Windows 10 proven to spy on users, regardless of settings or system tweaks.

[mr moose]

Reading the ars technica article again, it also suggests that MS might have been "spying" on its users. Although a ctrl + F wouldn't return the word spying, to spy on someone can mean to know about or to know about the activities of the person without consent. Which the ars technica article has shown that data is sent to (presumably)MS whenever a user performs certain activities while ignoring the user settings.

 

The reason the Ars technica article doesn't use the word "spying" or "spy" in there is because they have a slightly higher standard of journalism and words have meanings.  To use the word spying indicates by its definition that MS are taking your information without permission (which is illegal).   And thus if they can't prove it makes them guilty of defamation.

[Kinda Bottlenecked]

The reason the Ars technica article doesn't use the word "spying" or "spy" in there is because they have a slightly higher standard of journalism and words have meanings.  To use the word spying indicates by its definition that MS are taking your information without permission (which is illegal).   And thus if they can't prove it makes them guilty of defamation.

 

And that's the reason many article use the effect of "suggestion" to avoid any legal trouble while still delivering a point. 

[Sharp_3yE]

University of Texas health Science Center. Perhaps it's a little different here, considering it's a Medical school. Things must be super secure here.

When they upgrade to windows 10 (like, months or years from now), parts of the Uni may want to use the Enterprise version. They can fiddle with it more then what the pro or home can. That's pretty cool though man. What is your purpose there?

[mr moose]

And that's the reason many article use the effect of "suggestion" to avoid any legal trouble while still delivering a point. 

 

No, they do it because bad news sells.  This is why they need to teach critical analysis in schools.

 

EDIT: I should add that if it was the case that the media wrote articles the way they did because they weren't allowed to tell the truth then the only news articles you could trust to be accurate would be the ones written as legal documents.

[Kinda Bottlenecked]

No, they do it because bad news sells.  This is why they need to teach critical analysis in schools.

 

Then that's a pretty bad new about Win 10 isn't it? 

 

Don't they already teach those in schools? 

 

EDIT: Heh heh, just saw the edit. I don't think media will censor news that they know that can be written. Be it good or bad.

[Colonel_Gerdauf]

Same as above.

What is in dispute here, from what I can tell, is the claim that personal information is being sent. And since NONE of us can prove, or disprove it, then it's a moot freaking point. Those of us assuming that personal information is being sent, and those of us assuming that only "meta data" is being sent, are both equally correct and incorrect.

Basically, what we have is Shrodingers cat. No one can prove anything, just speculate.

My speculation, or assertion, is that because Windows 10 is still sending data to Microsoft, regardless of the settings chosen by the user, including generating false errors, it must be personal data. I cannot prove this however.

ONE THING, that could, or probably SHOULD, be done is this:

Someone needs to compare the data being sent, or the volume of data being sent, in a Windows 10 installation with privacy settings turned "on", and in another one with the same settings turned "off". While this wouldn't prove anything, I feel that it would lend credence to the statement that "only meta data is being sent". IT would be a "benchmark" if you will.

Agreed?

The fact that it collects data is a very general and vague activity that has existed since Windows 3.1, as well as every single electronic and software in existence. Then claiming that the data contains personal information when it could be completely irrelavent to what this information was doing, would be a complete failure of inductive reasoning.

The context of message is very important.

[LAwLz]

 The counter claims are simply that you cannot claim it to be personal data when no one has been able to show that it is.

Didn't you read the ars article? It sends a unique ID along with the suspicious data and that ID is used to identify you. Surely even you will agree that it is personal.

But like I said in the other thread where you stubborn refused to admit that Microsoft are spying on their users by harvesting data without their knowledge, my issue is that suspicious packets are leaving my computer, I can't do anything against it (will apparently even spit out fake errors when I try to disable it, just to fool me into a false sense of security) and Microsoft won't tell us what data they are collecting. They just dance around the question when asked.

Or we wait until ITC god with corporate resources and bee in their bonnet decides to go to town on MS and the US government.

And what are they going to do exactly? The information is encrypted so the only one who can provide the absolute evidence you demand is Microsoft itself. They can just plead the fifth to that though.

