Hacker News new | past | comments | ask | show | jobs | submit login
I noticed some disturbing privacy defaults in Windows 10 (porta.codes)
965 points by jonathanporta on July 30, 2015 | hide | past | favorite | 574 comments



Windows is now essentially a personalized, cloud-based operating system with the primary interface as a personal assistant, so I expected to see all these things as defaults. The advanced features just couldn't work without it. I'm glad there's at least an opt-out, but I do think that Windows needs an OS-wide incognito mode, just a simple switch to record or not record data.

I generally use that on my browser for when I hand my laptop to someone else and don't want their activity polluting my history, but now there's the risk of the entire OS learning someone else's habits when they just need to use the computer and don't want to log in. Sometimes, guest accounts are too restrictive.

I do like having the option of a personalized experience, and Microsoft is generally one of the most restrictive companies when it comes to sharing data. With their push toward more personal cloud services, I hope they will take special care to maintain that record, although everyone knows that certain groups like government have ways of getting whatever they want if it's available.

Hopefully, some of the fine-grained permissions of Windows Phone will soon carry over to the unified platform for those who want it, but either way, I would still do any especially sensitive work on Debian or a similar system.


"Windows is now essentially a personalized, cloud-based operating system with the primary interface as a personal assistant."

Who wanted that for desktop computers or laptops? This is not going to fly with business customers. Microsoft has already bombed twice in the business space, with Windows Vista and Windows 8. This looks like another bomb.

Windows 7 is still pretty good, and it will probably be the main Microsoft desktop OS for years to come, despite what Microsoft wants.


>Who wanted that for desktop computers or laptops?

I did. Linux and OSX are still available for whoever wants them. You can stick with Windows 7 if you want, that's just fine. I like Cortana. I like my software knowing what I like and what I'm interested in. It makes my life easier, which is what computers were invented for.

I can see why some people might not, and to be fair I use Linux on my work laptop because the work I do demands it. I would never put my client data on a Windows machine.

But like I can see your side of the argument, you have to be able to see that some other people want personalization and learning and all that. Pandora and Apple Music are both heavily tailored that way. Google Now on your phone knows everything you do. Netflix can find videos for you to watch based on what you've watched before. Amazon will recommend purchases to you based on what you like. Hell, half the people on this site build these systems. You know how many machine learning articles there are on the front page every week?

So who wanted that? I did. And so did several million other people. For the people who don't want it, I mean it's not even really opt-out. They ask you up front do you want the default or do you want to pick your own privacy settings. If you still don't trust it, Windows 7, OSX, and Linux are right there, just a click away.


> But like I can see your side of the argument, you have to be able to see that some other people want personalization and learning and all that. Pandora and Apple Music are both heavily tailored that way. Google Now on your phone knows everything you do. Netflix can find videos for you to watch based on what you've watched before. Amazon will recommend purchases to you based on what you like. Hell, half the people on this site build these systems. You know how many machine learning articles there are on the front page every week?

But that's the thing, right ? People want their computers to be more intelligent, reactive, adapted to their needs. They don't want Google, MS or Apple to know everything about them. How did the first came to automatically imply the second ?

Apple, Google, MS and others could deliver the same products (software that learn user behaviour and adapt accordingly) without sacrificing privacy, invading personal space and storing private documents on the cloud in order to parse it to deliver relevant ads.

Machine learning should keep on trying to be machine learning and not solely data scraping for marketing tuning and exploitation.

What does it bring me that MS or Google knows my search terms of the day ? I want my quad-core CPU to know that when I browse HN it should automatically split the screen in half and open my media player to listen to radio music because that's what I do most morning. Why do I have to do that by hand ? Can't it know or guess my routine by now ?

Or is all the tech just a glorified lexical parser to fine tune ads to increase their efficiency ?


> Apple, Google, MS and others could deliver the same products [...] without sacrificing privacy [..]

Could they? My amateur understanding is that a lot of today's success in machine learning is due mainly to having enormous amounts of data to work with.

When I look at Google Now, for example, I can't imagine a way to build it without collecting an ocean of detailed personal data. Or your example of finding common behaviors and having computers do the right thing: that gets much, much easier if you have the daily behavior data of 10m people so you can start extracting concepts like "typical morning routine", testing recognizers for that, and having them not do anything in low-confidence situations.


It's not just about advertising. By looking at customer data in aggregate you can learn more about behaviour patterns and support the things your customers might be interested in doing. Buying products is one of the things you might be interested in doing.

That said, this whole thing gives me the creeps and I'm glad I'm no longer a Microsoftie.


"By looking at customer data in aggregate you can learn more about behaviour patterns and support the things your customers might be interested in doing."

That could be done locally, without sharing the private data. The local computing agent can then look up in the public (like the pool of those who deliberately published content for all to see) for information that may be of interest to the user. That would have been a moral solution to please everyone. What we see happening now is a nightmare!


> That could be done locally

It could be done locally, but in order to not share any data with the server you'd need to run the analysis (with all of the associated data) on the local machine, which unless I'm missing something would add some non-trivial constraints, e.g.

- Getting research-grade analysis code up to local-install quality levels, keeping that code updated

- Bandwidth and HDD space for large datasets

- The additional load on the CPU, memory, battery, and messaging that to the customer

- The legal and privacy implication of all that opt-in data being transferred and processed on thousands of opt-out customers' machines

- The need to have an entirely duplicated system because some people would rather opt-in and not have to run all this stuff run on their already-creaking-under-the-weight-of-windows-and-outlook-and-word-and-antivirus laptop

Maybe I'm misunderstanding something, but from this view I can understand why they didn't want to do it this way


Frankly, I don't buy it when it's on Google, FB or MS scale. Their incentives is to maximize profits, not the user's happiness, wants or needs. Sometimes the later might help optimize the first but it's not the objective behind all the scraping.

Those improvements could be done with much less intruding anyway (be it for the sake of it or because johnny hacker is going to release those data someday).


> Their incentives is to maximize profits, not the user's happiness, wants or needs

Sure, although user happiness (broadly) drives market share so they need to maximise that to maximise profit.


I like my software knowing what I like and what I'm interested in.

So do I, but I don't like my software vendors knowing it too.


I especially don't like trusted partners knowing.


Or the guys who will hack the trusted partners


Once something is somewhere it will eventually be everywhere


I like my software knowing what I like and what I'm interested in. It makes my life easier, which is what computers were invented for.

Philosophical question: is it really your life, if your software may be subtly persuading you in a different direction than what you would've taken if it hadn't been making the suggestions to influence you?

There is no doubt it will make things easier for you if all you do is effectively accept and follow everything others want you to with no resistance. However, that's not what I'd consider "your life" anymore.


> Philosophical question: is it really your life, if your software may be subtly persuading you in a different direction than what you would've taken if it hadn't been making the suggestions to influence you?

No less so than if your friends, family, coworkers, and society at large may be subtly persuading you in a different direction than what you would've taken if they hadn't been making the suggestions to influence you.

Does only the hermit truly own his own life?

> There is no doubt it will make things easier for you if all you do is effectively accept and follow everything others want you to with no resistance.

While that may be a danger to keep in mind, that's not what's being suggested. In fact, I'd argue much the opposite is being suggested.

Instead of being told what we want and adapting to our corporate overlords, would it not be preferable to communicate what we want, and have the companies adapt to us instead? To service our wants and needs?


>No less so than if your friends, family, coworkers, and society at large may be subtly persuading you in a different direction than what you would've taken if they hadn't been making the suggestions to influence you.

In spite the fact that in the case of friends, family, coworkers I can be the one persuading them in a different direction and I also know a bit about them (you cannot suggest that in the case of person-company relationship both are as strong in influencing each other, maybe in large numbers of people protesting and that's a huge maybe):

The thing is, there are 5 billion people on Earth but far less operating systems. So, when they tell you "my way or the highway" while at the same time more products support their way, you'll eventually end up stuck somewhere in the past, like the old nut in the hut living on top of a mountain, while everyone is throwing their personal data to Microsoft and friends telling me that it's going to be ok because "the functionality provided is convenient". Which makes zero sense.


> In spite the fact that in the case of friends, family, coworkers I can be the one persuading them in a different direction and I also know a bit about them (you cannot suggest that in the case of person-company relationship both are as strong in influencing each other, maybe in large numbers of people protesting and that's a huge maybe)

Companies, in many ways, strike me as amazingly straightforward to manipulate. So easily swayed by the almighty dollar that such trite as "the customer is always right" gets dolled out as actual management policy at times.

We block company ads, our eyes scan past the ads that remain, we spam-list their emails and rip into them on our various review sites when they wrong us.

Companies realize, though, that talk is cheap, and see through our bullshit a little better. And, sadly, there's very little self control by consumers at times.

> you'll eventually end up stuck somewhere in the past, like the old nut in the hut living on top of a mountain

It's not so bad here. I don't even have a Facebook account. There's enough ad blocking options out there to kill several news companies several times over. That's before installing a proper separate firewall box.

> while everyone is throwing their personal data to Microsoft and friends telling me that it's going to be ok because "the functionality provided is convenient". Which makes zero sense.

It makes zero sense if you lack agency and choice. You have an opt out. It makes zero sense if you provide what you didn't will to. Opt ins are superior, I'll certainly grant. It makes zero sense if you haven't recognized the full ramifications and potential impact of sharing the data you share. They don't know what they're getting into.

But it also makes zero sense to dismiss "convenient functionality" as a reasonable rationale to give data freely, by choice, if you understand the impact and potential ramifications of it. There's a reason this stuff works. Ignoring that merely blinds you to the beast, and robs you of taking as much advantage of it, or to defend against it's detriments.


This discussion is such a deja vu. I had this exact back and forth with a colleague the other day (them on the give-away-all-data side). I have a reply based on this comment, thank you.


> No less so than if your friends, family, coworkers, and society at large may be subtly persuading you in a different direction than what you would've taken if they hadn't been making the suggestions to influence you.

I'd add to that list things like Toxoplasma gondii.[1] Who knows, maybe it is the viruses controlling us all. Maybe there are behaviour modifying viruses that cause little to no overt symptoms of infection, or maybe the viruses are changing the DNA of bacteria that impact all living creatures microbiomes. Scary stuff.

1. https://en.wikipedia.org/wiki/Toxoplasma_gondii


At least it isn't Cordyceps Fungus.


"No less so than if your friends, family, coworkers.."

There is a difference between those and MS.


Pedantry about "MS" being different than the "software" aside - Microsoft consists of a specific sub-sampling of those people.

So I challenge you: How? In what way? Does it meaningfully change the calculus of your total life ownership? Why?


Along those lines, how dangerous is the "filter bubble" effect? Totally a reasonable social psychological/philosophical question, IMHO.

Reference: https://en.wikipedia.org/wiki/Filter_bubble


How's that different from listening to any other human you interact with? Is it somehow worse because it's a computer rather than a human? That's the kind of bigotry that gets you robot uprisings.


I'll bite.

Your mind is wired by evolution to assess, evaluate and react to human behavior. It is equipped to defend you another humans' attempts to influence your behavior for their own ends when you interact with them in person. Software that you run daily should be able to bypass those built-in protections in a more subtle and personalized manner than traditional advertising or propaganda could ever dream of. In an untrained mind it won't meet resistance but the mind can be trained; the "bigotry against 'robots'" (really, human organizations acting at a distance) on the part of humans who read enough stories like this one emerges as a result and is completely justified.


By evolution, or by socialization?

And if it is by evolution, that immediately presents the trivial solution that we will naturally evolve to relate better to machines, making this a nonissue.


It's different in the sense that you know that your firend cares about you, where as for software you can't be sure if it's in your interests.


People also lie. A lot.


If you were a woman, you'd have two dozen kids by now.


Are you saying that listening to what you have to say and writing what you have to say on wikipedia is the same thing?


Are you hung up with the speech vs text thing? Because that's so not the point.


This should be an optional feature. Not a feature that's the default of most computers on the planet. It's fine that you wanted it, and it's fine that it's available. It's not cool that it's the default on anything.


As far as I can tell, it is an optional feature. It's the default option, but still an option. On top of that, a fair argument could be made that most people who don't care enough to change their privacy settings probably do prioritize convenience over maximal privacy, so this might even be a reasonable default.


This. Majority of people don't care about having any of these privacy issues on their cell phones which infact is far more capable and something you always keep next to you. Heck I have even seen hackers here recommend ChromeOS, an operating system where everything lives on the cloud. Even though I am cautious about my privacy, I have come to learn that most are not and there is nothing wrong with it. It is just not something that bothers them enough to care about. Privacy is not black and white, some try to maintain an absolute fence while others are willing to trade some for convenience in return.


[flagged]


It's a fine line for sure. I recently recommended ChromeOS for my mother. Her problem is that she runs programs that compromise her OS. The malware I've removed from my parent's computer is hugely invasive and it is usually tied to her account. Given the choice of Google having some of her privacy details or some unknown crackers, I'd much rather have her expose that information to some cooperation that has public scrutiny over how they handle that data.


Heh, I got one for my wife, cause all she used her computer for was Facebook. Who gives a shit if Google gets all that stuff now too, Facebook already had it in their datacenter.


No. That's not a fair argument at all. Just because someone is scared away by an "option" screen like this:

> you get presented with a customize wizard. The first screen has a large chunk of text on it, a large and clearly visible button to proceed using the default settings, and a small hard to see text link that lets you choose your own setting values instead of the defaults.

> Everything about this screen is urging me to just accept the default configuration and get on with life.

Doesn't mean those people "don't care enough" about their privacy. Those people are my parents and my friends and I know that they do.

We know our computers, we can fight back, many people cannot. I believe that when a piece of software tries to provide "sensible defaults" for people that fear they might break stuff, or simply not understand the "advanced options", that those defaults should be SAFE and TRUSTWORTHY.

Windows 10 obviously breaks that trust, and the people who can't spend an hour digging through advanced options (for many reasons) are just pounded into submission against systems they feel slowly slip from their control.


I do not consent to you and others giving Microsoft (or Google or Facebook etc…) all the personal information this necessarily reveals about me when you accept their terms and have any electronic interactions with me.


That's not your consent to give. If you tell me your name, I'm free to repeat that to whoever I want. If you aren't ok with public information being re-broadcasted, don't go outside.


If you aren't ok with public information being re-broadcasted, don't go outside.

Rights and freedoms that you can only exercise by giving up any semblance of normal life are no rights and freedoms at all. The idea that the moment you step outside of your home or go on-line you forfeit any right to the slightest respect for your privacy and we should just accept this is silly.

And if you think the only people who care are a few internet warriors, please consider the likes of Google's Glass and Street View, where some people have felt strongly enough about the invasions to resort to actual criminal violence in response, and some entire countries have clamped down on the surveillance in response to public concerns.

In any case, with many of these systems, we aren't talking about public information. We're talking about technologies that systematically abuse friendships and commercial relationships by getting one party to tell the technology operators information about another party without that other party's knowledge or consent and potentially even if that information had been given in confidence.


So you agree that you have no such rights and freedoms. That seems like the practical view. The alternative is the path of craziness, filled with things like the "right to be forgotten".


So you agree that you have no such rights and freedoms.

No, I think that just because we can do something, it doesn't mean we should.

In a literal sense, you have no rights or freedoms that you are not prepared to protect with your life. You can lose anything else to someone willing to try hard enough to take it from you. Fortunately, in civilised societies, we do not generally require everyone to die to defend basic human rights that most of us think are worth protecting. Instead we adopt laws and punish those who would break them.

The alternative is the path of craziness, filled with things like the "right to be forgotten".

And as you can probably guess, I support the basic idea of the right to be forgotten as well. I have no problem with requiring companies that specialise in providing easy access to data -- and that make huge amounts of money because of the immense volumes of data they deal with -- to make it harder to access information about, say, victims of abuse or mistaken identity. When the statistics came out about who was really making use of the right to be forgotten ruling in Europe, contrary to all the naysayers, it mostly wasn't people like criminals and politicians who arguably invited negative publicity.

That said, I have no problem with reducing the profile of criminals with spent convictions either, nor those who have done things that were not criminal but which society frowned upon at some point in history. A society that never forgets, full of people who want to hold everything someone ever did against them for all eternity, is not a healthy society. I believe most people can be rehabilitated even after a dark past, and the evidence about how successful different legal systems around the world are at preventing recurrence of damaging behaviour overwhelmingly supports that position as well.


Actually in the UK it is covered by the Data Protection Act. Interesting times ahead. If you knowingly or unknowningly give personal information away without my consent this is illegal.


I would challenge you to show something conclusive that states that I am forbidden by law from stating "I know this person. His name is batou." while pointing at you.


Doing this as a person is fine. Storing and processing that information on a computer is covered by the DPA.

https://ico.org.uk/for-organisations/guide-to-data-protectio...

Refers to Schedule 2: http://www.legislation.gov.uk/ukpga/1998/29/schedule/2

Additionally, there are "Sensitive" personal data: http://www.legislation.gov.uk/ukpga/1998/29/section/2

So if someone were to ask your computer "Do you know any trade unionists?" and it were to reply "I know this person. His name is batou.", and you weren't covered by the Schedule 3 exceptions, that would be an offence. This is an attempt at preventing employment blacklists.


That's fine. That's no different to an IP address or a DNS record or something that you'd put on an envelope. That is public information.

The content of our communications is the matter under consideration i.e the content of the envelope.


And yet your original post was in response to this:

"If you tell me your name, I'm free to repeat that to whoever I want. If you aren't ok with public information being re-broadcasted, don't go outside."

to which you said:

"Actually in the UK it is covered by the Data Protection Act. Interesting times ahead. If you knowingly or unknowningly give personal information away without my consent this is illegal."

What you're saying now and what you said then are two different contexts.


He wasn't broadcasting his name in the first place; only you had the information (in the limited knowledge of the context). In case you are using this for anything damaging to him or for profit, that is what the Data Protection Act covers. That suddenly his name becomes public knowledge has little to do with this law.


I'm not talking about public information. I'm talking about private communication between you and I. Like truly private, private where you are happy to keep our communication confidential. Except now you have to have the technical know-how and proactive burden of keeping it confidential because Microsoft (and Google in other cases etc) sweep up everything you do.

In other words, if you consent to Microsoft tracking you, it means I cannot trust you in private communication even if you would otherwise be trustworthy person.

This is completely distinct concern from what is true public information.


Can you cite a source that describes that freedom?


Traditionally, the (legal) argument begins with Warren and Brandeis, "The Right To Privacy", December 15, 1890:

http://groups.csail.mit.edu/mac/classes/6.805/articles/priva...

That's been considered the foundation of privacy laws in the US. Europe generally has stricter laws -- for instance in Norway, until recently, it was technically illegal to keep an electronic[1] list of names and phone numbers of parents in a school class, or an electronic membership list for a club (esp: minor members).

That's now changed, and the requirement for being granted a "data license" are less stringent -- most electronic record keeping is legal -- everyone being granted a pre-emptive licence of sorts. However, that license is subject to things like a) being responsive in giving out/responding to requests to correct data, to show what data you have on an individual to that individual, and b) making a reasonable effort to keep the data safe.

Breach of those can lead to fines, and the revocation of the implicit license -- meaning you're not allowed to keep such electronic records any more.

Understandably Germany have a stronger emphasis on privacy, being a) a fascist dictatorship under Hitler recently, and b) half of Germany being under the Stasi also recently.

Why people in the US aren't more afraid of personal data ending up in privately held data banks where they are subject to National Security Letters, hackers, anti-union organizations working with big business, anti-native American rights activists and whatever else -- I don't know.

Maybe most people think that the next group to be frozen out of the job market won't be communist but Muslims -- and, hey, I don't know any Muslims -- so why should I be worried?

[1] Note the electronic bit. This is due to how trivial it is to link digital data, and how trivial it is to copy/get hold of a copy without the original missing etc.


I appreciate what you're trying to say, but ultimately... Sucks to be you. If you don't want others to share that data, you'll have to stop interacting with them.


Do you hold such a hard line stance on the moral correctness of revenge porn, I wonder?

After all, if you don't want others to share the data, you shouldn't interact with them.


I think its probably pretty good advice to follow: If you don't want someone posting revenge porn after you break up, don't give them nude photos/videos. Its always a risk you either accept or avoid.


There is a clear moral distinction to be drawn between people who use Windows 10 knowing that it might be sharing some data with Microsoft, so its algorithms can streamline certain everyday tasks and those who maliciously upload their exes' sex tapes to the Internet without their consent.

There are huge differences here on at least three crucial dimensions: intent of the sharer, the audience with whom it is shared, and the sensitivity of the data shared.


This is specifically in the context of your windows 10 install uploading data about me, without you asking me if that's ok. My wifi password over wifi sense, for example.


Yes. I understand that this is about "my" Windows 10 install sharing data about "you." I should have been more clear (and, unfortunately, the editing window has closed so I can't clarify). But if you re-read my comment with this in mind (as I had intended) it remains the case that while this a Bad Thing, and I see the analogy to revenge porn, it also is radically different in degree from revenge porn on several morally significant dimensions.


I've done that. They revert to traditional methods like phone calls when they want or need something. Every time.

Sucks to be you if your relationships, be they business or personal, are as fragile as a volatile technology.


And let me guess, they don't have your phone number memorized; they probably save your phone number in their phone's contacts list alongside your name, which is automatically backed up in the cloud in either Google Contacts or iCloud depending on what phone they use.

Expecting your friends not to use cloud services seems a bit unreasonable and unenforceable. Are you really going to tell all your friends they should write down or memorize your phone number instead of storing it in their phone?


