I generally use that on my browser for when I hand my laptop to someone else and don't want their activity polluting my history, but now there's the risk of the entire OS learning someone else's habits when they just need to use the computer and don't want to log in. Sometimes, guest accounts are too restrictive.
I do like having the option of a personalized experience, and Microsoft is generally one of the most restrictive companies when it comes to sharing data. With their push toward more personal cloud services, I hope they will take special care to maintain that record, although everyone knows that certain groups like government have ways of getting whatever they want if it's available.
Hopefully, some of the fine-grained permissions of Windows Phone will soon carry over to the unified platform for those who want it, but either way, I would still do any especially sensitive work on Debian or a similar system.
Who wanted that for desktop computers or laptops? This is not going to fly with business customers. Microsoft has already bombed twice in the business space, with Windows Vista and Windows 8. This looks like another bomb.
Windows 7 is still pretty good, and it will probably be the main Microsoft desktop OS for years to come, despite what Microsoft wants.
I did. Linux and OSX are still available for whoever wants them. You can stick with Windows 7 if you want, that's just fine. I like Cortana. I like my software knowing what I like and what I'm interested in. It makes my life easier, which is what computers were invented for.
I can see why some people might not, and to be fair I use Linux on my work laptop because the work I do demands it. I would never put my client data on a Windows machine.
But like I can see your side of the argument, you have to be able to see that some other people want personalization and learning and all that. Pandora and Apple Music are both heavily tailored that way. Google Now on your phone knows everything you do. Netflix can find videos for you to watch based on what you've watched before. Amazon will recommend purchases to you based on what you like. Hell, half the people on this site build these systems. You know how many machine learning articles there are on the front page every week?
So who wanted that? I did. And so did several million other people. For the people who don't want it, I mean it's not even really opt-out. They ask you up front do you want the default or do you want to pick your own privacy settings. If you still don't trust it, Windows 7, OSX, and Linux are right there, just a click away.
We were spun a load of marketing disguised as listening and attention. This turned out to be exactly what Microsoft wanted which was another aggressive move against customers both business and consumer. Despite all this the noise and confusion and dubious love for the products is shining out of the arses of every non technical news source.
What did we expect?
I've left the party now. Closed my MS accounts, cancelled MSDN and AP subs, rolled out CentOS 7 on my laptop and have moved the remaining windows dependencies I have to a VM. If you don't like it, now is the time to make it known.
This is after using MS products since about 1993. No more loyalty or milking.
The software industry is moving away from the model of servitude to a vendor. Good riddance.
...nor with some private customers. Microsoft seems to be overlooking that not all nations are so happy about "the cloud" as the average American seems to be. Germany for one, where I currently live, is much more sceptical of sharing personal data -- potentially motivated by some of its 20th century history.
But all that aside, a lot of people only used their computer occasionally, say to write a letter (again, Germany, a lot of bureaucracy still requires paper letters over here). Transparently syncing documents with an external server that you have absolutely no control over is really nothing such a user wants.
Everyone who is switching over to cloud connected OSs on their tablets and smartphones.
Why should I have to reinstall and resetup every new computer? My contacts have been following me around on my phone for 8 years now, why the heck shouldn't they be just as accessible from my PC?
My favorites, they should always be there. Chrome does a great job of this, it is nice that Microsoft has decided to catch up.
Windows 8 had some of this, having wallpapers, theme colors, and OneDrive follow me around already made my computers all seem closer together, now just a little bit more is happening.
There is so much common sense in this. If I schedule an appointment while I am at home for me to leave work early to go pick up my cat from the vet, it should show on my work PC because that damn well makes sense.
All this does is bring Windows fully into the 21st century.
> Windows 7 is still pretty good, and it will probably be the main Microsoft desktop OS for years to come, despite what Microsoft wants.
About 6 hours ago I was apprehensive about Windows 10. Now I'm using it and it is lightening fast and responsive.
Over the years, if they really make Cortana useful and seamles pdates and systems maintenance the default due to the new "cloud" nature of Windows, they might see a similar adoption or switching pattern as SaaS solutions have seen in business.
At this point most traditional or slow businesses still using licensed software with local IT admins are being outcompeted by more agile competition using SaaS solutions.
Then again, what alternative do corporates have? They could stick to an older version of Windows, and become less competitive (assuming Microsoft pulls it off), or switch to Linux, which is doubtfl for most office workers (though our entire devshop uses now Linux ultrabooks).
