
Windows 10 “steals” your bandwidth - mortenlarsen
http://lauren.vortex.com/archive/001116.html
======
0xffffabcd
previous discussions:

* [https://news.ycombinator.com/item?id=9982917](https://news.ycombinator.com/item?id=9982917)

* [https://news.ycombinator.com/item?id=9973629](https://news.ycombinator.com/item?id=9973629)

* [https://news.ycombinator.com/item?id=9983512](https://news.ycombinator.com/item?id=9983512)

* [https://news.ycombinator.com/item?id=9978006](https://news.ycombinator.com/item?id=9978006)

------
striking
Now, at first I was thinking this was a relatively sane feature like Apple's
Software Update Server (which caches and re-serves updates for your local
network)[1]. It's a very useful tool, considering the fact that when iOS 7
came out, it took out my entire high school's network because everyone was
downloading it.

This isn't transparently helping serve updates to computers on a local network
to save bandwidth. It transparently serves updates to the entire world, to eat
your bandwidth and conserve only Microsoft's.

Is there a word in English that captures how massively disappointed I am with
this being on every Win10 computer and by default?

[1]:
[http://hints.macworld.com/article.php?story=2007100908224845...](http://hints.macworld.com/article.php?story=20071009082248452)

~~~
eli
It seemed to work out fine for Spotify

~~~
rohansingh
With Spotify, the aim was low latency. If you click on a song, it should start
playing immediately. There's no such requirement for software updates.

Back when the only data center was in Stockholm, the only way to meet latency
requirements was P2P. Now that we're a grown-up company we've disabled that
and use CDN's instead.

~~~
RKearney
> With Spotify, the aim was low latency. If you click on a song, it should
> start playing immediately.

That was not their aim at all. Their aim was lowering bandwidth costs by
shifting the content delivery costs over to the end users. This was made clear
by the fact that when you played a song, it started downloading the song from
AWS S3 immediately to minimize latency, then once the P2P sessions fired up,
shifted over to that stream instead of their costly S3 one.

------
RexRollman
I have come to the conclusion that commercial operating system vendors can no
longer be trusted.

They are destroying computing autonomy of users by tying online accounts into
their products. They include built in search tools that leak information to
the vendor and, in some cases, "trusted" third parties. And they try to steer
users to their own cloud solutions, which store user data unencrypted.

Apple, Google, and Microsoft all do this. Even Canonical has. But worse to me
are those who make weak excuses for all of it; saying that people can use
settings to turn it off, even though they know damn well that everyday users
will stick to the defaults.

Personally, I am disgusted with the entire situation.

~~~
q3k
Fortunately, there are still operating systems [1] that respect your freedom -
both free as in Free Software, and as in freedom to choose the stack, packages
and software you want.

[1] - [https://www.gentoo.org/](https://www.gentoo.org/)

------
click170
I think a big part of the problem here is the perception of a big company
trying to externalize costs onto their users.

The funny thing is, if you ignore the fact that it's a big company named
Microsoft who's using your bandwidth _and_ that it's enabled by default, this
is actually a pretty awesome feature that could help a lot of people in a lot
of situations.

Edit: Clarity

~~~
opnitro
I think another big problem is that is without specific activation. If it
asked me first, and I made the decision to help out, then it would be fine.
When I torrent a linux iso, I'm making a specific action to use my bandwith.
This is doing it without asking.

------
tacone
Let me understand this better: they centralized skype and decentralized
software updates? Wow.

~~~
dietrichepp
As I understand it, they centralized Skype because mobile phones couldn't be
supernodes. (Not defending it, just explaining it.)

~~~
0x0
And it would have been impossible to #ifdef out the supernode code in the
mobile apps?

------
alayne
If people weren't so nutty about distributing file transfers, we could have a
much more robust Internet.

~~~
1_player
Do you mean it's not a bad idea to use the idle upload bandwidth to distribute
the updates, i.e. turn each PC into a bittorrent seed?

In theory it's pretty great, in practice, with metered connections you're
using up the users internet quota and causing a lot of frustration.

I am used to unmetered internet connections, and after moving to the UK I've
spent a lot of time investigating why I'm getting an insane amount of packet
loss. I'm talking 30% on weekend evenings.

