

We all know that, if MS were caught drowning puppies in the river, Ed would claim they were supporting the local spay/neuter programs in Redmond.

But if you look beyond that and read the article, he provides one answer if you are concerned about telemetry. Shut down and disable the UTC service (DiagTrack). I have a powershell script that runs at startup and once per hour thereafter that stops and disables this service just in case MS tries to flip the switch on me.

Reply | Quote

“It refers very specifically to data collected that helps MS determine if there are any problems associated with products, apps, programs and services that are not working properly on W10. I would say that most individuals would agree that this is acceptable and beneficial. It is not an invasion of privacy.”

That depends on whether the individual is asked for, and gives, his/her consent to that information being sent, does it not? That is the basis usually adopted in such circumstances.

Off-hand, I cannot think of a single situation in which I’ve had a problem with some sort of service and not been asked whether I agree to my information being sent to the provider before it was transmitted.

People will generally be a lot more open to the release of such information if it is being transparently collected and they have been asked for their consent, which they will invariably give. It’s the underhand collection of information that people tend to object to. In the case of Windows 10, MS need to be a lot more open about such things.

Reply | Quote

I don’t think that “Telemetry” is acceptable AT ALL, frankly. I don’t care what Microsoft’s motives are. It’s my computer, and I forbid it from sending any data out without my approval.

This is not WRONG, it is not AMORAL.

I go out of my way to turn such communications off, as well as wrap my systems with firewall setups that don’t allow anything I don’t approve out. I’ve observed that that it’s entirely possible to shut a Windows 10 system completely up, to where it doesn’t even push up against the firewall, which would deny it access anyway.

The whole issue here boils down to Microsoft being aggressive about not providing direct ways to achieve such a configuration. Everyone knows the next step is to not make it possible.

As a small business owner I don’t have the luxury of being able to choose the “Enterprise” variant, even though I would be willing to pay for it. I MUST use “Pro” if I want to use Windows.

Microsoft needs to realize that not every user is just playing games with his or her computer, and security and privacy mean a lot to some of us.

-Noel

Reply | Quote

Mr. Bott says that his analysis covers only a specific part of the routine traffic between my computer and Microsoft’s servers.

What concerns most of us is all that other traffic that is not diagnostic info about ways in which Win 10 goofed and does not lead to debugging the operating system software.

We want to know exactly what that other collected info is and what MS is going to do with it.

Reply | Quote

Developing an outgoing connection deny-by-default firewall configuration (and watching what Windows attempts) is quite an eye-opening experience. I’ve done so for Windows 7, 8.1, and 10 in recent months.

Woody, you wrote:

>I’d love to see a companion piece on Windows 7 and 8.1 snooping.

So would I, but I’m not holding my breath. No one at Microsoft wants the public chewing on the following information:

I can tell you from observation that much of what Win 10 does, Win 8.1 was already doing. Not surprisingly, it just took the public a while to catch on – and let’s not forget that Win 8.1 never grew to be terribly popular. There are reasons.

Not surprisingly, many of the remedies to make a Win 10 system more private work on Win 8.1 as well.

By contrast, and also not surprisingly, Windows 7 – assuming one has avoided some of the Windows Updates released in 2015 that OBVIOUSLY add telemetry – never made NEARLY as much effort to send data to Microsoft.

I mention the telemetry updates from 2015 because they serve to blur the lines between “what did/does Windows 7 do” vs. “what does Windows 10 do”. Did vs. does matters, very much.

-Noel

Reply | Quote

Windows 8.1 (KB3035583 “Recommended”

Reply | Quote

Ditto, I like to have control over my system, and having studied computer security over the decades, stopping nasties is not about detecting viruses any more, but more and more about things communicating in AND out of your computer without your knowledge. And when there are legitimate software processes that are allowed to talk freely out of your computer to MS, as we all know, there are vulnerabilities and I’m sure some of those channels can be hijacked to masquerade as normal traffic. As a result, unless I allow something, I block everything.

I recently tried to run the Spybot Anti-beacon tool on my W7, only to find that, when it adds hosts file entries to stop some of the Microsoft DNS lookups, my security software intercepted that request, thinking that’s dangerous behaviour. All well and good (and a good indicator that my security software IS paying attention), but I *WANT* to be able to modify the hosts file to my needs.

Reply | Quote

@Woody: I am conducting Windows telemetry technical tests similar to Ed Bott’s tests, but instead I am testing Windows 7 x64, and I am using Microsoft’s Process Monitor instead of Resource Monitor. The tests are easy enough that I think some non-technical users could participate.

1. Do you want to know my results when they are available?

2. Do you want me to show others how to do the tests?

3. If yes to the above, should we proceed at this old post, or elsewhere?

Reply | Quote

You bet! Sounds interesting. I wonder if we can get Russinovich interested in the result of your ProcMon scans.

Email me exactly what you’d like to appear on AskWoody, and I’ll start a new blog for the test.

Reply | Quote

Can’t speak for Woody, but it would be good if you could report the above in any ‘Telemetry’ forum/subforum that Woody sets up in the near future, then it’s easily available for posterity. I for one look forward to seeing your work.

Win10 22H2 Pro, MBAM Premium, Firefox, OpenOffice, Sumatra PDF.

Reply | Quote

Sent 🙂

Reply | Quote