If businesses fall too far behind adopting modern software/features their employees are familiar with using on personal devices they will have to accept reduced productivity.
Why do people seem to gloss over the fact that we can implement these technologies without losing privacy? e.g. voice recognition has been possible on home computers for decades now. You don't need the cloud for it.
The experience is not quite the same. We have voice recognition since at least late 90's but you have to spend long hours training (> 20 hrs) in order to have a decent result (not even comparable). The fact that is cloud based now enable the software to fit better to different accents and pronounciations.
Another thing is that personalization is not really possible in today devices if you want more than 3hrs battery.
2. ???
3. Profit.
I'm a bit conflicted now. My girls are 7 & 9 and they've been using Microsoft Accounts. With the final Win10 build having all this (none of these settings worked a few months ago), it looks like I've got a lot of reading and explaining to do for them.
My own children are still using computers with Windows 7. They play Spore (Windows only), Sims 3 (Windows only) Minecraft (Java, so playable anywhere), Osu! (no idea, really), and a couple of other games. I have no intention of upgrading Windows on their computers past 7. Take a look at your options, you might be surprised how easily Windows is replaced with anything else.
Some kind of "off the record" mode would be invaluable for voice interfaces. Hell, it would be nice if there was a check box under the Google search box as well, but I imagine Google would never make it too easy to avoid their data mining. I feel like we never had the proper privacy conversation we needed to have with companies like MS, Google, Facebook, etc. I think some level of easy to use yet strict segregation between what I consider my public life and my private life should be cooked-in, and enabled by default, into all this software.
Well, maybe Child Protective Services should be involved? They intervene when children walk home alone from the park, perhaps they'll start to intervene when children are raised to use Microsoft products? http://www.usatoday.com/story/news/nation/2015/04/13/parents...
Just kidding, of course. But my daughters are now 14 and 17 and I don't think they know how to use Microsoft products. We've been on OS X for about 10 years.
So maybe CPS should investigate me? Am I doing my kids a dis-service by not exposing them to the dominant OS?
They already do pollute the OS history with their behaviours. Examples would be the DNS cache, the thumbnail database and the temp directory. Most people just don't know about these or look at them. But they can be very revealing. The problem I have is that the OS is so ready to upload things. I don't want my OS to upload anything at all, unless I command it to do so.
I don't know much about Windows 10, so I'm curious what features you are referring to that require heavy tracking like this.
Games are a good example. Nobody would expect a baseball player to object to tracking statistics. That's a big part of what makes the game. Online gaming is the same way. Tracking achievements adds to the fun for a lot of people.
But there are also larger social issues where tracking can be beneficial. We live in a world with a lot of diversity and an increasing amount of information. People get overwhelmed and tend to revert to tribal thinking, attacking anything that doesn't fit their group's perspective. I don't know if people on their own could ever get over this type of behavior in a world that's impossible to keep up with without taking mental shortcuts and relying on summaries of what's happening.
Personalized deep learning is an attempt to create a relatively neutral arbiter of all this information, distill it into something useful based not only on the user's behavior but also the aggregate of everyone's behavior. The algorithms don't just learn from what you like but have the potential to uncover interests and information that you might never be able to access outside your bubble.
Cortana brings that kind of aggregate information gathering to your desktop. It's an early example, and it needs lots and lots of data to learn, and the more diverse the data set it can analyze, the closer it can be to doing its job of feeding relevant information.
Windows 10 is also meant to be an Internet of Things OS. Lots of companies are working on connected devices that depend on syncing with your account. A common example for today is telling Cortana to remind you to pick up milk when you're at the store. The reminder goes to your account, and when your phone detects you're at the store, it reminds you to pick up milk.
Of course, there are people who are going to try to use this to sell you things, but that's always been the case. The hope of people working on these things is that it can bring you actually relevant suggestions instead of just the products with the largest advertising budgets. Old advertising models were very centralized and only the largest ones could really win. Personalized advertising might be able to bring the smaller but more relevant products to your attention.
Personally, I don't like advertising, and I'm not especially excited about this part of it, but that's definitely the monetary angle for it. The part that does excite me is the possibility that we can start to break down some of the communication barriers between people, get people outside of their bubbles, and bring relevant information to people based on large trends instead of isolated social groups.