No as that information is public.

What we talk about isn't.


While your name and phone number are public, the list of people who have your phone number saved is not public. These companies can effectively map who you associate with only by looking at other people's phones. They can profile you by association, and that is very wrong.

At some point privacy is no longer a choice, not a real choice anyway. You get to chose between participating in society or keeping your privacy. It shouldn't have to be this way, but it is.


Oh, uh, I thought you were talking about your name.

Microsoft collects your friends' names so it can spell their names correctly when you use speech-to-text or related features. I thought that's what you were objecting to. What kind of data are you talking about?


Conversations (SMS backup), photos (onedrive), email (outlook/office365), calls (skype) etc etc.


If you really are as charming in real life as you are online, people might indeed accede to your quaint insistence on anachronistic media, until they don't.

Personally, I require that all my so-called friends communicate with me in morse code over short wave radio. It works a treat.


I was a QRP operator so that's actually quite funny.


I like CW too :)


You mean "sucks to be any normal person today."

The ramifications of the destruction of anonymity and privacy affect everyone whether or not we understand enough right now to get this.

Also, "sucks to be all these people who would benefit from interacting with me but where I may stop interacting".

This is not a problem that is a personal, individual problem. This is a social problem. Period.


> You can stick with Windows 7 if you want

Not indefinitely. It will get EOL'ed, and at that point it might not be possible to opt-out of the upgrade.

Which isn't bad given that MS isn't going to keep supporting W7 forever: It's a genuinely bad thing to have unpatched OSes with known security holes (zero-decade, I suppose?) out in the hands of non-technical users. That kind of thing was moderately acceptable when Average Windows User was behind a dial-up line, but those are going away, too.


a genuinely bad thing to have unpatched OSes with known security holes

If the OS is popular enough, once they get known, they will be fixed by the community if not MS. Look up "Windows 98SE Unofficial Service Pack" and "KernelEx". In fact the 98SE community is still very much alive... and has added support for a lot of things that MS didn't.

Gradually, I predict the same will happen with XP, and possibly 7 when MS stops supporting it.


Not indefinitely. It will get EOL'ed, and at that point it might not be possible to opt-out of the upgrade.

It's always possible to opt out of the upgrade with Windows 7. I have a perpetual licence to use it, and I can turn off any automatic updates that would break it.

The worst that will happen, short of Microsoft as a business going under or similarly dramatic changes, is that I will only enjoy free security updates from Microsoft until the end of the guaranteed support period (still several years away) and then I will have to use alternative means to secure my systems against any remaining threats.

As demonstrated by the large organisations still on XP, one of those means may simply be paying more money to Microsoft to continue supporting an older platform you want to keep using.


I would never put my client data on a Windows machine.

But how many people will?


There's a danger of looking at things from within the tech bubble. Perspective is everything and I'm not convinced mainstream will be so accepting when the privacy concerns gain greater visibility. The same drive that is making ad blockers a concern will probably come into play. It'll take one successful hack for reality to set in for many. I personally don't want that type of personalization or targeting.


> I can see why some people might not, and to be fair I use Linux on my work laptop because the work I do demands it. I would never put my client data on a Windows machine.

How do you handle business e-mail ? Only on the linux laptop ? Is the windows device only for personal and entertainment purposes ?


Correct. I have all my work stuff on my work laptop and the Windows desktop is just for Netflix and games and reddit and stuff that happens when I'm done with work. In fact I can't even have business emails on my personal computer because you need to be connected to my work's VPN to get email and you can't connect to the VPN with Windows without getting in serious trouble.


Windows 7 but with more features would be nice.


Windows 7 with speed of 8.1 and virtual desktop support is all I ever wanted. Not the Metro abomination.


Absolutely no one wanted it. No one asked for it.

We were spun a load of marketing disguised as listening and attention. This turned out to be exactly what Microsoft wanted which was another aggressive move against customers both business and consumer. Despite all this the noise and confusion and dubious love for the products is shining out of the arses of every non technical news source.

What did we expect?

I've left the party now. Closed my MS accounts, cancelled MSDN and AP subs, rolled out CentOS 7 on my laptop and have moved the remaining windows dependencies I have to a VM. If you don't like it, now is the time to make it known.

This is after using MS products since about 1993. No more loyalty or milking.

The software industry is moving away from the model of servitude to a vendor. Good riddance.


Now if can only do the same with Google and Android, we'd be all set. Why does Google get a get out of jail for free card in this? Android is like the spying on everything you do operating system. Your location, your voice, your pictures, your passwords, I mean fuck... There is nothing Android doesn't know about you that it doesn't share with Google and on request the US government.


Google are just as bad. I've moved to a dumbphone and an IMAP mailbox at an independent company. I tried Android but that was pretty much impossible to keep control of (Moto G 2, Android 5.0)


I want a Jolla. Sailfish is probably better in this respect (or at least the company is smaller).

That said, all that data harvested and used to customize the interface for you is indeed convenient.


I'm using Nokia 106. Calls. Texts. Nothing else. I turn it off at 6pm and on at 9am.

Doesn't have data, GPS, Bluetooth or WiFi so that's not a problem. The best it gives is rough triangulation data from cell towers but I can leave it at home and do nefarious things to my own heart's content if I so desire (not that I intend to).


Also makes decent voice calls, which seems to be more than most smartphones can manage ;-)

PS Are you sure it doesn't have Bluetooth?


Yes. It's as dumb as a 3310.


OK, thanks. My wife has just bought a cheap Nokia 103 (she's used Nokias for ages) and I was surprised that it had Bluetooth. It showed up on the laptop I was using at the time, but I couldn't find any way to connect to it. (They didn't pair.)

I checked and it did have Bluetooth on the Nokia 103 menu.


My mistake: it's a Nokia 130. (I'd assumed a 103 would be close to a 106 in specification.)


Are you really this paranoid? You must be loads of fun at parties. It's interesting though because your British government is tracking your phone, your texts and watching you as you traverse London on CCTV. But luckily Microsoft doesn't know about your affinity for Yorkshire Terriers and love of Bass Ale.

Don't get me wrong, I value privacy, but all things in moderation, including paranoia. I personally don't think most peopke's lives are that controversial to be so concerned about their privacy that they'll avoid the grid altogether lest some lewd fact trickle out amongs the billions of other lewd facts trickling out about everyone.


I spent a number of years working for nefarious defence contractors so the paranoia is somewhat justified. My paranoia is clearly required as I've been responsible for the security architecture at a number of financial companies and have a lot of experience dealing with both the human and technology aspects of data.

Safety in numbers is only valid if it's difficult to discern facts from the flock. But it's not. The technology logs and correlates specific data for fast retrieval rather than collecting noise and then discerning the signal later on.

Oh and I'd never drink Bass; maybe an Abbots or two ;)


> I personally don't think most peopke's lives are that controversial to be so concerned about their privacy that they'll avoid the grid altogether lest some lewd fact trickle out amongs the billions of other lewd facts trickling out about everyone.

This sounds suspiciously like 'nothing to hide nothing to fear'.

I don't think batou is being overly paranoid at all. Especially not with the last year or more of news.

If anything, this is massive tech company overreach on the part of Microsoft, Apple and especially Google and Facebook.

More protection in law is what is needed, not for people to suck it up and accept it.


> Your location, your voice, your pictures, your passwords,

However, it will ask you first about that. And it is not actually Android, it is Google Play Services. For snitching your pictures, you have to download an extra app by yourself.

If you don't like that and you don't want to say 'no' when asked, use Cyanogen without Gapps. That way, you'll get non-spying vanilla Android. (That means without Play Store too).


To add: you can use software like Raccoon: http://www.onyxbits.de/raccoon

Use it with a throwaway Google account to download apps from the Play Store, then use adb to install them on your device. This works fine for apps which don't rely on specific Google libraries or services being installed on your device.


Why does Google get a GOoJF card? Well, they don't.

I'm going to ditch Android for a free-er OS when I have the money, although if possible I want to get a [Fairphone](https://www.fairphone.com/) (tl;dr 1. no shady business practices/exploitation, 2. modular with replaceable parts (bonus points for having an integrated protective case), 3. Fairphone V2 will be 100% Free Software (or at least, the firmware/drivers will be), 4. costs $800 as a result).

I'm actually really interested in seeing the Fairphone be a thing.


It's a little better if your device can run Cyanogen. Not great, but a little better.

I'm hopeful that Firefox OS and perhaps Ubuntu/Full GNU/Linux on phones will help. Canonical hasn't got a perfect record when it comes to privacy or openness -- but if they manage to invest the resource to develop a truly open stack that works on real hardware, I expect people to make other distributions that do pretty much whatever one wants.


You were always free to not use new MS operating systems. Nobody forced you to make any MS accounts or use Window 8,10 or whatever, so if you installed Windows 8 and didn't like it, that doesn't make MS evil, just don't use it. Anyone who inclined to use CentOS as their daily driver probably was never going to like MS OS's anyway. You probably only ever installed it just to find out what you hate about it.


I'm actually not free to not use it. I have to test our product on these systems and therefore I will need at least a virtual machine instance of it. I have no option not to use a Microsoft account because the majority of the functionality has shifted to behind the privacy wall.

Actually I installed it to test our desktop windows product against it as well as our web application in Edge.

This was a decider for us: do we move it to Windows Runtime or move it to Qt/JavaFX, to the web or something else?

We're evaluating Qt and JavaFX going forwards.

As I said I've been using Windows since 1993 as my primary operating system. I've used Unix (Solaris, HPUX, Linux, FreeBSD, OpenBSD) over the years but never in a desktop capacity.

Also one of our clients, a big financial company has rolled out RHEL6 as a desktop platform instead of windows 8/10. They are not trend-setters either.


That's pretty specious. Your work requires you to use it. So presumably you'll only be testing on your VM instance. And if you are using at work, then use the Enterprise version, which doesn't use a Microsoft account whatsoever. And lets you control all of these privacy concerns, including telemetry.

You bitching that your job requires you to test a product against Windows in a VM is not the same as Microsoft holding you personally hostage to give up all your personal information, however you try to spin it.


I assure you this is not specious.

We have to test against the lowest common denominator so we're not using Enterprise or VL for this nor are the machines domain members.

The privacy policy changes violate our network AUP, security policy and compliance with a number of regulations. We handle confidential financial, insurance and medical data.

That's where the catch-22 is. There is no possiblity for us to use this and remain in compliance.

Not only that, every version of windows since 8 has called home. There is a lot of traffic outgoing from our network we block from machines. And that is with a heavily locked down GPO and custom WIM deployment.


The argument "Don't use it if you don't like it." certainly applies to many things, but when a company gets to the scale of Microsoft, Google, Apple, etc, the context is not the same. It seems reasonable to hold these behemoths to a higher standard than scrappy startups.


This argument is specious at best. We must hold all parties involved to the same level of standard as any, at all levels because a breach of trust at any size is seriously damaging to the consumer. It doesn't matter about the size of the Corp.


It does matter for a couple of reasons.

One is having approximately equivalent alternatives. If something is wrong with a particular kind of chewing gum, I can easily switch to the next brand over. But when that's not the case, standards should be higher, because normal market forces no longer constrain players in the same way.

The other is the size of the potential impact. If one corner-store merchant keeps their credit card receipts in a box under the counter, it's a much smaller problem than, say, Target or Home Depot keeping them in a poorly secured network.


I think it matters, if only because it's more efficient to complain about the big corporations that everyone is familiar with than about some unknown startup few people care about.

If you only have limited time and energy for activism, you have to go for the bigger targets (to make it easy to collaborate with other activists) or go for the most local targets (because you may have a comparative advantage).


Imagine if we could bring them to court over bundling malicious software with their OS and not giving the user a choice.


You were always free to not use new MS operating systems.

Are you also free not to have your private information (personal data, trade secrets, whatever it might be) given to Microsoft by others you interact with who do use Microsoft's new operating systems?


I am hearing the "if you don't like it don't use it" loud and clear. I did that for Windows 8. Looks like I will do that again.


I don't know about no-one. I have three laptops, one desktop, one media PC, one server, one tablet, and one phone. The cloud movement has been helpful to say the least.

Obviously I don't speak for everyone, but I think "no one wanted it" is a stretch.


No one wanted this implementation. There are plenty of ways of solving exactly the problems without the amorphous concept of the cloud without introducing any burden on the user.

I have a 3 desktops, 2 laptops, a NAS and 2 servers and have solved the problems transparently without any cloud services.


Yes you did, you just did it at a personal level. Most consumers are not that tech-savvy. Windows may not be for you, but it is for the masses.


> Absolutely no one wanted it. No one asked for it.

How so? Billions of people choose to pay for services/software with their privacy these days. Microsoft isn't to blame for that. If anything they were really late to the party


I think that's not true. They do not consider their privacy nor understand the consequences.


Who wanted that for desktop computers or laptops? This is not going to fly with business customers.

...nor with some private customers. Microsoft seems to be overlooking that not all nations are so happy about "the cloud" as the average American seems to be. Germany for one, where I currently live, is much more sceptical of sharing personal data -- potentially motivated by some of its 20th century history.

But all that aside, a lot of people only used their computer occasionally, say to write a letter (again, Germany, a lot of bureaucracy still requires paper letters over here). Transparently syncing documents with an external server that you have absolutely no control over is really nothing such a user wants.


And yet to do your tax online in Germany you'll have to use Elster which is Windows only. Telling them I'll sign my pdfs with SHA-256 didn't help... So back to cellulose data carriers


Does ElsterOnline not work for your usecase?


> Transparently syncing documents with an external server that you have absolutely no control over is really nothing such a user wants.

Onedrive on Windows 10 explicitly asked me "what folders do you want to sync?" when it first popped up.


Do you have the option to say "none"?


> Who wanted that for desktop computers or laptops?

Everyone who is switching over to cloud connected OSs on their tablets and smartphones.

Why should I have to reinstall and resetup every new computer? My contacts have been following me around on my phone for 8 years now, why the heck shouldn't they be just as accessible from my PC?

My favorites, they should always be there. Chrome does a great job of this, it is nice that Microsoft has decided to catch up.

Windows 8 had some of this, having wallpapers, theme colors, and OneDrive follow me around already made my computers all seem closer together, now just a little bit more is happening.

There is so much common sense in this. If I schedule an appointment while I am at home for me to leave work early to go pick up my cat from the vet, it should show on my work PC because that damn well makes sense.

All this does is bring Windows fully into the 21st century.

> Windows 7 is still pretty good, and it will probably be the main Microsoft desktop OS for years to come, despite what Microsoft wants.

About 6 hours ago I was apprehensive about Windows 10. Now I'm using it and it is lightening fast and responsive.


do you realize, as many others here and everywhere else, do not care a bit about some cloud or anything else? I can install my computers on my own, thank you. the whole discussion about people justifying is a bit ridiculous, to be honest.

why don't you all pro-MS or pro-let's-lose-privacy people don't get a single thing - as per moral standards, any kind of option should be disabled by default (meaning 95% or more people on this planet will never enable it) and you should chose only enable that if you will? It could be the first screen welcoming you on first start of OS, whatever. not even having an option to disable it on cheaper windows is just plain wrong & smells cheap, again in moral sense. As we all know, corporations, any kind, are not high on morality these days. Increasing shareholder value at all costs and similar is the mantra. that google and others are doing it doesn't make it any more right (i have all these things like google one disabled on my phone anyway, at least that's what I like to think :))

As to why we want to not use it, I do believe Mr. Snowden made a point or two in the past.


What irritates me is the language.

We're making a choice based on a button with a one sentence dumbed down description. But what is the full legally binding extent of what we're agreeing to with each click?

Nobody knows. "We share with our partners". What's being shared? Who are the partners? Who are their partners that will also have access? What's being done with it? Am I personally identifiable?

Etc. Even if they wrote a page for each box, which they haven't, it will still be pointless because there is probably some other waiver in the 300 page EULA.


I agree that these features all make sense but there is no reason for the invididual's data to have to travel hundreds or thousands of miles through third party servers during a synchronization. It should be no harder than pairing two Bluetooth devices together and then the data will move directly between these devices, or at least encrypted through a third party router. The internet was designed to be decentralized but it's not working that way due to business interests.


p2p connections don't work when one device is borked!

Computing as an appliance, imagine some day logging into any machine in the world and having it setup just as you like.


I'm not sure, it really depends in Microsoft's execution of the vision.

Over the years, if they really make Cortana useful and seamles pdates and systems maintenance the default due to the new "cloud" nature of Windows, they might see a similar adoption or switching pattern as SaaS solutions have seen in business.

At this point most traditional or slow businesses still using licensed software with local IT admins are being outcompeted by more agile competition using SaaS solutions.

Then again, what alternative do corporates have? They could stick to an older version of Windows, and become less competitive (assuming Microsoft pulls it off), or switch to Linux, which is doubtfl for most office workers (though our entire devshop uses now Linux ultrabooks).


i also suspect that they are slashing their cash cow (corporate users among them) for the vague promise to be like google and facebook (the promise of add dollars).

Good luck with that one.


I would be very wary of using windows 10 as a company. If they are sending all key strokes that a user types, then any illusion of privileged information between company and customer goes out of the window. It makes me wonder how the legal team of companies would say if they caught the magnitude of data being leaked through default enabled services.


This is incidentally why I run a hefty firewall for outgoing traffic and most endpoints can't access the internet at all.


I might well be remembering this incorrectly, but wasn't that a part of the Insider Only pre-release EULA?

I've not checked to see if it's in the more recent release EULA, but the assumption was that it was there for the beta diagnostics as opposed to the day-to-day use.


Business customers still retain all the capabilities of managing the deployment and activation of Windows features, settings, and updates.


Businesses actually have very different privacy arrangements than individual consumers. Its a function of how much they spend.


On the contrary businesses would prefer an OS where they will have to pay much less fee each year than paying one large amount occasionally. Vista and Windows 8 were needless OS which did not offer any value. Windows 10 on other hand has a lot to offer to both consumers and businesses.


> This is not going to fly with business customers.

If businesses fall too far behind adopting modern software/features their employees are familiar with using on personal devices they will have to accept reduced productivity.


It's possible to do all this personalization without giving away your data to advertisers. Unfortunately Microsoft chose not to.

Why do people seem to gloss over the fact that we can implement these technologies without losing privacy? e.g. voice recognition has been possible on home computers for decades now. You don't need the cloud for it.


> Why do people seem to gloss over the fact that we can implement these technologies without losing privacy? e.g. voice recognition has been possible on home computers for decades now. You don't need the cloud for it.

The experience is not quite the same. We have voice recognition since at least late 90's but you have to spend long hours training (> 20 hrs) in order to have a decent result (not even comparable). The fact that is cloud based now enable the software to fit better to different accents and pronounciations.

Another thing is that personalization is not really possible in today devices if you want more than 3hrs battery.


I had better results in late 2000s with less than an hour of training MS Speech API than I have with Google Now today. Either off-line speech recognition isn't that bad or my English really sucks.


I don't know about Google Now. But Cortana does have way better results than local MS Speech API. My english does suck, so it is very impressive to me that Cortana got me right most of the time.


Maybe I'm not using it right, but Cortana on my Lumia 640 Windows Phone seems to blow Google Now right out of the water in terms of capability and usability except for punctuation in voice recognition.

On the other hand, generally I'm pretty impressed with just the voice recognition/transcription by Google on my Android phones (exception: "ferociously"). Transcriptions in Google Voice on the other hand are, hm, marginally good enough to often get a general gist of a call before I return it, but if I need the actual details of the message there's no choice but to listen to it. This includes calls made by me, from my phone that I also do voice recognition on, into a Google Voice number that I use for some tracking.

It is interesting that the transcriptions in the web interface show how confident they are of the quality for each word by how dark the word is.


>We have voice recognition since at least late 90's but you have to spend long hours training

Microsoft could ship their pre-trained dataset with the computer, or make it available as a download. They choose not to.


gok covered this fairly well in this comment: https://news.ycombinator.com/item?id=9978755

It's a big, really big dataset, and things get far better the more data you have. In order to even have it, let alone keep it up to date, a significant amount of space and memory would be needed.


That dataset contains languages and accents that are not relevant to me. It could easily be culled to a size where it's no compromise on language+region of birth alone.


It's multiple gigabytes for a single language and accent. I wasn't even talking about the full dataset across languages.

You don't seem to understand the size requirements for getting a good dataset. Don't you think Microsoft would have loaded up the dataset if it was easy and cheap? They didn't have a desktop cloud-based recognition service until literally yesterday, so they had many, many years to include this magical dataset that solves all your problems without cannibalizing another one of its products. They didn't because it's not feasible right now. In the future? Maybe, hell, probably.


>It's multiple gigabytes for a single language and accent.

I have 602 GB free on my first hard drive, 519 free on my second, 699 on my third, 1.06TB free on my forth, 405GB free on my fifth and 46 free on my 6th.

If Microsoft would be kind enough to release it to me, I think I can probably find a corner to squeeze it into.

>Don't you think Microsoft would have loaded up the dataset if it was easy and cheap?

No, I don't. Microsoft wants our voice data, it's extremely valuable to them. They've figured out that there's gullible people like you who will swallow the "it can't be moved onto a local computer" tale hook, line and sinker, and thus give it to them for free.

Why are you doing that? Grow some cynicism.


Do you also have that much memory? The dataset would need to be loaded into memory at all times recognition is used to be useful.

I never said storage is the limiting factor, in fact, I even said you need a significant amount of "space and memory".


> That dataset contains languages and accents that are not relevant to me.