[mr moose]

Didn't you read the ars article? It sends a unique ID along with the suspicious data and that ID is used to identify you. Surely even you will agree that it is personal.

But like I said in the other thread where you stubborn refused to admit that Microsoft are spying on their users by harvesting data without their knowledge, my issue is that suspicious packets are leaving my computer, I can't do anything against it (will apparently even spit out fake errors when I try to disable it, just to fool me into a false sense of security) and Microsoft won't tell us what data they are collecting. They just dance around the question when asked.

And what are they going to do exactly? The information is encrypted so the only one who can provide the absolute evidence you demand is Microsoft itself. They can just plead the fifth to that though.

 

I read it, it does not say what the data is.  You can sit there calling me stubborn and making as many claims as you like that the data is suspicious, untoward, deceitful, call it what ever you want. it does not change the fact you don't know what it is and neither do Ars. 

 

They can't plead the fifth outside of the US.  They have already handed over source code to windows to any government that wants it.  If it is as bad as you say then you can bet your arse we will here about it, especially from defense force and other governments around the world who will just not use it.

 

Until then believe whatever you want, it's really no skin of my nose.

[Stuff_]

When they upgrade to windows 10 (like, months or years from now), parts of the Uni may want to use the Enterprise version. They can fiddle with it more then what the pro or home can. That's pretty cool though man. What is your purpose there?

Security Analyst. Help manage patching of the servers, and work with the firewall and networking team to ensure the data of people is as secure as possible. 

 

You wouldn't believe the amount of angler exploits people on the network get. At least 5-10 a day.

 

 

Just a thought, since we don't know exactly what is being sent, perhaps it's sending some data telling the MS servers that this particular user has opted out? Ars Technica needs to do a persistent test. Check to see if it's constantly sending data after you turn it off. From what I see from the article, after they disable it all, it still sent some stuff.

 

But would it eventually stop? I mean, none of us know the way Microsoft programmed the system, so who knows what it's doing (for now).

[LAwLz]

I read it, it does not say what the data is. You can sit there calling me stubborn and making as many claims as you like that the data is suspicious, untoward, deceitful, call it what ever you want. it does not change the fact you don't know what it is and neither do Ars.

So you wouldn't call it suspicious that even if you press disable on some features, they don't actually get turned off and they send encrypted data tagged with your unique ID to Microsoft? On top of that, Microsoft refuses to tell us what data is being sent. They dance and round the question or give us very vague answers. The fact that we don't know what data is bring sent is the issue.

If Microsoft wants to forcefully take data from me, and even going as far as to pretend like it doesn't by giving me useless settings which doesn't do anything then I at least want to know what data they are taking.

They can't plead the fifth outside of the US. They have already handed over source code to windows to any government that wants it. If it is as bad as you say then you can bet your arse we will here about it, especially from defense force and other governments around the world who will just not use it.

I don't get why you keep brining this up.

Even their TOS says that they got backdoors in Windows that they will use to steal personal info and hand it over to the government. What makes you think the government would want to stop that? They love it. Hell the UK got crowned as the world champions of surveillance by reporters without boarders.

Governments have even been found to break the law in order to spy on their citizens. A few years ago you could call people tinfoil hat wearers for being afraid of this, but then it turned out that they were right.

As for the government not using Windows 10 if it is bad, so far the only things I've heard is that in the US they are paying Microsoft a small fortune to stay on XP, and in China they have outright banned using newer versions of Windows.

Even if some governments do decide to upgrade we still don't know if it's safe. They might be upgrading because they got a special versions without all the spyware in it. Maybe they have access to all the collected data so they don't have to worry.

It's a shame that you're such a big Microsoft fanboy because you're usually so reasonable.

It's very worrying when customers are taking the side of the companies who abuse them. Remember, I am trying to fight for your right to privacy.

[Stuff_]

So you wouldn't call it suspicious that even if you press disable on some features, they don't actually get turned off and they send encrypted data tagged with your unique ID to Microsoft? On top of that, Microsoft refuses to tell us what data is being sent. They dance and round the question or give us very vague answers. The fact that we don't know what data is bring sent is the issue.

If Microsoft wants to forcefully take data from me, and even going as far as to pretend like it doesn't by giving me useless settings which doesn't do anything then I at least want to know what data they are taking.