There's plenty to be skeptical about here. Money tends to push things in directions that only benefit the ones with money. Microsoft and all the other IoT companies have a lot to prove before their products can be considered actually relevant for people. There's a good chance most of them will be no better than the old way of doing things. But there's a lot of potential there too.
Privacy should always be an option, but having a public online life can be good for people too.
If leveraging a lot of data allows for better speech recognition, why can't your computer access a remote speech recognition data set that stores and shares the results of its machine learning algorithms rather than uploading actual audio data? Instead of sending actual audio, send and receive very non-personalized non-specific derived model data to/from a repository somewhere (or even peer to peer).
As for incognito, can you sign into windows as guest now? Or even have multiple accounts on the same pc? If so you could create a guest/dummy account if you are interested in giving the personal assistant pure data.
What do you mean by that? Not only you can't set any access rights for applications (they get what they ask for and you can either accept all or not install the application), but the OS also synchronizes your main account's contacts and calendar to THE CLOUD without asking you, telling you, and even without a way to opt out of it.
Great point...
Where's that utopian future where we bounce between a dozen purpose-built VMs, each customized to the task we're doing?
Sounds like switching to a guest account. Not as quick as a simple "toggle data recording" button, but that functionality is definitely already in Windows.
It would be fine if they were defaults if you actually saw them.
I mean, I agree with the article that the layout is definitely pushing people who don't care to just pressing "agree", but if you care about privacy, it's not like it's hidden from you.
Citation needed?
Really? You expected what is basically a built-in keylogger?
They should have called it "Clippy's Revenge"
The keylogger and Start menu ads are just creepy though. I shouldn't have to opt-out of targeted ads INSIDE MY OS.
(I guess for some ads, the very fact that it thought your eyeballs were fit for them already discloses more about you than you'd like... and I'd guess that at least some ads placed by Google would be able to figure out whom they were shown to. But other than that, isn't data collected by Google kept secret from everybody else? It'd make sense from a business standpoint apart from any other considerations; better keep the competitive advantage, and better keep exactly what you know a secret from users as well as competitors.)
At least for me I tend to trust MS (at least the new MS) more than I do apple or even google.
According to these screen shots, this guy got skincare product ads in his start menu.
I can't verify because I noped out of anything that smelled like ads right from the get-go. Also, classic shell.
!!!EDIT: I know it looks shopped, which is why I said I couldn't verify it. Windows Store app ads are quite real though.
Well, today is Thursday. That other stuff was from Tuesday. Tomorrow it will be something else about somebody else.
For instance, in Android, Google tracks with GPS accuracy your whereabouts constantly. This isn't just what IP your desktop is attached to. Furthermore, there is no prompt telling you this happens with a very easy way of undoing. In fact even if you knew about this it is very hard to find a way to disable.
Secondly, Chrome send every website you visit to their servers to be logged. Again, this is not explained in some easy opt-out screen and in fact the only way to get around this is to use SRWare Iron, where they removed that code.
But Microsoft makes it easy for you to choose the privacy options even telling you about them on install.
For me it's because I control my interaction with Google. I don't use their search for things I don't want them recording, I don't use gmail for conversations I expect to be private. Once your talking about the private files I store on my hard drive and access with the OS, the keystrokes I enter on my keyboard for every application, then the reach is far greater. Having a company like Google say "You can use these services, but we're going to spy on you" is not the same as MS saying "we will be watching and have access to everything on your computer, oh and you can't disable all of this spying without an enterprise license."
http://www.insanitybit.com/2012/06/23/srware-iron-browser-a-...
For another thing, Chrome doesn't log every website you visit. The closest thing they do is suggest autocompletions for searches/URLs you type in the URL, which is a straightforwardly-explained checkbox in Chrome's privacy settings.
But it does. If you get a new android phone and log in with a google account then it updates your browser history on chrome. Which could only be done if your non-incognito history is stored in google's servers.
I find it shocking how hypocritical Microsoft was towards Google all these years only to find out their even worse than Google because they baked these privacy "violations" into their browser.
>Secondly, Chrome send every website you visit to their servers to be logged
Utter bullshit. I don't login to Chrome when I use it and none of my URL's are sent to Google.
Citation?
