This is an article, about an article, about a blog post, about a random comment. Someone grabbed the update's file change list, spotted files used by the Customer Experience Improvement Program (CEIP) and then said that because those files were updated that this security update "added telemetry."
Problem is that those files previously exist on Windows 7 as part of CEIP and may require legitimate updates (inc. security). You still need to opt into the CEIP so that telemetrics are sent to Microsoft, and there's no proof that this update has changed that.
I guess what I am saying is: There could be a story here, hypothetically, but this article lacks enough information to say that there is. This could be a legitimately security update to an unpopular part of the Windows 7 OS.
They are telemetry files that previously non-security patches have attempted to add on multiple occasions.
$ cat 4507456.csv | grep -i telem
Appraiser_telemetryrunlist.xml,Not applicable,"71,958",17-May-19,16:16,Not applicable,None,Not applicable
Appraiser_telemetryrunlist.xml,Not applicable,"71,958",17-May-19,16:17,Not applicable,None,Not applicable
OP's point was that ZDNet is stooping a bit low here by journalistic standards. In this case, it appears there's not enough evidence to publish a "question headline" -- much less question whether they deserve some benefit of a doubt.
We all know MS and others have engaged in questionable behavior - but at least wait until there's something substantive before publishing.
I can't listen to this naive way of dealing with these companies anymore. Use it if you want and also use it for your business but don't complain afterwards that someone stole something important etc.
As an interested but unaffected observer, I'd just like to understand accurately the state of things. It's quite right to call out biased reporting that misrepresents the facts, fails to cite evidence of claimed facts, or that misrepresents speculation as fact, since otherwise all we get is "fake news" and lynch mobs, which just polarises the population and helps nobody.
If you have a problem with a rebuttal, then argue against it on the basis of what it said, please, rather than on the assumption that it is automatically wrong based on previous history.
It's fine (and perhaps even appropriate) to speculate in a biased way on unknowns based on previous history, but that doesn't in any way invalidate proper journalism based on seeking the facts, and the two should not be conflated.
 In principle. You seem to be arguing against the principle. My comment isn't intended to pass judgement on the accuracy of this reporting or the accuracy of the rebuttal.
Perhaps, but one difference I see is that lynch mobs target disempowered individuals who can't defend themselves against the mob, usually people who were already very low on society's totem pole.
What's anyone going to do to Microsoft? They've been rightfully criticized for all kinds of bad behavior for decades now, and they're still hugely profitable. People have known about the spyware issues in Windows 10 for ages now, but it isn't stopping them from using it.
Furthermore, the user Someone1234 has been defending telemetry on HN for years, often ignoring two important facts:
* telemetry was invasive and non-transparent, but got toned down because of the backlash. They always refer to the current state and pretend that people are paranoid and exaggerate.
* MS used many dark patterns when rolling this out, essentially getting into an arms race with the customers that wanted to disable telemetry.
There are many HN users which repeatedly defend dark patterns and the nasty practices of companies and then don't reply or ignore counter-arguments.
It would seem to me that HN should be more concerned with those situations, than those that point the above out in a rather benign way.
That's certainly true in general. For example, if I post "Hey, I noticed that you've posted a lot about APL. Did you ever work with it professionally?", that's not a personal attack. But the pattern here was more specific than that. If you single someone out by name and insinuate bad faith in their comment history, that pattern-matches closely to the online calling-out and shaming culture. We want to avoid that culture here: its spirit is aggressive, we want HN's spirit to be collegial, and one can't have both. When we post moderation comments like I did above, we're always looking at the effect something has on the site as a whole. The calling-out culture is contagious because people are so used to it elsewhere.
It's perfectly natural for someone who disagrees with your view to have various comments in their history expressing that. The way to answer this is with better arguments, not by naming and shaming.
If you say that your intent wasn't to shame or insinuate, I believe you, but that's only a necessary condition for posting here, not a sufficient one. If your post pattern-matches to a standard way people do that on the internet, then readers will interpret you that way (like I did above) even if you intended otherwise, and the effect on the community will be just as bad. In such cases, the burden is on the commenter to make their benign intent explicit and disambiguate from the default pattern.
What are you implying, go to the link in the article and find
how it is described: https://support.microsoft.com/en-us/help/4507456/windows-7-u...
That page doesn't state what security matters the update address, nor does the page it links to (directly, maybe the information is there with more digging, but if I'm given a link on the pretext that it shows something I expect it to show that thing without needing to dig).