You are assuming that they have a different model for each language and region, which I don't think is true since Cortana understand my foreign accent besides of being using USA as a region (Canadian version works really well too).

> I have 602 GB free on my first hard drive, 519 free on my second, 699 on my third, 1.06TB free on my forth, 405GB free on my fifth and 46 free on my 6th.

Good for you, but I don't have that many free space. Gee, I only have 20Gb free on my laptop. I think you might be bias about your situation but not everyone has +1Tb of free space waiting to be used for a voice command.


My colleague wrote his diploma thesis with a voice recognition software (the market leader) because he sucks at typing. Desktop voice recognition can't be that bad.


I have second hand commercial support with a leader software in the market (that is I had coworkers doing the commercial support) and the amount of bugs and trickery some users had to go through with it makes you wonder how they can sell any copy at all.


I mean, you have to admit that desktop-based recognition is just not as good as cloud-based offerings. This is true across the board, having more data and power available will give better results.


Sure, but desktop-based recognition has been improving all the time and may well be good enough. It still doesn't mean we have to lose our privacy just because a slightly better technology might be out there.


Not nearly as fast as cloud recognition has. Especially with all three of the big companies having serious cloud-based recognition offerings and focusing on them.

And seriously, Cortana would be useless without the cloud aspect. Half the things it does revolve around connecting your digital life together by accessing various things about you. Without the cloud, it's literally just Windows 8 search.


> Not nearly as fast as cloud recognition has.

How is that? Desktop systems respond quickly, cloud systems often respond after a second - it takes time for data to do a round-trip over crappy mobile connection. Mobile latency is a big thing.

I agree wrt. Cortana (and Siri, Google Now) - most of the things you use them for will require Internet access. But there are still a lot of things that you could do with voice that shouldn't require a network connection, and we're missing the ability now. Not to mention you have zero customization options for cloud-based recognition. I could make good ol' MS Speech API recognize pretty much anything I wanted it to. No problem making it recognize a limited subset of two languages at the same time. With cloud-based systems, if the voice recognition doesn't like my accent, I'm out of luck.


I was referring to the improving part. joosters said desktop recognition has been improving, I meant that cloud has been improving faster. Which is true, all the big companies are focusing on cloud-based recognition. The improvements might eventually come to desktop recognition systems, but even that's not a guarantee given where the focus seems to be.


Fair enough. I didn't realize that you were just referring to that. And I agree with your assessment about relative speed of improvement.


1. Know everything about a person store it and mine it at scale.

2. ???

3. Profit.


Yeah there should definitely be a "Hey Cortana, off the record,..." query mode.

I'm a bit conflicted now. My girls are 7 & 9 and they've been using Microsoft Accounts. With the final Win10 build having all this (none of these settings worked a few months ago), it looks like I've got a lot of reading and explaining to do for them.


If you don't have any Windows-only applications keeping your younger-than-double-digit children on Windows, well then now is your chance to put them on anything-other-than-Windows.

My own children are still using computers with Windows 7. They play Spore (Windows only), Sims 3 (Windows only) Minecraft (Java, so playable anywhere), Osu! (no idea, really), and a couple of other games. I have no intention of upgrading Windows on their computers past 7. Take a look at your options, you might be surprised how easily Windows is replaced with anything else.


My son, who mostly plays Minecraft, does not understand why many of his friends use Apple PCs. The "render distance" and framerate in Minecraft on our home PC (running Windows 8.1) is twice that of his friends, and our PC cost half what a similar Apple costs.

As a parent, I'm also not sure if an equivalent of Family Safety exists on other platforms. Windows sends me weekly overviews of our kids PC use and blocks inappropriate content. Also, our kids log into their own profiles, I don't give them Administrator level access, they have to aks me if they want to install something.


On my desk now I have two MBPs and one windows PC. The macs are for work, the PC is for games (and occasional windows testing). I use the same kb/mouse/monitor for all 3.

After being out of the PC scene for 10+ years -- and as a rabid apple fan -- let me say this: PC gaming is AWESOME. Games I'd only played on Mac before come to new life on a proper gaming PC. That said I would probably go into a different line of work if I had to use Windows as my primary dev box.


Your only two choices are not an overpriced Mac and a cheap PC. You can build/buy a reasonably priced PC and install a GNU/Linux distribution on it.

As a Java application, Minecraft runs perfectly fine on any operating system.

As for your parental controls, if you wish to apply them you can do the exact same thing on any GNU/Linux platform.


This performance disparity between OS X and Windows for gaming may finally be diminished now that Apple’s bringing Metal from iOS to OS X (far faster than using OpenGL):

http://www.imore.com/metal-os-x-so-huge-i-no-longer-need-mac...


MSFT has done this by buying itself into the graphic API market long ago. Since then the last two main graphic hardware vendor have been poorly receptive to develop drivers for any other platform.

Hopefully, Valve OS's initiative might bend this and allow the Linux world to be at least on par with MSFT when it comes to graphic drivers. Considering that from the three main console out there, both the Playstation and the Nintendo are using a flavor or another of OpenGL, there is some hope for the future of alternative to MSFT outside the office and MSFT centric software development.


I'm really hoping STeam OS becomes a viable desktop gaming OS (play most if not all PC games) at some point.

I would drop Windows in a heartbeat if that happened. There is no other reason keeping me using it other than games.


I still think Win2k was a great operating system and I wish I could go back to it, but you do eventually have to upgrade. I eventually had to upgrade Win2k to Win7 because of the many performance benefits and the lack of support for the OS.

Even though I personally hate literally almost every new feature of Windows 10 and the design of the entire OS, I'm still running it, simply because I get much better performance out of it than I do on Win7 - and I can generally customize my UX.


I have no idea about the Sims, but I've run Spore under Wine without noticable issue.


Have you looked at Linux with WINE? That could be a good transition from Windows into, eventually, pure Linux.


Linux Mint has many usability features similar to Win 7, is free/free, and I've not had any issues with Win games ( wine / etc ) - plus they can learn command line & packages!

worth the time it takes to check it out, imo...


This is a great suggestion. I'm getting sick of having to open incongito mode on Chrome unless I want Google Now to happily repeat whatever I was looking at later. Uh, I don't need reminders for sales on hemorrhoid medicine or news alerts about the side effects of MDMA. I don't need that popping up where others can see it.

Some kind of "off the record" mode would be invaluable for voice interfaces. Hell, it would be nice if there was a check box under the Google search box as well, but I imagine Google would never make it too easy to avoid their data mining. I feel like we never had the proper privacy conversation we needed to have with companies like MS, Google, Facebook, etc. I think some level of easy to use yet strict segregation between what I consider my public life and my private life should be cooked-in, and enabled by default, into all this software.


I agree completely. The split between public and private life is so natural that we sometimes forget how important it is. Sometimes people need to be able to experiment and access information privately so they can think it over without being judged. It leads more genuine expressions in public life, even in simple ways. Maybe I want to experiment with listening to all the worst pop music to see if there's something in there I like without my music player thinking I love all of it.


Absolutely. Or take for example my friend, who's a literary translator - she sometimes has to research online the most outlandish and obscure subjects, which have no bearing on her own interests...


> I'm getting sick of having to open incognito mode on Chrome unless I want Google Now to happily repeat whatever I was looking at later.

Isn't that what incognito mode is for? If don't want your searches in cards at all, you completely opt-out of the cards that are strictly based on your search history. Ctrl+Shift+N seems like a small, reasonable step to go off the record. What is the alternative?


Why are you complaining about having to wear a bag over your head whenever you go out to pick up your prescriptions or meet your mistress, citizen? It's a small, reasonable step to go off the record. What is the alternative?


I mean, if you wanted to be sure you wouldn't get caught with your mistress, you basically would have to wear a bag on your head, no? Or at least her meet her indoors. You certainly wouldn't complain about invasion of privacy when your wife's friend sees you with the mistress on a date.


Hyperbole much? You can still simply not log in to Chrome and/or Google Search. But if you want to be logged in by default, then you'll have to tell the browser when you occasionally don't, no?


Most people don't intend to log in to Google Search, as far as they're concerned they're logged in to their email account. This is why Google got in so much trouble in France and the EU over the past couple of years.


This. I don't use gmail, but I use youtube. And when you've logged into youtube, you've logged into your "Google Account". So you can't have youtube open in one tab, and not have your history from other (non-incognito) tabs logged (modulus some tweaking of various preferences that aren't obvious or intuitive).

There's no reason why they couldn't to the same thing Mozilla does: a) have a pretty clear account thing for "sync", b) have a pretty clear page for opt/in out on what to sync, c) Have working self-host sync solution, d) have an open source sync solution so you can easily see what's going on, and how things are encoded/stored.


Here's the thing - I want my history to be available and searchable to me, because I often want to go to a page I visited previously. However, I'd prefer if others couldn't read it and I wasn't showed ads based on that. At the moment, Firefox provides a good browser that doesn't profile me or share my history with "trusted third parties".


One of the best things ive done is to shift my kids onto Linux computers. They really enjoyed "Tux" the built in Mario like game featuring the Linux penguin and it helped them connect with the 'Linux brand'. Now when my kids are wanting to install more advanced things they are naturally exploring package management and typing into the terminal to get a new thing going. Wish I'd had better Unix terminal exposure as a child.


For the US market, the way you frame the concern is the legal reality for Microsoft...parents who will blame Microsoft when information about their children passes online...are why there are no privacy guarantees in Microsoft's new policy. It's just too easy for a lawyer to convince a trier of fact that Microsoft "should have known".


Doesn't the US impose privacy guarantees on those storing data about the under-13s anyway?


I don't think Cisco's routers or Youtube's CDN or the typical iPad application have that capability. Stuff gets cached and logged automatically. Microsoft is a big target for lawsuits.


Sure. The way around that is to simply not allow users under 13 to have an account. If a user lies about his age in order to get an account, Microsoft is no longer liable.


Yep. We use fake birthdays for my kids' accounts. First it is an opportunity to explain to them that you simply don't need to answer questions truthfully just because a form asks. There's zero benefit to being truthful here; only potential downsides. Same with real name.

Second I explained that under 13 means stuff won't work, so let's add 10 years or so to make sure they don't have trouble.


My girls are 7 & 9 and they've been using Microsoft Accounts.

Well, maybe Child Protective Services should be involved? They intervene when children walk home alone from the park, perhaps they'll start to intervene when children are raised to use Microsoft products? http://www.usatoday.com/story/news/nation/2015/04/13/parents...

Just kidding, of course. But my daughters are now 14 and 17 and I don't think they know how to use Microsoft products. We've been on OS X for about 10 years.

So maybe CPS should investigate me? Am I doing my kids a dis-service by not exposing them to the dominant OS?


but now there's the risk of the entire OS learning someone else's habits when they just need to use the computer

They already do pollute the OS history with their behaviours. Examples would be the DNS cache, the thumbnail database and the temp directory. Most people just don't know about these or look at them. But they can be very revealing. The problem I have is that the OS is so ready to upload things. I don't want my OS to upload anything at all, unless I command it to do so.


"The advanced features just couldn't work without it."

I don't know much about Windows 10, so I'm curious what features you are referring to that require heavy tracking like this.


Skepticism of heavy tracking is absolutely justified, so I want to address that first. I've read Richard Stallman's blog for the last 15 years, and he has had a lot of good thoughts about it. I think everyone should have access to privacy, but I don't think everything should be private.

Games are a good example. Nobody would expect a baseball player to object to tracking statistics. That's a big part of what makes the game. Online gaming is the same way. Tracking achievements adds to the fun for a lot of people.

But there are also larger social issues where tracking can be beneficial. We live in a world with a lot of diversity and an increasing amount of information. People get overwhelmed and tend to revert to tribal thinking, attacking anything that doesn't fit their group's perspective. I don't know if people on their own could ever get over this type of behavior in a world that's impossible to keep up with without taking mental shortcuts and relying on summaries of what's happening.

Personalized deep learning is an attempt to create a relatively neutral arbiter of all this information, distill it into something useful based not only on the user's behavior but also the aggregate of everyone's behavior. The algorithms don't just learn from what you like but have the potential to uncover interests and information that you might never be able to access outside your bubble.

Cortana brings that kind of aggregate information gathering to your desktop. It's an early example, and it needs lots and lots of data to learn, and the more diverse the data set it can analyze, the closer it can be to doing its job of feeding relevant information.

Windows 10 is also meant to be an Internet of Things OS. Lots of companies are working on connected devices that depend on syncing with your account. A common example for today is telling Cortana to remind you to pick up milk when you're at the store. The reminder goes to your account, and when your phone detects you're at the store, it reminds you to pick up milk.

Of course, there are people who are going to try to use this to sell you things, but that's always been the case. The hope of people working on these things is that it can bring you actually relevant suggestions instead of just the products with the largest advertising budgets. Old advertising models were very centralized and only the largest ones could really win. Personalized advertising might be able to bring the smaller but more relevant products to your attention.

Personally, I don't like advertising, and I'm not especially excited about this part of it, but that's definitely the monetary angle for it. The part that does excite me is the possibility that we can start to break down some of the communication barriers between people, get people outside of their bubbles, and bring relevant information to people based on large trends instead of isolated social groups.

There's plenty to be skeptical about here. Money tends to push things in directions that only benefit the ones with money. Microsoft and all the other IoT companies have a lot to prove before their products can be considered actually relevant for people. There's a good chance most of them will be no better than the old way of doing things. But there's a lot of potential there too.

Privacy should always be an option, but having a public online life can be good for people too.


You hit the nail on the head: ADVERTISEMENT.

If you do go through the installation/setup screen you will see that you have now a "advertizing ID". This made me feel edgy and I cannot shake the memory of the tattoo on the victim's forearm from the Nazi solution of its undesirable population, powered by no less than state of the art technical solution, provided by a top technical solution provider at the time.


> Personalized deep learning is an attempt to create a relatively neutral arbiter of all this information, distill it into something useful based not only on the user's behavior but also the aggregate of everyone's behavior. The algorithms don't just learn from what you like but have the potential to uncover interests and information that you might never be able to access outside your bubble.

That's an interesting statement considering how most recommender systems tend to suggest things related to your interests, further keeping you within the confines of your bubble. How is Cortana different?


We had speech recognition back in the 1990s on computers less powerful than a Raspberry Pi V1. We're talking 200-400mhz 32-bit Intel boxes. So yes, the cloud dependency is very dubious.

If leveraging a lot of data allows for better speech recognition, why can't your computer access a remote speech recognition data set that stores and shares the results of its machine learning algorithms rather than uploading actual audio data? Instead of sending actual audio, send and receive very non-personalized non-specific derived model data to/from a repository somewhere (or even peer to peer).


>We had speech recognition back in the 1990s on computers less powerful than a Raspberry Pi V1. We're talking 200-400mhz 32-bit Intel boxes. So yes, the cloud dependency is very dubious.

And did you ever use it? Forget sentences, it used to even struggle on a handful of keywords. Even now offline recognition are way far behind the online ones. I have pocket sphinx installed on my raspberry pi and even in a quiet room it has false positives with just a list of 10 keywords. Ohh what I would do to have an offline recognition system that is on par with Cortana/Siri/Google Now.


Not sure if you're being facetious or not but if you were right then we would just do it on our existing phones now.

In the 90s we had slow voice recognition that took a long time to train, that would only ever work for a single user, in a silent room... If it worked at all... Which wasn't very common.


> Not sure if you're being facetious or not but if you were right then we would just do it on our existing phones now.

The point is, some of us don't believe that this was an engineering choice.

> In the 90s we had slow voice recognition that took a long time to train, that would only ever work for a single user, in a silent room... If it worked at all... Which wasn't very common.

And in the 2000s we had fast voice recognition that took a little bit of time to train and that would work over a crappy microphone with loud music playing in the room, all of that running along other software on a $500 PC. I know because in 2007 I made my own Star Trek-like (with proper computer sound and voice feedback) voice recognition system I used to control music that was played on Hi-Fi speakers. It took me like 20 minutes to train it and it worked pretty much flawlessly from anywhere in the room. The voice was captured by a crappy mic I soldered myself from parts and placed on a wardrobe.

And the single-user-only mode? That's actually a feature, not a bug.


>Not sure if you're being facetious or not but if you were right then we would just do it on our existing phones now.

If we did it that way, then Marketing couldn't datamine their customers lives to find better ways to extract money out of them.


Android's supported on-device speech recognition in the keyboard since like 4.2 (maybe even 4.1)


It's not the words that need to be processed, it's the context.


Modern cars have offline voice recognition that just works, without training.


Hear hear. Of course the cloud is not necessary for good speech recognition. There is no magic there, it's just servers running against a corpus that gets updated often. No reason why this couldn't be done locally, and text queries sent out for non-local requests (such as, what's the weather gonna be).

But I gotta say, I have the feeling that the pendulum is gonna swing back pretty soon. I'm noticing more and more (regular) people being fed up and creeped out with the massive harvesting that Google, Facebook and Microsoft are doing. Opportunity awaits!


Do you remember how much training time you had to spend on Dragon Naturally Speaking?


... on a Pentium I, using 1990s machine learning algorithms, sure.

Nobody's answered my question as to why The Cloud is the magic pixie dust that solves this problem, and why it could not be solved locally with modern compute power and modern ML techniques.


There are several tremendous advantages to server-based speech recognition.

Firstly, the models (particularly the language models) needed for state of the art performance are huge. It's not atypical for papers to discuss using a billion n-grams, for example ( https://wiki.inf.ed.ac.uk/twiki/pub/CSTR/ListenTerm1201415/s... ). That's several gigabytes of memory and storage at the very least, and you'd need a copy of that for every spoken language you'd want to support. Plus you need to keep that up to date with new words and phrases; it's much easier to keep models fresh on a server than on everyone's computer.

Power and CPU time are also a concern. Big beefy server farms can have trouble keeping up with state of the art speech recognition algorithms; a laptop, tablet or phone is going to struggle, especially when running off a battery, is at a huge disadvantage.

But the biggest advantage to server-based speech recognition is indeed that more data is critical to improving accuracy and performance. There's no data like more data. And you don't just need more data, you need a lot more data. You can get big gains from just doing unsupervised training on 20 million utterance rather than 2 million: http://static.googleusercontent.com/media/research.google.co... There's simply no way you're going to get anything like 20 million utterances without getting data from millions of real world users.


This isn't actually true.

The large data size affects the training, but the model itself is pretty small now (after some hard work on Google's part).

The thing everyone seems to be missing is that Android's (English) voice recognizer is offline[1]. While you can use the online model I suspect that is more about continual update of the model (so it understands new words and changing accents etc) rather than recognition.

[1] http://stackoverflow.com/questions/17616994/offline-speech-r...


Android's speech recognizer has a compact/offline mode, but that's definitely not what's run by default.


Good speech recognition is that expensive?

... and people think sentient AI is on the horizon. :P


Because many people speak similarly. If a number of people who speak similarly can train it, it can learn how you will say words that you haven't even said to it yet if a number of other people already have.

Machine learning algorithms haven't changed that much since the 90s, what's changed is the amount of data we have access to, and the amount of data we can process.

When you're training it yourself the data is what's limited. The fact that we can process more data doesn't matter if we don't have access to more data because you can't speak any faster.

But if you have millions of people speaking to it, then we can take advantage of the fact that we can process so much more data.


You realize the 'personal assistant' functionality of today is slightly more complex than just speech recognition, right? Because, it is.


Can you give me an example?

And why not have all the features that can be done locally be done locally. If it's possible for my computer to understand me entering an apportionment, why should that go to a MS sever to be stored forever?


How do you think your computer can understand 'entering an appointment'?

There's a lot more that goes into understanding than JUST speech recognition. First of all, speech recognition by itself isn't exactly trivial, and that's become more and more obvious as we've seen the smallest accent mess with the digital assistants on all the major phones. Yes, technically, Dragon Naturally Speaking existed a decade ago and worked somewhat, but needed a LOT of training, and was dumb as a brick. It doesn't compare.

But beyond that, understanding the meaning of the spoken word is difficult too. Yes, NLTs exist, and they can be very good, but you really need something that a team is administering. They can identify pain points and do regular updates to help... things like an odd band name that is ALWAYS misunderstood, some odd combination of words that confuses a question with a 911 call, etc., otherwise you're just going to end up frustrated.

I should also mention that a digital assistant really needs the power of a full search engine behind it. This allows for auto-correction of mispronounced words, but it also allows near-instant lookups for relevant information. If this was running on your local machine, not only will the processing be slow for some things, it will also be more limited in it's ability to fully process all possible meanings, and it will need to be updated CONSTANTLY.

These companies, by putting the language processing in the cloud, are throwing teams and hardware at the problem, and yet they STILL have embarrassing difficulties when it comes to actually understanding sometimes. Consider that for a moment... hundreds, even thousands of servers running the latest software for processing natural language for multi-millions of people aren't capable of getting your meaning 100% of the time.

Incidentally, I realize that there some open source projects out there that do some rudimentary voice recognition and processing, however they suffer from the same issues addressed above and are MUCH more limited in many many ways. Many of them still make use of cloud-based services for processing the audio, btw. The one advantage, I will say, is that you have to ability to add your own custom commands and actions, which the major systems obviously don't allow.


Does it say that it will send actual audio data?

I mean more of my problem has to do with the fact that it's an open door than what they will actually do. It doesn't say they will send audio data, it at most says "associated input data" which for all I know could be a database from their algorithms, or it could be a live 24/7 stream from my webcam and audio device.

