"This project collects usage data and sends it to Microsoft to help improve our products and services. Read our privacy statement to learn more. Telemetry is disabled in development builds by default, and can be enabled with the SEND_TELEMETRY build flag."
One which might be cause for concern is LogInvalidInputPasted() specifically because pastedExpression is included in the Telemetry Event.
I also have questions on LogConversionResult(). Why is that recording NetworkAccessBehavior or the raw conversion values? Wouldn't knowing the FromUnit/ToUnit be enough to know how much something is being used?
I presume that LogConversionResult() logs the result of a currency conversion that has already accessed Micrisoft's API. So why does Microsoft need to know the results of my calculations? The function in question isn't GetCurrencyRate().
Why have all the single-use constant strings instead of using the corresponding literals in-place? It’s additional lines of code and doesn't help readability/maintainability (there's already one unused const - EVENT_NAME_HIDE_IF_SHOWN). Additionally, the code mixes string literals with constants:
But then it doesn't use constants where it might make sense, when a string is used more than once. e.g. the literal string "WindowId" is used a dozen times.
Separately, I question whether anyone looking at the telemetry on the backend. In my experience, developers add this stuff because they think it will be useful, then it never or rarely gets looked at. A telemetry event here, a telemetry event there, pretty soon you're talking real bandwidth.
Well it must include your IP address too, and they know the time and date is was received. And then it gets bundled with the rest of the data they collected.
I don't even want them knowing when I'm using my computer.
Because it is a simple calculator. Now think about what they might be collecting from the rest of the system.
All the concerning privacy issues with Facebook or any other company should be seen rigorously by its users. Telemetry at OS Level is one of the worst offending practices IMO.
If we're expected to trust the party spying on us to reveal exactly the extent to which they spy on us via their proprietary, closed-source spying data viewer tool, then we deserve exactly whatever the fuck it is we end up getting.
If they cheated on the documentation matching the binary to try and sneak in more telemetry, the backlash would be phenomenal.
I don't know if Twitter could handle that kind of load =]
It's always good to trust but verify, although here the the safeguard is pretty strong.
It doesn't always have to be explicitly intentional as you described, but the simple fact is that they are incentivized to gather this data and they will not, in fact, suffer major repercussions commensurate with the amount of data that is collected/gathered. Look at all of the penalties that have been levied at all the other data breaches and how negatively affected those business were. [1]
‘’’In a brightly lit but still somehow nefarious meeting room two devs discuss their latest findings:
Dev1: “These users searching for ‘transfer bank savings’ also have a 15% chance of pasting these long invalid numbers into the calculator. Look at all of them.”
Dev2: “Odd those look like bank accounts numbers...”
Dev3: “I think we may have an early retirement opportunity...” ‘’’
You raise valid issue, but that issue has nothing to do with the telemetry itself, but with the brokeness of US banking system. Essentially everywhere else the bank account number is simply an public address that you can use to send money there and nothing else.
Why not? If they're paying people to build this software, they presumably want to make it good. With this data, they can learn all kinds of things to help improve future versions: when/why is it crashing, what features are people using most/least, are there patterns of clicks that suggest people are mis-understanding or mis-clicking certain features, etc, etc.
edit: Another one that's often useful is looking at different usage patterns across countries. For example, if nobody in Israel is using COSINE, then there's likely a problem with the right-to-left internationalization that you should fix.
Virtually all of the complaints Microsoft receives about telemetry could be addressed by simply allowing people a global way to turn all telemetry for Microsoft apps off. If you want to support the improvement of apps by allowing this form of telemetry, you can leave it enabled. If you consider it a violation of your privacy, you should be able to easily turn it off.
There's a lack of user control and a lack of transparency. Even if you are a Windows 10 Enterprise user (lucky you, you can turn off system telemetry, unlike the plebes who run Windows 10 Professional), and you turn off telemetry for Windows as a whole, does that include the Calculator or not? Maybe it does. It's really unclear to most people.
If they're paying people to build this software, they presumably want to make it good.