> What are you implying,
I'm not the OP, but I think what is being implied is fairly obvious: that the patch exists purely as a way to get the telemetry stuff installed and had no real security addressing content.
I very much doubt that is the case though, it is something that would not surprise me from the MS of old but they are at very least more clever these days and would not risk the resulting furory.
Were they there from the beginning? If not, which update(s) first added them? I doubt they were, because I clearly remember all the telemetry being in the news starting with Win10 and plenty of people refusing to upgrade to 10 because of it.
Even if it's a security update to CEIP, I don't think it should be offered to those who didn't install the original version of it.
I mean, by default, it wants to send every keystroke back to Microsoft servers! For "diagnostic purposes", I guess. And every URL that you visit. That's arguably worse than Google. Which is saying a lot.
do you have any proof to substantiate this statement? I don’t believe for a second that Microsoft is getting away with an OS-wide keylogger
For me Microsoft has become untrustworthy as an OS vendor, enough for me to even scrap my Windows7 installations.
Quite a few sites have listed how to do this.
All of the angst about Windows 10 spying did force Microsoft to be more transparent. At one point, they were facing legal action from France and Brazil, and very likely other countries.
There was actual fake news going around about it. Actual as in sponsored by Russia. So finding others saying the same isn't close to saying it happened, especially given many people have an axe to grind.
> sponsored by Russia
I appreciate that this is a prevailing and popular narrative pushed by popular people, but that doesn't mean it needs to penetrate into a discussion between two civilised human beings capable of critical thinking. It would be best to keep at least this website as propaganda-free as we can.
> 1. Go to Start, then select Settings > Privacy > General.
> 2. Turn off Send Microsoft info about how I write to help us improve typing and writing in the future.
I didn't verify what it actually sent, but that's what I remember seeing.
I got that here: https://www.privateinternetaccess.com/blog/2017/03/microsoft...
For current Windows 10 versions, it's become a local database:
> As part of inking and typing on your device, Windows collects unique words—like names you write—in a personal dictionary stored locally on your device, which helps you type and ink more accurately.
Given that MS can connect to your computer at higher telemetry levels and run programs and download documents, I have zero trust in this company and turned everything I could find off.
So I'm just very careful. I have old Windows 7 and Office DVDs that I bought for cash at a yard sale. I created a VirtualBox VM, and updated it through a nested VPN chain.
When I need to use Windows, I just clone that VM. If I'm putting data on it, I don't give it an Internet uplink. Occasionally, I update a clone. And if everything goes well, I use that as the source for future working clones. If I need to retain old clones, I put them on an external LUKS SSD.
$ whois -h whois.radb.net '!AS8075'
$ pfctl -t drophosts -T add <results>
$ for range in <results> ; do sudo iptables -A INPUT -s $range -j DROP ; done
As in my nearby comment, I only allow network access on VMs that don't contain any sensitive data. Once I've fully updated, I create clones to actually work on, and disable the Internet uplink entirely. When it's time to update again, I start with a virgin clone. And then transfer data to it, after disabling the Internet uplink.
In the meantime I'm stuck dealing with Windows Update breaking things every week. I've completely given up on ever using my convertible laptop as a tablet again because every day I have to replace the updated broken drivers for the orientation sensor with the good ones from a fresh install of Windows and every night it dutifully installs the broken updated ones and there's not a damned thing I can do about it without disabling Windows Update entirely.
I like this idea but it really doesn't protect anyone else if you quit updating and your machine become a less than desirable participant on the internet for the rest of us.
In any case, the vaccination argument only works if it's defending against a real threat. If there's a genuine security issue here, perhaps it is. On the other hand, if this update really is causing otherwise absent telemetry software to be installed, not installing that telemetry software is hardly a threat to other Internet users.
Generally if you disable updates, you disable them all, so that means security updates too. If a given update isn't a security update and you disabled all updates ... you're still going to miss it if it was a security update too.
That isn't necessarily true at all. Indeed, the basis of this very story is that Microsoft has been providing updates for older versions of Windows that included only the security patches (i.e., not new features, telemetry, and any other stuff that might change the behaviour of system in ways its user doesn't want). In terms of your "vaccination" strategy for the Internet, these patches are the ones that matter.