A while back I put together a Linode server for a small project. Because I was lazy I made a private page of web links for the site logs and made the URL something long and obscure with plenty of backslashes that couldn't be spidered or guessed. The main site had no Google analytics and barely any traffic.
When I checked the logs a couple of days later my private log page had been accessed externally. The visitor's IP address was in one of the ranges that belongs to Google.
So... I changed the URL, looked at the new URL in Chrome, and checked again a day later.
Same thing. Someone - or something - from Google was accessing my private URL, based on my Chrome history.
I changed the URL again and switched to Safari.
Nothing.
Clearly, Chrome phones home and Google feels entitled to check new URLs that it can't spider. Safari doesn't phone home. (Or if it does, no one at Apple cares enough to check weird URLs).
I don't think any other conclusion is possible.
While I don't disagree that Google does consume a lot of user data, I'm pretty sure most of these are opt in or at least explained fairly up-front, and that their resultant policies are no worse than Microsoft's.
Can you give an example of where their policies are clearly worse?
Well, I thought Google already tracked you whichever browser you use, via its advertising networks.
However, it does offer good control and opt-out cookies for the (whatever) 0.0001 percent of people who find out about this and actually give a damn.
They are building services that take your information and try to do something interesting enough with it to make it worthwhile...and why is it on by default? Because they want to make money off of the new features and deep integration with your information.
This isn't news. But it certainly may be another excuse to have the exact same conversation that nothing will come from.
Never mind that data generated and collected from cell phone usage will always make the privacy impinging features of your laptop look tame in comparison.
Never mind that the only way to stop companies from doing this is through the political processes that everyone seems to have written off.
EDIT: Downvoting because someone disagrees with the principal argument of the post is lame. Cheers.
it's really consumers who have the least leverage. If you want an arrangement where your data is encrypted with keys that you store in a tamer proof hardware module you can. It's priced differently, but you certainly can have that. (It's not all that expensive in the scheme of things.)
Because Cortana would be useless without it and that's a big user-facing feature of Windows 10.
I really like the direction they are headed.
God forbid we become slaves to the evil corporations. /s
You and I are in complete agreement on the subject...I just fell into hyperbole...
:)
I mean I cannot possibly verify what exactly goes on in the annals of the operating system and what happens to my data, where it is logged and where it is stored and how it is sent.
So regardless of the settings, I always assume that my data is logged and read by some creepy agent in the Ministry of Truth.
If it's not, then I'm just lucky.
Having grown up in a totalitarian state, that's the default way I think about this stuff and no amount of promises (except the source code which I can personally compile) can make me trust any 3rd party corporation.
You mean besides the fact that collecting personal data without your consent is illegal?
> Having grown up in a totalitarian state, that's the default way I think about this stuff and no amount of promises (except the source code which I can personally compile) can make me trust any 3rd party corporation.
He does not trust corporations or governments to act within the confines of the law.
I can't imagine any company in the pockets of the NSA getting in trouble for over-collecting user data.
There would federal CFAA, Economic Espionage Act, etc., investigations plus antitrust abuse investigations.
The corporation itself might behave like an angel, but there are agencies which can force it to open or install backdoors. Given that the number of such requests is relatively small, the probability of it being detected is low and even if the victim does notice it, then the corp can always say - "they twisted our hands".
"Typing data" sounds like keylogging. If it's what it sounds like, that's really emphatically not okay; that would include all passwords and the contents of all emails sent.
Would someone with actual knowledge care to chime in and say what data is actually sent? If it turns out that Windows 10 really is sending keystrokes to Microsoft by default, it seems likely to cause a significant backlash from Microsoft's business and government customers.
If so, it probably wouldn't include passwords (since password fields intentionally disable this kind of feature), and it shouldn't include the full contents of emails, just telemetry on how they were typed.
But Microsoft really ought to have explanations so we don't have to guess, and they ought to know that. I'm assuming this is on their itinerary and the documentation department is just lagging.
Can you explain how you got to this from what you asserted before? Autocomplete data should be more than enough to get that content.
Also, enterprise editions of Windows apparently have more opt-outs... regular editions cannot opt out of all data collection. (sorry, can't find the page that I read this on)
I can't say I'm surprised, though saddened, to see this elsewhere in the OS.
Text correction doesn't require hitting the web, but learning about how people make typos does require some targeted data collection (typing followed by deletion and retyping, likely)
It's important to remember that it doesn't matter what MS is doing today. What matters is what the force-updated version will do in the future. Or did everybody forget that you cannot prevent updates in this version?
