Hacker News new | past | comments | ask | show | jobs | submit login
Microsoft's Software is Malware (gnu.org)
264 points by talles on Nov 24, 2015 | hide | past | web | favorite | 173 comments



> "Microsoft cut off security fixes for Windows XP, except to some big users that pay exorbitantly."

XP has had longer support than any Linux distro out there (aside the rolling release ones, but that's a little different).

I know this submission is intended to be biased, and I do honestly favour Linux over Windows anyway. But surely FUD like the above is so painfully transparent that it only undermines the credibility of the larger argument?


As the FSF clarifies a few sentences later, their criticism centers around the fact that those users are dependent on Microsoft. When support ends for an old version of a free software distribution, users have the ability to hire someone else to maintain it. They often don't, however, because it's usually cheaper to upgrade to the latest version, and free software operating systems don't have the ratcheting oppressive privacy and security implications that Windows 10 comes with.

I do think, though, that it's a valid counter argument to say that users knew (or should have known) the kind of deal they where making with Microsoft when they bought Windows XP. Instead of criticizing Microsoft, they should be pointing out that free software operating systems typically are much more friendly and respectful of the user's rights, even rights beyond being able to modify that operating system.

The FSF has always had a problem explaining to the average user why they should care about the ability to modify their own software when they lack the expertise to do so; Windows 10 is providing a practical example.


> When support ends for an old version of a free software distribution, users have the ability to hire someone else to maintain it.

This is the exception rather than the rule (speaking in general terms)

You can pay someone else to isolate and secure your XP installation as well (for the minimum amount of stuff you need in there). Put it in a VM, behind a firewall, secure it, prevent unknown services from running in it, etc.


> You can pay someone else to isolate and secure your XP installation as well (for the minimum amount of stuff you need in there). Put it in a VM, behind a firewall, secure it, prevent unknown services from running in it, etc.

Of course, you can also pay someone to do the same for a free software OS. You might even have more options for safely isolating it. I suspect the main point is that you have options, e.g. you don't simply have to isolate it (that may not work depending on how you use the software), you could also maintain / fork it.

In theory, with enough money, I'm sure you could also pay MS to maintain it for you or (as I've seen done once or twice in the business world) simply buy out the company and have them support it, but it seems like the cash barrier required to getting those things done could be lower than self-supporting the software in many circumstances.


> you could also maintain / fork it

That's true. However, for the majority of cases, it's not worth it.

You theoretically could have an old version of Red Hat running and then self-support there, but I believe the answer is probably something similar to what would be done with Windows XP. Even if what you need to run there is Free Software. Easier and probably more feasible, true. Still, very unlikely.

The last option you pointed out is a possibility as well and it happens, however it's usually a way of throwing a lot of money for very little gain


It's really not clear who this is addressing. Anyone with technical knowledge will learn nothing from this rather shrill and superficial commentary. Anyone else will either not understand, not care, or simply never end up on the site anyway.

Frankly it reads like it was written by an angry teenager getting mad at The Man for his injustice. If I were trying to convince anyone to use Linux, I would actively discourage them from reading this.


In almost any other context the content being delivered here would be considered a "hit piece".

I'm a bit miffed. The choir is already converted, so to speak, so this is not the intended audience, others, non converts, would mostly be put off by the over the top style and rhetoric.

Moreover, the article focuses on one vendor when other vendors follow similar policies but those aren't visited in the article.

So.... What gives?


It focuses on one vendor because Windows is an OS, and there are few of those easily available to the general public.

It also focuses on Windows because the article is about Windows. :)


Lets not forget that Windows XP is a commercial product, for which people paid money and that was the only reasonable choice for about 8 years, the gap between the release of XP and that of Windows 7 (Vista was a flop due to poor drivers).

In these 8 years a lot of companies and individuals bought computers and then stayed on XP because (1) Windows upgrades cost money, (2) compatibility issues and (3) fear of upgrades (Microsoft never educated its users to upgrade, quite the contrary, they've made Windows users fear upgrades because of their fuck-ups with Windows ME or Vista).

Windows XP reached end of life on April 8, 2014, with people being stuck on it without a migration path. Nowadays 5 year old desktops and laptops are often good enough and don't need to be replaced. If you had a company with dozens or hundreds of computers, what would you do? Would you pay $120 before taxes for the Home edition or $199 before taxes for Pro, per computer? Would you try to negotiate better terms maybe? Or would you stay on XP because it works? The offer for a 1-year free upgrade for Windows 10 is not valid for XP and Vista.

And yes, Microsoft supported XP for 12 years. That's 4 years after those 8 years in which XP was the only choice. That's hardly an accomplishment.

They still have users on XP. For those users they have an ethical responsibility to provide security fixes, or a cheap migration path (why is the upgrade to Windows 10 not valid for XP?), or the source code such that they can fix problems by themselves.


The fact that you paid for windows bundled with your laptop at discount 14 years ago does not entitle you to a lifetime of free support. Big companies get XP support at great cost, because support is very expensive.

As you said yourself, Windows is a commercial product - you get what you pay for. Microsoft don't really owe anybody anything beyond what they get paid to do - the only reason they kept XP support for so long is that to do otherwise would be a PR nightmare, all their big customers would be angry and all the regular folks would have machines (even more) full of malware.


I think it's a bit selective to exclude Vista's timeline from XP's concurrency just to make a point. But even that aside, 4 years of concurrency is still pretty good compared to most other Linux distributions. Ubuntu Desktop's long term support (LTS) is only 3 years and that's one of the better supported Linux desktops. Granted Ubuntu Server LTS is 5 years, but then we'd have to compare Linux with Server 2003 to be completely fair.

The only real complaint I have against Windows' support is that it's update utility, "Windows Update", makes the whole process unnecessarily painful compared to the most Linux package managers.

Just as an aside, Windows Home (which you mentioned the cost of compared to Pro) wouldn't be an option for many businesses because you can't join Home editions of Windows to a Windows domain.


"In previous releases, a Long Term Support (LTS) version had 3 years support on Ubuntu (Desktop) and 5 years on Ubuntu Server. Starting with Ubuntu 12.04 LTS, both versions will receive 5 years support." https://wiki.ubuntu.com/LTS


Vista was a flop because of OEM marketing inadequate hardware as supporting it.

I had a reasonably competent machine, and Vista worked great on it from the day I switched (summer '07, only a few months after it released).

Making the comments others have said about your choice to exclude Vista as a viable option even stronger.


On most metrics of performance Vista was a big downgrade from XP, regardless of your hardware.


Cheap is relative... for a computer purchased 4 years ago, for under $1k a $200 software upgrade is a pretty cheap migration path.


If you distribute that cost over several years, then it may not look so expensive, but the problem is many people may not be capable of such an upfront cost and the perceived benefits of the upgrade (e.g. security patches, newer IExplorer) are seemingly minimal.


I think it misses the point entirely. Being able to define MS software as malware won't make users stop using it.

Even if Windows was way worse than it is now people would still use it.

Also I believe the two distros that have a shot at part of the Windows user base(Ubuntu and Steam OS) could also be defined as malware.

