To play devils advocate here: when it's their own startup project, everybody is totally into analytics and data driven design. Heck, we even usually defer our analytics to a third party (Mixpanel, Google Analytics) that will allow them to form personal profiles aggregated over multiple vendors.
But when Microsoft wants to do the same kind of analytics we all swear by, then the big outrage starts and everybody is all up in arms.
Personally, I'm against tracking and I fought the powers that be in order to not get analytics into our products, but that's a battle I lost. So now I really feel like I'm in no position to complain about MS doing analytics when even my own stuff does it.
Well it's easy enough to block Mixpanel, GA, etc. But details seem to be unclear on exactly how you block everything Windows does. During the technical preview, I noted that even the group policy settings to disable things like web search simply did not work - all my searches were still sent off.
MS has had Customer Improvement Programs for quite a while, but most of them were opt-in. The shift to not offering opt-out and making things deliberately vague and confusing is what people are upset about.
Also, just because many startups do bad things doesn't excuse Microsoft. Especially due to Microsoft's size and influence, "if you don't like it, don't use it" doesn't always apply like it might to startups.
I view the increasing stance that people should be free with their privacy to be "bad". Third party analytics increase the perception that it's normal, common, OK, to-be-expected, etc. that your activity with one party should be liberally shared with others. Adding GA is probably a fairly minor offense, but I wouldn't call it a good or neutral thing, so it must be slightly bad eh? (I use GA; I don't like to, but it makes economic sense).
Startups do much worse though. See, for instance, apps that try to get every permission. Even if they don't use them, the fact that they ask for such permissions again instills that this is acceptable behaviour in society.
What you said, "know how people use their services" can be OK. A site doing its own analytics on data that users wouldn't reasonably expect to be private is fine (the user is already using the site, and it's fair to believe the site knows what they;re doing). Anything more invasive (in-app: web or otherwise) should get clear consent first. It's hard to give consent for e.g. GA - is that even a thing?
Windows "phoning home" for analytics introduces a new level of data collection. And most of the harm here is because MS has done so in a vague way, apparently with a broken opt-out (going off my Win10 usage and what others have said they've seen with the final release).
I think the Microsoft situation is different (due to the scale, expectations of their customers of several decades, and global dependence upon their operating system) and totally indefensible, but I agree with you. The web crowd should put their money where their mouths are and stop using external tracking services before they cast stones over this. Analytics are one thing, volunteering to be another node in Google's dragnet is another.
Most Windows users are non-technical users who don't read or understand EULAS and they aren't even aware that their personal life is recorded at every action they take. I'm all down for analytics where the user is fully aware of what data is transmited, when and how. Sadly that will never happen because every company is only concerned with their legal obligations and not moral ones.
The big difference for me is that the Google etc. is restricted to what I show my browser. Microsoft should drop the P in PC, because it's now nothing of the kind.
It's getting more and more tiresome having to read every single KB article for every single Win update to ensure Microsoft are not trying to pull this.
I avoided these updates already but I spent 30 minutes doing the research. I may soon have to "opt-out" of Windows altogether as it is beginning to take more of my time dodging the privacy bullets than I want to spend.
Really the last two things I use it for are games and my irrational attachment to a 2 GB Outlook file containing stuff I will probably never look at again.
there is a linux package called readpst that, as its names suggests, read's the contents of the PST and can output into mailbox or maildir formats. Thunderbird seems to be happy with its default output
So long as there are clear and working implementations of opt-out, you're right. Recently people were saying that even with the Windows 10 options turned off, Windows was still making connections and even sending data when search was initiated.
Opting out of most of the data collection in Windows 10 at least is incredibly difficult. The options given to you during install and in the OS settings cover only a fraction of that total collection.
Perhaps even impossible without setting up some vigorous third party software firewall rules and keeping on top of them to make sure new domains that harvest this data are not added.
Fortunately, the article lists the exact KB numbers for the updates in question, so if you don't want this "feature" to be backported to your OS, you can go ahead and disable those updates. At least for the time being, you can opt out of specific updates on Windows 7.