I would be fairly surprised if Microsoft didn't re-display TOS after each update, so feel free to keep an eye out. If you really really care about this kind of thing, then I might suggest avoiding products that are tightly integrated with private entities as a general rule.
The problem is there's no like "more info" icon you can click to get an explanation of what it means.
Computers these days have become thin clients for browsers (especially for the typical consumer). Except for the occasional open of Word or Excel, you're in your web browser browsing the web and have a tab open for Facebook. With new features like "sign into your browser" or ad retargeting across the sites you visit today, consumers are already being subjected to practices that Microsoft at least gives you the ability to turn off piecemeal if you so wish. They're just doing so at the operating system layer instead of the browser.
Think doing so at the operating system is more criminal than at the web browser or website level? Consider that Google Chrome is moving to become "Chromebooks" and that Android integrates Google Search. It's already happening and we take Google's "don't be evil" mantra for face value while continuing to poke Microsoft out of sheer habit.
That's some pre-school logic.
Microsoft isn't doing this either, they are monitoring your usage of Cortana/System Search and your selection of its suggestions (just like Google does for Google Now,) to improve their algorithms. This is really being blown of proportion. Reminds me of people freaking out about Palladium with Project Longhorn.
It is a whole new level of intrusion IMO.
Of course MS wants to get in on surveillance-as-a-business-model. It keeps people tied to your Service as a Software Substitute, and as long long as most people are still ignorant about how technology works, they won't notice how the stalker-like nature of a lot of modern soft^H^H^H^Hmalware.
As for the few nerds that notice, they can probably be shut up with an obscure option to disable (most of?) the data collection; the number of people that even know the option exists will be insignificant. Some of those nerds can even be distracted with promises of "open" access (to our proprietary APIs we can remove or change without notice); if you phrase it right, it can even sound like "open" is referring to the commons. After a while, some of them may even build entire businesses based on feeding user surveillance data upstream. After a generation, the days of being able to write client software will be long forgotten.
--
The ongoing Theft Of Privacy (and the closely related The War On General Purpose Computing) are being fought, and this brazen behavior by Microsoft to take advantage user ignorance is taking yet another step down a dark path.
Which side are you going to be on? The side that is trying to maintain the remains of our privacy, an open internet, and free computing?
The apathetic side that fixes technical problems for themselves, while everybody else gets spied upon a little bit more while their tools become even more removed from their control? I hope you enjoy the consequences of rewarding this kind of behavior. Why should Microsoft (or anybody else) change when they still get paid and maintain their user-count?
Or are you the apparatchik, who thinks Cortana (or Alexa, or Siri, ... or Google Analytics) is a useful, cool piece of software? Surely the Big Data being collected is just going to be used for the stated purposes and could never have a noxious effect on users or become an attractive target for hackers or governments? If you're in this category, you might just want to start paying attention to the larger games being played, because if you don't start fighting for your future others may take it from you.
But when you talk to people about it, _their_ apathy and indifference is what leads me to stop caring. I've tried for years to educate friends, family, and coworkers on digital privacy. The number of people who have even installed and used a password manager is 0. If it's a struggle to even get someone to try out, let alone USE DAILY a password manager, what hope does anyone have to elicit a privacy-aware mentality from the general population? Why work to help people who do not even want to be helped?
I have adopted a passive stance on privacy and security: I stay up-to-date on news in this area, I choose for myself products and systems that minimally increase my risk, and I will answer questions from clients or other people. But, I won't evangelize it. Most people really just don't care all that much.
The scientist who discovers new laws of nature and the engineer that assembles simple pieces into complex and useful tools have only finished half of the process. The other half is explaining these news ideas to everybody else, so they can actually be utilized (and maybe inspire other discoveries and innovations). This was one of Feynman's greatest talents - taking the time to explain the important parts of a topic, in a way that was a lot more accessible.
I generally feel that if an audience is not understanding something (and assuming there were no trivial issues such as lack of time), the fault lies largely with the teacher. While have also met with limited success in explaining these issues, I keep trying in new ways. Pedagogy is a hard problem, but I personally have learned a bit by studying those that seem to have successful methods (such as Feynman, Sagan, Burke[1], Vi Hart[2]).