Long story short, a flatmate was uploading data all day without noticing, the
ISP's traffic management kicked in, limited our bandwidth, buffers aren't
infinite so packets get dropped [1].

As someone said in a similar thread, this may be the reason for ISPs to drop
traffic metering and upload quotas, but I somehow doubt this'll happen.

\--

1: I've fixed it by limiting the upload quota and bandwidth on my OpenWRT
router for that user. I guess I'll have to enable this rule for all other
Windows 10 users in my house now.

~~~
tomjhill
A huge number of people in the UK are on BT's cheapest package, you get a 38mb
FTTC connection and a 20gb cap. These are the sort of people who won't even
know that a feature like this could even exist, talk about be switched off! I
think it's almost criminal that 20gb capped Internet can be advertised as
being suitable for a family home in 2015.

------
analog31
Regarding all of the issues surrounding Windows 10, could somebody create a
little app that lets us turn off the objectionable features? I realize it can
all be done in the settings, but an app could include some explanatory info,
and also serve as a way of documenting all of the issues in one place.

~~~
corndoge
At the point where you find yourself writing an application whose sole task is
to disable intrusive settings in your OS, perhaps you should consider
switching to a different OS.

~~~
analog31
The obstacles are almost comical. Okay, they're completely comical. Only one
computer in the house is compatible with Windows 10 anyway, and my 12 year old
son is ecstatic about it -- I think just because it's new and he's curious.
Also, I was optimistic about it until I read all of the recent stuff. He would
never forgive me for switching that computer to Linux. My plan is to do the
Windows upgrade, let him play with it until he gets bored, then install Linux.

My only misgiving is that I love the touch screen, so I have to look into what
kind of touch screen functionality I can get under Linux.

~~~
LoSboccacc
Kind of working for specific app if wacom, hellish path of sorrow if n-trig
(depending on hw version)

------
_stephan
What's the motivation behind this? It can't really be bandwidth cost savings
for distributing updates, right? At least, I can't imagine that the savings
outweigh the predictably bad press and the additionally required customer
support.

------
cabirum
I guess this will be downvoted, but still:

\- If the p2p feature was opt-in, no-one would have enabled it; but the
technology _needs_ most users to have it enabled to operate optimally. And I
don't see how it could be done without enabling it by default.

\- Since (mostly) everyone has it enabled by default, no peer will have a
disproportionate amount of upload traffic.

\- It makes sense to download a Service Pack (read: any big update) once and
have it sent to all PCs on the LAN automatically.

\- It's not enabled on metered connections and won't compete for bandwidth
with other apps. It can be switched to operate only within LAN. It can be
disabled forever.

------
fffrad
I thought exaggeration was something reserved to CNN and other news outlet.
But here we are.

I think this is a real concern, and users should know what the PC is doing,
but half of HN post are about how we can share data among ourselves instead of
relying on central distributors.

Your next post should be about how WebRTC steals your bandwidth.

~~~
opnitro
See the difference is that you explicitly use WebRTC. Distributed systems are
great you decide to use them. Someone else turning it on for you is a little
dishonest.

~~~
drewcrawford
No you don't. You visit a website. The author of the website explicitly uses
WebRTC, not you.

~~~
opnitro
I suppose, but you're still making the choice to visit the website. I guess
you could design a site that secretly used webRTC to waste someone's
bandwidth, but: A) I don't think that has ever/will ever happen. B) Even if it
did, it would still be wrong.

------
Havoc
I don't particularly mind - I'm on a powerful fibre link anyway.

It does seem rather evil to make this opt-out rather than opt-in. Much in the
same way that I'm cool with people using my stuff - just have the decency to
ask first.

------
gruez
It was loading slow for me, so here's an archived version:
[https://archive.is/X9A3p](https://archive.is/X9A3p)

~~~
mahouse
It would load better if they had a P2P infrastructure like Windows 10's.

------
dogma1138
Oh boy whats the deal? P2P functionality was introduced in various means into
Windows since Windows XP with BITS. This means that machines gets update
faster especially in scenarios where bandwidth is limited or the connection is
spotty. You can opt-out, it doesn't touches your personal data, doesn't work
on metered connections, the updates can be pushed out for as long as they are
in cache (<30 days).

Updating 3-4 machines on the LAN is much quicker with Windows 10, SOHO
machines that aren't routed into the internet or are heavily firewalled can be
updated easily, and heck the vulnerability window for machines which weren't
connected to the internet is much smaller now since they can grab critical
updates without even being exposed to the internet which previously required
backporting or having enterprise update software (WSUS and the likes).

The conspiracy theories around it are also quite silly considering that MSFT
has complete control over the OS just as any other major OS vendor unless you
tinker with it yourself.

------
chrsstrm
Outside of the outrage over "borrowing" the bandwidth on my WAN connection
(which I agree is wrong to have on by default), how much of a help is this
feature for distributing updates over the LAN?

For example, I installed and fully updated Win 10 on my Surface. Soon I'll be
traveling to the bandwidth-deprived middle of nowhere to visit my family and
will likely be updating their systems to 10 while I'm there. If I connect my
Surface to their network, will the install and update process on their machine
automatically look for my Surface and pull updates from there, rather than
spend hours trying to download over a sub 3Mbps connection?

Having "PCs on my local network and PCs on the Internet" on by default is not
cool, but allowing "PCs on my local network" could be a huge help for
situations like this.

~~~
dogma1138
to some extent, not all updates work like this, and the updates live in your
cache only for a limited time (mostly dependent on the storage capacity).

Pretty much as long as the update can be uninstalled (usually 30 days or so)
the update package will be in your cache.

If the update package is compatible with the SKU of other machines in your
network (language, version, bitness etc.) then they might pull it from your
machine instead of the internet.

------
BoppreH
I'm trying to turn this option off, but the entire control panel freezes when
I click the relevant checkbox.

Windows 10 so far seems good, but what a bunch of terrible launch decisions.

------
rawnlq
Can someone do a quick back of the envelope calculation on how much bandwidth
this will actually eat up?

If it's on the order of tens of megabytes this is a lot of outrage over
nothing. You blow more than that loading a few youtube videos.

P2P is the future, don't try to fight it...

~~~
bitmapbrother
Of course it's the future. But, don't proactively turn it on without the
user's explicit consent.

------
Animats
You're not Microsoft's customer any more. You're their product.

~~~
marcosdumay
And it looks like Google treats their cattle better.

~~~
bitmapbrother
Google ain't charging you to play Solitaire at least.

~~~
Animats
Oh, I thought that was a joke. In Windows 10, Solitare has ads, and it costs
$10/year to turn the ads off.[1]

[1]
[http://www.wired.co.uk/news/archive/2015-07/30/windows-10-pa...](http://www.wired.co.uk/news/archive/2015-07/30/windows-10-paid-
ad-removal-solitaire)

------
eberfreitas
Is there a guide somewhere that shows me how to disable all these "features"
and make W10 as private, lean and fast as it can be?

------
alkonaut
So they made their updates p2p? Why weren't they already? Feels like a no-
brainer if you ask me. They need to be careful not to use my bandwidth in a
way that I would notice (so basically when idle) and I also feel it would be
appropriate to at least ask as there are some people who have data caps to
worry about. A connection may be through wifi but still to a capped mobile
broadband, such as when connecting to a smartphone. In such cases you often
have a limit you unlikely want to use for updates to others.

------
datalist
So it's about how updates are distributed? Would be interesting but the page
seems to be down ->
[http://sitemeer.com/#lauren.vortex.com/archive/001116.html](http://sitemeer.com/#lauren.vortex.com/archive/001116.html)

~~~
datalist
Thanks to gruez for the archive link.

While the approach chosen by Microsoft is not necessarily the "cleanest" I
still dont fully agree with the article.

She complains about the EU not already hoisting pitchforks for this rather
minor issue but at the same time completely ignores that Microsoft already got
pitchforked enough by the EU for things Google got easily away with.

But her disclaimer that she was consulting Google might explain that complaint
;).

~~~
dws
Lauren's credibility predates Google.

~~~
datalist
Whether she is or is not biased towards Google does not change the fact though
that Microsoft already got its fair share of pitchforking long before Google
and for issues Google (and Apple) got (and are still getting) easily away with
(vendor lock-in, browsers, default settings and so on).