My Linux migration is almost complete... I only have a couple of apps that I need Windows for anymore, and I'm planning to build a new PC early next year that will be powerful enough to run them in a VM without discomfort. Five years ago, I told myself that Windows 7 would be the last proprietary OS that I'd ever use on bare metal. It looks like I'll be able to keep that vow :)
It's surprisingly easy to switch, even if you dive right into the deep end like I did. Although I've been using Linux for years on all of my other computers.
If you need IIS, I doubt that you can get away without virtualisation.
The easiest path is to use something like VMWare Workstation and run Windows as a VM. You can pin Visual Studio to the sidebar, and click to run it like it was made-for-Linux app (i.e. Unity mode).
If you just need IIS (and can use MonoDevelop / Xamarin Studio) as an IDE (or just VS Code for newer stuff), then you can host IIS in a Windows Server Core in a virtual machine (less hardware requirements compared to the first option).
Anyone know good tools for monitoring inbound and outbound connections on Linux? I'm starting to treat programs running on my machine in more an adverse manner and would like to make sure these sort of problems are not happening on Linux as well.
I have been wondering about a separate firewall box. I asked [0] on the OPNSense forums if it could do what I want, but haven't had a response. Nor have I felt up to experimenting on a vm (due to sickness).
Just choose "No, I don't want to participate in the customer experience improvement program".
But that would spoil the fun of these "spying" stories on Forbes and the like.
Funny how Forbes hides the site navigation behind a hamburger menu even for desktop browsers. And scrolling down loads new content and auto-switches you to a different URL. It's so clunky and awful, one can only guess at the design decisions behind such a cluster-fk. Suddenly the content at the top is not there and you're on a new page, just from scrolling down a bit. I guess this is another example of mobile first gone wrong.
Anecdotally, i recently experienced this issue http://superuser.com/a/891516 despite being already opted out of the customer experience improvement program.
This thread is about Win 7 and 8. The first two articles you link to are about Windows 10.
The stack exchange link you mention looks isolated to that user's CPU issue. So isolated, he answers his own question. Comments under the answer from someone else suggests that opting out of CEI solved the issue for that user.
So, as already mentioned, opting out of CEI is all it takes to not worry about MS spying on Win7/8 users. Windows 10 might have issues, but that's another matter.
Non-techie people? You mean people who don't know what to do when presented with the following choice...
"Personalize your speech, typing, and inking input by sending contacts and calendar details, along with other associated input data to Microsoft"... ON / OFF
Are you suggesting that successfully comprehending the above requires technical knowledge?
I'm not defending MS for whatever Windows 10 privacy issues they're over-stepping, but what they're doing is nothing more than playing catch-up with the other tech giants.
MS should explain each option with a "learn more" link that goes into details. Beyond that, anyone who has a non-rooted Android or iPhone is sending a lot more data back to Apple and "trusted partners" than is made known or transparent.
As a Windows 10 insider and switched to Cinnamon Linux Mint - so much happier. I do miss gaming sometimes but I end up having more time to work or read now too. So it's a net benefit.
I did the same a week ago - First tried Mint Rafaela with Cinnamon and this week I got free time to tryout Arch. Turns out their wiki is amazing and with a little google-fu I managed to install GNOME and any other application I might need.
I honestly don't miss anything from Windows. I used to game a lot but that changed and the few games I still play can either be accessed with Play on Linux or have their own port.
And what's even funnier is that most of apps nowadays have a web version (Skype, Spotify) so I really avoid meddling with emulating Windows for a good while.
My main concern is things like my X-55 Rhino stick and throttle not having Linux drivers.
While most games will work in some way on Linux, either through Steam or through WINE, there are still enough caveats that prevent me from making the jump fully.
They're pushed as updates to the existing customer experience program. To see if you've already opted in, enter "customer experience" into the start menu search bar, it'll pull up the dialog.
Just like under Windows 10, if you are not opted in to the customer experience program, none of the data is collected or sent.
I do not know if the default was to opt in or out. I opted in when I went to Windows 8, with the hopes of being another data point showing someone completely avoiding everything Metro.