As for this specific problem of businesses collecting massive amounts of personal data (and the associated "free (as in beer)" culture), I suggest showing people the talk by Aral Balkan that I linked at the top of my previous post. He has given variations of the talk before, but this recent version is particularly good at explaining the entire picture, from simple gmail/facebook doublespeak, to the "free" culture that has taken over the tech industry, the internet.org style imperialism masquerading as "helping the poor", and more. This talk has been more successful than of the explanation, essays, cartoon, or videos that I've used in the past. YMMV, unfortunately.
There's a surprising connection between the reasons for people's ignorance of privacy and the complete and utter inability of an untrained person's mind to spend even just 15 minutes with itself.
Think about that.
By free I mean free as in beer, not free as in freedom. The problem is that if everything has to be free, there can never be any money in the actual maintenance and development of the product. User-centric and privacy-respecting business models are impossible if the product is free.
It's necessary but not sufficient because Windows isn't free (well 10 is quasi-free for some people), but it still does these things. So being non-free is no guarantee. But I believe it's a necessary condition since without some revenue stream independent from surveillance and other "indirect monetization" streams there is absolutely no hope of delivering a professional consumer-grade experience that could compete in the general market.
The technical community has mostly accepted that file sharing is a reality that requires rethinking business models, and that DRM is an act of desperation to put old strategies on life support by restricting playback device manufacturers.
But for proprietary versus free software, many remain outright hostile.
Business models for privacy-respecting user-centric free software are possible: https://en.wikipedia.org/wiki/Business_models_for_open-sourc...
They might not be amazingly profitable. However, the reality is, the programmer is heading the way of the musician and the artist.
I agree with you that "free" as a business model needs to go in one direction or the other. Truly free, as in my Fedora install (ignoring some binaries) or pay for privacy.
The problem with pay lies in the search for more revenue. Cable television used to be ad free. There wasn't a need to advertise since they were already getting subscription money - now look at it. The temptation to add easy profit is too great for many businesses (which is why we now have targeted ads within an OS we already quasi-paid for).
Meanwhile Red Hat isn't doing too bad with their blend of paid and free.
None of what I'm saying is particularly well written or fleshed out after a long day, but this is also something I think about a lot.
What about non targeted advertisement?
No Windows 8, 10, etc. for me until Microsoft makes some fantastically strong and solid statements about compatibility with old software, security, and privacy.
Can someone still using XP really claim to care about security?
Oh no.
The number of people that'll be protected from leaving their laptop in a taxi, or home burglary, or selling/trading-in a device, or just snoopy relatives or acquaintances, etc. is large and MS absolutely made the right call here. Otherwise, you'd have "experts" giving advice to disable this feature or suffer data loss.
Also, if they use OneDrive to back stuff up (like they should!), the security damage is already done as most juicy files will be unencrypted in MS's hosting and still subject to warrants.
"Would you like to store a backup for your drive encryption password on Microsoft OneDrive? If you choose not to do so, and you forget your password, all of your data will be lost. [Yes/No]"
And none of that warrants a ToS that says they can use that backup for anything other than helping you recover your data.
> Also, if they use OneDrive to back stuff up (like they should!), the security damage is already done as most juicy files will be unencrypted in MS's hosting and still subject to warrants.
Hence why client-side-encrypted backups are a good idea.
Bitlocker keys can be backed up to onedrive if you want, but you can also store them in a TPM or a smartcard (physical or virtual).
[1] http://www.theguardian.com/technology/2015/jul/08/fbi-chief-... [2] http://www.theguardian.com/us-news/2014/oct/16/fbi-director-...
I have personally used the feature several times to recover my drive keys.
There's no evidence here that Microsoft has installed a "back door" for the FBI.
Furthmore, why is it when you delete a photo from your iPhone it can persist on iCloud for up to 30 days?
Likewise, why is it when I restore my iPhone and set it up from scratch it starts to download 100MB + of data over WiFi? [1]
[1]. When I setup my iPhone from scratch (Apple ID, iCloud disabled), it hammered my WiFi at the full RX rate of my DSL line for approx. 10 minutes. That's 4Mbps * 60 * 10 = 2400Mbits = 300MB. I made sure that my iPhone was the only device connected to my WiFi. What could be in that 300MB of data? I should proxy all traffic from my WiFi to my DSL modem via another PC and do tcpdump on that!