I find it more likely that the real answer is they're trying to "maximize shareholder value." If Microsoft wanted to make good software, there are several thousand other things it could do other than collecting information on people using a calculator.
Basically every Android and IOS app you use collects telemetry (which you usually cannot disable) for UX purposes but suddenly when Microsoft does it it's a Big Deal. I don't see the issue with refining UX using anonymous data if it improves the product for the end users. Every high quality commercial app does this.
F-Droid maintains a repository of open-source only android apps, and either doesn't allow apps that has telemetry or at least flags apps which may have such anti-features:
Basically every Android and IOS app you use collects telemetry
So it's OK, then. Jimmy jumped off a bridge, so it's OK if Johnny does it, too. No harm done!
but suddenly when Microsoft does it it's a Big Deal
No, it's a big deal because Microsoft feels entitled to collect information about people using... wait for it... a calculator.
using anonymous data
It's not anonymous. We know it's going to at least get a timestamp and IP address.
I don't see the issue with refining UX
Neither do I. Do it by bringing people in and testing the program on them, the way it was done for decades before "telemetry" became one of those SV euphemisms.
You don't need to root your phone to run Blokada, if that's what you're asking... I installed it sometime last year and as of right now, it claims to have blocked 595944 requests.
I had an interview last year with the Windows and Devices Group. On the day of the interview, I was told it would be with people that work on telemetry.
One interviewer told me that keystrokes were being measured by conhost.exe. Not just for internal testing. He clarified that it was done on customer machines. It wasn't clear if they collected individual key presses because we were discussing something you could infer by knowing keystroke timing.
Windows 10 is the most prolific malware in the world.
Speaking as the engineering lead owning conhost.exe: I can't find anything in our code that would trace user input, or data effectively derived from user input, to even a local event stream.
There are a couple instances where we trace API call timings, but only that of API calls initiated by an attached console application.
Hey, I work on the commandline team too - We can't give out exact timelines for anything we work on, but I can tell you that it's pretty high up on the backlog. It's closer now than it's ever been, that's for sure.
That is such an outrageous claim I had to check for myself.
From looking at conhost.exe in IDA Pro, there are some references to telemetry in a function HandleKeyEvent: https://i.imgur.com/MwaBLcW.jpg
But looking more closely it's just used to increase some counters when Ctrl+C or Ctrl+V are used: https://i.imgur.com/29e2qLD.png
There is another one for Ctrl+A elsewhere in the function as well.
Seems these are for when clipboard operations happen, there is other telemetry nearby for when key activity causes a paste: https://i.imgur.com/xONKrGJ.png
So Microsoft are indeed collecting keystroke telemetry in conhost.exe, but it's just some boring old counters to measure clipboard usage.
But how can that be when "... the engineering lead owning conhost.exe: I can't find anything in our code that would trace user input, or data effectively derived from user input, to even a local event stream."
I mean, I suppose that the key sequences around copy/paste are technically user input. Those events get processed into telemetry as to whether they were done in processed or raw input mode, and whether Quick Edit was engaged at the time.
Additional telemetry points include whether the "Find" dialog is being used (explicitly, whether "find next" has been clicked, and how long the search string is -- no other user-generated search content is included in event logs), when a process detaches from the console, and when the window is resized.
I think this disassembly supports their assertion. The number of times a user copies and pastes isn't in itself input to the console, just a metric of some out of band events.
This seems to be the reason they put the telemetry in. They were solving a bug related to the time calculation feature. And, needed to discover if any customers had issues after the change was made.
Built-in applications are great opportunities to dogfood new platform features. I'm speculating, but calculator may have added telemetry as a way of testing the relevant SDKs, APIs, data visualization systems, etc, not necessarily because a PM a Microsoft somewhere actually cares what percentage of users press the "multiply" button.
I'm not sure if I should be disturbed or amused by Microsoft putting telemetry in (at this rate) literally every one of its products.
Like, what the hell do they even track? I guess the obvious ones are things like application crashes, but now I'm curious if they have the data on the most common calculations, folks' favorite numbers, etc.