The default is opt-out. I just opened "Customer Experience" for the first time ever on a Windows machine, and it was set to "Yes, send information to Microsoft". You can turn it off, but whether that actually stops communications someone else will have to check.
I doubt this is the case, but it's an excellent response if users were actually postponing updates due to privacy concerns. Burn the existing houses. Most users aren't going to ditch Windows, but could easily stay on 7.
For years, I've run Windows on licenses other people paid for. I do the work that needs to be done, and then I shut those Windows machines off. Professionally, and that means CAD, PLM and related tech, Windows is where it's at for the very vast majority of users.
Personally, I run Linux from time to time, and Mac OS for most casual Internet use. My embedded projects are on Linux or Mac OS now, and I've moved to an open software stack for all of that activity. Haven't purchased personal software, other than a phone app or two, in a very long time.
What bothers me is I don't care. I know I should, but I struggle with a few things here:
1. Everybody is gathering data.
They are doing it because they know they will have gathered the things needed to answer hard questions in the future they won't even know they will be asking. Not to mention the ones they know they will be asking.
Seems to me there is a lot of value potential inherent in all of that activity. We are likely to benefit overall. Question is whether the benefit will be outweighed by abuses. I don't know.
(And I'm still not sure I care)
2. I'm on a startup type project now, and I'm first in line to suggest we gather data. I want to gather that data because I know serious value can be understood and delivered by doing that and value added is the best way to make a nice profit. There isn't any reason to abuse anybody, but security is a liability and trust issue to deal with. Hope it all balances out. I'll be doing my part in all of that, and the intent is good.
(and I do care very much about how that all plays out)
3. With all this going on, how meaningful is it to me? Does anyone even care about me, beyond the obvious revenue potential I may have?
I should care more about this, but I just don't anymore.
In the end, for the few things I may do that I may see somebody potentially caring about, why not just do those on an older machine, well trusted, running open stuff?
And I care about that. Those are getting harder to find. Maybe I'll stock up and keep a cache for that purpose.
Overall, "we" and I mean ordinary people, seem to be losing. General purpose computing may well continue to exist. Still seems like it might go away for an awful lot of people, but maybe not. This is a worry.
But maybe it isn't such a worry. Maybe, just maybe, the compromise is more data logging.
Maybe the end game is we really can't take general purpose computing away. So we don't, but the compromise is that we log the shit out of people in the hopes that we can catch the baddies and or keep them from doing too many things we don't want them to be doing.
(and "we" there is in the most general sense as people for lack of desire to define that more precisely)
If so, fine! I get to keep general purpose computers and if I really want to, I can probably keep some future activity off the grid well enough to not worry beyond that.
If not?
Well, maybe then I'll care a lot more. I'm just time and energy conflicted right now. None of this makes me happy, and I wonder for my kids, who are growing up with so many intrusive norms I can't even hardly relate.
But I have stuff I want to do and I feel very tired of fighting over it.
Go to window firewall and make sure incoming and outgoing connections default to blocked for anything without a rule.
Windows by default lets all outgoing traffic through.
Then create rules explicitly allowing the programs that need to access the internet. Private is like your ISP, Public is like wifi or a vpn (they both fall under the same category).
There aren't that many programs that need the internet, not much should break. Your web browsers, maybe steam, maybe a torrent client, maybe a VPN etc.
You can change your torrent client to only go through your VPN by making it only go through Public networks. Then if you aren't connected to your VPN, your torrent traffic doesn't make it out.
I'm not sure if telemetry skirts these rules, but it is a very good start.
Its already known that Windows 10 (and now presumably earlier ones because of the Telemetry update), ignore the firewall (or, alternatively, have hidden rules on it) when talking to specific Microsoft servers.
But when Microsoft wants to do the same kind of analytics we all swear by, then the big outrage starts and everybody is all up in arms.
Personally, I'm against tracking and I fought the powers that be in order to not get analytics into our products, but that's a battle I lost. So now I really feel like I'm in no position to complain about MS doing analytics when even my own stuff does it.