However, in this case, Microsoft might have bundled one of the things that people have been trying to opt out of -- telemetry -- into one of the updates labelled as security only. If they really have, that would be a further significant breach of trust, and given their recent track record with pushing telemetry, GWX and so on, a lot of people are no longer even willing to give them the benefit of the doubt, to the point that some people are no longer applying updates from Microsoft at all, in some cases including security updates. That is bad for almost everyone, and it's been directly caused by Microsoft's repeated abuse of the update system to push user-hostile changes.
The group policy option has been working for me: https://www.howtogeek.com/224471/how-to-prevent-windows-10-f...
Isn't this the same problem they've faced for decades, and largely successfully managed before the telemetry?
Windows 98 and ME struggled with BSODs because they were still built on something designed as a GUI layer on top of a CP/M clone. Vista mostly fixed all that. I've been running Windows 7 for most of a decade now without a single BSOD.
If MS has built an OS that cannot be effectively maintained without being sneaky and deceptive about their data gathering, that's their problem. Don't ask me to sympathize with them just because doing things right is hard.
Go in to the Settings app > Privacy > Diagnostics & Feedback and scroll down to the "View Diagnostic Data" section.
Its not really all that sneaky or deceptive or dishonest or any of that. Its just being portrayed as such by anyone writing about it in the press for some reason.
Give me the keys to read the raw stream and we can talk.
It's like saying that you expect letter carriers to read every letter they deliver because there's no way to prove otherwise. They can get caught doing it, and if they are they're severely punished. That's your insurance.
Nothing is perfect, but somehow it still works. You can't always get 100% assurances; that's the nirvana fallacy. If you insist on it you'll just dismantle a system that was otherwise working perfectly fine.
Are mail carriers foolproof? No, but they serve a purpose.
Are privacy policies foolproof? No, but they serve a purpose.
Collecting too much data: Ooops we're sorry. Facebook has breached on multiple occasions their deal with the FTC. Until now not much has come out of it.
European data commissioners have requested more detailed information on telemetry to be able to certify Windows 10 for use in public offices and have been stonewalled so far. Not exactly trust-building.
I had originally planned to buy an XPS 13 and run Ubuntu, because I actually don’t like Windows 10. I use Office365 Essentials though and that’s just a hassle to setup on Linux, where as it integrates seamlessly into Windows 10. It was also cheaper to buy the surface. I got one of the cheaper versions with an i5, and re-selling my used MBP 2018 paid for the entire thing.
Maybe it’s just me, but I was really on the fence about going Windows, like I said, I actually don’t like it that much. It’s grown on me though. For personal use it’s really not that different than OSX. Then you get actual updated unix cli. You can even get SUSE enterprise server to run stuff in what resembles a real deployment environment. It’s all sandboxed so it doesn’t fill up your personal machine with development tools and servers unless you’re actually working on it. You get one-note and you get to take notes or draw architecture with a pen. The keyboard and trackpad are better than the MacBook and the thing weighs nothing. It even has a MagSafe charger. It really feels like something Apple should have build.
It's improved greatly with Steam's work on Proton, at a guess I'd say at least 75% of my library is now playable with no extra work from my side.
On Windows it's still 100% though.
With a goal of 1440p@144hz, and someone who appreciates visual fidelity, I own an RTX 2080 Ti, and there's just far too much of a performance penalty for linux gaming.
Why did you buy that if you planned to game on Linux? I got a Vega 56 and it works great. Right now I'd opt for one of the newly released cards. With a Ryzen 3... AMD is back!
In fact, WINE supports packages that Windows no longer can.
None of this is my day job, it is knowledge and muscle memory I accumulated over 20 years being invested in and toying with the microsoft ecosystem (.net, visual studio, sql server, iis, hyper-v, etc). Changing OS means pretty much restarting from scratch. It is tempting (I am deeply uncomfortable with the new Microsoft) but I just can’t afford to invest that much time and energy.
I have Windows on a VM that I remote desktop to for things like budgeting and banking that I'd rather not keep on a "throwaway" type device. Two things that keep me on Windows is Excel (I use enough features that LibreOffice doesn't support) and Remote Desktop (it's just better than alternatives I've tried - I use xfreerdp to connect which support multi-monitor). Admittedly, I haven't looked into alternatives to Remote Desktop as the remote access server for a long time. Whilst vnc was always serviceable, it was never quite the "real" desktop experience that Remote Desktop provides.