What has to be taken in mind is that FSF is about ideals. Which may explain why they put so much emphasis on concepts as opposed to practical matters.


They do clarify that it is only "wrong" because the proprietary nature of the OS means that third parties can't carry on supporting users after official support ends. Still pretty shaky reasoning, in my opinion.


I agree with you but I think there argument would be that you could maintain the software "yourself" or hire someone to do so; presumably not at exorbitantly high rates.


Also Microsoft have been fairly laid back about the "Registry hack enables free Windows XP security updates until 2019" stuff


Hold on a second. You can't just claim XP had longer support except for all those "continually updated OSes" and still have a point left! The submission is not FUD, if it is then please point to any fact it gets wrong.

Why are there are so many defensive anti GNU comments here? Do these actual facts that correctly paint Microsoft in a bad light really upset that many Microsoft users / workers / proprietary software proponents?

Also, what is with legitimate comments being ghosted on this site?


> Hold on a second. You can't just claim XP had longer support except for all those "continually updated OSes" and still have a point left!

Rolling release distros are a different ball game entirely. If you take a copy of Windows 7 you can install every update from the initial release to present day. It might take you a while, but you could do it. Equally with your standard release cycle Linux distros, you could take a 3 year old copy of Ubuntu LTS (for example) and bring it bang up to date. However if you took a 3 year old image of a rolling release distro, you'd find it hugely more difficult to update (if at all possible).

Rolling release distros don't have a set end of life date because they're always incrementally reaching end of life. Particularly as breaking changes become old and unsupported (eg try taking an Arch Linux ISO before the filesystem, glibc and systemd packages and watch just how poorly that ISO updates). So something being "rolling release" doesn't mean it doesn't have an end of life - it just means you don't have to perform OS release upgrades.

> Why are there are so many defensive anti GNU comments here? Do these actual facts that correctly paint Microsoft in a bad light really upset that many Microsoft users / workers / proprietary software proponents?

Why do some people think you must be a fanboy or an employee to defend a product? If you want my honest personal opinion: I hate Windows. Absolutely despise it. Please bare in mind this is just my personal opinion, but I just cannot fathom it's maze of confusing windows, I don't like that it's command line is crippled and that Powershell is about as succinct as War And Peace. I hate the lack of a proper package manager (I could write a novel on how much I hate Windows Update). I hate the poor support for nix networking protocols. I hate the outdated file system support. I don't even find it aesthetically attractive. So there really isn't much I like about Windows.

At work I run Linux and manage Linux and Solaris servers (I'm devops) and at home I run Linux and FreeBSD. I don't own nor run a single Windows system and haven't done so in any serious capacity since the early days XP. I really couldn't be any further from the "pro-Microsoft" pigeon-hole you presumed.

I know there are people who feel the same way about Linux, and that's fine. I wouldn't want a Linux monopoly any more than I'd want a Windows monopoly. And I'm certainly not going to accuse those people of being Microsoft employees :P I just believe in being objective because nothing is perfect and we can't improve things if we look at everything with rose-tinted glasses.

> Also, what is with legitimate comments being ghosted on this site?

Most of the comments that have ghosted are because they were complaining that the article was factual thus couldn't be FUD. But that misses the point of what FUD is. FUD doesn't have to be a lie, it can also be a heavily biased fact that casts the opposition in an unfairly bad light. I personally felt the Windows XP support argument was one example of that; it was factually accurate but conveniently overlooks Linuxes similar issues of long term support

I do have a great deal of respect for GNU and RMS, but that doesn't mean I have to agree with everything posted in their name.


Demonstrate then how it is incorrect.


They are not baised, they are views and opinions. It's like saying Richard Stallman is baised toward Richard Stallman... while those are his views and thoughts...


I personally think that if the users are too dumb and lazy to upgrade themselves to better alternatives (either Windows 8/10 or Linux distros), then you can't blame Microsoft for billing on their slumber. In fairness, even Red Hat might be doing the same thing to their RHEL clients who are "locked" into it and can't move on to Ubuntu or something.


It's not that simple, unfortunately.

For run-of-the-mill desktop usage, i.e. Office stuff, eMail, Internet access, yes, not upgrading is either lazy or stupid.

But there are quite a few companies out there who have built applications that are critical to their operations and which do not run on versions of Windows more recent than XP. To be fair, that is just as big a problem, relying on proprietary APIs without even thinking of an upgrade path. It's not like Microsoft ending support for XP came as a total surprise nobody could have foreseen.

But sometimes, for example in industrial automation, once an installation has been certified, you cannot simply upgrade to a newer version of Windows. If the automation software does not run on newer versions of Windows (and it's an all-Windows game, as far as I can tell), upgrading means you also have to newer automation software, which means spending tons of money and then spending tons more for reprogramming the whole thing. Some automation engineers at the company where I work still have to deal with DOS for a few installations (at least on DOS, the lack of security updates is not an issue, but getting it to run on newer hardware is hard if not impossible, and keeping aging hardware going is a nightmare).


I work for one of these large companies. Legacy software does play a role. But I think most of the delays have to do with the state of lethargy of the IT dept. I work in a part of the organisation where IT doesn't even have a plan to upgrade us from Windows XP.


Okay, that is bad.

Microsoft made their schedule for ending XP support public years before it actually happened, and, say, three years should be enough even for a large company.

And even if one has to support legacy software, eventually hardware support becomes an issue as older devices start dying.

If upper management vetoes a migration/upgrade for cost reasons, that is one thing, but not having a plan at all is... kind of frightening.


Agreed.

Any company that was paying attention knew that they had a migration problem as soon as Vista appeared in beta. That was 10 years ago.

"After Longhorn was named Windows Vista in July 2005, an unprecedented beta-test program was started, involving hundreds of thousands of volunteers and companies. In September of that year, Microsoft started releasing regular Community Technology Previews (CTP) to beta testers from July 2005 to February 2006." https://en.wikipedia.org/wiki/Windows_Vista

For comparison, that was before Twitter was founded (March 21, 2006) and before Facebook was opened to public access (September 26, 2006).


To get access to patches from Red Hat you have to purchase an annual service agreement, for a two socket box it's around $300.

If you bought a copy of Windows XP at release it likely cost you around that much and patches and fixes were available to you for fourteen years at no further cost. The equivalent from Red Hat would have run $4200.


Redhat is also only intended for enterprise use (unlike windows XP). You should be comparing redhat to windows server if you want a valid comparison.

In addition, with redhat you get excellent support included (that's what you are really paying for). No such luck with microsoft, you just get crappy bottom tier tech support.

Finally, if you don't like paying redhat switch to centos. Free and no support.


Or you pay someone else for support. I don't know how many options are out there but where I work, we have Oracle Linux (which is basically RHEL) and get support through Oracle.


While this is true, you're comparing a desktop OS to an enterprise OS. You're mostly paying for support from Red Hat for that $4200 price tag, something you definitely don't get with a retail copy of XP.


Actually the $350/year price does not include support. If you want support during normal business hours you're looking at $799/year and for 24 hour support it's $1299/year.

The only thing you get at the low price point is access to patches, ISOs, and their KB/bug tracker.