I'm sure if I choose the same option in Windows 10 a large part of the OS will be completely closed off.
It's intellectually dishonest to think that's what s going on, because it ruins the conversation about what they're actually doing.
Apple, Google, Facebook, Twitter, LinkedIn, the FBI, NSA, CIA, DHS, they all have my data already. Thanks to OPM, the Russians and Chinese probably have my data now, too. What does it matter if Microsoft has it? They probably already have it. Maybe it's even better to make sure everyone has my data, rather than allowing it to be used as a competitive advantage by one or a small set of corporations. Cat's out of the bag. Horses have left the stable. Whatever other metaphors you want to throw in there.
So decide, and decide now: either go full-in on FOSS, or shut up and eat your cookie. Otherwise, this exercise hasn't been about privacy, it's been about anti-Bill-Gates-and-Steve-Ballmer-Microsoft sentiment.
In any case, I'm all for FOSS but it doesn't seem to be a solution to this problem, which admittedly, is not even really a problem to everyone.
FOSS is certainly great, but it isn't the end all be all, despite utopian hippie delusions to the contrary.
The problem is that with all platforms, the opt outs are hard to find and, even worse, hard to even know when the opt outs even exist.
These are fun and interesting times.
Who's going to pay for that?
Obvious solution is to use a strong generated string for your password (so even if they get your password, they're not getting the password to anything else), and then configure your router to require each device connecting to be authenticated. Whitelist for MAC addresses + GPG + ?
That is, if I'd only let guests with Windows 10 to access network using WPS, would Wi-Fi Sense send negotiated secret or not?
(I suppose WPA2-EAP-PSK should also be an option - IIRC Windows supports 802.1x auth and I doubt they share those passwords... although not many SOHO routers know anything about RADIUS)
Remember Gates said, about piracy "we'll somehow figure out how to collect sometime in the next decade"? It is happening now. And lots of other software/service are becoming "free" or massive discount, since selling your data is much more profit. Crack was about using software without paying money. Maybe in future it will be without paying with personal data or privacy. We will find a way, always. :-)
Gates shed some light on his own hard-nosed business philosophy. "Although about 3 million computers get sold every year in China, but people don't pay for the software," he said. "Someday they will, though. As long as they are going to steal it, we want them to steal ours. They'll get sort of addicted, and then we'll somehow figure out how to collect sometime in the next decade."
https://news.ycombinator.com/item?id=9973629
Windows 10 RTM has peer to peer updates over the internet as the default. I could swear it defaulted to local-only in the preview, so I didn't even check it until now after doing a clean install of RTM.
Nice job design devils.
No way.
Nope.
"Note that the file hashes (CRC32, SHA1, MDA and etc.) for Windows 10 ISO images created by Media Creation Tool are unique as time stamps and other factors are different for each computers."
Let's assume, worst case scenario -- you enable every single data sharing option on your Android phone as well as let's say, Windows desktop. And you use chrome browser, logged in, etc. All the time.
Now, the question is: explain to me, what you expect to be the negative outcome and how it affects your daily life.
I am genuinely curious. Or is this just a fear of the unknown and projecting into the future all of the bad things that may happen (or also may not)?
Information once leaked is very hard to recover and may have a deleterious effect on your career. Just ask Hulk Hogan.
Don't drink the Kool-Aid.
For this reasons alone, I think Win7 will be my most loved and probably last version of Windows I will ever use.
It's about time we start doing something about this.
Similarly, MS originally defaulted to not allowing cross site advertising identifiers by default and was criticized by organizations that make their money off this like Google and Firefox. Seems like they can't win no matter which default they pick.
Not sure what the fuss is about, the same old rule applies: if you want your data to be private, don't use any form of cloud services - server based voice/video chat, cloud storage services (google drive, skydrive, icloud), digital assistants (siri, cortana, google now), any contextual based delivered services which "learns" anything about you to provide you with any form of automated and/or dynamic experience.
If you want to be treated like you live in a box, then you're going to have to live by it.
Everyone complaining and "fed up", closing their MSDN accounts, boycotting MSFT products - you're in an echo chamber which won't be heard as our devices become more service oriented rather than boxed solutions. MSFT is trying to stay relevant, not undermine their massive user base. Whether it is right or wrong, I don't have an opinion on, but if you think MSFT is a pioneer in this space, you're being unjustly biased.