I guess the thing is that some things are not acceptable, and whether there's a disclaimer or not, people aren't going to like it if we find out that all of our audio is being recorded and uploaded to Microsoft. But it's not, not as far as anyone can tell yet.

But again, we're only worried because they're what, giving us the option to opt out? I mean, if they wanted to they could just go ahead and stick somewhere in the privacy policy something like "from time to time microsoft will upload certain input data for improvement of service quality, depersonalized information may be sent to partners." down in paragraph 24.c.iii. Or they could just not mention it at all.

The question is are you willing to trust the OS. I mean, hell, Ubuntu Linux went and sent all of your search information to Amazon without even giving you the option to opt out in the install process at one point. It could be disabled, but unless you knew about it in advance there was no option to do so. And Ubuntu is open source.

I can see use cases for it, and one actually ties into the location services. Say you're from a region with a specific accent. If the system can tell how you speak, and how other people speak around you, it might be able to create an accent subset for you based on the collective data from all of those speakers. It might be able to guess from a few sentences and your location that you're Glaswegian and start to understand you, not because you trained it, but because across the region many people have trained it a bit. Then with the location to tie the regional accent together, even if you're in the US once you've spoken a few phrases it might be able to identify you as belonging to that regional language group.

But uploading of all spoken data to Microsoft would be silly, not just because it would piss people off, but because it wouldn't be something you could hide, and it would end up being quite a lot of data that's really not that useful.

But could it be possible? Sure. But they could also do it without tipping you off or giving you the ability to opt out.


I've been waiting for this comment, I can see how the first set of customization options really seem like they'd help with the personal assistant. It would be interesting to get a full audit of where your data goes and what they can use it for (training your personal assistant, improving their algorithms, responding to Govt data requests, improving ads, etc).

As for incognito, can you sign into windows as guest now? Or even have multiple accounts on the same pc? If so you could create a guest/dummy account if you are interested in giving the personal assistant pure data.


It's still possible to create a local guest account, but that means giving up a lot of settings that I might want to maintain on the regular account, and it's a hassle to have to log out and in again just because I don't want to record something. Maybe I want to plan a surprise trip for someone who also uses the computer or get information about a strange rash that might be nothing without making that part of my permanent record. Maybe I want to let someone else use software which requires an account, like edit a file on Adobe CS or fix a bug inside Visual Studio, without having everything they do become part of my profile.


> It's still possible to create a local guest account

Is it? I haven't tried the release build yet but this was removed from the preview.


Good point an incognito button would make it a lot easier, but this could be a work around.


I love this idea - I just submitted it as a suggestion in the feedback app.


> fine-grained permissions of Windows Phone

What do you mean by that? Not only you can't set any access rights for applications (they get what they ask for and you can either accept all or not install the application), but the OS also synchronizes your main account's contacts and calendar to THE CLOUD without asking you, telling you, and even without a way to opt out of it.


> OS-wide incognito mode

Great point...

Where's that utopian future where we bounce between a dozen purpose-built VMs, each customized to the task we're doing?


There's an OS project run by Joanna Rutkowska and some other folks called Qubes that does exactly that. It's really interesting work by sharp people.

https://www.qubes-os.org/


> I do think that Windows needs an OS-wide incognito mode, just a simple switch to record or not record data.

Sounds like switching to a guest account. Not as quick as a simple "toggle data recording" button, but that functionality is definitely already in Windows.


"I expected to see all these as defaults".

It would be fine if they were defaults if you actually saw them.


What are you talking about? From the article, the "get going fast" picture displays the settings you're agreeing to when using the express settings. It's one page of content. And clicking on "customize" gives you more detail.

I mean, I agree with the article that the layout is definitely pushing people who don't care to just pressing "agree", but if you care about privacy, it's not like it's hidden from you.


I dunno, it's not nearly as clear as the individual setting explanations.


> Microsoft is generally one of the most restrictive companies when it comes to sharing data.

Citation needed?


>I expected to see all these things as defaults

Really? You expected what is basically a built-in keylogger?


Windows is now essentially a personalized, cloud-based operating system with the primary interface as a personal assistant

They should have called it "Clippy's Revenge"


It looks like Microsoft has installed the "back door" that FBI Director Comey wanted.[1][2] That may be the real motivation behind these "features". The "backing up" of the local drive encryption key to Microsoft servers is one of the things the FBI specifically asks for. Any press reading this, ask Microsoft what communications they've had with the FBI regarding backdoors.

[1] http://www.theguardian.com/technology/2015/jul/08/fbi-chief-... [2] http://www.theguardian.com/us-news/2014/oct/16/fbi-director-...


I get this whole skepticism thing, but Microsoft has been backing up BitLocker keys in OneDrive since at least Windows 8.

I have personally used the feature several times to recover my drive keys.

There's no evidence here that Microsoft has installed a "back door" for the FBI.


Would you assume that they haven't and trust your secrets to that assumption?


And what secrets are those? If you think that you are secure because you don't use bitlocker or windows AND THAT'S ALL that you do...you aren't secure, you just have bad UI.


I might be blind, but where was that assertion made?


I might just be tired of hearing the same arguments over and over, but it I did see the assertion that BitLocker shouldn't be used to keep your "secrets". As if the choice of which drive encryption software you use on your laptop should be your primary concern when securing yourself against an adversary. (The primary concern is to thoroughly evaluate your adversary and look at your available options for opsec and InfoSec. Maybe you need drive encryption. Maybe you need burners. Maybe you should only use public terminals. Etc. It also means seriously asking yourself if you actually have an adversary or just like to think that you might some day.)

Just sort of saying..."How can you trust MS NOT to have backdoored bitlocker just use Linux. Suck it NSA." Won't actually make you secure.


Right but 'they reached too far during Windows 8' isn't an argument for reaching too far on Windows 10 (plus, Windows 8 really wasn't that long ago so it's still a pretty new policy).


I find it shocking how people readily accept Google's far worse policies, and yet are so concerned about an easy opt out.

For instance, in Android, Google tracks with GPS accuracy your whereabouts constantly. This isn't just what IP your desktop is attached to. Furthermore, there is no prompt telling you this happens with a very easy way of undoing. In fact even if you knew about this it is very hard to find a way to disable.

Secondly, Chrome send every website you visit to their servers to be logged. Again, this is not explained in some easy opt-out screen and in fact the only way to get around this is to use SRWare Iron, where they removed that code.

But Microsoft makes it easy for you to choose the privacy options even telling you about them on install.


> I find it shocking how people readily accept Google's far worse policies, and yet are so concerned about an easy opt out.

For me it's because I control my interaction with Google. I don't use their search for things I don't want them recording, I don't use gmail for conversations I expect to be private. Once your talking about the private files I store on my hard drive and access with the OS, the keystrokes I enter on my keyboard for every application, then the reach is far greater. Having a company like Google say "You can use these services, but we're going to spy on you" is not the same as MS saying "we will be watching and have access to everything on your computer, oh and you can't disable all of this spying without an enterprise license."


And MS made it hard to change operating systems. On linux, you get live oses, and easy multi-os with a boot menu. With msft making it hard/impossible to change oses with secureboot, it's just not possible to suspend disbelief that your interests have any reasonable parity with msft's own interests.


This is completely false. For one thing, SRWare Iron is a scam:

http://www.insanitybit.com/2012/06/23/srware-iron-browser-a-...

For another thing, Chrome doesn't log every website you visit. The closest thing they do is suggest autocompletions for searches/URLs you type in the URL, which is a straightforwardly-explained checkbox in Chrome's privacy settings.


> Chrome doesn't log every website you visit

But it does. If you get a new android phone and log in with a google account then it updates your browser history on chrome. Which could only be done if your non-incognito history is stored in google's servers.


Oh, I forgot about that - that feature wasn't available when Chrome was launched.

To be fair, that feature also isn't very hidden; the sync settings let you turn off history sync or use a sync passphrase which prevents Google from seeing your browsing history.


Microsoft was caught with their pants down returning google search results to microsoft via internet explorer. They call it "a signal" for bing. The difference between google and microsoft is microsoft isn't as forthcoming regarding what information they retrieve. No dashboard to browse everything microsoft tracks... You just have to trust microsoft. Good luck with that.


The Google updater is the main reason that I don't install Picasa or Chrome... that's a good thing if Iron doesn't use it.


>I find it shocking how people readily accept Google's far worse policies

I find it shocking how hypocritical Microsoft was towards Google all these years only to find out their even worse than Google because they baked these privacy "violations" into their browser.

>Secondly, Chrome send every website you visit to their servers to be logged

Utter bullshit. I don't login to Chrome when I use it and none of my URL's are sent to Google.


> Secondly, Chrome send every website you visit to their servers to be logged. Again, this is not explained in some easy opt-out screen and in fact the only way to get around this is to use SRWare Iron, where they removed that code.

Citation?


My experience:

A while back I put together a Linode server for a small project. Because I was lazy I made a private page of web links for the site logs and made the URL something long and obscure with plenty of backslashes that couldn't be spidered or guessed. The main site had no Google analytics and barely any traffic.

When I checked the logs a couple of days later my private log page had been accessed externally. The visitor's IP address was in one of the ranges that belongs to Google.

So... I changed the URL, looked at the new URL in Chrome, and checked again a day later.

Same thing. Someone - or something - from Google was accessing my private URL, based on my Chrome history.

I changed the URL again and switched to Safari.

Nothing.

Clearly, Chrome phones home and Google feels entitled to check new URLs that it can't spider. Safari doesn't phone home. (Or if it does, no one at Apple cares enough to check weird URLs).

I don't think any other conclusion is possible.


Have you tried Chromium? Just curious because this is my go to browser instead of Chrome and I am under the impression that it should not do this. Although I could be mislead. easy download through the following: http://chromium.woolyss.com/


I prefer Safari because I always thought it weird to let a company who's primary revenue is targeted advertising control my browser.


So instead you use a browser from a company whose goal is to control all your purchasing?

Yesterday one of my friends bought a mac. He needed a credit card before he could install vim... vim needs brew, which needs xcode, which needs the istore, which needs an appleid, which needs (well, wants) a credit card on file.


Hmm, I don't think you need a credit card on file. You can select "None" as your payment method. This should allow you to download anything that's free (they'll still ask you for a credit card if you try to download something paid, of course). You installed XCode dev tools and you're set.


You're probably quite right - I'm just going off my friend's report.


> Google's far worse policies

While I don't disagree that Google does consume a lot of user data, I'm pretty sure most of these are opt in or at least explained fairly up-front, and that their resultant policies are no worse than Microsoft's.

Can you give an example of where their policies are clearly worse?


Read more than the first sentence?


> Secondly, Chrome send every website you visit to their servers to be logged.

Well, I thought Google already tracked you whichever browser you use, via its advertising networks.

However, it does offer good control and opt-out cookies for the (whatever) 0.0001 percent of people who find out about this and actually give a damn.


phone tracking and triangulation always existed, even before Google. Honestly you can't compare Google to Microsoft.


I've never understood how people can truly believe that by checking (or unchecking) a checkbox their privacy will be fully protected. Especially since we're talking about a closed-source OS.

I mean I cannot possibly verify what exactly goes on in the annals of the operating system and what happens to my data, where it is logged and where it is stored and how it is sent.

So regardless of the settings, I always assume that my data is logged and read by some creepy agent in the Ministry of Truth.

If it's not, then I'm just lucky.

Having grown up in a totalitarian state, that's the default way I think about this stuff and no amount of promises (except the source code which I can personally compile) can make me trust any 3rd party corporation.


> I've never understood how people can truly believe that by checking (or unchecking) a checkbox their privacy is fully protected.

You mean besides the fact that collecting personal data without your consent is illegal?


I guess you missed this part:

> Having grown up in a totalitarian state, that's the default way I think about this stuff and no amount of promises (except the source code which I can personally compile) can make me trust any 3rd party corporation.

He does not trust corporations or governments to act within the confines of the law.


Unless, of course, the government is requesting or demanding your data without your consent.

I can't imagine any company in the pockets of the NSA getting in trouble for over-collecting user data.


How quaint.


When the President does it, it is not illegal.


Like Microsoft haven't done illegal things before?


There is some risk but it's not high. Microsoft is a huge, rich company. If it leaked they were violating their own privacy policy that blatantly, there would be the mother of all class action lawsuits.

There would federal CFAA, Economic Espionage Act, etc., investigations plus antitrust abuse investigations.


How do you explain PRISM and similar revelations about surveilance and spying ?

The corporation itself might behave like an angel, but there are agencies which can force it to open or install backdoors. Given that the number of such requests is relatively small, the probability of it being detected is low and even if the victim does notice it, then the corp can always say - "they twisted our hands".


As far as I can tell, PRISM was about getting access to data the company was already keeping. So the NSA would get your Google Location data, but only if you were giving to Google. As far as I know, the NSA hasn't made someone collect it anyway.

Legally, the heart of the NSA legal basis is the 3rd party doctrine that states that data held by a third party isn't private. It would be a very illegal search to have Microsoft invade your privacy under NSA order.

Of course, there is also some risk that the NSA or some other party goes rouge as does it anyway. But you have that problem with essentially all software and hardware.

You'd have to compile your own OS from source code you inspected thoroughly. And even then, the NSA is almost without a doubt sitting on linux 0-days.

And literally (and I don't mean figuratively) nobody knows whats on all the firmware in all the components in all your devices.

The risk of being an NSA target is super low. The harm in being a false positive target is pretty low too. Even if the NSA hacked your windows install, they won't find any plans to blow up the Sears tower and then go about their business.

Compared to risk that a car accident will destroy your existance, who cares about this tiny risk.

I probably wouldn't windows if I were a KGB agent, but other than that, why worry.


> Even if the NSA hacked your windows install, they won't find any plans to blow up the Sears tower and then go about their business.

This is just a restating of "if you have nothing to hide, you have nothing to fear". That's already been discussed recently [1] already so I won't re-tread.

> Compared to risk that a car accident will destroy your existance, who cares about this tiny risk.

Because it's not about the risk, it's about the intellectual climate the situation creates. Notice that because of car accidents there is a lot of focus on car safety, stopping drunk drivers, texting while driving, etc?

Surveillance is like that. As in a panopticon [2], when there's a chance you're being surveilled, certain conversations and ideas feel dangerous. Sometimes because they're antiestablishment but other times just because you're worried they'll be misconstrued. The net effect is censorship through fear.

[1] https://news.ycombinator.com/item?id=9869755

[2] https://en.wikipedia.org/wiki/Panopticon


What's more, opting out essentially marks you as more interesting to spy on.


An OS which doesn't have any checkboxes at all could do this too. Do you trust an OS without any checkboxes?


The OP was clearly saying that you should never trust any proprietary OS. Period.


"Send typing and inking data to Microsoft to improve the recognition and suggestion platform"

"Typing data" sounds like keylogging. If it's what it sounds like, that's really emphatically not okay; that would include all passwords and the contents of all emails sent.

Would someone with actual knowledge care to chime in and say what data is actually sent? If it turns out that Windows 10 really is sending keystrokes to Microsoft by default, it seems likely to cause a significant backlash from Microsoft's business and government customers.


Based on the wording, it sounds like it's autocomplete data — "I suggested this for what they typed or handwrote, but they chose this instead."

If so, it probably wouldn't include passwords (since password fields intentionally disable this kind of feature), and it shouldn't include the full contents of emails, just telemetry on how they were typed.

But Microsoft really ought to have explanations so we don't have to guess, and they ought to know that. I'm assuming this is on their itinerary and the documentation department is just lagging.


> shouldn't include the full contents of emails, just telemetry on how they were typed.

Can you explain how you got to this from what you asserted before? Autocomplete data should be more than enough to get that content.


While it would be a little reassuring to find out what Windows 10 is currently sending, you should note that as the privacy agreement sounds like keylogging, Microsoft are claiming the right to start keylogging even if they don't quite do that now.

Also, enterprise editions of Windows apparently have more opt-outs... regular editions cannot opt out of all data collection. (sorry, can't find the page that I read this on)


IE and other browsers configured to use Bing have done this for a while. I discovered it while packet sniffing for something else and seeing HTTP requests for the things I was typing in the Address Bar.

I can't say I'm surprised, though saddened, to see this elsewhere in the OS.


Anything that uses web-supported auto-complete (your browsers, for one, regardless of search engine) must do this. There's literally no other way to ask the internet "What are the possible endings/meanings of what I've typed" without providing what you've typed, letter by letter.

Text correction doesn't require hitting the web, but learning about how people make typos does require some targeted data collection (typing followed by deletion and retyping, likely)


So does chrome. How do you think they do search suggestions whilst you type? This is why Firefox retained separate search and URL bars...


> what data is actually sent?

It's important to remember that it doesn't matter what MS is doing today. What matters is what the force-updated version will do in the future. Or did everybody forget that you cannot prevent updates in this version?


Think about this... If more things forced auto-updates, we might not have been forced to support ie6 for so damn long. It's a trade off. Instant security patches, instant support for new standards, etc, all without having to worry about all of those users who just will not press that "update" button. Sounds like a pretty decent plan to me.

I would be fairly surprised if Microsoft didn't re-display TOS after each update, so feel free to keep an eye out. If you really really care about this kind of thing, then I might suggest avoiding products that are tightly integrated with private entities as a general rule.


Instant security patches, instant support for new standards, etc

...as well as instantly "brick" a significant number of machines out there. At least the user has a chance of correlating something breaking with a recent update if he/she explicitly did so. MS have screwed up Windows updates before, and I don't believe they'll suddenly start getting it perfect now.


> I would be fairly surprised if Microsoft didn't re-display TOS after each update, so feel free to keep an eye out.

And my options as a user are then what exactly? Accept the new TOS or have the device rendered unusable and lose access to all my data? That's definitely the basis for an unbiased, informed decision.


If it's not explicitly excluded, then it's something they can do and might do in the future without notice.


I wager what that means is if you hand-write and then type the same text, Windows will/can send the typed & hand-written version to a server, where it can be used to improve the handwriting recognition, either for that specific user or for everybody everywhere.

The problem is there's no like "more info" icon you can click to get an explanation of what it means.


It's too bad that microsoft continues to be villainized when companies like Facebook and Google have social networks and browsers respectively that have similar practices that users are even more unaware of when they use them.

Computers these days have become thin clients for browsers (especially for the typical consumer). Except for the occasional open of Word or Excel, you're in your web browser browsing the web and have a tab open for Facebook. With new features like "sign into your browser" or ad retargeting across the sites you visit today, consumers are already being subjected to practices that Microsoft at least gives you the ability to turn off piecemeal if you so wish. They're just doing so at the operating system layer instead of the browser.

Think doing so at the operating system is more criminal than at the web browser or website level? Consider that Google Chrome is moving to become "Chromebooks" and that Android integrates Google Search. It's already happening and we take Google's "don't be evil" mantra for face value while continuing to poke Microsoft out of sheer habit.


So we should stop criticizing Microsoft, because Facebook, Apple and Google are not criticized enough?

That's some pre-school logic.


Microsoft has watched Apple get away with this stuff for years and make billions off of it. Apple doesn't even offer an opt-out on most of it. Microsoft is at a massive competitive disadvantage by not leveraging the knowledge it has access to and offering those features that require this type of data collection. Microsoft is a publicly-held company, beholden to its shareholders and is thereby required to compete in the market against its rivals. As long as Apple is allowed to do it, it is therefore inevitable that everyone else will, too. Preschool logic? Sure, whatever you want to call it. It's life.


Apple is not an advertising company, its a hardware company. While I feel it's going down the same route as Google, its current privacy policies are significantly better than any of its competitors. Furthermore, Windows 10 goes way beyond the norms by having permission to gather keystrokes and content from private and public files, and it doesn't allow disabling some of its privacy-violating features unless you purchase the enterprise edition. MS has turned the advertising-heavy Google Play experience into a desktop OS, and they're the first to do so, hence the criticism.


Obviously, people (especially knowledgeable ones) should be consistent in their evaluation of privacy issues across services. Grandparent gives good examples of potentially under-discussed issues. No one said we should "stop" doing anything.


Facebook and Google don't log all of my keystrokes across my entire operating system. As far as I know, Google doesn't even log keystrokes within the browser.



Again, logging my keystrokes in a single text input field is vastly different from logging all of my keystrokes across the board.


Except logging your keystrokes across the board is not what Microsoft is doing. Do you realize how absolutely useless that data would be? They are monitoring search queries, specifically in Cortana. They probably do the same for auto correct instances. They aren't logging all of your keystrokes.


For a lot of people, Facebook is the board.


If you're on Facebook, then I think it's reasonable to assume that Facebook is recording what you do on Facebook.

If you use Windows, I don't think it's reasonable to assume that Microsoft is downloading your browsing history and keystrokes.


> don't log all of my keystrokes across my entire operating system

Microsoft isn't doing this either, they are monitoring your usage of Cortana/System Search and your selection of its suggestions (just like Google does for Google Now,) to improve their algorithms. This is really being blown of proportion. Reminds me of people freaking out about Palladium with Project Longhorn.


How do you believe auto-suggest works?


You're comparing Microsoft's request to send ALL typing and "inking" (I assume that means touch and stylus events) to Google logging search terms?

No matter how you look at it, essentially reserving the right to install a key logger on your computer is unprecedented.


But reserving the right, or just saying 'Look, we don't know all of the cases where a programmer will say "and if the user corrects this, tell us we screwed up"' (for the optimist) is not the same as sending it all.


Auto-suggest in the address bar? That's a far cry from logging every keystroke I make in the entire browser.