It's not FUD. Your comment is FUD. The fact is that MS has well tested security patches sitting on their hard drives for software used by lots of people, which they are only selling for prices so high that 99.9% of people won't get it. That is completely different than deciding not to write the patches. And it's also just pointing out another instance of proprietary software and why it's bad, which if that is fud, well the core of linux and gnu are fud too.


> MS has well tested security patches

How do you know this? I find it likely that they tested them for the specific use cases of the 0.1% who are actually going to receive the patches, since they are providing a specialized solution.

> And it's also just pointing out another instance of proprietary software and why it's bad, which if that is fud, well the core of linux and gnu are fud too.

You can want to use free software for some things without thinking proprietary software is bad for everything.


> use cases of the 0.1% who are actually going to receive the patches

It seems highly unlikely. They are not writing custom ordered security patches. They are selling general security support to whoever can afford it.


How exactly does a factual statement, "Microsoft cut off security fixes for Windows XP, except to some big users that pay exorbitantly," cause Fear, Uncertainty, or Doubt?

Are you really uncertain about whether Microsoft will EOL your current Windows version, or what that will mean for legitimate businesses who need it to continue to function?

If you don't want to hear what the FSF has to say, that's fine. But their statements are carefully worded in the hopes we can have a calm, logical discussion about the issue -- user freedom has become impossible with Microsoft's latest OS.

This submission is not intended to be biased.


It is FUD because of the implication that there are competitors who do support their operating systems for more than 15 years without requiring expensive support contracts.


It's all true and yet not true at the same time. Each item on the list has valid business requirements and is needed.

For example, the backdoors are required by government, and Microsoft is not above the government and cannot really refuse if it is a legal requirement for national security. They're not exactly designed as backdoors either - mandatory security updates are necessary to prevent the spread of botnets. There is a valid argument that users should not be allowed to stop these essential security updates. Unfortunately, there are far more changes than only security updates.

DRM is pretty much required for Microsoft to be able to get into distributing media for a fee. The same applies to a lot of the rest - it's all for being competitive in a world where Apple and Google are doing the same thing.

However, that they are all legitimate doesn't actually change that it really is malware at the end of the day and this page is pretty much true.


Each item on the list has valid business requirements and is needed.

So, the Yuppie Nuremberg Defense? [0]

Regular malware-malare has a valid business reason for showing you ads and exfiltrating private data too. It's harder to defend because it isn't bundled with a featureset the user also likes. But nobody downloaded BonziBUDDY or hot screensaver packs because they wanted the ads.

[0] http://www.imdb.com/title/tt0427944/quotes?item=qt0418062



if it is a legal requirement for national security.

Is it legally required?


If it was, are you sure they would be allowed to tell you?


So let me get this straight... you think that a legal requirement should be secret?


It's pretty clear that there was no statement of personal opinion on the morality of the national security directives contained in that post.

Edit: clarity


I don't think that at all - where did you get that? I'm referring to national security letters, which any regular reader of HN should know about and which require you to hand over information like this and keep it a secret. If Microsoft had government mandated backdoors, there's a good chance they'd be required to keep the intentions hush-hush as well.


Weren't NSLs found unconstitutional?


Possibly - not sure which cases have dealt specifically with national security letters and which have dealt with other aspects of the related programs. However there have definitely been cases which the government lost initially and then won on appeal, and as I've discussed on here before, I'm not convinced that inherently secret agencies will actually not do illegal things once they lose the case. They may still send letters to intimidate people and just won't be able to enforce it so easily. So the concept is still relevant IMO. We can't assume companies are allowed to disclose such backdoors if they exist.


Not should be, is. Stating what one thinks reality is like is not the same as making a moral statement about that reality.


> Each item on the list has valid business requirements and is needed.

Is that why Linux and FreeBSD both do the same thing?


"Microsoft cut off security fixes for Windows XP, except to some big users that pay exorbitantly. (...)

A person or company has the right to cease to work on a particular program; the wrong here is Microsoft does this after having made the users dependent on Microsoft, because they are not free to ask anyone else to work on the program for them."

Microsoft did not make anybody dependent on them, and should have zero obligation to open source Windows XP. There are thriving alternatives to Windows like OS X, Android, Chrome OS, and iOS that XP users could have moved to in the last 14 years.


The argument is that by having users at all you're creating dependence. After all, if you've written a business critical application to the Windows API, you're not easily going to move to any of those options.


That's true, but those same businesses could have more easily moved to a newer version of Windows. It seems like an irresponsible business strategy to have your critical applications rely on a 14 year old operating system.

Microsoft releases new versions of Windows just about every 3 years. Businesses shouldn't be surprised that Microsoft has moved on.


I think the problem is that they won't allow anyone else to continue working on it


Technically they are not preventing you from working on it, they are just not making it easy by open sourcing it. Personally, I would like to modify my OS and contribute the changes under a liberal license such as MIT but the terms of GPL can make it tricky. However it will be wrong of me to go around demanding older phased out Linux distros to be re-licensed under a more liberal license.


You won't be able to distribute your fixes (because they contain MSFT copyright protected code), reverse engineering the binaries and even the API might be a violation of the DMCA, and you will not be able to update system files from within the system it self. So yes they kinda preventing you from working on it, at least for the benefit of anyone besides your own intellectual curiosity.

That said I don't see any problem with MSFT dropping support for XP, they supported it much longer than any software by any vendor closed or open sourced.

GL getting support for RHEL 10 years down the line if you haven't upgraded your OS, and Linux from 10-15 years ago has as much in common with Linux today as Windows XP has with Windows 10.


> Technically they are not preventing you from working on it, they are just not making it easy by open sourcing it.

Technically, they are preventing you from legally doing most work on it, since (in the US, at least) creating (not just distributing) a derivative work is an exclusive right under copyright for which they do not license you.


That's only a problem if Microsoft promised or implied XP would be updated indefinitely. Is that the case?


Not that I agree, but the FSF's issue with non-free software does not seem to be purely based on those who sell proprietary software lying (or being unclear) about the limitations, but at least partially on the fact that they even offer such "raw deals" to begin with.


Given that Microsoft has long published the support lifecycles for its major products, and that those support lifecycles are often guaranteed (as much as anything in the commercial world can be) many years into the future, any criticism on this score just feels like bad faith.

The alternative is to take your chances with free software where outside of any commercial support agreement with a specific provider you generally have no actionable guarantees of any kind that your support will last as far as the time your installation completes.


Yes, you're right, in the end is the users fault as they didn't foresee those consequences and some didn't even made migration plans, even when stated clearly.

You can even argue that all of the things there end up being the users fault as they choose so for convenience.


No.. but one could think so seeing how they postponed the end of life so many times :)


That’s what ReactOS is for: https://reactos.org/


Or, you know, any of the several Windows releases since XP.


All of this is true, but where is the equivalent attack on Google, whose software is essentially entirely designed to spy on you. Isn't that also Malware? Or is this sort of malware ok because it runs the Linux kernel?

I really want to support GNU and FSF but they seem to be constantly fighting some 20 year stale war against a company that is in many ways way more open than Google, Facebook, and Apple.