The Scientific/Math/Programmer expanded calculators have a bunch of features. Maybe they can test how often the "cube root" button is used versus Arcsinh or something.
TI will tell you, “It’s a feature.” Play around with the cube root of negative real fractions ( with even and odd denominators) and integers (starting with -1) and see what you find.
I mean, I guess it would be cool to know what kind of operations people are doing most often? Maybe you send different ads to people who only use addition/subtraction than people who use sin / cos?
constexpr auto EVENT_NAME_INVALID_INPUT_PASTED = L"InvalidInputPasted";
constexpr auto EVENT_NAME_VALID_INPUT_PASTED = L"ValidInputPasted";
constexpr auto EVENT_NAME_BITFLIP_PANE_CLICKED = L"BitFlipPaneClicked";
constexpr auto EVENT_NAME_BITFLIP_BUTTONS_USED = L"BitFlipToggleButtonUsed";
constexpr auto EVENT_NAME_ANGLE_BUTTONS_USED = L"AngleButtonUsedInSession";
constexpr auto EVENT_NAME_HYP_BUTTON_USED = L"HypButtonUsedInSession";
constexpr auto EVENT_NAME_FUNCTION_USAGE = L"FunctionUsageInSession";
constexpr auto EVENT_NAME_BITLENGTH_BUTTON_USED = L"BitLengthButtonUsed";
TL;DR: AdvertisingID handles ad tracking in windows and can be opted out of during install, in settings and globally on your account. AFAIK you can also wipe any previously tracked data. AID tracking is unrelated to telemetry.
Telemetry does not contribute to advertising at all unless "tailored experiences" is enabled in settings, and even then the data is mostly used for Microsoft to suggest features and fixes for problems.
> Telemetry is disabled in development builds by default
So it's not ideal from a privacy perspective to have to worry about usage telemetry in a calculator. But at least there is the silver lining of having telemetry disabled by default _somewhere_, even if it is only for dev builds.
To be fair, it's a nightmare looking at reports that are all clogged up with crashes and whatever from your developers making messes at their desks running non-release code.
Obviously one option is just a dev build flag in your telemetry payload, but I can see the logic in just turning it off altogether.
Developers use software in weird ways. I've written scripts to hit buttons thousands of times for hours on end. It makes sense that they don't want developers' janky experiments polluting data used to drive design decisions.
The label "developer" is relative. Any given product wants to exclude telemetry from developers developing the product itself. There's no need to exclude telemetry from developers using the product like a user. The point is to exclude developers running the software in weird ways to debug it. Not just to exclude anyone that calls themselves a developer.
On my windows machine I use Windows 10 Firewall Control (and outbound LittleSnitch type thing .. except crappy). I don't think it was calculator, but there was some other basic Microsoft app that wanted to make an outbound connection. I remember thinking, "WTF?! Why would this need to connect to the Internet ever." .. maybe it was calc. Is this telemetry currently enabled on the released version or is it only in the OSS code?
This is cool, but I really wish they'd release the source for the original Notepad. No real reason other than "this software was really important to me when I was a kid".
As it stands, though, Calculator is not something I've particularly cared about in the Windows world; pretty much anyone here could write a simple calculator app in an afternoon.
Still, I am glad MS is slowly becoming more OSS-friendly; I doubt anyone installs Windows specifically for the calculator app, so as a result, why the hell not open-source it?
Part of the Windows 2000 source code leaked and it included Notepad. I don't think it's changed much since then as it's pretty much a wrapper around the Win32 widget with a few features like changing the font, printing, etc.
"Original" is the issue there. They're far more likely to open source a modern UWP app, written with current best practices in mind, rather than a 20 year old C app with untold terrors hiding in the codebase. If they ever rework Notepad into a UWP app, I suspect that would be open sourced, as I expect many newer Windows components to be.
IIRC Notepad source code is in a Windows SDK. Probably an old one, but it only started to be actively maintained quite recently (and even then: only very lightly), so the source code you can get will likely cover most of its lifespan for now.