Leprechauns, consulting an oracle, and simultaneously typing at Google HQ.


Yes but it's an OS, not web services like Google of Facebook.

It is a whole new level of intrusion IMO.


Facebook and Google don't create shill organizations or hire political hitmen to create smear campaigns on the topic of privacy. Microsoft just solidified what hypocrites they really are. I guess they'll think twice about attacking Google again.


https://projectbullrun.org/surveillance/2015/video-2015.html...

Of course MS wants to get in on surveillance-as-a-business-model. It keeps people tied to your Service as a Software Substitute, and as long long as most people are still ignorant about how technology works, they won't notice how the stalker-like nature of a lot of modern soft^H^H^H^Hmalware.

As for the few nerds that notice, they can probably be shut up with an obscure option to disable (most of?) the data collection; the number of people that even know the option exists will be insignificant. Some of those nerds can even be distracted with promises of "open" access (to our proprietary APIs we can remove or change without notice); if you phrase it right, it can even sound like "open" is referring to the commons. After a while, some of them may even build entire businesses based on feeding user surveillance data upstream. After a generation, the days of being able to write client software will be long forgotten.

--

The ongoing Theft Of Privacy (and the closely related The War On General Purpose Computing) are being fought, and this brazen behavior by Microsoft to take advantage user ignorance is taking yet another step down a dark path.

Which side are you going to be on? The side that is trying to maintain the remains of our privacy, an open internet, and free computing?

The apathetic side that fixes technical problems for themselves, while everybody else gets spied upon a little bit more while their tools become even more removed from their control? I hope you enjoy the consequences of rewarding this kind of behavior. Why should Microsoft (or anybody else) change when they still get paid and maintain their user-count?

Or are you the apparatchik, who thinks Cortana (or Alexa, or Siri, ... or Google Analytics) is a useful, cool piece of software? Surely the Big Data being collected is just going to be used for the stated purposes and could never have a noxious effect on users or become an attractive target for hackers or governments? If you're in this category, you might just want to start paying attention to the larger games being played, because if you don't start fighting for your future others may take it from you.


I spend an inordinate amount of time thinking about this very issue, and I must go back and forth weekly. My first reaction is to want to defend the ignorant, to try to educate them and work to protect them from being taken advantage of.

But when you talk to people about it, _their_ apathy and indifference is what leads me to stop caring. I've tried for years to educate friends, family, and coworkers on digital privacy. The number of people who have even installed and used a password manager is 0. If it's a struggle to even get someone to try out, let alone USE DAILY a password manager, what hope does anyone have to elicit a privacy-aware mentality from the general population? Why work to help people who do not even want to be helped?


Hell, look at this very thread on HN. There are people further upthread essentially saying, "Whatever, I like it because it's convenient."

I have adopted a passive stance on privacy and security: I stay up-to-date on news in this area, I choose for myself products and systems that minimally increase my risk, and I will answer questions from clients or other people. But, I won't evangelize it. Most people really just don't care all that much.


> Hell, look at this very thread on HN. There are people further upthread essentially saying, "Whatever, I like it because it's convenient."

Is that so ridiculous a concept? People routinely trade privacy for convenience.

Sending my location to Google through their maps is ridiculously convenient. Getting around using public transportation, especially in a city I'm unfamiliar with, would be a pretty awful experience without it.

While it's a small convenience, Gmail parsing my airline confirmation emails into an easy-to-read format is pretty cool, and I like that it's done. To do this (and have a spam filter), they must be parsing my private email in some capacity.

I've personally never been a fan of digital personal assistants. I've only used Google Now and found it more annoying than effective. But I can certainly understand why getting up-to-date traffic information when you're about to drive home from work would be a really useful thing to have. To do that, it has to learn your daily habits.

Convenience and privacy are almost always at odds with each other. It's a give and take, so ideally I should be getting more convenience for whatever privacy I'm giving up. That may not be the case here, and I'm not saying where your personal line should be, but don't assume people are ignorant just because they're choosing convenience over privacy. (Not saying you are personally, but others in this thread are.)


Yeah, I don't really think of people with different priorities as "ignorant". I get that there are tradeoffs, it's the same deal with network security.

I'm a little ... frustrated, disappointed, bothered? ... though at the number of people that don't seem to consider at all the consequences of where information systems are headed. It's one thing to look at the benefits and the consequences and say, "OK, I'm willing to trade information on my position in exchange for realtime updated traffic flows and generally perfect maps and directions and nearby points of interest." I totally get that. It's not a choice I've made -- I remember getting around before GPS was everywhere -- but I can shrug and empathize and understand the decision.

But, "meh, I don't really care about this news, I just want more convenience" ... that bothers me a bit.

Unfortunately, I really can't think of any way to convince anyone else they should be bothered. I could cite historical cases where that hasn't worked out so well, I could dream up fictional scenarios where it might not work out so well, I could point to more recent events where things like identity theft are costing some people years of their life to sort out. But, none of that really makes much of an impact. I don't think anybody who isn't bothered now will become bothered up until it affects them directly.


>>Is that so ridiculous a concept? People routinely trade privacy for convenience. Sending my location to Google through their maps is ridiculously convenient.

If you cannot tell the difference between you sending your location to Google when you need to and half the people in the world sending ALL their information to Microsoft ALL the time BY DEFAULT, I don't know what to tell you.


Did you stop reading after those three sentences? Because I talked about digital assistants and Google Now, which is basically sending all your information to Google all the time.


Why does convenience and privacy have to contradict each other?

Parsing airline confirmations should be possible to do offline. Preferably by some standard data format like iCal but even if airlines can't agree on such a format it shouldn't be difficult to compile a scraper that can be run offline, with an updater that contains all the various formats.

Sending your location should not be required to display a dot on a map of where you are. Even navigation can be done offline to a certain extent, OsmAnd does it and that's what tomtom and cars have been doing for years.


While I understand this frustration (I've asked the same question myself many times), I feel that we who understand these topics have a duty to try to explain an assist those for whom the computer is still a "sufficiently-advanced" magic box. I'm sure most of the people in the medical profession are regularly frustrated having to explain for the Nth time why we should all eat better.

The scientist who discovers new laws of nature and the engineer that assembles simple pieces into complex and useful tools have only finished half of the process. The other half is explaining these news ideas to everybody else, so they can actually be utilized (and maybe inspire other discoveries and innovations). This was one of Feynman's greatest talents - taking the time to explain the important parts of a topic, in a way that was a lot more accessible.

I generally feel that if an audience is not understanding something (and assuming there were no trivial issues such as lack of time), the fault lies largely with the teacher. While have also met with limited success in explaining these issues, I keep trying in new ways. Pedagogy is a hard problem, but I personally have learned a bit by studying those that seem to have successful methods (such as Feynman, Sagan, Burke[1], Vi Hart[2]).

As for this specific problem of businesses collecting massive amounts of personal data (and the associated "free (as in beer)" culture), I suggest showing people the talk by Aral Balkan that I linked at the top of my previous post. He has given variations of the talk before, but this recent version is particularly good at explaining the entire picture, from simple gmail/facebook doublespeak, to the "free" culture that has taken over the tech industry, the internet.org style imperialism masquerading as "helping the poor", and more. This talk has been more successful than of the explanation, essays, cartoon, or videos that I've used in the past. YMMV, unfortunately.

[1] http://www.dailymotion.com/video/x2hdg0b

[2] https://www.youtube.com/watch?v=4gZ5rsAHMl4


There is no hope. Simple as that.

There's a surprising connection between the reasons for people's ignorance of privacy and the complete and utter inability of an untrained person's mind to spend even just 15 minutes with itself.

Think about that.


I'm increasingly believing that for privacy to live, a necessary (but not sufficient) condition is for free to die.

By free I mean free as in beer, not free as in freedom. The problem is that if everything has to be free, there can never be any money in the actual maintenance and development of the product. User-centric and privacy-respecting business models are impossible if the product is free.

It's necessary but not sufficient because Windows isn't free (well 10 is quasi-free for some people), but it still does these things. So being non-free is no guarantee. But I believe it's a necessary condition since without some revenue stream independent from surveillance and other "indirect monetization" streams there is absolutely no hope of delivering a professional consumer-grade experience that could compete in the general market.


There's an even bigger elephant in the room: software is a non-scarce, non-rivalrous (possibly even anti-rivalrous in that utility increases with usage) good. Per-unit software sales and most standard proprietary software business models are deadweight losses that rely on unsustainably preserving artificial scarcity.

The technical community has mostly accepted that file sharing is a reality that requires rethinking business models, and that DRM is an act of desperation to put old strategies on life support by restricting playback device manufacturers.

But for proprietary versus free software, many remain outright hostile.

Business models for privacy-respecting user-centric free software are possible: https://en.wikipedia.org/wiki/Business_models_for_open-sourc...

They might not be amazingly profitable. However, the reality is, the programmer is heading the way of the musician and the artist.


Programming is a trade, similar to plumbing.

Just like the typical plumber or electrician, most programming is not "new products". Even today, most programming is probably Java (formerly Cobol) internal to a business or other large organization.

There will always be a need for programmers, for much the same reason we will always need plumbers: even with standardized parts and methods, you still need someone to actually customize it to the specific task and implement it locally.

This is where Free Software comes in: we need a commons from which those implementations can be built from. Unfortunately, we still have a lot of sociopathic businesses in the market that think it would be really profitable if they make the threads on all their pipe fittings in the reverse direction at non-standard sizes with the hope of cornering the entire pipe market. In practice, of course, all they've accomplished is forcing every plumber to keep a huge set of adapters in their toolkit and waste a lot of time matching them on every job.


Of course this argument falls apart with the many truly free OS's that would work perfectly well in the general market (as long as you didn't tell consumers they were using GNU/Linux and made it look the same as their Windows box).

I agree with you that "free" as a business model needs to go in one direction or the other. Truly free, as in my Fedora install (ignoring some binaries) or pay for privacy.

The problem with pay lies in the search for more revenue. Cable television used to be ad free. There wasn't a need to advertise since they were already getting subscription money - now look at it. The temptation to add easy profit is too great for many businesses (which is why we now have targeted ads within an OS we already quasi-paid for).

Meanwhile Red Hat isn't doing too bad with their blend of paid and free.

None of what I'm saying is particularly well written or fleshed out after a long day, but this is also something I think about a lot.


> User-centric and privacy-respecting business models are impossible if the product is free.

What about non targeted advertisement?


I dont' know why so many people are surprised by the Cortana data vacuum. Doesn't Siri send everything you say to it to Apple or a "trusted partner"? Why would Cortana be any different?

The keylogger and Start menu ads are just creepy though. I shouldn't have to opt-out of targeted ads INSIDE MY OS.


There's also a difference in perception between Apple's "trusted partners" and MS and Google's "trusted partners". Since MS and Google make a large amount of money from selling you to others, I just instantly assume that they're sharing my data with advertisers. Since I pay for all my Apple stuff and they repeatedly say that they don't sell my data, I assume that "trusted partners" means companies they've outsourced speech recognition to, or whatever, and that it won't ever be used for tracking or advertising.


Isn't MS closer to Apple than Google in terms of how it makes money? You pay directly for all or most of its stuff. Also, I thought Google sold your eyeballs to advertisers but not your data nor how it figured that it were your eyeballs that were most fit for the ad.

(I guess for some ads, the very fact that it thought your eyeballs were fit for them already discloses more about you than you'd like... and I'd guess that at least some ads placed by Google would be able to figure out whom they were shown to. But other than that, isn't data collected by Google kept secret from everybody else? It'd make sense from a business standpoint apart from any other considerations; better keep the competitive advantage, and better keep exactly what you know a secret from users as well as competitors.)


> Google sold your eyeballs to advertisers but not your data nor how it figured that it were your eyeballs that were most fit for the ad.

This is exactly correct, and it's why I prefer trusting Google with my data over anyone else. I'd rather have my eyeballs bought and sold by a company who's only competitive advantage is the fact that only they have my data.


Microsoft has Bing and their own advertising platform, with a tight partnership with Yahoo. Bing is now tightly integrated within Windows since version 8, ads and all. It's really irrelevant how much money Microsoft makes from this when they are in the same business.

Also, I interacted with Google's AdX and others and I must say that Google's AdX is much more restrictive in the user data exposed. The identifiers they give are completely unreliable for tracking users and they don't even give away the full IP. They are also doing a good job in reviewing the content being served on the client side, they detect if you're setting cookies or doing other things that are against their policy and their approval process is a pain in the ass. Other competing platforms, like MoPub (now owned by Twitter), are much more relaxed.

The general rule of thumb in the ads space - the bigger you are, the more eyes are watching you, this is why smaller players are breaking the rules with the purpose of grabbing as much land as possible before going public.


Wasn't Bing Ads just sold to AOL a month ago?


Bing has also been the default for Apple's Siri for a couple years? They may be growing their own search engine to support Siri, but I'd be interested to know if there are any identifiers passed to Bing for those searches... Trusted Partners and all.


There are a lot of assumptions in your post, but I guess that's implied given you are talking about perceptions.

At least for me I tend to trust MS (at least the new MS) more than I do apple or even google.


You've had targeted ads on your XBox homescreen for a long time; a core OS feature of the iPhone is the app store, which features targeted ads. When app discovery becomes a part of the OS, advertising seems to naturally follow.


there is large difference between ads in your face and ads "once I've explicitly indicated I'm looking to shop because I clicked on the App store"


MS seems in the mindset "Can't beat 'em, join 'em" as we're only In-App Purchases away from a freemium OS.


Minesweeper and Solitaire are now freemium...


To be fair, Apple needs that messaging for Siri because they outsource the speech recognition to a 3rd party (Nuance, I think). It's not like your phone is doing all of that legwork locally. I'll bet it's the same deal with Google Now and Cortana.


I think Google handle their speech recognition in house, but do outsource snippets to help improve it.


What do start menu ads look like?


The new XBox 1 update I installed yesterday has placed a "Featured" column on the main interface with ads. Think a start menu folder with links to sponsored web pages/apps.


A little "Recommended App" tile underneath your "Most Used" list.


I still have no idea what you all are talking about. After fresh install, my Start looks really barren, I'd even welcome these mythical ads...

http://i.imgur.com/tdkFeiQ.png


Wow, that's huge. Are you in tablet mode? If not, you can drag the edges of the start menu to resize it.


Yes you can resize it, to 1/4 of that or so.


That doesn't seem too invasive.


I believe it suggests an app from the store to you sometimes.


This: https://twitter.com/GazTheJourno/status/626736454610366465

According to these screen shots, this guy got skincare product ads in his start menu.

I can't verify because I noped out of anything that smelled like ads right from the get-go. Also, classic shell.

!!!EDIT: I know it looks shopped, which is why I said I couldn't verify it. Windows Store app ads are quite real though.


This is undoubtedly fake. Why even post this garbage?


If you know it's fake, why would you bother posting it or even bringing it up?

"Its awesome living in a mansion! According to this picture, this is what my mansion looks like"

"!!!EDIT: I know I don't own a mansion, but other people do and this is what it would look like if I had one."


Because the windows store app ads are themselves real, so the principal point stands. There's no need to get up in arms over it.


That ad doesn't really fit the grid in the start menu, which seems odd to me. Microsoft was fairly gung ho about the grid in the Win8 start screen, and I'd assume here too since it's supposed to reflow automatically in between tablet and desktop mode.


Agreed. Doesn't everyone wonder why everyone wants to have their own offering that you can speak to?


>I dont' know why so many people are surprised by the Cortana data vacuum.

Well, today is Thursday. That other stuff was from Tuesday. Tomorrow it will be something else about somebody else.


Of course you did. Large companies have no vested interest in building systems that do the "right thing" for you as defined by tech types like us who are arguably more sensitive on this subject than most people.

They are building services that take your information and try to do something interesting enough with it to make it worthwhile...and why is it on by default? Because they want to make money off of the new features and deep integration with your information.

This isn't news. But it certainly may be another excuse to have the exact same conversation that nothing will come from.

Never mind that data generated and collected from cell phone usage will always make the privacy impinging features of your laptop look tame in comparison.

Never mind that the only way to stop companies from doing this is through the political processes that everyone seems to have written off.

EDIT: Downvoting because someone disagrees with the principal argument of the post is lame. Cheers.


Granted most individuals may not be concerned with these intrusions-by-design, but businesses dealing with sensitive information - or who simply have a vested interest in security - may see this as a reason to forgo the Microsoft Office suite altogether, which is one of Microsoft's few stable revenue streams after all these years.


Exactly. I work for defense attorneys, and they deal with a huge amount of private, protected, highly-confidential data. I honestly don't know how we can keep implementing Microsoft solutions... have been debating switching everything over to Mac.


businesses actually can get a very different deal when it comes to data "sovereignty" issues.

it's really consumers who have the least leverage. If you want an arrangement where your data is encrypted with keys that you store in a tamer proof hardware module you can. It's priced differently, but you certainly can have that. (It's not all that expensive in the scheme of things.)


> and why is it on by default?

Because Cortana would be useless without it and that's a big user-facing feature of Windows 10.


Something like Cortana could have been built to work locally, using your own resources. But it wasn't. This was an opportunity to say "we're not like Siri and Google Now, we respect your privacy", but instead they built something just like them.


I imagine the resource costs would be too high to really make that worthwhile. The choice is probably between bad privacy settings, a bad personal assistant, or bad battery life and disk usage. Microsoft chose the option that would likely upset the smallest group of people.


I don't buy it. My Windows 10 machines will be Ivy Bridge, Broadwell, and soon Skylake-powered desktop processors running with gobs of excess computing capacity. Voice recognition should be feasible with this hardware, as it has been in the past with Windows 7 and Windows 8's often-ignored voice transcription feature. Furthermore, even if the performance were slightly worse, I would gladly sacrifice some performance for local execution with local data.

Now, I expect that such a local agent would need to have quite a bit of fine-grained control to satisfy privacy concerns (e.g., do you agree to allow me to send your query about films in your zip code to the MSN Movies site to get showtimes?) But I feel the actual processing of the day-to-day personal assistant features is not only eminently feasible on my desktop, but most likely also on my Surface or laptop.

The cloud is pernicious and voracious, its dominion grows quickly enough without needlessly exaggerating the necessity of offloading computation like this. Local computing devices—especially those that conventionally run Windows (desktop PCs and laptops)—are extremely capable.

Cortana is a cloud agent not because of requisite processing power. Illusory local processing deficiency is just a convenient justification for why it doesn't run locally.

But then, I am a strong advocate of personal compute servers and mainstreaming secure private networks. So I am obviously fringe in today's culture that embraces the centralized cloud.


I agree with you with everything except the expectation of performance of your desktop - you're underestimating the ever-growing bloat. Faster hardware is just an excuse for businesses to include more useless shi^H^H^Hvalue-added features and a way to speed up their delivery by caring about performance even less.

WRT cloud, we've already reached the point of ridicule with the new generation of Internet-connected hardware. So many useless webapps (er, "value-added cloud analytics platforms") and so many devices sitting centimeters from each other but communicating all the way around the world. There is absolutely no engineering reason for it to look that way - it's all just attempts to milk users by making them depend on cloud services.


processors running with gobs of excess computing capacity

You're right about the CPU. However, it's possible that good voice recognition also requires gigabytes of data. That wouldn't work so well for a tablet. Or maybe there is some custom hardware (like DSP chips) in the data center that is used? I don't know, I'm just playing devil's advocate.

I do agree with your sentiments. I'm not about to opt in to this garbage. I came of age in the era of the mainframe and I despised the lack of personal control. I won't willingly return to that. Today's cloud is just yesterday's mainframes and time-sharing by another name.


You know they sell things like the Surface 3 using an Intel i3 processor, and still sell Windows tablets with Atom processors, right? Just because you have a 12-core i7 with 320GB of RAM doesn't mean every Windows machine does.


Well, like I said, Windows 7 and 8 had voice transcription support built-in and it worked well on my old computers from 2009, with plenty of CPU capacity to spare. I expect a modern i3 would probably match my desktop i7 from '09.


It actually does run locally with access to API's that you authorize. Just saying...


Interesting. Is it easy to "firewall" Cortana so that it does local voice processing and connects only to external services you authorize?


You can actually customize a large part of it and turn all of it off.

You can't firewall it off, but you can learn how it actually works and just turn it off.


> turn it off

For now. This crap is going to get a lot harder to avoid when the Intel SGX instructions are widely deployed and it becomes possible to extend the lockdown from SecureBoot to the kernel and kernel-authorized apps.

I suggest fighting it now, while it is still just an annoyance.


But the entire point of the service was to use data mining techniques so that you could use natural language directives to say "add a reminder to my team's calendar to update some presentation in O365, etc"...

Maybe you don't find it that useful, but I think that a lot of people would. It will, in a future release, be genuinely useful. It's getting there.


All of which could be done locally. There's certainly no shortage of processing power available to do so. All of those services have APIs.


That's actually how it works. You give it permission to use your O365 account. You give it permission to use your location either at setup or in the config settings at a later date.

A whole host of the Cortana functionality is local that interacts with online services via API's that you authorize.

I don't think that really anything that I say is going to change your mind, but you could check out some of the video's on Channel9 where they go into it in detail. Some of it's pretty good and if you use headphones you can't hear your co-workers talk about stuff that makes you want to slap someone.


The claim that started this thread was that Cortana needed this data to be supplied to Microsoft, as controlled by the privacy settings mentioned in the linked article. If Cortana or similar services don't actually need this data, great; then they shouldn't ask for it or need to have privacy settings that allow it to be sent to Microsoft.