------
JimmaDaRustla
My upload is uncapped, so I PERSONALLY have no issue with this.

------
PuffinBlue
This site was incredibly slow for me to connect to. Just in case the server
goes down here's the text of the article. I will remove this if requested.

Mirror for the ctrl+f folks

\----------------------------------

Windows 10's New Feature Steals Your Internet Bandwidth

A couple of days ago I discussed a number of privacy and other concerns with
Microsoft's new Windows 10, made available as a free upgrade for many existing
MS users:

Windows 10: A Potential Privacy Mess, and Worse:
[http://lauren.vortex.com/archive/001115.html](http://lauren.vortex.com/archive/001115.html)

The situation has only been getting worse since then. For example, it's been
noted that the Win10 setup sequence is rigged to try fool users into switching
to an MS browser, irrespective of their browser settings before they started
the upgrade:

Mozilla isn’t happy with Microsoft for changing how users change the default
web browser in Windows 10: [http://microsoft-news.com/mozilla-isnt-happy-with-
microsoft-...](http://microsoft-news.com/mozilla-isnt-happy-with-microsoft-
for-changing-how-users-change-the-default-web-browser-in-windows-10/)

Pretty bad. But we have even lower to go, as we've seen that by default,
Windows 10 actually steals bandwidth from your ISP connection so that
Microsoft can use your computer, and your connection, to send MS updates to
their other customers.

Huh? Say what?

Yep. It's a devious little feature called Windows Update Delivery
Optimization. It's enabled by default. For Enterprise and Education users, it
operates over the local LAN. For ordinary Home type users, Microsoft can send
their data update goodies to potentially any PC on the global Internet -- from
your PC, over your Internet connection. On your dime.

We could get into the pros and cons of local updates being staged between
local machines on a LAN as opposed to the outside Internet.

But as soon as MS decided that it's A-OK for them to use my Internet
connection to cut down on their bandwidth costs serving their other customers
-- without asking me for my specific permission first -- the situation blows
into the red zone immediately.

Microsoft makes the predictable excuses about this high-tech thievery.

There's a way you can turn it off. Yeah, buried down deep in the settings,
assuming you even know about it in the first place. MS claims they only use
your connection when it's "idle" by their definitions. Thanks a bunch.

Oh yes, and (how generous of them!) Microsoft notes that they won't steal
bandwidth this way from "metered" connections.

But here's the catch -- you have to manually indicate that a connection
shouldn't be used for MS' update delivery scheme. Otherwise, Microsoft has no
way to know if (for example) you're paying by the gigabyte or have a low
bandwidth cap.

Above all, the sheer arrogance of Microsoft to enable this bandwidth theft by
default is stunning.

I don't care if they want to move 1K or 1gig to their other happy users, I
want to damn well be asked permission first!

Obviously, this general category of peer-to-peer data transfer is used on the
Net in other contexts, such as torrents for example -- but that's something
you do voluntarily, of your own volition. Comcast uses the bandwidth of many
Comcast users to turn modems in people's homes into public Wi-Fi access
points. This has been highly controversial, but at least Comcast is typically
doing it over modems they supplied, and has claimed that they over-provision
the connection speeds to take this into account -- and don't apply that public
usage against home users' bandwidth caps.

But Microsoft didn't even bother with such rationalizations. They simply said
in essence: "Hey, you've got bandwidth, so we're gonna use it however we
please unless you tell us differently. Suckers!"

If you're running Windows 10, you may want to terminate this travesty.

The settings you need are buried down in:

START->Settings->Update & Security->Windows Update->Advanced options, under:
Choose how updates are delivered.

It's worth noting at this point that if Google had tried a stupid stunt like
this, there would likely already be EU commissioners running through the
streets of Brussels hoisting pitchforks and flaming torches, all yelling for
Google's blood.

For a while there, it was starting to look like there indeed was a new kind of
Microsoft coming into view, one that had evolved beyond the hubris that had so
long been Microsoft's single most defining characteristic.

As we can see, any such hopes are now ... Gone with the Win10.

\--Lauren-- I have consulted to Google, but I am not currently doing so. All
opinions expressed here are mine alone.

------
jrjrjrj4
Lol, site is down because of too many hits. Or up, but barely.