I'm not sure the source of notepad is that much interesting, though. I mean, yeah, nice to have out of curiosity, maybe, but I'm not sure I would get anything from looking at it. I'm even more interested by monstrosities like historical version of conhost, or of cmd, because it is both simultaneously horrendous and bizarrely not extremely buggy (probably was debugged by some kind of brute force effort, then... :p )
Although a version of the Notepad source under a free software licence would at least permit to strip it of the new ridiculous shits, like "Search with Bing" and maybe some spying features.
For me (and for a lot of other people) what I wish they would release as open source is VB6.
There are a ton of good reasons why this is unlikely to ever happen, though (third-party licenses mainly).
There are a ton of VB6 applications out there running, and Microsoft so far has continued to keep the runtime around, but that won't always be the case.
When it is finally EOL'd, people aren't going to be happy at all about it...
I've always found the "App" version of Calculator lacking compare to its Win32 predecessor. In particular History. On the old Calculator you could double-click the history and edit the equation, and get a new result, no go on the App.
Plus the Programmer UI, while being more powerful is actually harder to use since the information is now split between two screens rather than one.
Oh and you cannot paste in currency ($10) is now invalid. The old one just stripped the currency symbols.
Very nice, and it even has a chocolatey package via choco install oldcalc so I can do my [Windows]+R calc and have the Win8 calculator open, very nice indeed!
I don't like the fact that the new calculator always seems to be the wrong size, when using different DPI monitors. I don't need calc to take up 90% of the screen and I don't want to have to resize it. There's no real need for that. Agreed on the history missing functionality, that has annoyed me too.
I worked on a win32 application for my first job out of college. My boss told me "want to learn win32 and c++, go program a windows calculator clone." It was a great project to get started and I did learn a lot. Now I have something to compare my work to ha
Yes I realize this calculator is now a universal windows app, I couldn’t edit cause noprocast locked me out after posting. Reguardless, building a calculator is still a great way to learn a new UI framework. I could see that this would have been a great resource for me as a new engineer (if building a universal windows app).
I didn't downvote you, but it comes across like you were trying to nitpick someone by pointing out a detail that isn't relevant to what they were saying.
All the layers of more and more abstractions. What used to be a simple app with a few dependencies is now multi-team project requiring almost a virtual machine to run.
The "help wanted" label on some of the GitHub issues[0] is interesting to me. Presumably there are Microsoft employees who are being paid to work on Calculator, are they trying to crowd-source their jobs? I should convince my company to open source the project I am working on so I can offload some of my work too ;)
It's the Open Source issue tracker equivalent of the "Welcome mat". It doesn't necessarily mean that Microsoft's employees here need help, but it certainly shows that they welcome it.
(Which is a very useful indicator for engagement and shows presumably some stake in actually continuing to develop Calculator out in the open, as opposed it being a one time or rarely-if-ever code drop.)
maybe it become so complex that it's hard to maintain so they seek the community to maintain it for them for free so they can focus on selling the OS it runs on. ;)
speaking from experience working in a truck repair shop, I quit using calculator in windows as it was rather unreliable. if im calculating inner diameter or outer diameter for a part, or doing tooth math for machining a new bull gear, ive often encountered wildly different values in calculator from what a machinists handbook tells me. Ive even had an old-timer warn me about different depth and feed rate calculations that calculator has never done right. This is simple shop math, but i think we're calling it trigonometry these days.
This is an issue with any math-related tool in general, including the specialized software, where bugs are much much more sophisticated. Most App Store/Microsoft Store/Google Play apps can't be trusted even for simple square root and trigonometry calculations.
I know it's totally overkill, but I use Mathematica for even simple arithmetic computations. I assume that the developers have ironed most of the obvious bugs.
Awesome seeing another component of Windows (albeit a small one) shifting to open source. My hope is that over time, more and more components will end up open source as they get updated and rewritten.
I know you joke, but in case someone has been unaware, there's Paint.NET[1], which is somewhere between MSPaint-on-steroids and Photoshop-lite.
In 7.5MB, it offers most of the features casual users need from a graphics program: layers, transparency, curves, etc. - all in a footprint (and startup time) comparable to that of MSPaint.
As an aside, this very proposed scenario makes me wonder how many users with more casual image editing requirements PaintDotNet has taken from Photoshop.
That has no use, as you can almost certainly not install and use it anywhere. .NET framework is an OS component you probably don't want to mess with. And Microsoft neither, given they only innovate in .NET Core nowadays.
I would love to see mshtml/trident spun off. While it is not the most modern design, of course, it does have some advantages for embedding and extending with everything having native COM interfaces.
I was trying to figure out if it was C++/CLI or C++/CX (I don't do enough Windows dev to know at a glance...). I was hoping it was C++/WinRT – I'm interested in seeing the new language projection in action.
Apparently C++/WinRt was only introduced in Windows 1803 [1], a few years after original Win 10. Interesting to learn that it was originally developed by an independent developer, who was then brought into Microsoft to continue work on it. C++/WinRt uses standard c++.
Was this source previously in the Windows repository? Has all development moved to GitHub? If it was in the Windows repo, are they mirroring it back?
Do they still have the old history? There are multiple ways to deal with this in git (grafts, replacements) I wonder if they're using anything like this to get full history, internally.
The NT 4.0 source code is probably stupidly interesting and I'm sure there's much to be learned, but... Source code leaking is not the same as something getting open sourced. It's illegal, and it doesn't foster collaboration in the same way. And plus, even as fascinating as NT 4.0 is, it'd be neat to see more recent stuff too.
Well, the constructs used in the xaml appear to be very similar between uwp and wpf. You still have controltemplates, datatemplates, and dependency properties, so there is a lot in common more than just syntax.
If you know any XAML, you’ll have zero issues using the rest of them. Speaking from experience, I started with Silverlight a decade ago, had no problems switching to others.
But the underlying tech is very different. Early Silverlight rendered on CPU, WPF is based on DirectX 9, UWP uses Direct3D 11. Silverlight and WPF are .NET based, WinRT and UWP are not, they’re 100% native code, exposed to .NET through COM interop.
GO.COM for CP/M and DOS was similarly trivial. A 0-byte program, the effect of which was to cause the previously run program (which was still in memory at 0100h) to start again.
Most shells optimize it to avoid the overhead of spawning a process for something as trivial as that. But yes, it's an actual binary even so, just in case - try `which true`.
While I applaud this, and I'm generally positive about Microsoft's new stance regarding open source, I wonder whether they ever have, or ever will, apologise for having made remarks like "Linux is communism". They caused a lot of damage. It feels a bit disingenuous to just pretend now that nothing happened.
They will not. I can't find the link at the moment but I read an article about 6 months or so ago where, iirc, Steve Balmer and Satya Nadella where talking about Microsoft's open source plans and some of the history and made a remark that fighting open source "was the correct business choice at the time."
I don't know what a single sentence, said in 2000 by a person who has not been at an organization since 2014 has to do with said organization in 2019.
Kind of like the people who comment "embrace, extend, extinguish" on every Micro$oft article, forgetting that the one person to who the phrase has been directly attributed (by a third party who was paraphrasing) resigned from Microsoft 19 years ago and when obliquely referenced (like during lawsuits) the documents used as exhibits in the lawsuits all date from the mid-90s.
It kind of makes me roll my eyes, like people ask "did you know coca cola used to have COCAINE in it?"
In the 50s, Alan Turing was convicted for being gay. Much later, in 2013, the UK government issued a posthumous pardon [0]. I'm pretty sure nobody in the 2013 government was in the government in 1950, but AFAIK this was widely seen as a good thing, an admission that what the institution that is the UK government, although not the same people, had made a mistake.
I think this applies in exactly the same way to the wrongs of corporations. Out of decency, if not out of being consistent with the idea of treating them as legal persons.
"This project collects usage data and sends it to Microsoft to help improve our products and services. Read our privacy statement to learn more. Telemetry is disabled in development builds by default, and can be enabled with the SEND_TELEMETRY build flag."
Even on a simple calculator.