In the meantime, the EFF is actually fighting for your freedom and right to not be spied on. Consider donating to them. I switched my monthly donation to the FSF to the EFF instead many years ago as I feel they're doing more to help keep society free than the FSF.


If you care about software freedom, do donate to fsf. eff leaves that to fsf and they already have 50x more funding. Of course eff also has much broader and less well defined goals of things like "internet freedom."


They didn't post this to hacker news, it's /an/ article on their site thats been there for quite a while, and yes they call out Google elsewhere. For example http://www.gnu.org/philosophy/android-and-users-freedom.html. gnu.org != whatever some random user posted on hacker news today. Try thinking a little before posting.


I don't think the author is saying 'Microsoft is bad - everyone swap to Google and Apple!'. This is from GNU. The author is saying Microsoft is bad, and since most of these points probably apply to Apple and Google too, the author would probably say that Apple and Google are bad too.

Either way it's kind of irrelevant. "He shot my dog!" "Not an issue, other people are shooting dogs all the time."

Other people being at fault does not absolve you of fault.



One more thing, Microsoft is a hypocrite. Microsoft employed a number of marketing campaigns to smear Google. They even went so far as to hire Mark Penn, a political smear campaign hitman, to carry out their plans. Now that we know all of the nefarious activities Microsoft has been up to and tried to conceal from the press their actions are even more despicable. From breaking into their users accounts and rifling through their documents, giving the NSA full access to Skype, online storage and email and the spyware infected Windows 10 that they're now trying to impose on people unwillingly.

As for your question, it's better to attack a hypocrite that claimed to champion privacy when in reality they did just the opposite.


What hypocrisy are you referencing? I'm not really questioning the veracity of your list of items, to be clear. I just don't see anything that fits the definition of hypocrisy.


The hypocrisy is that Microsoft wants us to remember that we're getting Scroogled, but ignore that they are just as bad for privacy. Personally I don't care about hypocrisy; people can flip flop all the time, and maybe it indicates a flexible mind that updates based on new evidence.

What bothers me is the dishonest implication that Microsoft is good for privacy, and that the anxiety they wish to arouse for Google shouldn't be placed back on Microsoft.


Microsoft accused Google of spying on you and invading your privacy in a number of failed PR campaigns. It was then discovered that not only was Microsoft spying on you, but they took it to the next level with their links with the NSA, their invasion of a user's email and storage accounts and the built in spyware embedded into Windows 10.


[flagged]


Accusing other users of astroturfing or shilling without evidence is a breach of civility that is not allowed on HN, so please don't do it. If you're concerned about possible astroturfing, email hn@ycombinator.com instead and we'll look into it.

We take the question seriously and have banned accounts for astroturfing in the past. Alas, what's far more common is commenters lobbing the accusation merely to attack someone they disagree with, and that's emphatically not allowed here.

Also, some of your other comments have been outright uncivil. We ban accounts for doing that, so please re-read the site guidelines and stop doing that.

https://news.ycombinator.com/newsguidelines.html

https://news.ycombinator.com/newswelcome.html


Why don't you point out the spy software on the Android Open Source Project?


how about you point out the phone that runs AOSP without driver blobs/google services blobs.


Without any Google blobs any smartphone without Google services.

And, as far as I know, binary blobs for bootloader ate not made by Google


I'm not a fan of pretty much anything on this list, but I do think the thing about phasing out Windows XP does stand apart. I don't know exactly how long you should expect an OS to be supported, but I feel like 12 years falls somewhere on the right side of that line.

They add the following disclaimer about that:

> A person or company has the right to cease to work on a particular program; the wrong here is Microsoft does this after having made the users dependent on Microsoft, because they are not free to ask anyone else to work on the program for them.

which if that is the case, means the whole spiel at the beginning about non-free software not automatically being malware in the FSF's eyes pretty empty if "non-free software not supported forever" is malware.


Nice pacemaker you have there, unfortunately, we've ceased supporting the software, and you are too old for a new one to be implanted, so it might break or get hacked and you'll die. How long would you expect us to support it?! And obviously we can't give away our intellectual property!

https://www.softwarefreedom.org/news/2010/jul/21/software-de...


Strawman much? Windows XP /= pacemaker. Just because I disagree with this line of reasoning for Windows XP, doesn't mean I do for critical medical equipment.

Although XP is unfortunately used for some other medical equipment. However I think the problem there was using a consumer desktop operating system as an integral part of a medical device in the beginning.


Honestly I think hn, and generally internet commenting sucks because it's mostly all arguments. 1 person says something in a blog/article, 90% of top hn comments are criticism & counter argument, 95% of replies are arguments against the parent, on and on and on.

It wasn't an argument that your comment was wrong, so it wasn't a strawman, it was just an example of something. And then you later go on to agree with me that should be supported because it's proprietary and no one else can support it is subjective and changes based on the use case, eg. medical equipment which runs xp.


"Malware means software designed to function in ways that mistreat or harm the user."

Some days I'm pretty sure bash is malware, too.


Especially older unpatched versions of bash with the auto-execution of functions inside environmental variables.


+1


Hmm, I agree with the some of the points on this page but the language used is incredibly childish, "Microsoft Tyrants" and "Microsoft Sabotage"....

I think there are better ways to educate and spread this message. Whoever wrote this page is a bit too emotionally vested imo.


It's preaching to the choir in the guise of persuasive writing. Almost literally, given the religious nature of the gnu belief system.


I like the FSF. I like the fact that RMS exists.

I love open source software, and I even like the GPL a fair amount.

Do I think this goes too far? Absolutely. The Free Software position is that the benefits of Free (libre) software outweigh all of the disadvantages, so anyone who chooses proprietary software has already made a big mistake.

Given that the mistake has been made, there's no particular advantage in castigating the manufacturer of that software for living up to the FSF's predictions. It's not a surprise, and the FSF is much better off pointing out that, sure, enough, they told you so, and it happened. Make a better choice next time. Here are some alternatives to help you out.

This is a tactical mistake.


You like the FSF? Point #1 fsf makes is that proprietary = wrong/bad/malware, period. Malware is mostly just a synonym. So if point #1 is too far, you really don't get it.


You can appreciate the FSF and Stallman without agreeing with everything they say. I think they did a lot to put open source on the map, and make us aware of the dangers with closed source software in certain areas, even if I think that their stance is overzealous.


> they did a lot to put open source on the map

Nope nope nope. They've publicly been the biggest voice to erase "open source" from the map since it was coined. All while acknowledging that it has mostly the same goals as the free software movement. http://www.gnu.org/philosophy/open-source-misses-the-point.e...


The unfortunate thing about gnu and the fsf is that they think connotation management and "clever" wordplay are effective marketing strategies.


"Open source" was designed for the sole purpose of being "clever" wordplay and an effective marketing strategy, so you really can't blame fsf on that one.

Words matter. See "pro life" vs "pro choice", see "terrorist" vs "criminal" see "migrant" vs "alleged refuge", etc. etc.

The tech press are mouthpieces for the big corporations, and all of the big corporations do not want free software messing with their profits, so they use and coin words which align with their interests. It's perfectly natural for fsf to use different words.