I guess the only thing we can complain about is that we aren't given a "closed/boxed" solution and able to accept the TOS to services we want on an adhoc basis - we have to go and disable services and hope that the TOS we agreed to needn't apply.
Perhaps these are growing pains for the direction services are heading because we shouldn't have to accept invasion of privacy as a default.
I think that Microsoft are crazy to think that can control the pcs of users because launch Windows 10 upgrade for free. Tks Microsoft for the upgrade, but not is with it that the enterprise will buy my privacy, control my PC, what I install, what I do with my computer, etc, etc, etc, the machine is mine and I want to continue owner of it. I not want show to me many things that I not want to see, install app that I not want and use in my pc, use of the my internet connection to send things to internet. Want my collaboration, ok I can think in this, but when I want, not when Microsoft want.
Sure have many users that not understand what are happens, but are much users that are advanced users and know what happens and how neutralize this privacy invasion.
My first impression in these day about Windows 10 is cool for other side. I think that can be the right successor of Window 7, but ... no using the unilateral ideas to force users share all with Microsoft, that Windows 10 will be a good OS. Need respect the privacy of the users. If not is like windows 8, 8.1 that not win the market because try to force all to have new hardware, etc. If go in this direction we have Linux, Windows 7 to use and who know, Android OS to PCs, is now a good time to this smiles. Yes, this is a technological war, users in a side and Google, Microsoft and others in the other. But who buy computers, OS, software are the users. The true own of market. Sorry for errors english not is my native language, but I think that is possible understand.
In security, "trusted" has a very simple and straightforward definition:
Trusted (adj.) - Liable to create a security breach.
Whether you know who they are or not, it means that you trust them with your private data.
"Trusted" is never a good thing. With proper security and privacy logic in place you shouldn't need to "trust" anyone.
Indeed it means that I "trust" the NSA (and local Dutch agencies conscripted by them) with any data that I send or receive that is not strongly encrypted. I don't get a lot of choice in the matter, so I'm going to have to "trust" they won't screw me over with it, sell it to bad actors, keep it safe for as long as they keep it. No it's not a very smart idea to "trust" them, but I don't get a lot of say in the matter ...
Sigh...I can still smell the sharpie ink and wet postage drying on the back of a manila envelope.
If I make any changes to my system I'll probably delete UbuntuMATE and Win7 and just run Mint. Seems really slick and mostly respects the user. Just despise those notification catchers in most distros like Mint. UM in Redmond mode is the only one that just flashes the taskbar icon upon notifications, which makes perfect sense to me. Less to manage/check on.
EU will take a look on those practices soon :)
It's not like it's hidden in their terms and conditions. And, bluntly, I'm assuming many people reading this are working on similar technology for smaller companies. But, to paraphrase Nick Naylor in 'Thank You For Smoking', you just need to pay the mortgage, right?
Additionally, the conversation on this page seems to betray that most of us didn't read the memo that the concept of privacy has changed and now no longer includes concepts like, "You only get to know things about me that I disclose to you." That has now transformed into what might be captured in the sentiment, "You may not use what you know about me in any way explicitly disallowed by the terms & conditions". I can't find it now, but back in the day, wayyyy back, Brin and Page made the argument that one day people would trust their personal information to companies the same way that they trust their money with banks. This is that vision realized.
[1] http://blog.pcm.com/2015/07/29/windows-10-the-future-starts-...
(this message was brought to you by someone who earns money through language)
I can't see why anyone would be surprised anymore. This has been going on for years now.
I guess that "free" upgrade business model includes harvesting data globally to sell to surveillance state agencies through round-about ways <cough> palantir <cough>
Thanks for the memories HN, but this just isn't worth it. I could have been coding. From now on I will be.
Adieu.
I'm not saying that strong privacy regulations are a bad thing or that Microsoft's policy is a good thing. Just that Microsoft's policy reflects reality where competitors and activists and politicians are inclined to use privacy regulations for purposes orthogonal to any actual concern about privacy. The connected world is full of caches and Microsoft does not control them. Users can do stupid things that Microsoft cannot prevent.
Agree with the terms and use Windows. Don't use Windows if you disagree. The website hosting the blog runs google-analytics by default. It doesn't ask my permission. It runs Disqus by default. It doesn't ask my permission. The privacy badger ate too many cookies and died years ago. Microsoft is late to the wake.