I don't get why you keep brining this up.

Even their TOS says that they got backdoors in Windows that they will use to steal personal info and hand it over to the government. What makes you think the government would want to stop that? They love it. Hell the UK got crowned as the world champions of surveillance by reporters without boarders.

Governments have even been found to break the law in order to spy on their citizens. A few years ago you could call people tinfoil hat wearers for being afraid of this, but then it turned out that they were right.

As for the government not using Windows 10 if it is bad, so far the only things I've heard is that in the US they are paying Microsoft a small fortune to stay on XP, and in China they have outright banned using newer versions of Windows.

Even if some governments do decide to upgrade we still don't know if it's safe. They might be upgrading because they got a special versions without all the spyware in it. Maybe they have access to all the collected data so they don't have to worry.

It's a shame that you're such a big Microsoft fanboy because you're usually so reasonable.

It's very worrying when customers are taking the side of the companies who abuse them. Remember, I am trying to fight for your right to privacy.

 

If you strictly look at the Ars technica article, and ignore that random Russian website, they say a few things:

 

1) The start-menu is sending data during boot, and also when you type directly into it. This is expected, as it's grabbing results from the web.

2) Other traffic is because of determining information about your connection type. This is also expected

3) Attempting to download MSN data for the live-tile, even when disabled. Perhaps storing the most recent stuff into a cache to use if/when live-tile is enabled? Who knows, but this is hardly considered harmful. 

4) Data being sent to the, presumed, OneDrive server even when your OneDrive is disabled, and you are using a local account. They likely account it to being telemetry settings, even though they assumed they had disabled it via policies. Perhaps telemetry cannot be disabled? This is interesting, but how long is "periodically?" Did they test this for a few minutes, hours, days? They aren't very clear on their own testing.

5) They were unable to fiddle around with some other traffic, or at least were unsure what it is. 

 

All these things accounted for doesn't really raise many questions. It only raises questions if you are really, really suspicious of Microsoft.

Currently, I'm no more suspicious of Microsoft as I am of Google and Facebook. There's no way that Microsoft is snagging more of our data than those 2 Corporations. 

[Tilaron]

I know I am one of the few, but I honestly don't care.  Maybe I'm part of the problem.  *shrugs*

 

In the past on news website comment sections (yeah, I know, I'm wasting my time looking for sanity there) I've been told I'm part of the privacy problem because I don't care either.

 

The thing is, I'm not a criminal or a terrorist, I'm not plotting anything at all and my computer is the last place I'd make any record of such activities anyway. If you have nothing to hide, you have nothing to fear.

 

Also, I smoke weed in my friend's house whose neighbour is an ex-cop that actually has an amazing hookup and joins us most nights.

 

There, I said it on the internet. *waits*

[Stuff_]

In the past on news website comment sections (yeah, I know, I'm wasting my time looking for sanity there) I've been told I'm part of the privacy problem because I don't care either.

 

The thing is, I'm not a criminal or a terrorist, I'm not plotting anything at all and my computer is the last place I'd make any record of such activities anyway. If you have nothing to hide, you have nothing to fear.

 

Also, I smoke weed in my friend's house whose neighbour is an ex-cop that actually has an amazing hookup and joins us most nights.

 

There, I said it on the internet. *waits*

People will refute your comment with "you don't have to be a criminal or terrorist or bad guy to want your privacy."

 

I also don't care. So, by having the extremely efficient stuff we have, the way we get it is by determining your preferences, and knowing about you? That is fine with me.

 

They know my skin color, age, sex, gender, location, political views, etc etc etc; what is the big problem? Unless there is going to be some law or issue that will harm me, such as that of Nazi Germany, I don't mind if people know all that information about it. It's not a bad thing.

[NumLock21]

Did a clean install of win10, check host file and it has none of that list to 127.0.0.1 telementry crap. Just a basic host file like the ones you found with older os. That host file must be from the Technicial Preview days where your forced to use the express option.

[Accursed Entity]

What really makes me laugh is some people saying, oooh I don't like Windows 10 now for that "spying thing"... and they use every fucking social media, browsers, other Windows OS out there practically giving all their info away anyways. My point is, there's no privacy on the interwebs nowadays, as long as you're here you'll have no privacy. Is that good? Of course not, I freaking hate that, but it's real. You can put a tin foil hat on your head and try hiding most of what you can using Linux and such but at the end something's gonna give. Keep living in your fantasy world thinking that you're safe with your tin foil hat.

 

Did a clean install of win10, check host file and it has none of that list to 127.0.0.1 telementry crap. Just a basic host file like the ones you found with older os. That host file must be from the Technicial Preview days where your forced to use the express option.

 

But... but... they're spying on us... it's a whole conspiracy and not a marketing thing at all!

[LAwLz]

Did a clean install of win10, check host file and it has none of that list to 127.0.0.1 telementry crap. Just a basic host file like the ones you found with older os. That host file must be from the Technicial Preview days where your forced to use the express option.

But... but... they're spying on us... it's a whole conspiracy and not a marketing thing at all!

I don't think you understand what a host file is. It's like a local DNS.

Ars Technica has changed their host file in order to redirect the data Microsoft collects, but it still does it. Their host file looks like that because they have tried to disable the spyware in Windows 10.

When you add for example:

127.0.0.1 spyware.microsoft.com

in the host file you tell your computer "everything addressed to spyware.microsoft.com should be sent to the IP 127.0.0.1". 127.0.0.1 is localhost, which means it won't get sent to a remote computer.

 

 

Please don't comment on things when you don't even have a basic understanding of what they are. You just end up spreading misinformation.

[Stuff_]

 

Please don't comment on things when you don't even have a basic understanding of what they are. You just end up spreading misinformation.

For the love of God. You say this, but you're telling people that they have Spyware from Microsoft on their PC, which is simply NOT TRUE.

[LAwLz]

1) The start-menu is sending data during boot, and also when you type directly into it. This is expected, as it's grabbing results from the web.

It is not expected if you disable the feature to fetch things from the web. Usually when you disable a feature you expect it to actually be turned off, not keep collecting data in the background without your knowledge.

This does not happen during boot. It happens whenever you type something in the search field. Here is a video of it happening.

 

 

2) Other traffic is because of determining information about your connection type. This is also expected

Yeah that's a no brainer. Of course it will try to contact a server in order to check if you got Internet access or not. It is set to use Microsoft's NTP server by default as well to synchronize time. It's not an issue since we know why they send the info and what info it is.

 

 

3) Attempting to download MSN data for the live-tile, even when disabled. Perhaps storing the most recent stuff into a cache to use if/when live-tile is enabled? Who knows, but this is hardly considered harmful.

I agree with Ars on that. It's hard to consider it harmful although it shouldn't be happening. The info is unencrypted so we can see what it contains. Not an issue. Seems more like a poorly coded function and not something intentionally harmful.

 

 

4) Data being sent to the, presumed, OneDrive server even when your OneDrive is disabled, and you are using a local account. They likely account it to being telemetry settings, even though they assumed they had disabled it via policies. Perhaps telemetry cannot be disabled? This is interesting, but how long is "periodically?" Did they test this for a few minutes, hours, days? They aren't very clear on their own testing.

Not sure why it matters how long it tested it since it shouldn't be happening at all. Why does my computer automatically upload things to OneDrive even if I got it disabled and don't have an account tied to it?

Not sure what method Ars used to disable telemetry but it might be the case of an option just being there to fool people. Microsoft might be hoping that people will see the setting, turn it off and then feel safe, when it actually doesn't do anything. That's horrible and should never happen. I guess we could ask Peter how often it happens, or maybe I'll just look into it myself. It shouldn't happen at all though.

 

 

5) They were unable to fiddle around with some other traffic, or at least were unsure what it is.

Yes, and that's a huge issue. Microsoft didn't want to give a clear answer either. Just some vague things about Windows now being a service and they apparently don't send search usage data to Microsoft (despite people seeing new connections appear when they start searing in the menu, like in the video I posted above).

Why doesn't "you got nothing to fear if you got nothing to hide" apply to Microsoft? If they aren't doing anything fishy then let us see exactly what data they are collecting.

 

 

All these things accounted for doesn't really raise many questions. It only raises questions if you are really, really suspicious of Microsoft.

Currently, I'm no more suspicious of Microsoft as I am of Google and Facebook. There's no way that Microsoft is snagging more of our data than those 2 Corporations. 

Yes Google and Facebook are terrible in terms of user privacy as well. All 3 of them are in the business of targeted ads and want as much info about you as possible. You shouldn't trust any of them one bit. But I really hate this "argument". Just because other companies does something horrible doesn't mean it is acceptable for another company to start doing it too. The loss of privacy has been a quite long and drawn out slippery slope. It has been very gradual and if we don't say enough soon we will not have any privacy left at all. Politicians are even trying to ban encryption now because it hinders them from spying on innocent citizens.

And by innocent I mean as innocent as the average Joe is, which will break the law about 1100 times a year (3 times a day).

 

 

 

According to a Reddit post, anytime you start a program in Windows 10 it will open a session to apprep.smartscreen.microsoft.com, even if you have smartscreen disabled. With smartscreen enabled it will send a hash to Microsoft so that they can indentify which programs you are running but wheny uo turn it off it won't send the hash. It will still connect to the server (on another hostname) though and we are not sure why or what it does.

[Colonel_Gerdauf]

Yes Google and Facebook are terrible in terms of user privacy as well. All 3 of them are in the business of targeted ads and want as much info about you as possible. You shouldn't trust any of them one bit. But I really hate this "argument". Just because other companies does something horrible doesn't mean it is acceptable for another company to start doing it too. The loss of privacy has been a quite long and drawn out slippery slope. It has been very gradual and if we don't say enough soon we will not have any privacy left at all. Politicians are even trying to ban encryption now because it hinders them from spying on innocent citizens.

 

That is a horrible analogy, and you know it. This is not a matter of "others doing terrible things does not make this terrible thing okay", as it misses the point by a mile and a half. The point is, if you are getting so worked up about Microsoft "spying" on the users (which remains pure speculation BTW), then where the holy hell are the equivalent complaints for the other companies? You in particular seem to be especially silent as far as Google and Cisco is concerned, a tell-tale sign of selective reasoning.

 

And for the record, when you resort to calling somebody a fanboy, you have lost the discussion and the battle. Somebody having a perspective opposing your own does not make them a fanboy. You are a lot more stubborn than you realize. Also, don't waste your time with spitting out fancy Latin terms, as they will not help you.

[LAwLz]

For the love of God. You say this, but you're telling people that they have Spyware from Microsoft on their PC, which is simply NOT TRUE.

But it is true.

There is no clear cut definition of spyware. One of the defintions mentioned in the FTC document regarding spyware is the one from Gibson Research Corporation. Their definition is:

Spyware is ANY SOFTWARE which employs a user's Internet connection in the background (the so-called "backchannel") without their knowledge or explicit permission.

Silent background use of an Internet "backchannel" connection MUST BE PRECEDED by a complete and truthful disclosure of proposed backchannel usage, followed by the receipt of explicit, informed, consent for such use.

ANY SOFTWARE communicating across the Internet absent these elements is guilty of information theft and is properly and rightfully termed: Spyware.

Personally I think that's a pretty good definition, and I think Windows 10 fits that definition.

 

 

 

The Wikipedia definition is:

 

Spyware is software that aims to gather information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge.

Windows 10 also fits that definition.

 

 

How about Merriam-webster's dictionary?

 

computer software that secretly records information about the way you use your computer

Does Windows 10 do that? It does in my opinion.

 

 

Things such as settings not actually turning data collection off despite them saying it does, throwing out false errors and ignoring proxy settings is enough for me to classify it as secretly collecting data. For it to not be secret the settings should clearly state that turning them off won't actually turn them off.

 

 

Here is Microsoft's own definition:

 

With so many types of malicious software being spread around the Internet, it is important to be aware of what spyware is and what spyware does. Spyware is a general term used to describe software that performs certain behaviors, generally without appropriately obtaining your consent first, such as:

• Advertising

• Collecting personal information

• Changing the configuration of your computer

Spyware is often associated with software that displays advertisements (called adware) or software that tracks personal or sensitive information.

Windows 10 seems to fit that fairly well too.

[Accursed Entity]

Please don't comment on things when you don't even have a basic understanding of what they are. You just end up spreading misinformation.

 

Says the now "official expert" on the matter, how about you stop flooding this thread with your "expert" information. But what do I know right? I am a total noob that doesn't have "basic understanding" of what they are. I better leave that to the "pros" like you that know everything about the matter and only you guys have the last word. Eeeveryone else is just wrong, congrats.

 

I know this is a discussion that'd never end... don't know why I participate, maybe I'm bored right now.

[LAwLz]

That is a horrible analogy, and you know it. This is not a matter of "others doing terrible things does not make this terrible thing okay", as it misses the point by a mile and a half. The point is, if you are getting so worked up about Microsoft "spying" on the users (which remains pure speculation BTW), then where the holy hell are the equivalent complaints for the other companies? You in particular seem to be especially silent as far as Google and Cisco is concerned, a tell-tale sign of selective reasoning.

 

And for the record, when you resort to calling somebody a fanboy, you have lost the discussion and the battle. Somebody having a perspective opposing your own does not make them a fanboy. You are a lot more stubborn than you realize. Also, don't waste your time with spitting out fancy Latin terms, as they will not help you.

You might not have noticed this, but I very rarely make my own threads. The reason I am currently attacking Microsoft so much is because those are the threads I see when I visit LTT.

How many threads have you seen about Cisco on the front page recently? I have seen 0, which is why I haven't posted about them.

There is no "selective reasoning" involved. Actually, I was giving Facebook and Google shit in the post you were responding to, but you seem to conveniently missed that part.

 

 

Why do you always being up "fancy latin terms" whenever you talk to me? I sometimes use them because they describe logical fallacies. It's easier to just say "that's XXX" instead of "what you are doing right now is a logical fallacy because... an example of why this does not work would be...".

my "fancy latin phrases" are the same as what you did in this post (Gerfauf's Law) and in this post (Hempel's Paradox).

 

 

By the way, you have called me biased multiple times in this thread already. That's essentially the same as calling someone a fanboy.

 

 

People who live in glass houses...

[Stuff_]

-snip-

I simply disagree with most of your post, including that article. Until I see someone arrested for handling a lobster, and put in jail (and it will be documented by the news, and we will hear about it) I think that is just a pointless argument. 

 

Here's the thing. The United States is MUCH different than a ton of countries around the world. If the government attempts something really shady, that is at the cost of a lot of people, it won't work. 

 

And on top of all of that, we have due process. Fortunately, If a jury believes that a crime is absolutely bonkers, and makes no sense, we have jury nullification. 

 

 

You have a hard time understanding the other point of view, and you are really quick to assume the worst, instead of hope for the best. Definition of pessimistic, and potentially paranoia. 

You are not so important in this world that everything resolves around your privacy. Along that, the government is not going to come looking for you, me, or any of us on this website, unless we are in current or previous talks with a terroristic group, terroristic acts, ISIS, etc.

They will not arrest you for those insane lows from your post. They will not care, you are a NOBODY. You're simply a person that consumes, and spends money. Why would the government be willing to arrest all these people for the absolutely victim less crimes? 

 

With that being said, I think I just lead into a debate about our "War On Drugs."

[Stuff_]

But it is true.

There is no clear cut definition of spyware. One of the defintions mentioned in the FTC document regarding spyware is the one from Gibson Research Corporation. Their definition is:

Personally I think that's a pretty good definition, and I think Windows 10 fits that definition.

 

 

 

The Wikipedia definition is:

Windows 10 also fits that definition.

 

 

How about Merriam-webster's dictionary?

Does Windows 10 do that? It does in my opinion.

 

 

Things such as settings not actually turning data collection off despite them saying it does, throwing out false errors and ignoring proxy settings is enough for me to classify it as secretly collecting data. For it to not be secret the settings should clearly state that turning them off won't actually turn them off.

 

 

Here is Microsoft's own definition:

Windows 10 seems to fit that fairly well too.

Come on man. You're really, really grasping here.

[dfsdfgfkjsefoiqzemnd]

If you have nothing to hide, you have nothing to fear.

And if you have nothing to say, nobody needs free speech either, right?

Some people have stuff to hide, and often even for legitimate reasons.