I'm aware of their thoughts on the distinction between open and free software. However these are (a) lost on most people involved in open source and (b) largely irrelevant as far as the FSF's projects being a large part of GNU/Linux, one of the most widely used open source/free software projects, or their dedication to seeing some key legal questions that affect both open source and free software play out in court.


This is false. E.g. they make perfectly clear that some software (e.g. games) are perfectly fine being proprietary and closed source.


Why? If ID showed one thing it is that you can safely publish your source code as long as the user still has to pay for the actual assets.


http://www.gnu.org/philosophy/android-and-users-freedom.en.h...

Stallman feels the same way about Facebook as well. He got mad at Berkeley when he came to speak and found out someone posted a Facebook event about him coming to campus to speak lol.

He also feels cloud computing endangers us because we aren't in full control or fully aware of the computations being done with our data.

(He told us this at a meeting in Berkeley back when I was in school)

So he has similar views on Google, Apple, Facebook but only Microsoft is being hated on here lol

His views are a little extreme. even if his points are valid they seem impractical given the computing paradigms and cultures of today.

Don't get me wrong I work at Microsoft in hybrid cloud storage in a team that's a startup that got acquired and I think not having the NT kernel under a GNU v2 license is sad. Any kernel imo should be open source but I don't want to get into a debate on this at least not today.

But I'm glad people like him still exist.


Stallman has the nasty little habit of being right in the long run. So even if his views may appear 'a little extreme' today give it a decade or two, you'll come around.


It's easy to be right in the long run. What's hard is doing the right things in the short run that will bring about that long term rightness.

Stallman is basically like Richard Altmayer from the Asimov short story "In a Good Cause—" [1].

[1] http://www.epubsbook.com/ScienceFiction/Asimov41/27354.html


I think RMS did plenty of things in the short run back in the day that brought about more than just a little bit of long term rightness and good. The fact that it's easy to discount him in the present while he's still working away at moving the needle, not just for the day after tomorrow but also for tomorrow itself is quite special. Anybody else with a track-record like that would probably get a more receptive audience. Now if only he'd get his 'PR' to be as effective as his vision, that may make an even bigger difference.


He's been doing this stuff for around 30 years so far, and I don't see the evidence of him being exclusively right about anything very much. What have I missed?

Far from "coming around", the invention of "open source" was specifically a way of removing the moral tub-thumping "philosophically- and politically-focused" aspect of Free Software and the FSF. http://opensource.org/history

I think he's done a lot of good work on DRM and software patents in general, but a lot of people have had the same or similar worries without his involvement.


I had the opportunity to try Windows 10 last week. I was surprised to find that Windows now has pop-up advertisements for Office and Bing embedded in the OS itself that recur during day-to-day usage and cannot be dismissed. That seems wild to me. Also, contrary to opinions that I have heard on HN and elsewhere on the web, Windows 10 is typical poor quality Microsoft software, not one of the "good" Windows like XP and 7 were. For example, there are literally two control panels that are different: the classic control panel and a Settings tool (not a different view of the control panel but something completely different) that comes up when you search for various settings in the Start menu. The Start menu is super clunky and slow as well.


> I was surprised to find that Windows now has pop-up advertisements for Office and Bing embedded in the OS itself that recur during day-to-day usage and cannot be dismissed.

Where are these? I use Windows 10 at home and work, and what you're referring to doesn't ring a bell at all. I already have Office on both machines though, so that may explain one portion.


I confirm that Windows 10 shows advertisements to install Office. They appear as small popups in the notification area of the toolbar. This was on a fresh upgrade of a Windows 8 machine.

In task manager I found a running program (which I can't recall the exact name of but the purpose was obvious) that was for posting ads to install Office. I searched for the name and found instructions for uninstalling it.

I don't know if there are others or not. I only ran Windows 10 for a few hours to check it out.


Using Windows10 since launch, never ever had I've seen a single pop-up.

Are you sure you don't have malware?



Generally, I find that conspiracy theories only work on the sort of people who are gullible enough to believe in conspiracy theories....


> "In practice nonfree software is often malware, because the developer's awareness that the users would be powerless to fix any malicious functionalities tempts the developer to impose some"

I'm finding this claim from the article to be very true and it's a pity. Users are often powerless in fixing the software they bought, or the services they subscribed for, with the cost of switching to something else being often very significant. Users are also often uneducated or ignorant in what the software does, not realizing the long term consequences of their interactions with software.

And because users are often powerless or uneducated or ignorant, software developers feel empowered to move the boundaries, preferring to ask for forgiveness than for permission as they say, with current casualties being the loss of privacy and even the loss of freedom of speech. And then it isn't a wonder that intelligence agencies get a free pass to spy on everybody's communications, I mean if the software makers and the service providers are doing it themselves, the government would be stupid to not be a part of it, given that we've made it so easy.

I've always disagreed with Richard Stallman's stance on Free versus Nonfree software, preferring Open-Source instead and being relaxed about developing and using nonfree software. I've always said to myself that many companies are doing a good job and software developers have to eat, including myself. But some of FSF's arguments hold very true and it makes me wonder. Maybe Free Software is the only ethical choice.


When was this written? 2002? It feels archaic. Right down to the antique cvs $Id$ tag used for the file version at the bottom. It's like the open source version of some crufty enterprise legacy code.


I think the reason why people (who aren't already RMS fans) don't agree with some of his views is that he has not made a good moral argument against proprietary software. The writings[1] on the moral question fail to convince most people, who then reject other positions that build on that foundation. We see some of that whenever people link to his writings.

Even if people do not produce material objects, I think that products of labor especially those can be exchanged for material wealth do require legal protection. (Note that this is separate from Intellectual Property, as in simply thoughts and ideas)

If you want proprietary software to go away, you should pay people to write even more open source software and then give it away. You should not have an agenda that demonizes people trying to earn a living. Calling someones means of living as illegitimate/immoral/unethical is simply going to ensure that they never support you.

[1] http://www.gnu.org/philosophy/why-free.en.html


My biggest problem with the FSF's point of view is that they see these kind of eventualities as inevitable for all non-free software.

I would claim that there is not only room for non-free open source software sans abuse, but even closed source software. When it comes to something you want to use as a core foundation on which to build (whether you are building software, general business, academic work etc.) I completely understand how this is very likely to lead to you being exploited. This applies for example to an operating system, or a programming platform (JVM, .NET, etc.). But there are plenty of places where you can use closed source software that don't put you in such a disadvantageous position.

One example is non-required tooling like an IDE. If Jetbrains goes Dr. Evil on everyone tomorrow (though I guess some would argue their recent pricing model changes have done that), there is still Eclipse and plenty of room for someone else to break into that space. Changing IDEs isn't nothing, but it's not like I'd have to rewrite my code.

Another is various general XaaS offerings. If Heroku (or more likely Salesforce) goes off the deep end tomorrow, worst case is that I have to administer some servers myself. Again, I don't lose anything that I would have had before anyway.