Josh, maybe you don't get how difficult Speech Recognition is now that it comes as standard in your smartphone, but they use Google/Apple (delete as appropriate) servers for a reason. There's a reason people were amazed at the response time of Cortana - local speech recognition that doesn't hog the processor is a big deal.

And connecting to O365 calendars offline? Is that not a stupid concept?


Last time I checked, and it was few years ago, analyzing voice locally was much faster than what phones do today - because well, mobile networks have latency. The round-trip to cloud and back itself can easily take a second.


I'm well aware of how phones handle speech recognition; there are reasons they do so via services that have little to do with the computational difficulty of speech recognition. It's not by any means necessary to upload raw voice data to a server and process it there, especially if we're talking about full computers rather than just phones.

> And connecting to O365 calendars offline? Is that not a stupid concept?

I said "local", not "offline". Though in any case, you should likely have a locally synced cache of your calendar for efficiency and the ability to read it offline. Web apps are quite capable of working while offline.


> we're talking about full computers

Worth mentioning: Windows 10 is not just for "full computers."


I'm aware, but the line is becoming increasingly blurred, and there's enough power on even the average phone to do speech recognition.


> And connecting to O365 calendars offline? Is that not a stupid concept?

Did we enter a new era where using your calendar offline is considered a special case ? I would assume there are few people who actively modify the same calendar, and it's pretty easy to tell a user when they modify a calendar offline meaning that it's not synchronized on other devices; is there really a need for making calendars online first ?


[deleted]


You misread their comment


Ah, I did. Thanks for the heads up instead of just downvoting!


I know. I think it's actually pretty cool. (Though it doesn't seem to work well with some builtin mic's.)

I really like the direction they are headed.


How about a box that shows up the first time you try to invoke Cortana, asking if you want to turn this feature on.


There are dialogs and UI hints that come up when the service is first accessed. Is it enough to placate someone who is seriously concerned with online privacy...probably not. It meets the minimum requirements to not be too sneaky.


I made a similar suggestion in a somewhat related topic concerning browsers and was told this is bad UX so it shouldn't be done. Informing people of what's going on and giving them power over their choices is bad UX. Somehow.


UX people can't seem to agree on much of anything. On environments where permissions must be explicitly granted (like iOS), I've seen articles saying to go both ways: "ask for everything right at the start", and "ask immediately before use".


> UX people can't seem to agree on much of anything.

It's almost as if "UX people" isn't referring to "UX person." Go to Stack Overflow and the vast majority of questions have multiple answers, as if "programmer people" can't agree on much of anything.


If you have a local account you have to sign into a microsoft account (changing from local) to get Cortana.


It's not wrong or evil or even criminally negligent to want programs that you write to work as intended. With new systems that have fancy machine learning based features developers face the difficulty that making an accurate training data set is impossible, especially at the scale at which Microsoft ships its software. Cortana's abilities to be smart assistant all involve polling the data mentioned in the post, sure you can disable all of them and be blissfully disconnected from network assisted features like her and better handwriting recognition. It's a choice and by default there isnt any harm in leaving most of those options enabled, the average user will only benefit from the interaction. It's okay to be conscious about where you're sending your data but its just ridiculous to frame each new feature released by company as morally wrong or "having no vested interest in doing the right thing".

God forbid we become slaves to the evil corporations. /s


I didn't mean to make it sound that way. I actually agree with you completely. I was trying to write for my audience there...my point was just that obviously they will want to gain something from the relationship as well.

You and I are in complete agreement on the subject...I just fell into hyperbole...

:)


I suspect people are downvoting your cynicism.


That's the thing, though. I find the constant kvetching about privacy the most cynical thing. None of these posts are news, new information, or even a new take on existing information.


I think there was a sense that the "new" Microsoft was trying to be a bit more humane.


This goes along with the news that Windows 10 backs up your drive encryption key by default, and that Microsoft can use it to decrypt your data. In "good faith", of course.


For most users, this protects them to a useful level. Most users don't think losing a password is a big deal and would be very upset to learn their data is lost because they forgot. That's an anti-feature.

The number of people that'll be protected from leaving their laptop in a taxi, or home burglary, or selling/trading-in a device, or just snoopy relatives or acquaintances, etc. is large and MS absolutely made the right call here. Otherwise, you'd have "experts" giving advice to disable this feature or suffer data loss.

Also, if they use OneDrive to back stuff up (like they should!), the security damage is already done as most juicy files will be unencrypted in MS's hosting and still subject to warrants.


> For most users, this protects them to a useful level. Most users don't think losing a password is a big deal and would be very upset to learn their data is lost because they forgot. That's an anti-feature.

"Would you like to store a backup for your drive encryption password on Microsoft OneDrive? If you choose not to do so, and you forget your password, all of your data will be lost. [Yes/No]"

And none of that warrants a ToS that says they can use that backup for anything other than helping you recover your data.

> Also, if they use OneDrive to back stuff up (like they should!), the security damage is already done as most juicy files will be unencrypted in MS's hosting and still subject to warrants.

Hence why client-side-encrypted backups are a good idea.


>"Would you like to store a backup for your drive encryption password on Microsoft OneDrive? If you choose not to do so, and you forget your password, all of your data will be lost. [Yes/No]"

You know when most people care about whether or not they can recover their data? It's not when someone asks them a Yes/No question, it's when they can't recover their data. And responding with "Well, remember 2 years ago when you clicked 'No'?" Doesn't really help.


Would you like to store a backup

You're quite right in your response to the GP.

It's dangerous to ask Joe Sixpack a question like this and accept a simple y/n answer. When people are installing software they are rushing thru w/o thinking.

What the software could do is put something like this on the screen:

   DO NOT STORE A BACKUP OF MY PASSWORD
and force the user to opt-out by literally typing all those characters exactly like that:

   DO NOT STORE A BACKUP OF MY PASSWORD
At least that way it isn't an unthinking, rote response. Maybe also force them to type

   I UNDERSTAND ALL MY DATA WILL BE LOST
Anyway, that would probably only help about half of them. The other half won't care until, as you point out, they can't access their data.


Then, don't make it a [Yes/No] question, make it an [Okay] with a barely noticeable "Change Advanced Settings" link; much like the dialog that the TFA complains about.


Why show the non-prompt? The users who don't want it can turn it off later, as is the case now.


"Later", as in after the key is sent to Microsoft? Not very useful.


I want to encrypt my drive, but ensure that the encryption keys never leave systems that I physically control.

I sure as hell don't want to encrypt my drive a second time because the default setting (that I could only change later, when I'm actually using the computer) for the drive encryption software was to upload the drive crypto key to The Cloud.

Or am I misunderstanding your question?


Which is a great reason why we should be seeking better authentication systems than memorizing random passwords. Or providing people with another means of backup; for instance, provide options to both "back up via print" and "back up to USB device", in both cases providing something you could then store in a secure location.


Which the Bitlocker stuff already does, when you run it manually. I suspect not with devices that come pre-encrypted - Surfaces, etc.

I was going to say that the most likely thing folk have done is try to back up their key on the drive they encrypt - but last time I tried that due to not being on a network, I think the Bitlocker wizard refused to let me.


I can see that one as a default for non-nefarious reasons. If you make it easy for non-specialist users to encrypt their machine, and there is no way for technical support to recover their data, you're going to inevitably end up with angry users. What's not as clear to me is whether you can change the default.


That's a new one on me.

Bitlocker keys can be backed up to onedrive if you want, but you can also store them in a TPM or a smartcard (physical or virtual).


See http://thenextweb.com/microsoft/2015/07/29/wind-nos/ ; "Windows 10 automatically encrypts the drive its installed on and generates a BitLocker recovery key. That’s backed up to your OneDrive account." Together with the ToS: "We will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to protect our customers or enforce the terms governing the use of the services."


> We will access, disclose and preserve personal data, including [...] files in private folders

I don't see any language that restricts that to their cloud offerings. It's in the privacy statement that covers windows too.

So unless i'm missing something they're granting themselves the right to disclose your harddrive to government agencies or their own legal department on a good-faith basis.


Every company that has access to your encryption keys can be prompted to give them up with a warrant.

You can keep them from having the key. That's one way around it. Using hardware of some kind (and there are multiple.)

You are also free to use another solution that might meet your strict requirements to personally review the encryption, filesystem, device driver, and memory management code of your operating system to verify it's operating to your specifications. There have literally never been so many options for the privacy minded person with the time to pour through a metric ton of C code.


I'm not talking about encryption keys.

I'm talking about the data itself. Sitting on my harddrive, as it is.

As I understand it microsoft is saying that they could siphon data from my computer if they deemed it necessary.

Maybe that's an adversarial reading of their privacy statement[1]. But it clearly speaks of accessing files in private folders.

[1]: https://www.microsoft.com/en-us/privacystatement/default.asp...


I believe that you are mistaken. Could they turn over your BitLocker recovery key to the authorities that would then use it to decrypt your HDD that they have already taken from you? Yes.

Are they going to reach out over the internet and take your data? No. They are not going to do that. I follow this stuff really closely. I promise I haven't seen or heard of a capability where they can remotely take data from your machine and turn it over to the government.


The point is that they're granting themselves the permission to do so if anyone ever deemed it necessary and that the user has to agree to their terms to use windows.

So you're basically signing away your rights to privacy. Not based on due process but on "good faith belief".

Someone at microsoft thought there is a need to do that to cover their legal asses. They would only think that in case they anticipated needing it in the future.


You are completely free to not use it. I'm not trying to be a smart-a here. There have never been more options for end users.

You aren't signing away your rights to privacy without due process...that's your part to evaluate. "Is this useful enough to me that it's worth agreeing to this?"

Also, this is version dependent. The TOS for an individual consumer is different than a developer with an MSDN license, and a business with a volume agreement. Do you have different privacy requirements? Are you willing to pay for them? If they can't make money with the product that they built in the manner that they came up with then it isn't illegal, or really even remotely morally odious, for them to ask for a different payment arrangement.

Now. Do I like everything about life in a capitalist national security state? No way. But do I whine when some vendor doesn't do exactly what I want when I'm really not event scratching the surface of enough money to get their attention? Seriously, man.


you're going off tangents here.

Obviously the premise of this discussion is that you install their software.

IF you install windows 10 THEN you agree to their terms of service which includes granting them access to your private files.


I'm going off on a tangent?

YOU installed their software. You didn't have to. No one forced you to. Don't like the TOS? Call them and schedule a meeting to talk about coming up with a different arrangement...they will want money for that, but you can certainly have it.

The truth is that there is jack all that I or anyone else can say to you that would change your mind about any of this.

Also, I'm not willing to grant that you are reading the TOS correctly...so there's that point. No offense, but its pretty dense and things that are probably pretty reasonable come across as a privacy invasion to people that are really sensitive on the subject.


> YOU installed their software.

I did? I never said so. I'm just looking at their Privacy Statement and find questionable clauses there.

> Also, I'm not willing to grant that you are reading the TOS correctly

I did say that's a possibility from the start. But as long as nobody shows that it's not possible that my reading is not how a lawyer or judge would read it I remain deeply skeptical about it.


There are two approaches: give someone a pile of power over you and trust them not to abuse it, or never give them that power in the first place. Given the repeated demonstrations of what can and does go wrong with the former...


One other thing. A "pile of power over you"...that's not helping, man. They have some commercial legal arrangement that you don't particularly care for. They can't come and kick you in the shin and torture you. They can't beat you to death and plant a weapon on you or anything. We are talking about an issue that is squarely within middle and upper class privilege in an industry that literally could not exist without government defense funding.

Take, for instance, Richard Stallman is an Alumn of Harvard and MIT. There literally can't be a place that is more establishment. So all of that "freedom" is about being able to use an expensive commercial product that was developed with RnD money from the DOD...but somehow it's morally wrong to not ship source code to a compiler? Can you see where I'm coming from here? The moralizing is pretty arbitrary.

Furthermore, if they did give your content to the Government because of a national security letter how is that abuse of power? Should they not comply with the law? I disagree with a lot of the laws that have been passed in support the war efforts of the last decade, but that's kind of the way that democracy works. I lost, but I still have to live by the rules.

I just think that the privacy absolutism that everyone keeps bringing up isn't reasonable. Even Bruce Schneier says that the way that you actually change these things is through the political process.

Power is a boot on your neck. This is more of an inconvenience.


Leaving aside the tangent in your comment (we were talking about governments having access to your encrypted data, not about Free Software)...

> Furthermore, if they did give your content to the Government because of a national security letter how is that abuse of power? Should they not comply with the law?

I fully expect that they would have little choice in doing so if they received a warrant from a government with jurisdiction over them. (Though I'd also be unsurprised if they did so even if asked without a warrant.) I don't want them to have anything to give if asked.

> I just think that the privacy absolutism that everyone keeps bringing up isn't reasonable.

Different people value their privacy differently. If you don't value it as much, feel free to trade it for things you consider more valuable. Don't assume everyone else wants to make the same trade you do, though.

I'm not advocating absolutism. You should be able to have as much or as little privacy as you want, which may even mean different amounts of privacy in different contexts.

> Power is a boot on your neck. This is more of an inconvenience.

The government having full access to the contents of your encrypted drive is an "inconvenience"? I'd hate to know what you consider an abuse of privacy, then.

The whole point of encryption is to keep unauthorized people from having access to your data.


Those aren't even remotely the only two choices here. There have never been more options for an end user of technology.

You don't have to use agree to it. It's a trade off.

If you have different requirements they are more than willing to come up with a different arrangement with you. (Yes, for a fee.)

They aren't the government. They are an overblown bubble gum factory. It's up to you if you chew or not. And there have never been so many flavors!


What kind of fee do you have in mind for not using their contract of adhesion? Unless I'm buying thousands of copies of the OS I doubt I can even get that negotiation started.


Some of it's pay as you go, oddly enough. But you are largely correct that more money equals more access to these kinds of things.

There is a company in China that paid them to install Office 365 in their data center. There is an amount of money that will make them install it in your data center, too.

I just think that there has never been more choice for end users and a lot of this stuff about privacy is disingenuous. There are a group of people that wouldn't be happy even if MS released their own version of TAILS and hosted part of the Tor network. (It would be "embrace, extend, extinguish!"..."Tor is part sponsored by the Navy...I be MS gives your Tor traffic directly to the NSA."...It's really not hard to imagine the BS.)


OK. What I'm trying to say is that backing up to OneDrive is optional. You get the choice. You can protect the key with a TPM or a smart card...It's not an all or nothing thing. You have options there, if you are interested.

The other thing is that it sounds like a lot of privacy minded people can't trust BitLocker despite any number of assurances from MS or code reviews by third parties. AND THAT'S OK. Use something else.

EDIT: I forgot to mention that if you are an admin or just operate your own AD installation you can store the key in Active Directory. The behavior is version specific, I think.

EDIT EDIT: I believe that the TOS you are talking about is specifically referring to online services. I don't have time to stop and read it right now, but I think that you are misconstruing the intent.


> This privacy statement explains what personal data we collect from you and how we use it.

> It applies to Bing, Cortana, MSN, Office, OneDrive, Outlook.com, Skype, Windows, Xbox and other Microsoft services that display this statement.

> References to Microsoft services in this statement include Microsoft websites, apps, software and devices.

Seems to cover the Windows OS too.


> OK. What I'm trying to say is that backing up to OneDrive is optional. You get the choice. You can protect the key with a TPM or a smart card...It's not an all or nothing thing. You have options there, if you are interested.

Except that the default is both insecure and privacy-violating.


It's insecure by a standard that you are setting. If they can demonstrate an audit log of every admin who has escalated their permission to logon to the container of your data and access it, including the files they accessed, would that be good? (Because they do that.)

Again privacy-violating by your, arguably, very narrow standard. I'm sorry friend, but you are stating these things as if there's no question as to what you say.

More accurately, you might say that there are higher privacy and audit-ability standards that you would require for your given situation or application. I wouldn't be able to argue with that at all.


If they can demonstrate an audit log of every admin who has escalated their permission to logon to the container of your data and access it, including the files they accessed, would that be good? (Because they do that.)

They are legally prevented from showing you such an audit log if a National Security Letter is involved.


And -unless there have recently been great strides in the NSL gag order battle- they are legally prevented from indicating to you that you or your data has been targeted by an NSL.


Read this warning on release day, went to read this myself and haven't found such statement neither in ToS, nor in Privacy Policy.

This paragraph (about private communications and files in private folders) seems to be gone from their Privacy Policy. Google cache confirms it was present (in PP, not ToS), but I suppose MS spotted had this insane statement and removed in a hurry - or hid somewhere else, deeper in small fine print and with another wording.

(Or maybe I had totally missed something, scrolling through the document and my browser's search function malfunctioned.)


Did you expand the sections in the Privacy Statement [1]? Open the page in Firefox or Chrome, hit F12 to get to the browser console, then run this to expand all the sections:

    $('.learnMoreLabel').click()
If you search the page for "disclose", you'll see that that exact wording is no longer present, but very similar wording is in the "Reasons We Share Personal Data" and "Skype - Partner companies" sections.

[1]: https://www.microsoft.com/en-us/privacystatement/default.asp...


Thanks! Yes, now I see this.


Imagine if you discovered an exploit for TLS and just listened in on a public / hotel network to tons of Windows machines sending keystrokes, calendar, contacts, etc to Microsoft in the background... At least in the Windows 95 days you had to write the key logger yourself and get it installed somehow.


> an exploit for TLS

The world would end immediately.


Exploits for popular SSL libraries are discovered all the time. Surely you haven't already forgotten about "heartbleed" and the vulnerabilities that followed. I'm sure the NSA knows of several other exploits that they are keeping quiet so they can keep using it, and they may even attempt to deliberately introduce vulnerabilities. Furthermore, even without an exploit TLS connections can be decrypted by anyone with a trusted CA private key that can issue certificates. Connections could be decrypted plausibly by privileged employees of ANY certificate authority, disgruntled government officials that can compel those CAs to turn over keys, etc.

I know you're just joking (and I even laughed) but it's worth pointing out that the scenario I describe is very realistic.


> Connections could be decrypted ...

This is only true using a man-in-the-middle from the initiation of the connection. SSL/TLS sends random PKI keys at the start of a connection. The trusted CA keys are used only for identity (so you know you are really connected to xyz.com). After all, you can have SSL/TLS connections without a trusted CA. It basically works like this: When you make an SSL/TLS connection, each side generates a random keypair, whereafter each sends its public key to the other side. Using these public keys, each side sends a new random symmetric key back again to the other side, whereafter the actual data transmission begins.


People want to be connected, join social networks, download apps, be able to control their appliances from across the ocean, carry devices loaded with sensors everywhere they go--and on top of all it, they want privacy.

These are fun and interesting times.


PGP solves all of those. Encrypt on device and prevent the cloud operator of seeing anything.


IIRC, that's what Apple is trying to do: they'll provide all kinds of cloud services, but in a way that they know as little as possible about the content beyond what's vital to providing the relevant service.

Apple is trying to sell hardware, which a robust encrypted cloud experience tied to that hardware will do.

Microsoft is trying to make money from the operating system; since they're giving it away for free, they have to sell commercial access to third parties (ads in the Start menu? really?).

Google, well, I assume they're out to mine as much data as possible, whether or not it's user-specific.


Not actually true. Windows 10 is not free, and Microsoft is not giving away the operating system.

What Microsoft is doing is giving consumers a free upgrade on Win7/8 PCs where the operating system has already been paid for.

This is basically the strategy already used by Apple and Google (Android): once you have bought the OS (bundled with the hardware) then you get updates free.


Except that Apple makes its money off hardware sales, and Google makes money off data mining ... for both, the operating system is just a means to an end, a cost center required to support the separate profit centers. Microsoft is, however, has the OS as its primary product.


Doesn't matter. They make all their consumer money off of OEMs.


It could be done, but it would require a lot of hefty cryptography-centered engineering to implement zero-knowledge data sharing schemes, etc.

Who's going to pay for that?


I lost trust into Microsoft when they put an "Outlook" app into the Android app store, which when connected to an Exchange server downloads all the account messages and calendar data to a cloud server (probably in order to have push messages whithout changing Exchange itself). Really Microsoft, why do you think I have an Exchange server. Because it is easy to set up, administer and costs nothing?


Wi-Fi Sense is a huge security hole, and even if you don't have windows 10, if anyone you trust with access to your network upgrades to windows 10, that person becomes a security problem for you.

Obvious solution is to use a strong generated string for your password (so even if they get your password, they're not getting the password to anything else), and then configure your router to require each device connecting to be authenticated. Whitelist for MAC addresses + GPG + ?


Hm. I'm genuinely curious - does it share passwords (as typed in) or actual PSKs?

That is, if I'd only let guests with Windows 10 to access network using WPS, would Wi-Fi Sense send negotiated secret or not?

(I suppose WPA2-EAP-PSK should also be an option - IIRC Windows supports 802.1x auth and I doubt they share those passwords... although not many SOHO routers know anything about RADIUS)


You're just wasting your energy if you setup MAC Whitelisting and think that's going to help at all with security.


Please explain? I am genuinely curious of knowing how that would not help security wise (apart from the very obvious MAC spoofing).


This might be the first time you'll need a firewall to protect yourself from internal attacks by the OS itself. I don't think I'll be updating to windows 10 any time soon.


Someone I know who has been in the cracking/warez scene for over 20 years, and did a lot of analysis on the XP activation scheme when it first came out, had this to say about Windows 10 and the trend in general:

Remember Gates said, about piracy "we'll somehow figure out how to collect sometime in the next decade"? It is happening now. And lots of other software/service are becoming "free" or massive discount, since selling your data is much more profit. Crack was about using software without paying money. Maybe in future it will be without paying with personal data or privacy. We will find a way, always. :-)


What he actually said: http://www.cnet.com/news/gates-buffett-a-bit-bearish/

Gates shed some light on his own hard-nosed business philosophy. "Although about 3 million computers get sold every year in China, but people don't pay for the software," he said. "Someday they will, though. As long as they are going to steal it, we want them to steal ours. They'll get sort of addicted, and then we'll somehow figure out how to collect sometime in the next decade."


This is more of a rhetorical question, but why does every modern OS and browser need to try and become a computing leviathan? Why can't my hammer ever be happy just driving nails? I don't need a hammer that cooks waffles.


I'll answer your rhetorical question with another one. When was the last time you paid for an upgraded hammer?


As far as I can tell the main thing pushing people to pay to upgrade windows is when support runs out, not a desire for features.

Far more people never consider it and just let their new faster computer have a different OS.


I haven't paid for a hammer since I was in college and Hammer XP was $5. I keep buying nails that come with Hammer Home Edition and setting up servers with Hammer LTS and replacing Hammer Explorer with HammerFox. All free.

I'm not Microsoft's target client because I'm a pathological customer. Every home MS desktop user is a pathological customer. They know that.


I think maybe you forgot a 'not' in there, assuming you wanted to disassociate yourself.


This was also recently brought to my attention:

https://news.ycombinator.com/item?id=9973629

Windows 10 RTM has peer to peer updates over the internet as the default. I could swear it defaulted to local-only in the preview, so I didn't even check it until now after doing a clean install of RTM.


P2P by default except on the enterprise edition, in which case it's local network only. They also claim to disable P2P if they detect your internet connection is metered (I'm not sure how that's done).


That makes sense. I was using enterprise edition in the insider program, but clean installed the professional edition RTM.

This is still a really bad default for the majority of users though...

Metered connections are a per-network setting that you have to set manually, not something they detect automatically. I highly doubt most users will be able to discover this feature since it's buried rather deeply in network settings.


My internet connection has been very slow today. I suspect a lot of Windows 7/8 users got their Win10 upgrade over P2P.


I don't intend on leaving any of these on when I install Windows 10 but some of these seem to correspond directly with the whole "Cortana as personal assistant" thing. And there is whole separate system for controlling what Cortana knows about you.


See also "Killing Cortana: How to disable Windows 10's info-hungry digital assistant" http://www.pcworld.com/article/2949759/windows/killing-corta...


This is why i think Tim Cook is genius for marketing Apple as the anti "We sell all your data and spy on you" companies.


Apple just spies on you, they're vertically integrated so there's no need to sell the data.


How do they spy on you? There's no suspicious network traffic leaving my Mac. They might collect info about Siri queries or downloaded apps, but they're certainly not logging keystrokes from OS X or iOS.


I think you're assuming they're doing something they're not.

Microsoft is capturing text input and handwriting from touch input interfaces the same way Google's Android keyboard , Swype, or Swift Key do to improve predictive input, spelling correction/suggestions, personal dictionaries etc. Remember Windows 10 is touch enabled operating system like iOS or Android.

I'm not as familiar with the Apple Keyboard but I would be surprised if it didn't do that too in some form. Their Quick Type feature states it performs heuristics locally but it doesn't mention other aspects. Their policy states they don't collect personal information or conversation history but that doesn't mean they aren't capturing corrections or things they deem to be non-personal but sound pretty personal to me (e.g. occupation, language, zip code, area code, unique device identifier). Remember how researchers were able to identify Netflix users based on lesser anonymized meta-data? That non-personal information sounds pretty damn personal in comparison.

I hope you're not using a 3rd party keyboard on iOS with Full Access enable because if so then you agree to the same thing Microsoft is asking for.

I'm surprised you're ok with Apple recording Siri Queries and sharing them with Walk N’Talk Technologies who has humans listening to them but you're opposed to Microsoft doing anything similar in Cortona. How do you feel about Google Now? Did you ever use Google 411 because that was just a quick way to get a massive archive of audio samples.


I think you're reading way too much into all of that, attempting to make a mountain out of a molehill just to prove an imaginary point.


What imaginary point are you referring to?


> Their policy states they don't collect personal information or conversation history but that doesn't mean they aren't capturing corrections or things they deem to be non-personal but sound pretty personal to me

> Their policy states ... but that doesn't mean they aren't capturing corrections or things they deem to be non-personal but sound pretty personal to me

> sound pretty personal to me

It's pretty clear actually. What you may think about situation may have zero factual grounding. You'll need to provide some citations and references instead of just saying what you think or feel the situation may be.


You're wrong though about it having zero factual grounding. They collect data, like everyone else, this is a fact. They state that openly in their privacy policy, they even go so far as to define what they consider personal vs non-personal information. We also know that that Siri collects and transmits a bunch of this "non-personal" information to a 3rd party for analysis.

On their QuickType page they say "your conversation data is kept only on your device, so it’s always private." That's a lie because iMessage and your keyboard Dictionary are synced to iCloud which isn't your device. That doesn't mean that it's in Apples hands or they can access it but it's not a factually true statement either. They're also careful to say "conversation data" and not something more general like "anything you input into your keyboard".

I'm not suggesting Apple does anything more invasive than anyone, I'm just suggesting they don't do anything less based on what's observed.


> That's a lie because iMessage and your keyboard Dictionary are synced to iCloud which isn't your device.

Is it opt-in or opt-out ? Because I use iCloud for Safari bookmark sync only and it never bugged me for syncing anything. Local iTunes encrypted backup is fine.


I couldn't find anything about the dictionary, admittedly I didn't look very hard, but iMessage is opt-in.


What’s their motive? What’s their pay-off? Where is their benefit in that?


All of these companies capture the data to improve their recognition, heuristics, and machine learning algorithms. The pay off is that their services are vastly improved.

Ever wonder how Google was able to catch up and perhaps surpass Microsoft, IBM, and everyone else in the Voice Recognition field so quickly? It wasn't because they came up with some revolutionary algorithm overnight. It was because they very quickly amassed an archive of transcribed audio samples. How did they do that? Very cleverly with Google 411.

If you ever used Google 411 you might have noticed it worked slightly differently from regular 411. You spoke your query, the voice recognition software spoke back what it thought you said and asked if that was correct. If you said no, or it couldn't understand your reply, it connected you to an operator who first listened to what you'd said and then repeated the confirmation process with you again whilst inputting what you actually said into the system. This created a transcribed audio sample that Google could use as a test case for their voice recognition software. This allowed them to iterate much faster than other companies.


Well, to be fair, they spy on you but just don't sell the data.

Yet.


That we know of.

Seriously, it's not like every contract they have is public information (nor am I saying it should).


Define spying? Most of Apple's services are opt-in as opposed to opt-out. iTunes and Siri are where most the data collection happens. In OS you also have device location services, map data collection but most points are easily controlled.


Well, the innocent definition is to keep watch over and the sinister definition requires hostile intent. Either way, it can be considered spying. The problem is that the innocent spying today can easily turn into hostile spying tomorrow, with little or no notice.


That's just a FUD compaign. I guess you can be a genious for coming up with clever ways to FUD but I'd rather not encourage that.


Shouldn't Windows at this stage just fork and split in to two? One can be the dumping ground of all kind of social/phone/tablet crap where consumers sign away their unborn children, and the other for businesses and people that want to get stuff done?


The most troubling part is "Telemetry", which only Enterprise edition clients can disable completely.


I like how they put that "Customize Settings" Link down there. I missed it the first time I did it completely.

Nice job design devils.


How exactly did we reach a stage when this is acceptable behavior for respectable company? Such shady practices should have never become mainstream.


it is not acceptable, just some people here favor their little convenience (ie saying something instead of few taps on screen) over long term privacy. heck, some even defend targeted ads. Sad thing is, mainstream users won't even know about these things coming.

what i like about the situation - it might actually make some bigger organizations turn away from what MS can offer. biggest issue are usually Win-only or IE-only intranet apps, but with proper management steering, changes (in the way technology for apps is chosen) can be done. Now just to have proper substitute for Active directory, and it's game over for their OS there.


Why isn't more being made of the fact that on default Windows 10 installs, it will automatically connect you to open WiFi hotspots? That is a MAJOR security risk and yet not 1 single comment here about it


The little four-squares icon that popped up few weeks go on my Windows 7 desktop notification zone, spamming me with messages to update for free to Win10, cannot be uninstalled, is deeply rooted into parts of OS Win7 through KB updates and crashes at least twice a day. With hibernated computer, it somehow forces LAN to awake, as a result blu-screening otherwise perfectly well hibernated session.

For this reasons alone, I think Win7 will be my most loved and probably last version of Windows I will ever use.


The idea of an operating system integrating with services like that still bothers me even though it is done in Mac OS X and Ubuntu.


I could not agree more. I run Fedora on my desktop, and iOS and OS X on my iPhone and MacBook respectively. When I read posts like this, I can't help but think "How long will it be until I'm unable to do any compute without being tied to an online account?". Most people (including myself) have no idea what is going on in their smartphone, tablet or desktop PC. I can trust Fedora somewhat more, but as an exercise, leave tcpdump running on your OS X device and the amount of non-local network chatter is unbelievable.

Furthmore, why is it when you delete a photo from your iPhone it can persist on iCloud for up to 30 days?

Likewise, why is it when I restore my iPhone and set it up from scratch it starts to download 100MB + of data over WiFi? [1]

[1]. When I setup my iPhone from scratch (Apple ID, iCloud disabled), it hammered my WiFi at the full RX rate of my DSL line for approx. 10 minutes. That's 4Mbps * 60 * 10 = 2400Mbits = 300MB. I made sure that my iPhone was the only device connected to my WiFi. What could be in that 300MB of data? I should proxy all traffic from my WiFi to my DSL modem via another PC and do tcpdump on that!


I use a local account on Windows 8 (which is pretty much configured to run like Windows 7) but that completely keeps me from being able to use the Windows Store and therefore any of those universal apps.

I'm sure if I choose the same option in Windows 10 a large part of the OS will be completely closed off.


Not that you're missing out, not being able to access the universal apps. Hell, Skype even pulled a 180, got rid of their universal app and went back to regular, ol' desktop apps.


Uh, no they didn't. The Universal app is still there and was updated a month ago. They've always had both Universal and Desktop apps available, especially since there are people on Win7 and below that wouldn't be able to run the Universal app.

Edit: Apparently they deprecated it inside the app itself, not in the store. I've kept the message above.


All of my installations told me "we're discontinuing this app, here, download the desktop app."


Maybe that was the update? Granted, I haven't used the Universal app in a long time because it's not nearly comparable in featureset to the desktop one. It'd be nice if there were update logs more than "General fixes" but oh well.


I hate Skype so much, but I don't know of anything better. Google Hangouts has been extremely unreliable for me.


You should be able to log in directly into the Store without associating that account to your local account. That should be the default in 8/8.1, I don't know if it applies in 10 but it's exactly how you can get universal apps while on a domain account.


I wouldn't hold my breath over MSFT software market place. They are notorious at dropping support for this as soon as they feel it doesn't enable them to capture more market share.


and iOS and Android...


I'll bet everything in my pocket that Windows 10 does not keylog every stroke and send it back to Microsoft servers for storage.

It's intellectually dishonest to think that's what s going on, because it ruins the conversation about what they're actually doing.


Whether they don't right this second doesn't matter. Their terms of service say they can. If they decided it was unthinkable that they would ever do this, they could have written their TOS to be less overreaching. But they didn't do that. Therefore they think it's a possibility (if in fact they are not already doing it. Are you so sure? How do you know?)


They also didn't specifically preclude the possibility of commandeering my computer by pushing an update that'll force me to mine bitcoin for them, but I can be pretty damn sure that's not going to happen.

But let me rephrase anyway: I'll bet everything in my pocket that Windows 10 does not, nor will they ever, keylog every stroke and send it back to Microsoft servers for storage.

I can be sure of this the same way I'm sure about many other things I have no definite proof of -- I see nothing remotely resembling evidence that this might take place.


Windows 10's Term & Condition is wide enough to encompass what ever MSFT might come up in the future to track and catalog you as a good, willing, consumer. MSFT has stated that Windows 10 should be the last version of the OS in the current retail format, and therefore, technically, any update/upgrade will still be considered as Windows 10.

MSFT might not want to log everything you write on their OS, but who knows what they will deemed acceptable tomorrow under the same EULA?


The license agreement should be set up such that installing a bitcoin miner is not allowed despite not being explicitly mentioned. Same for key logging.

Companies need to get out of the habit of writing terms of service that permit the world.


> I'll bet everything in my pocket

and as we don't know what is in your pocket, the bet is off. :)


Why are you so sure about that? And what do you think they're actually doing? I'm not privy to any inside information or anything, but that screenshot seemed to be saying they are; I don't see why they would say so if they're actually not. If they were doing something less extreme, why wouldn't they say that instead?


There's a ton of fear-mongering going on in these comments. It's depressing.


there is a lot of pissed off people who are seeing their desktop/notebook OS of choice (for whatever reasons, be it work, gaming etc.) fall into same old bullsh*t category that scumbags from Apple and Google went into (yes, privacy stuff, nothing more, nothing less). by having these on by default, or not changeable in simpler versions of OS at all, effectively most of the planet will get surveillance build in.

Err, no, thank you. Every single system/cloud is hackable, and given enough time, it will get hacked. I think plenty of proofs around us. Tell me, why should I be OK with this? I don't want their tiny functional enhancements for this price. In fact, i don't want them at all. I am never commanding my computer by voice, as is neither 99% of computer users (not only because english isn't their native language), and I see nothing cool nor interesting in it (just one example out of many).

personally, sticking to Win 7 till games will work on them. and if i move, i am pretty sure there will be completely disconnected offline cracked version, if the rest of the system will actually be worth it.

i had the impression lately Microsoft is doing some properly good stuff, but this showed that no, they are just same scumbags as they were 20 years ago, when they gave many people plenty of reasons to hate them. Methods and situations changed a bit, not so much questionable morals.


I think it is about time that we (the users) reclaim the right to our data and what we do with it. Never since the days of mainframes and timesharing have we been turning over so much of our (personal) data and the processing of it to third-party, centralized servers. Our computers are starting to look like nothing more than fancy graphics terminals, just a few steps up from the VT100's of yore.

It's about time we start doing something about this.


Some of these are scary. But sending to M$ what I'm typing? That's the exact definition of a keylogger - it's straight up bundled malware.


Upon seeing these options in the installation, I thought I downloaded beta version that needs these for feedbacks Realizing I have installed retail version, I regretted my decision now I will read the all EULA for the firet time in my lifetime to see what it gets without asking. And probably I will just keep windows for games only.


Are the games really worth it? There's a lot of games out there. You can live with missing a few Windows-exclusive titles.


A FEW?

Games that run on OSX and Linux are the exception. Granted, there are now very high quality offers unheard of in the past (Kerbal Space Program, to mention one).

If you are on OSX, you have access to a bigger selection of games (Elite: Dangerous, for instance, or EVE Online - both using Wine). On Linux, good luck. Steam improved things a little, but it's still an oasis in the wasteland.

AAA games are still mostly locked to Windows.


"Just" need to convince devs to port their code to yet another platform ..... sic. Let's see how long MSFT and Valve can pretend they cannot get along.


Are most games on OS X too? The last time I checked the majority of games were not on Linux.


The general lack of games for OS X and Linux these days is pretty much exclusive to the AAA games.

There has been some focus on porting older games to OS X and Linux in the past year or two, so the situation is constantly improving.

If you mainly play AAA games, then you're stuck with Windows, but there are definitely some good games out there right now for non-Windows users.


Huh?

If you want to play PC games you pretty much HAVE to have Windows save for a few titles that alos work on Linux/OSX.

This is why I'm hoping Steam OS becomes a viable replacement for a desktop gaming machine in the future.


I saw this earlier on Twitter via @adrianchm. Win 10 includes keylogger setting, auto-re-opt-in malware protection, no opt-out for updates, and ADS in the start screen:

http://prntscr.com/7ykzbh


Also if you use Cortana, its default settings are sending MSFT location history, search history etc. I turned it off on Edge as well as by default.


As I noted here: http://www.thedreaming.org/201... you shuld also go to "Settings" -> "Accounts" -> "Sync your Settings" and turn off Password syncing, which is enabled by default. I would hope that passwords are encrypted with my Microsoft account password (and I would further hope that only a hash of this password is stored on Microsoft servers) but no where is any of this explained. There's a "How does sync work" link at the top of the page, but clicking on it takes you to a Bing search which explains how to turn syncing on and off.


They can technically do anything they want with the input you provide. Personally I would never trust an opaque operating system even if they provided clear details as to what the configuration options are and how they are used.


Would be nice if he even tried to lookup what these things are used for. It is well known things like OneNote let you search handwritten notes, for example, using fuzzy logic and context. So it is a clear benefit to users. Instead he seemed to just hand wave something negative about each.

Similarly, MS originally defaulted to not allowing cross site advertising identifiers by default and was criticized by organizations that make their money off this like Google and Firefox. Seems like they can't win no matter which default they pick.


Said this in another thread:

Not sure what the fuss is about, the same old rule applies: if you want your data to be private, don't use any form of cloud services - server based voice/video chat, cloud storage services (google drive, skydrive, icloud), digital assistants (siri, cortana, google now), any contextual based delivered services which "learns" anything about you to provide you with any form of automated and/or dynamic experience.

If you want to be treated like you live in a box, then you're going to have to live by it.

Everyone complaining and "fed up", closing their MSDN accounts, boycotting MSFT products - you're in an echo chamber which won't be heard as our devices become more service oriented rather than boxed solutions. MSFT is trying to stay relevant, not undermine their massive user base. Whether it is right or wrong, I don't have an opinion on, but if you think MSFT is a pioneer in this space, you're being unjustly biased.

I guess the only thing we can complain about is that we aren't given a "closed/boxed" solution and able to accept the TOS to services we want on an adhoc basis - we have to go and disable services and hope that the TOS we agreed to needn't apply.

Perhaps these are growing pains for the direction services are heading because we shouldn't have to accept invasion of privacy as a default.


Microsoft Windows 10 invasion . Yes like Matrix, The Terminator . Wowww stop, not is the right way.

I think that Microsoft are crazy to think that can control the pcs of users because launch Windows 10 upgrade for free. Tks Microsoft for the upgrade, but not is with it that the enterprise will buy my privacy, control my PC, what I install, what I do with my computer, etc, etc, etc, the machine is mine and I want to continue owner of it. I not want show to me many things that I not want to see, install app that I not want and use in my pc, use of the my internet connection to send things to internet. Want my collaboration, ok I can think in this, but when I want, not when Microsoft want.

Sure have many users that not understand what are happens, but are much users that are advanced users and know what happens and how neutralize this privacy invasion.

My first impression in these day about Windows 10 is cool for other side. I think that can be the right successor of Window 7, but ... no using the unilateral ideas to force users share all with Microsoft, that Windows 10 will be a good OS. Need respect the privacy of the users. If not is like windows 8, 8.1 that not win the market because try to force all to have new hardware, etc. If go in this direction we have Linux, Windows 7 to use and who know, Android OS to PCs, is now a good time to this smiles. Yes, this is a technological war, users in a side and Google, Microsoft and others in the other. But who buy computers, OS, software are the users. The true own of market. Sorry for errors english not is my native language, but I think that is possible understand.


> Who are the trusted partners? By whom are they trusted? I am certainly not the one doing any trusting right now.

In security, "trusted" has a very simple and straightforward definition:

    Trusted (adj.) - Liable to create a security breach.
That's what it means, nothing more, nothing less. It means that YOU are going to have to trust these third partners to not screw you over.

Whether you know who they are or not, it means that you trust them with your private data.

"Trusted" is never a good thing. With proper security and privacy logic in place you shouldn't need to "trust" anyone.

Indeed it means that I "trust" the NSA (and local Dutch agencies conscripted by them) with any data that I send or receive that is not strongly encrypted. I don't get a lot of choice in the matter, so I'm going to have to "trust" they won't screw me over with it, sell it to bad actors, keep it safe for as long as they keep it. No it's not a very smart idea to "trust" them, but I don't get a lot of say in the matter ...


"You" are the product now.


Am I the only one seeing the irony in a speculative post about privacy on a site that uses Google Analytics and Disqus?


Apple must have known this a few months back and the result was their privacy centric marketing campaign.


It just makes you reminisce back to a simpler time when you'd save all of your personal data and key logs to floppies and then mail 'em to Microsoft.

Sigh...I can still smell the sharpie ink and wet postage drying on the back of a manila envelope.


I have a 2nd partition with Windows 7 on my desktop, but I run UbuntuMATE (in Redmond panel mode) 99% of the time. I don't think I'm going to update from 7 to 10 anymore, just don't see the point with this and the hardware lock-in. I like my real license that I already have.

If I make any changes to my system I'll probably delete UbuntuMATE and Win7 and just run Mint. Seems really slick and mostly respects the user. Just despise those notification catchers in most distros like Mint. UM in Redmond mode is the only one that just flashes the taskbar icon upon notifications, which makes perfect sense to me. Less to manage/check on.


I am pretty much a noob at Windows (linux guy here) :P, but what kind of personalization does windows offer from this data? And is that personalization possible with client side processing only?


All companies should be legally required to make those invasive privacy settings opt-in and not opt-out... and maybe attach some jail time consequences for CEOs for violating these new laws.


Microsoft can't lock-in user to OS because most of the apps are now multiplatform so they are locking-in to their services and profiting from big data.

EU will take a look on those practices soon :)


Windows 8 suddenly turns out to be the best OS Microsoft ever made.


Friend, I humbly submit that XP was their best.


If these are still the defaults for the $199 boxed version of Windows 10 Pro (including all the things like ads in the OS), I’ll be pretty disappointed. OS X is free as well (and has been for years), but Apple hasn’t pulled crap like putting ads in the OS (probably at least partly because it’s nontrivial to run OS X without buying Apple hardware… all the more reason to be disappointed if Microsoft still includes tracking and ad crap when you’re actually paying for the OS).


You are the product now.


some copy from Microsofts "The Future Starts Now" campaign: "<p><i>Learning and growing with you - The more personal experience of Windows 10 includes Cortana, your truly personal assistant. Cortana works across all of your Windows 10 devices to learn your preferences, offer suggestions, set reminders, play your music, answer questions and more. Welcome to a future with Windows 10. It can recognize you, respond to you and even learn with you. So you can create and share in ways you never thought possible. Now is the time to do great things. #Windows10</i></p>"<sup>[1]</sup>

It's not like it's hidden in their terms and conditions. And, bluntly, I'm assuming many people reading this are working on similar technology for smaller companies. But, to paraphrase Nick Naylor in 'Thank You For Smoking', you just need to pay the mortgage, right?

Additionally, the conversation on this page seems to betray that most of us didn't read the memo that the concept of privacy has changed and now no longer includes concepts like, "You only get to know things about me that I disclose to you." That has now transformed into what might be captured in the sentiment, "You may not use what you know about me in any way explicitly disallowed by the terms & conditions". I can't find it now, but back in the day, wayyyy back, Brin and Page made the argument that one day people would trust their personal information to companies the same way that they trust their money with banks. This is that vision realized.

[1] http://blog.pcm.com/2015/07/29/windows-10-the-future-starts-...


I'm sticking with Windows 7 until Windows 15


you mean the next version after 10, when they get things right again? nah, I'll skip to version 23, or 42 to be sure (but they might screw their new feces sampling API to be little too intrusive for my taste...)


ReactOS suddenly makes a lot of sense to me now!


Besides the fact that you can't turn off automatic updates (which makes Windows little more than a zombie node in Microsoft's vast botnet), the default setting is also to "send updates to ... PCs on my local network, and PCs on the Internet." Similar for the defaults in Windows Defender.


All obtainable with a subpoena, I would imagine.

No way.


MS is so aggressively international, I can imagine that they might cave to subpoenas from other governments. So now my home country plus at least the rest of the G8 can request my data.

Nope.


The only way to reliably opt out of Microsoft collecting your personal data at this point, is to opt out of the whole Microsoft experience. Everyone knows (or should know) that toggle switches are not guaranteed to do what their respective labels say they would.


As a Windows Insider that has helped Microsoft squash bugs the last few months you must realize that sending bug report data is ridiculously important. Especially on a rolling-release model that this has become.


Hijacking this thread - if anyone used the official media creation tool to get a x86_64 Professional ISO, can you please post MD5/SHA1 hashes? Mine don't match anything on google.


https://techjourney.net/download-official-windows-10-iso-via...

"Note that the file hashes (CRC32, SHA1, MDA and etc.) for Windows 10 ISO images created by Media Creation Tool are unique as time stamps and other factors are different for each computers."


So basically they're saying there are no file hashes for you to check, because the only way to download an ISO is through the Media Creation Tool.

I don't know why they don't just let you download the ISO directly without some pointless middle-man downloader tool.


The tool doesn't just download some ISO, it actually downloads a lot of different files and then transforms the content it downloaded using the user's CPU and resources, producing the wim files that would finally go to the media. Why, I don't know.


Had to go through the entire system and stop Win 10 from sending all my personal info to Microsoft! The need to stop trying to be Apple.


Everyone is ignoring the biggest problem: "apps" everywhere!

(this message was brought to you by someone who earns money through language)


Had to go through the entire Windows 10 and stop it from sending all my personal info to Microsoft!!!!! Stop trying to be APPLE!


Didn't Microsoft run ads on Google collection personal information. Now they are doing the same!


Yep, 'Scroogled' they called it.


Incredible, how does this all fit with Microsoft's 'Scroogled' campaign ?


Too much conspiracy, but how we all wish it was just theories.


No guarantee the switches do what they say.


I hope governments are starting to understand what they have gotten themselves into by using this crap. Microsoft should be banned from all public offices :D


What IS "inking data", anyway?


Nice one pal.


> I am pretty surprised by the far-reaching data collection that Microsoft seems to want. But, I am even more surprised by the fact that the settings all default to incredibly intrusive.

I can't see why anyone would be surprised anymore. This has been going on for years now.


I'm not sure, but I think Windows 8 had the same options and they were on by default too.


"trusted partners" including every single American intelligence agency and whatever despotic and totalitarian regime we happen to be supporting at any given moment.

I guess that "free" upgrade business model includes harvesting data globally to sell to surveillance state agencies through round-about ways <cough> palantir <cough>


[flagged]


Is this really a helpful or reasonable comment?


Okay. Good to know. So, when I decide to upgrade from Windows XP, I will install the legal DVD I have of Windows 7 and stay with that for years!

No Windows 8, 10, etc. for me until Microsoft makes some fantastically strong and solid statements about compatibility with old software, security, and privacy.


If you seriously are still using Windows XP on an internet-connected device, it is not like your biggest worry is sending data to Microsoft.


Have anything specific except for Flash or macros for Word? There is the recent 15 or so year old problem, so far never seen in practice, having to do with fonts or some such.

Otherwise, what's insecure about XP? Or more secure about 7, 8, 8.1, or 10?

Sure, using XP means I'm not cool, but what about actual security?

Or are the crucial parts of XP really much different than those of 7? I doubt it. Until the XP support stopped, the same malware scanning and repair software worked for XP and 7.


> Otherwise, what's insecure about XP? Or more secure about 7, 8, 8.1, or 10?

Windows XP had no UAC and most users were surfing as admin, which was inherently more insecure. Also, XP does not have a bunch of security features the newer Windows had, see http://superuser.com/a/739204. And now without the updates, since security issues are not patched, the system should be open to all kinds of drive-by attacks and whatever was found in the last months. I do not have a list of them.


I read the link and got nothing out of it. I don't even know what the acronyms mean.

I don't understand "drive by attacks": My XP computer has nothing wireless, not even the keyboard or the mouse. Wireless, essentially everything about everything wireless looks to me like a gigantic security problem. Right: I have no smartphone; I have a cell phone someone gave me, but I've never used it and intend never to use it. I see no panel trucks outside looking at whatever radiation my equipment giving off.

I really don't get the suggestion in the link that somehow XP is vulnerable just from being connected to the Internet. I don't have much software listening on IP ports -- I shut down that stuff. I don't use Internet Explorer except rarely at Microsoft sites. I use Firefox and have Java disabled.

I don't let data from untrusted sources execute at software. Really, I rarely download any software, not plug-ins, macros, or anything else.

The link says that most XP users run as Administrator. Well, I don't. I have to run as Administrator for some of my software development, but otherwise I run as an ordinary user.

People used to worry about opening e-mail attachments. I never did or would do such a thing. I run Outlook only in text mode; I never let Outlook trigger the processing of HTML or display an image.

My version of Flash is a bit old and, that means that Flash never runs except when I explicitly permit it to run, and I only do that on no doubt fairly safe Web sites.

I permit Acrobat to see a PDF file only from no doubt highly trusted sources.

I fail to see just why my computer is so vulnerable. All evidence is that my computer is safe enough to date.

Windows XP does support the Microsoft High Performance File System (HPFS), and it has capabilities and access control lists (ACLs) which, going all the way back to Multics, IBM's Resource Access Control Facility (RACF), parts of SQL Server, etc., are relatively good ideas for security.

In time I will convert over to Windows Server anyway, make use of ACLs, use virtual machines, maybe some version of containers, etc.

I don't read removable media from untrusted sources. I never use thumb drives. For CDs and DVDs, I tell Windows over and over, "take no action".

There is a suspicion that once Microsoft noticed, say, way back in Windows 95, that their code was awash in security holes, they first saw the bad news and, later, noticed some good news: Fix the bugs but use bug fixes as a way to get users to upgrade to new software, with more bugs to be fixed, to get people to upgrade to more software, etc. Generally Microsoft wants users of Windows to have to keep returning to Microsoft and paying money. Gee, my processor is from AMD and I don't have to keep interacting with them and paying money.

Considering this suspicion, why should I rush to Windows 7, 8, 8.1, 10 with a lot of new software and bugs?

I look at Satya's face and I know that I can't read it or understand him. I can't trust Satya.

Really my big concern on upgrading is the weeks and weeks and weeks of barbed wire enemas I will have to go through, clicking, guessing, struggling, clicking, clicking, clicking, over and over, for hours and hours at a time, days, weeks, months, screaming in anger, literally, until my throat is sore, literally, as I've done too often in the past, just to get back to a system as usable as I have now.

E.g., now I have my main boot partition backed up so that I can restore it. If that partition gets infected, then I will just restore my most recent backup, which has been apparently solid, stable, and secure now for about three years. I know how to do the restore and have done it and tested it. And I have two other partitions I can boot from to do the restore.

So, how would I do such things with 7, 8, ...? Will Microsoft tell me? Nope. They just want to suggest that they can solve all my problems by migrating my options in Outlook. Bummer.

Now I'm using XP to develop the .NET software for my startup. Here, XP seems fine. But I intend to go live on Windows Server. Windows 7? I have a legal copy if I need it. Windows 8, 8.1, 10, metro interface, integration with XBOX, Surface, and phones? I can't imagine why I'd ever tolerate any such nonsense. A new GUI UI? No thanks: I want command lines and scripts. Office 365? No thanks. I have a copy of Office 2003 -- with lots of patches, and that's fine with me.

Uh, if I install Windows 7 will Office 2003 install? Will I be able to get the patches for Office 2003? If not will I have to buy a new copy of Office? Will I hate the new copy? Likely.

Don't I really want to upgrade now? Nope.


Drive by attacks in that context does not mean wireless. It means exactly what you think is not the case: That just by being in the Internet you are vulnerable. Exploits like http://www.computerworld.com/article/2488674/malware-vulnera... get patched in Windows 7+, but they stay as a gaping hole in your OS. Nothing you described helps just a bit against that.

> My version of Flash is a bit old and, that means that Flash never runs except when I explicitly permit it to run, and I only do that on no doubt fairly safe Web sites.

That does not help. There were flash-exploits for which the click to activate function of browsers were useless against.

> I have a copy of Office 2003 -- with lots of patches, and that's fine with me.

Office 2003 is not supported anymore as well and might contain equally big security bugs (I did not look that up). You open word documents with it, you might be infected.

If you want to stay on a secure system for years where the UI does not change, you will have to migrate to Linux with one of the custom Window Managers like Openbox.


Thanks for the help.

Thanks for a definition of "drive by".

The link was for a lot of versions of IE, some of which don't run on XP. I try not to use IE. Sometimes I had to use it at some Microsoft Web sites. Okay.

Mozilla will let me install a new version of Firefox, but Microsoft won't let me install a new version of IE or let me patch an old version of IE. Bummer.

I'd be reluctant to let my 2003 copy of Word open a file from an untrusted source. I do next to nothing with Word.

Occasionally I run the 2003 version of Excel: I generate the data outside of Excel using whatever software I write and then pull the data into Excel for graphing. I don't try to use Excel files from other people.

So, Flash can hurt even if I don't run it! Wow. Looks like Adobe worked really hard to help the hackers.

Does Microsoft really want the their security holes fixed?

Gee, in a big company, how can people pass around Word, Excel, and HTM files? One infected file, and many of the computers in the company can get infected.

Whatever happened to the idea that a program that reads data checks to see if the data is okay and makes sure that bad data can't cause the program to hurt anything? That was the long the implicit, expected standard, right?

If someone can send me a DOC file for Word and, reading that file, Word infects my computer, then Word is junk, and Microsoft writes junk software. Bill and Satya need to get on the case here.

Microsoft's infected toxic-ware? It's been a long time, Microsoft -- time to fix this stuff.

On time sharing, it was the case that any user could write and run any software at all with no damage to the operating system or to any other user. Why is it possible at all to run software as a user on Windows and hurt Windows? Bummer.

Microsoft, we need some guarantees, or at least strong assurances with, say, a major bounty program, that such things just are not possible. How about a bounty of $1 for the first bug and for each subsequent bug double the bounty? How 'bout that Bill? Risk your fortune or fix the bugs?


Worried about security and privacy...yet still uses Windows XP?


Are people actually believing Microsoft's FUD?

The "security" of newer Windows is mostly anti-user, anti-freedom. XP doesn't enforce code signing, and SFP is only advisory, so you can run whatever you want, hack and customise the OS code easily to get it to behave how you want. Most of the exploits that gave XP a bad name in the early days were from IE in its default configuration, which basically no one on XP will be using now.

It takes time to get bugs get discovered and fixed. There's a lot of new code in these newer versions and I bet they'll be uncovering more bugs in it as time goes on, some of which won't be applicable to XP because the code isn't even present.

As for "privacy"... XP most certainly does not phone home with anywhere near the amount of info that Win10 collects, as this article shows.

I'd be more inclined to say "Worried about security and privacy...but still wants to upgrade to Windows 10?"

My next jump after XP will likely be some form of Linux with WINE - with everything that can phone home removed.


It looks like Windows users are not welcome on HN.


You have four and a half years before Windows 7 "End of extended support" occurs on January 14, 2020. You might want to transition straight to linux or OSX.

Ref: http://windows.microsoft.com/en-us/windows/lifecycle


>security

Can someone still using XP really claim to care about security?


Their commitment to compatibility with old software was what crippled Windows in the first place.


Depends on how old. What I'm running and like would not have run on Windows 3.1 or PC/DOS but did run on Windows NT SP3 and Windows 2000.

But maybe some of that software would have run into problems on Vista.

Maybe Microsoft wants to assume that I will do my typing into Word or Outlook or Excel. No I won't. I type into my favorite text editor KEDIT. I keep my e-mail in files maintained with KEDIT and use Outlook only to send and receive, that is, handle the POP3 interactions. Maybe Microsoft believes that, sure, I will do my word whacking with Word. No I won't; I use Knuth's TeX and, then, PDF.

Microsoft thinks I like their efforts at GUIs -- I hate nearly all GUI efforts and make heavy use of command lines in text windows. The command lines run scripts I wrote.

I make relatively little and light use of the features of XP and still less use of Microsoft's applications. So, my security is not very vulnerable to any remaining security holes in XP.


> when I decide to upgrade from Windows XP

Oh no.


Well, today was the day. I finally got my fill of this site.

Thanks for the memories HN, but this just isn't worth it. I could have been coding. From now on I will be.

Adieu.


May I ask...to those who are so deeply opposed to sharing your personal data with corporations and their partners:

Let's assume, worst case scenario -- you enable every single data sharing option on your Android phone as well as let's say, Windows desktop. And you use chrome browser, logged in, etc. All the time.

Now, the question is: explain to me, what you expect to be the negative outcome and how it affects your daily life.

I am genuinely curious. Or is this just a fear of the unknown and projecting into the future all of the bad things that may happen (or also may not)?


It's rather like stopping paying for your health (or other) insurance. If I don't have it, it probably has no effect on my daily life. All the things I need it for are things that may happen in the future.

Information once leaked is very hard to recover and may have a deleterious effect on your career. Just ask Hulk Hogan.


You are worried your data is sent to MS and sold to advertisers? All your personal data has already been stolen by foreign hackers so why worry? Privacy is already dead. We would need to rethink an awful lot of things to get it back.


> foreign hackers

Don't drink the Kool-Aid.


This looks like all the same sort of stuff Google defaults you into on Android. I mean, not that it's any better because of that, but this is the state of things now. You're not going to find better unless you install FOSS. Unless you're ready to go full-in on one of the BSDs or a Linux-that-isn't-Ubuntu, navigating the waters of figuring out how to get a phone that has all the features you want with such an OS, figuring out how to do all the work you need to do, then you're in for a penny, in for a pound.

Apple, Google, Facebook, Twitter, LinkedIn, the FBI, NSA, CIA, DHS, they all have my data already. Thanks to OPM, the Russians and Chinese probably have my data now, too. What does it matter if Microsoft has it? They probably already have it. Maybe it's even better to make sure everyone has my data, rather than allowing it to be used as a competitive advantage by one or a small set of corporations. Cat's out of the bag. Horses have left the stable. Whatever other metaphors you want to throw in there.

So decide, and decide now: either go full-in on FOSS, or shut up and eat your cookie. Otherwise, this exercise hasn't been about privacy, it's been about anti-Bill-Gates-and-Steve-Ballmer-Microsoft sentiment.


Excuse me if I just don't fully comprehend your argument, but isn't FOSS an orthogonal issue to this? After all, even if software is open source, that doesn't stop it from mining your data. You just know that they are doing so. I suppose you can remove that feature, but it seems you're also able to disable the features here as well.

In any case, I'm all for FOSS but it doesn't seem to be a solution to this problem, which admittedly, is not even really a problem to everyone.


Yes, I agree that it's not really a problem for everyone. The issue isn't actually privacy. The issue is "find a reason to bash on MS for this month".

Now, I think the incentive structures for FOSS projects are a little different such that the FOSS environment isn't going to converge on the idea of collecting such data. But clearly, throw any sort of system that wants to make money into the mix, coupled with the fact that users just refuse to pay for software anymore, and every giganto corp from Mozilla to Canonical are going to independently come to the same conclusion of collecting this sort of data.

The problem is not that privacy is important. The problem is that privacy isn't as important to people as not having to pay cash for software. So the people who are complaining about this are never going to be happy with anything Microsoft does. Either MS collects too much data, or they are tone-deaf to the market and aren't keeping up with cutting edge features. Either MS "hides" non-default settings, or they are falling behind in the state of the art of UI design.

I mean, Apple or Google wouldn't have even given you the little link that people have been complaining about as "hidden", even though it's right there on the screen. They would have expected you to hunt the setting down in some settings dialog somewhere. What MS has done here is standard MS UI design theory, has been for over two decades.

But it's cool to bash on MS. And the only way such people are going to be satisfied and stay consistent, is to completely bail out of any software where anyone involved has a need to make income.


"Now, I think the incentive structures for FOSS projects are a little different such that the FOSS environment isn't going to converge on the idea of collecting such data. But clearly, throw any sort of system that wants to make money into the mix, coupled with the fact that users just refuse to pay for software anymore, and every giganto corp from Mozilla to Canonical are going to independently come to the same conclusion of collecting this sort of data."

Making money from either advertising or additional services are definitely incentives.

The other one worth mentioning is that trying to make platforms popular with users drives integrating on-line services as well as using more information from the user to deliver advanced services. At the moment local applications are at a disadvantage compared to on-line ones because they don't have as much data to do clever things with: Gmail vs Thunderbird is a good example. General users want the convenience of services like digital assistants - and while some of it can be done with local processing, some cannot.


apple and google are scumbag corporations (not only) when it comes to privacy... so is it OK if another big corp joins them? you basically say yes, I say NO.


If by literally saying no I am basically saying yes, then I guess I have a lot to work on in terms of writing clarity.


One big advantage I get from my Mac OS over FOSS solutions is that they have an incentive to constantly improve their product. Do you know a single professional designer using a FOSS Illustrator? How about the FOSS version of Keynote? Or the FOSS version of Final Cut and Logic? FOSS isn't the answer to every question. FOSS is like a city bus; reliable enough, cheap enough for everyone and goes mostly where you want to go despite the occasional smell or sleeping vagrant sprawled across the seats. However, it certainly doesn't compare to driving your own Mercedes.

FOSS is certainly great, but it isn't the end all be all, despite utopian hippie delusions to the contrary.


If there are reasonable opt-outs, then you can have your cake and eat it without jumping ship to Linux/FOSS. (And, to a lesser extent, you might face the same problems there, e.g. with Ubuntu)

The problem is that with all platforms, the opt outs are hard to find and, even worse, hard to even know when the opt outs even exist.


Opting out still leaves all the non-technical people who don't know about or understand the opt-out to whatever abuse MS (et al) wants to put in the OS?

Worse, you are still financially supporting these decisions by either buying the OS or adding to the usage counts. By "opting out" while still using the OS, you're still asking for more of this crap in the future.


Microsoft's privacy policy reflects the fact that Microsoft has to comply with the most conservative interpretation of the most restrictive privacy regulations from the set of all privacy regulations found anywhere in the world. It amounts to "Microsoft does not guarantee privacy." The reason is that Microsoft cannot make such a guarantee because of the diversity and strength of privacy regulations.

I'm not saying that strong privacy regulations are a bad thing or that Microsoft's policy is a good thing. Just that Microsoft's policy reflects reality where competitors and activists and politicians are inclined to use privacy regulations for purposes orthogonal to any actual concern about privacy. The connected world is full of caches and Microsoft does not control them. Users can do stupid things that Microsoft cannot prevent.

Agree with the terms and use Windows. Don't use Windows if you disagree. The website hosting the blog runs google-analytics by default. It doesn't ask my permission. It runs Disqus by default. It doesn't ask my permission. The privacy badger ate too many cookies and died years ago. Microsoft is late to the wake.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: