
Microsoft shares Windows 10 telemetry data with third parties - temp
http://betanews.com/2016/11/24/microsoft-shares-windows-10-telemetry-data-with-third-parties/
======
yuhong
This is a good time to mention
[https://blogs.technet.microsoft.com/johnla/2015/09/26/the-
in...](https://blogs.technet.microsoft.com/johnla/2015/09/26/the-inside-story-
behind-ms08-067/)

MS at least does have an attempt to protect privacy in crash dumps (dating
long before Win10 BTW):
[https://blogs.msdn.microsoft.com/oldnewthing/20161104-00/?p=...](https://blogs.msdn.microsoft.com/oldnewthing/20161104-00/?p=94645)

------
krakensden
Of course they do. Remember, when you share your data with a company, you are
not sharing that data with the manifestation of the company that you know, and
perhaps trust. You are also sharing that data with all future iterations of
that company, all future owners, many future employees of that company, and
many future partners of that company. Any of which may be terrible, and only
one needs to be.

If you work on the back end of services, especially consumer services, it is
important that you take charge of pushing back on data collection. Your
managers probably don't have enough industry context. They will not know the
long failed history of data anonymization. Your co-workers may not have
thought about the possibilities of parallel construction. It is your
responsibility to consistently, thoughtfully, impress upon people the
necessity to collect the minimum amount of data, as well as the utility of
deleting it as soon as possible.

------
AdmiralAsshat
I've debated writing an angry blog post about how I was a 25-years Windows
user until Win10 pushed me to Linux because of the flagrant privacy violations
put forth by this telemetry gathering--even before we knew it was being shared
with third parties. But I suspect it would fail to bring about any real
change.

What might work, however, would be some sort of page of "protest users" who
have pledged that they have or will switch to Linux after the repeated user
preferences abuses of Windows 10. That would be far more effective, in my
opinion, than just ranting and raving.

------
aq3cn
The nature of the deal between Microsoft and FireEye is to license threat
intelligence content from FireEye iSIGHT Intelligence. This additional layer
of intelligence includes indicators and reports of past attacks collected and
edited by FireEye and enhances detection capabilities of Windows Defender
Advanced Threat Protection (WDATP). The deal does not include the sharing of
Microsoft telemetry.

------
aq3cn
I like to share what Windows 10 actually collects from us and discuss
seriousness of its consequences if there are any.

Under Privacy > Feedback & Diagnostics settings, there are these four options.
One must choose one of these four options.

Security level

> The Security level gathers only the telemetry info that is required to keep
> Windows devices, Windows Server, and guests protected with the latest
> security updates. Data gathered at this level includes the Malicious
> Software Removal Tool reports, information that Windows Defender and
> Endpoint Protection require to function. This includes anti-malware
> signatures, diagnostic information, User Account Control settings, UEFI
> settings, and IP address. No user content, such as user files or
> communications, is gathered at the Security telemetry level, and we take
> steps to avoid gathering any information that directly identifies a company
> or user, such as name, email address, or account ID

Basic Level

> The Basic level gathers a limited set of data that’s critical for
> understanding the device and its configuration. This level also includes the
> Security level data. Basic device data such as attributes, Internet Explorer
> version, hardware information, operating system information, network
> attributes and more are collected at this level. Collected data includes app
> usage data, Internet Explorer add-ons, driver data, system data, Windows
> Store activity and more on top of that.

Enhanced Level

> The Enhanced level gathers data about how Windows and apps are used and how
> they perform. This level also includes data from both the Basic and Security
> levels. Operating system events, app events, device specific events and
> "some" crash dump types are included at this level.

Full Level

> The Full level gathers data necessary to identify and to help fix problems,
> following the approval process described below. This level also includes
> data from the Basic, Enhanced, and Security levels. Microsoft may pull
> additional information from a device if the diagnostics request is approved
> by Microsoft’s privacy governance team, including privacy and other subject
> matter experts.

I also like to know if MS also collects anything beyonds this without my
consent.

source:

[https://technet.microsoft.com/en-
in/itpro/windows/manage/con...](https://technet.microsoft.com/en-
in/itpro/windows/manage/configure-windows-telemetry-in-your-organization)

[http://www.ghacks.net/2016/11/23/microsoft-gives-third-
parti...](http://www.ghacks.net/2016/11/23/microsoft-gives-third-parties-
access-to-windows-10-telemetry-data/)