The current trend is already building everything on top of open source infrastructure. Even the JVM and .NET are open source now, as are most other pieces of the development puzzle (Databases, libraries of all shapes and sizes, etc.). In fact, I don't think even a big player like Microsoft would have much luck trying to get people to invest in another closed source platform. So if we walk this line between open and closed software, what do we lose by using some replaceable closed source tools or services? That is one question I think the FSF doesn't have a good answer for.


> Changing IDEs isn't nothing, but it's not like I'd have to rewrite my code.

You'd have to rewrite any IDE code you've written, which isn't nothing (that pain is a good part of the reason why emacs is still stuck on elisp instead of Common Lisp).


And after reading that, let's take a deep breath and think about Android.

From my personal opinion, it's not better than and maybe worse : - Obligation of having a G+ account. Disable it is NOT straighforward at all and it will try to recreate himself often. - Personal content publicly uploaded/displayed in G+ account I had the bad surprise, and few friends also to see that the photos taken with my android phone were automatically published on my G+ account !

When you notify what it's visible, you are are afraid about what is not visible...


In Android you can deactive all phone home and cloud features, also most Android device manufactore add various apps that require no cloud connection at all. The same goes for iOS were it is even easier.

In contrary to Windows 10 were you can't deactivate several phone home and cloud features. Severals apps are only shipped as cloud-only. The Windows update is forced on you and cannot be deactivated. And to top it, every feature update (like Threshold 2) resets your personal privacy settings and more as it is basically a system upgrade that often also replaces device drivers. So Android, iOS, OSX and all other OS incl. Windows up to v8.1 are way better for the end user - as there they still have the choice and decide for themself.


It takes a lot more than cutting Google out of the OS to truly make it secure and private: https://blog.torproject.org/blog/mission-impossible-hardenin...

---

Report finds Android/iOS apps regularly 'spy on users' http://www.bbc.co.uk/news/technology-34732514

Researchers from the Massachusetts Institute of Technology (MIT), Harvard, and Carnegie-Mellon universities studied 110 apps available on Google Play and the Apple App Store. They found 73% of the Android apps shared users' email addresses, and 47% of the iOS apps shared location data. Android health app Drugs.com shared medical information - including words such as "herpes" - with five third-party domains, including doubleclick.net and googlesyndication.com. The research also found that 93% of the Android apps tested connected to the domain safemovedm.com

---

>In contrary to Windows 10 were you can't deactivate several phone home and cloud features.

Configure telemetry and other settings in your organization https://technet.microsoft.com/en-us/library/mt577208%28v=vs....

Spybot Anti-Beacon https://www.safer-networking.org/spybot-anti-beacon/

On any system, Microsoft says that Basic level telemetry doesn't send any identifiable information.


You can configure the Android firewall, done.

Win10 firewall especially has a hardcoded whitelist for Microsoft phone home IP address ranges and domains - how evil is that? You would have to patch the kernel mode network driver dll to make sure Win10 won't phone home, a software firewall would still have to rely on Microsofts kernel mode dll. And why would one trust them anymore - they were the first company that handed over their data (Hotmail/Outlook.com) as we learned last year (neither Apple nor Google cooperated). And I always thought Microsoft has a solid business and has no reason to rely on advertisement business and therefor label the user data as products, things have changed since Ballmer. Fact is Win10 on PC and mobile is impossible to secure without running it behind a hardware firewall (or Enterprise license) - and who is running around with a hardware firewall device connected to their phone/notebook?


So did you actually read any of the links?

> to make sure Win10 won't phone home

Windows 10 is "Windows as a Service" and is continuously updated from the web, based on telemetry. It also runs on smartphones and games consoles. It includes notifications, cloud (OnDrive) integration and an intelligent assistant (similar to Siri, Google Now and Alexa).


Sure. But have your read my comment? Your second paragraph is really comical as an answer. But thanks for listing all negative things that many don't want. Win7 has non of them or can be deactivated. Win7 is great.

The problem is Microsoft trust their metrics too much. Since Office XP and WinXP the collect usage statistics (which can be turned off in all of their software except Win10!). Of course most power users and companies turn them off, that's why we got Ribbon bars in Office and Windows, and weird UI designs - based on skewed statistics. Windows as a service is probably a tipping point for Microsoft, we will see how it goes. WinPhone7-10, XBoxOne and Win8x aren't very successful. A new CEO, a new head of PR & brands and a new head of user interface design would do wonders.


> Of course most power users and companies turn them off

Great way to make sure that your views and usage patterns don't contribute to the development of the software.....


Instead just /thinking/, try reading the rest of the gnu site, including the article on android: http://www.gnu.org/philosophy/android-and-users-freedom.html. Or you could buy a book which has most of the articles and had a new updated release a few months ago: http://shop.fsf.org/product/free-software-free-society-3-pap...


No, Android doesn't require a Google account.

Perhaps you're talking about Google services instead


Yes, let's talk about Android. First, let's try and get a few things correct before we talk about it.

1. There is no need for a Google+ account. Why you would say this makes me wonder if you even use the platform.

2. You don't even need a Google account and can use the phone without one.

3. Getting back to the Google+ account. If you don't want one or would like to delete your existing one then there's a simple way to do it.


Agreed However, as a lambda user, by buying an android phone and following the default "init procedure" you would have a G+ account without really asking it.. If you disable it, if you try to do something on YouTube, your G+ account will come back as herpes comes back...

The problem is not really what is possible to do but how much effort is needed to protect his privacy using google tools.


And, by the way, photo upload is opt in, it is disabled by default.

And public sharing us disabled by default.

If they have been uploaded and made public us because you did it.


I would say that the GUI related to that is sufficiently unclear for making you doing that without wanting it.

Moreover, If it was only me, I would say that I'm too stupid for understanding how it works but this happened to friends of mine also who are way too smart for doing that :)


Unclear? You have to enter in the setting and click a check box where it it clearly states that the pictures will be backed up.

But you're now changing the goalposts, facts are:

- There is no obligation of having a Google Plus account - Picture backup is disabled until you opt in - By default all the picture uploads are private


What amazes me is that people on HN still continue to rail against RMS and the FSF while blatantly showing their ignorance of the principles they both stand for, and often not even through logically sound arguments.

Personally, I understand the main reasons people have issues with this though, because very often they simply haven't actually taken the time to think of computing as a philosophical choice as well as a practical choice.

As the surveillance and control engine enlarges itself though, those who are more closely aligned with GPLv3-esque ways of computing will have more freedom and control over their systems than others who accept fuedal walled gardens will be, and it is at that point that the walled garden people will start to understand the real impact of what are often considered frivolous arguments like BSD vs GPL.

Enjoy your locked down BSD playstation/iBrain/iHome etc, I for one intend to stick with GNU/GPL, and the FSF, as much as possible. The reality is that we have been locked in so much though that this process takes time and should be started now and not later. For example, in my various workflow pipelines, I still have a handful of apache, mit, and bsd licensed programs, but I have at least dramatically reduced the number of them...

If you haven't taken the time to understand the differences between BSD and GPL you owe it to yourself, as I consider it foundational knowledge for modern computing, the same way I consider history foundational knowledge of current events.


I was just casually checking and looks like they have a page for Apple too..ha

http://www.gnu.org/philosophy/malware-apple.html



Spoke in person with Stallman. I asked him why he doesn't complain about server side code. His beef is with software we "own" being proprietary, so apparently server-side code isn't a big deal to him. It puts a huge dent in his logic, though, because if you follow his concerns to the end, then the internet in general is malware. Even if a site claims to be open-source, posting its code online, you can't know what version of the code it's running unless you're given access to the server. So, even if we use all open-source, free hardware, firmware, and local software, as soon as we connect to a remote site, it goes out the window.


I support the FSF financially (and sometimes using their licenses) but I think that this article is a little bit off in the criticisms about updates.

I use OS X, Ubuntu, and sometimes Windows 10.

I want security updates as often as they are released.

I don't often use my Windows 10 laptop but when I do the first thing I always do is to update the system and anti-virus definitions.

I also frequently check and update OS X and Ubuntu.

I happen to trust Apple and Microsoft to perform automatic updates, but that is my personal decision.


The BitLocker recovery key for the user’s device is automatically backed up online in the Microsoft OneDrive account.

Even if we trust MS, do we trust MS to keep these keys safe from outside hackers?


No this is why it's not the default setting it asks you if you want to do it. That said OneDrive content is encrypted, while the encryption is not perfect it's not going to be "hacked" as easily as one thinks, it's not stored in some global key repository just in your normal onedrive account which is by far more likely to be compromised due to your activity than Microsoft's.

BitLocker can fail, simple things like a UEFI/BIOS updates will cause it to fail, playing around with your boot loader or even boot order will cause it to fail, anything that will trigger the TPM will cause it to fail, sudden powerloss/crash can cause it to fail.

BitLocker is quite more reliable now but when I was using it with Widnows 7 about 4-5 years ago I had to use the recovery every 2-3 months usually so I had the key printout stored in my wallet this is probably quite less safe than storing the key in OneDrive.

Most people use encryption not to fight state level surveillance but to ensure that if they lose their devices or they get stolen they don't need to worry about all their accounts being compromised and their life being penetrated to a point where they need to worry about identity theft, fraud, and extortion. However FDE also puts you at risk for not being able to access the device when you need to, at like usual it will fail at the worst possible moment, the chance of losing all access to your device and data is a big hurdle which prevents people from using FDE and OneDrive-BitLocker integration kinda solves this quite well while still providing tamper resistance/detection.


I mean, the short answer is "no." But the longer answer is more complicated than that. Start off with the question of, is the consequences of not being able to access your device worse than the consequence of someone else getting unauthorized access to your device (or is it worse, controlling for the probability of each?) And then, is Microsoft's storage of those keys more or less secure than any alternative way you could back up those keys remotely? It's possible to both not trust Microsoft to store the keys safely and to make a rational decision to entrust the keys to Microsoft anyway.


"Windows 8 on “mobile devices” is a jail: it censors the user's choice of application programs."

I laughed. I don't think its their choice that the app store is horrific.


OP surely must have meant the Windows RT devices, which can only install apps from the windows store. Normal windows 8 devices can install anything they want.


However, in practice nonfree software is often malware, because the developer's awareness that the users would be powerless to fix any malicious functionalities tempts the developer to impose some.

Speaking as a professional software developer who typically does not write free software: [expletives inappropriate for HN deleted]

The allegation that any developer who does not share the FSF's views on the advantages or otherwise of free software is inherently more tempted to screw their users is not only wrong, it's offensive. I have never imposed any of the kinds of malware listed in this article on any user of any project I work on, nor would I be happy to do so in the future. This is more than can be said for several popular software products that also happen to be FOSS.

Also, the idea that Microsoft, or any other commercial software provider for that matter, should be responsible for supporting its software indefinitely, entirely at its own expense and regardless of context, is just silly. I think it is sensible to expect and if necessary legally require a basic level of support for commercial software products that were defective when first supplied, for some reasonable period that will probably vary greatly with context. In practice, actual regulation or legislation has rarely been necessary as most major software vendors have volunteered such support anyway, though the unwelcome trend is for this to change and so the regulatory/legal framework may need to change to match. However, Microsoft has, at least until recently, gone far beyond that industry norm in terms of long term support for its older software, and far beyond any major Free Software project. It might have been fair to say that Microsoft was the last very large software company that should be criticised on this score, but for their recent shifts in policy to much more user-hostile terms.


I think FSF could learn a lot from what Micah Lee is doing at the Intercept. He's been doing a bunch of articles that are a nice blend of why and how with a nice conversational feel.

In terms of outreach and informing new generations of users... I think adopting that style would be a big win. Even non-technical users have a multi-year investment in Windows, and in spite of all the polish of modern distros, the jump to FOSS is still a big one. Help people make it.

https://theintercept.com/2015/04/27/encrypting-laptop-like-m... https://theintercept.com/2015/09/16/getting-hacked-doesnt-ba...


I'm glad RMS has a platform. I even agree with the majority of the sentiments expressed. This list is too juvenile for my taste. The corresponding Apple hit-list is more toned down and not so acerbic. Free speech is important but for the sake of the cause I hope that some judicious edits will be made.


Many of the things on this list are more or less technical requirements. Forced security updates are required to stop the spread of botnets, for example. If you make security updates optional people will turn them off and you'll get botnets, ransomware, and DDOS flood epidemics. DDOS floods are a major threat to the open web, requiring web sites to cluster behind MITMing 'protection services' like CloudFlare.

I do agree about the privacy aspects, but unfortunately most users do not care about security or privacy and "most users" (the mainstream of the market) pays the bills. Until users care and vote with their wallets, companies will continue to disregard these things.


I think it is pretty fun to compare "Windows as a service" with actual "SaaS" (eg Google Docs). As a side note, I once mentioned how Win10 driver signing requires EV certs that are not sold to individuals, and remember this response: https://twitter.com/ericlaw/status/619309157791891456


The mandatory updates seem like a major problem.

One of the greatest benefits of purchasing software instead of using SAAS products is that you can keep using your purchased software regardless of changes the vendor may make in the future. If you're not free to reject updates, you've lost this advantage.


Informing NSA about bugs before fixing them is grand. This alone qualifies MS software as malware.


Note what the actual source for that says:

> Microsoft Corp., the world's largest software company, provides intelligence agencies with information about bugs in its popular software before it publicly releases a fix, according to two people familiar with the process.

The implication being made in the gnu page is that Microsoft delays fixing bugs so that the NSA can exploit them. The source article says something slightly different though, that they inform "various" agencies prior to the patches going live. I suspect the linux kernel devs do too, or Firefox, or any number of open source projects. I'd be more surprised if none of the people on the security lists for those groups don't have a list of agencies (both US and otherwise) they send bugs to .


MSFT notifies every large costumer of security issues sometimes months in advance, the NSA don't get an exploit just a notification that a security issue has been detected, some mitigating actions they can take, sometimes an IDS/IPS signature from MSFT partners and an expected date for the fix.

Smaller business costumers (pretty much any one with a TAM) will get notification before patches are released and in some cases will get the updates prior to the normal release window on "Patch Tuesday".

Microsoft isn't the only company that does that, you can't expect businesses with 1000's of machines to be able to roll out patches on a moments notice so they share information before it becomes a Zero-Day issue for their clients.


Just a reminder about why people still use xp:, earlier versions of windows supported a real time mode (sort of like the preempt rt Linux patches). This is needed in order to run some equipment but later versions of windows (post xp) have dropped support for it.


How can a user without computing background be sure that Linux is not what Microshaft Windoze is?


I wish Microsoft had a way to pay for Windows 10 so I can opt out of the ads, tracking.


I guess all of the internet is also malware. Neat.


The web possibly qualifies as malware (or at least malware-like) under several of the definitions provided by FSF:

surveillance: although this can be mitigated somewhat by turning off javascript, sites can be very aggressive about forcing you to reveal data about yourself, and making a site unusable unless you do. This data about you, your habits and identity can be used for marketing purposes you may not consent to.

DRM: you don't control the data you post to a site, can't necessarily change, update or remove it at will, and you're subject to arbitrary terms of service which may have the site assert ownership over user posted content.

sabotage: there is nothing you can do if an online service decides to close and take your data with it - you can't simply fork it. Sites can remove or monetize formerly free parts of their API and hold your data hostage.

jails: because the site itself runs on a remote server, you are limited to interacting with it through whatever API the site owners see fit. You cannot download it in its entirety, inspect the code, modify it for any purpose and redistribute it, unless it's entirely static. But, of course, as the code is on a remote server, there's no way to verify that either.


Even if what you said was true, and it's not, "well everyone else is doing it" is never an excuse.


I don't take a side in this statement.


This article is weak-minded propaganda.


PC Does What?

What an apropos marketing campaign.


This is way a Neo Nazi or KKK member would describe people of color, cherry picked 'facts' to build an absurd argument.


What's absurd about it? Which of the items presented are untrue, as suggested by your scare quotes around "facts"? Yes, the article is one-sided, but these are all real points of concern about the direction Windows is going in.


I'm a sysadmin, I deal with malware on a very regular basis, saying MS software is malware is an absurd statement. Equal to saying black people are all criminals and then quoting incarceration reports.


Cutely emotive comparison, but you have the power dynamic backwards.


Ahh, the circle of life continues.

RMS produces an opinion piece -> everyone denounces it as extremist -> some time passes -> something horrible happens that proves RMS was right (like the NSA disclosures) -> everyone freaks out at what's happening -> some more time passes -> RMS produces another opinion piece -> repeat


you forgot -> people show up in the thread and mock anyone who doesn't accept that RMS is, has always been, and will always be right about everything.


You'll have a hard time finding any believer in any religion who would admit to the biases in their beliefs.


We detached this subthread from https://news.ycombinator.com/item?id=10621576 and marked it off-topic.


Do the anti-GNU, anti-FOSS advocates of proprietary software ever see theirs? The facts presented in the submission are being largely dismissed without cause.


These things are dismissed because they are dismissible.

For example, the article says:

> Windows 10 sends identifiable information to Microsoft, even if a user turns off its Bing search and Cortana features, and activates the privacy-protection settings.

And links to an Ars Technica article. If you follow this link, you will find that it says nothing of the sort: Windows 10 doesn't send identifiable information to Microsoft as far as this article is concerned.

This is just yet another FOSS fan talking about things they seem to be to arrogant to even try to understand, towards a crowd they don't really know.


I read a few parts of the article and already saw this:

"For example, even with Cortana and searching the Web from the Start menu disabled, opening Start and typing will send a request to www.bing.com to request a file called threshold.appcache which appears to contain some Cortana information, even though Cortana is disabled. The request for this file appears to contain a random machine ID that persists across reboots."

and

"if Web searching and Cortana are disabled, we suspect that the inference that most people would make is that searching the Start menu wouldn't hit the Internet at all. But it does. The traffic could be innocuous, but the inclusion of a machine ID gives it a suspicious appearance."

That's as personally identifiable as you need when you have an identifier locked to the machine that is sent even across reboots. This is even more identifiable than an IP address, even for static IPs (since you can have multiple machines behind it).

Is that sufficient for the claim or do you still reject it? I'm most concerned that you hold anger at FOSS people's "arrogance" over complaints about a bad software package that many people are unfortunately hooked to.

Anti-FOSS advocates here in these comments are behaving poorly; a conclusion they don't like which is supported by facts that are referenced isn't being taken well.

Here's some examples of where it is going wrong in these comments: attacking the messenger, claiming things are false / unsupported when they are, trying to find any minor flaw in what was stated in order to discredit the whole thing, ignoring facts and misleading people about what the source actually says.

That's some nasty stuff. That's Us vs. Them stuff, not "yeah that is a concern, I'm upset about that too!"


It's a GUID (as far as I know) that is randomly generated every 30 minutes. I mean, if people think that's a serious privacy problem, then they shouldn't be using any Internet protocols at all. I mean, you yourself draw the IP address comparison, so where do you draw the line? I mean, doesn't it bother anyone from the so called "FOSS" people that cell phones regularly identify themselves to supporting towers?

(As a brief aside: I don't like calling the FSF supporters in this particular case FOSS people. FOSS is a broad field and not all of it are anti-commercial zealots)

So this leaves me with a problem of defining what "personally identifiable" is. If it's comparable with an IP address, then the argument is so watered down, it's a non-starter. If you say that sending a random 128-bit number into the Internet somehow severely violates my privacy and degrades the usefulness of the software, then it's wrong.

The reason why I call FSF zealots arrogant, is that they don't seem to ever consider the needs of users, but rather try to dictate them. They assume some moral and technical superiority and never consider the possibility that people are OK with the proprietary software's trade offs. I use Windows 10, OS X, and Adobe Creative Cloud among other things. Open source alternatives to those products (in my opinion) are shit. I really don't miss literally days of configuration -when I used to run Linux and FreeBSD machines exclusively 7 years ago- and still being in a constant state of subtle, changing brokenness.

But it is a logical thing. FOSS is a philosophy, and not a business. Expecting it to produce polished end-user products is wrong: it is very hard and people doing it would like to get paid regularly, thank you very much. But that's the economics of it. Look at Ubuntu: they start to move towards a more polished, more coherent product, they become less libre and more commercial. Should we criticize them for it? No.

So unless Windows 10 is tracking my bank transactions, I'm OK with it broadcasting a different GUID to the Internet now and again. If I'll get paranoid about my privacy, I will buy a rugged laptop, put OpenBSD on it and start living in the wilderness.

And if people really want to commit to FOSS, then they should focus on writing clear and good software under public domain or MIT license and stay away from the cheap, patronising, rms-inspired politics.


Proprietary software isn't a religion. It's politics.


I'm not really aware of a practical difference when considering the nature of political and religious beliefs, so sure, substitute politics into my thought at will.


Proprietary software is neither a religion nor politics, it's just business.....


Shots Fired!


They've been firing shots at Microsoft for decades now (remember "MS-DOG" in old GNU writings?)


Or their absolutely ridiculous Bad Vista campaign?

http://badvista.fsf.org




Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: