As a longtime Windows 7 fan that refused to upgrade until I finally bought a new laptop with it I have been absolutely shocked by Windows 10's aggressive user-hostility.
The way they reset settings after forced upgrades should be criminal.
The way the user has no control over certain Microsoft processes unless they have been lucky enough to be allowed to pay for a Group Policy Editor license should also be criminal.
The ads, the nags, the surveillance.
It is not an operating system I can use anymore. They have lost me for life. I'll be switching to Mac and Linux from here on out.
Yeah, I just helped someone set up a new Win 10 laptop and I felt so bad for them with how unintuitive and instrusive of a process it was. It pushes you towards making/using an online Microsoft account, and making a non-internet account on the computer is a tiny text button (no outline, just text) which NO computer novice is going to know. Can only guess how many users have their online identity now permanently linked with their home computer usage because they thought they have to. Just seems so predatory and manipulative.
I mean, at the bare minimum, software companies (especially the most prominent and prevalent ones) should be adopting the "principle of least astonishment"[0] and not enabling sketchy crap by default. Also simply starting up a new computer and getting going shouldn't require paging through 5+ pages of inexplicable configuration steps that cannot possibly be effectively summarized by a one-line 12pt-font description.
I'm about to set up a new PC for a relative with Win 10 Home, parts have just arrived. Any advice on set up procedures or things I can do to keep Microsoft from spying on them and collecting their data?
Or is it just not possible any more? Surely I can install the OS without creating a MS account? My intention is to disable all the nags, bloat and advertising bullying, leaving only an essential OS that doesn't bully my non-technical relatives.
You can have an offline account which is not connected to a microsoft account in any way. They try to force you to connect a microsoft account. There are scripts that disable all telemetry - reddit.com/r/tronscript is a good resource. The issue is that we don't know when Microsoft turns it back on.
Okay thanks. The PC I'm assembling is for an 80yo guy who doesn't trust the internet, and would be horrified to learn how much Microsoft wants to track his usage.
I won't be telling him about that. He deletes emails and even text messages as soon as he's read them, for fear of them causing problems. The last thing he wants is Windows popping up some message, contextually trying to be smart and know what he's doing without him inviting that bot into his world.
> The PC I'm assembling is for an 80yo guy who doesn't trust the internet
Why are you setting this guy up with Windows 10 then, instead of a system that actually respects the user and has decent security, like Debian GNU/Linux? (There is an enduring notion that Debian systems are hard to install or administer for the casual user, but one might argue that it is 5 years out of date - maybe even 10 years out of date.) Does he rely on some Windows-only hardware or software of some sort - and if so, could he run that on a dedicated, airgapped system?
Does he need any Windows-only software? If not, set him up with Linux. He's less susceptable to clicking on the wrong thing and getting malware as well.
There are some very user-friendly GUIs out there that are easy to install.
Yeah as someone else said, basically just create an offline account (there will be an option at the lower left of the screen when it's asking you to enter your Microsoft account address, IIRC). Then throughout the process basically just uncheck all the options for various metrics reporting. I believe there are some open source scripts to disable even more stuff, but I haven't tried that myself.
Oh also, I seem to recall I had to disable/hide Cortana _after_ the setup, as there was nothing in the initial computer setup that allowed me to turn it off (again, IIRC).
There's a (more than one, really) wonderful free operating system alternative that you can install on almost any PC. At the very least, you can dual boot.
Please don't act as if Linux was a viable alternative for everything. It's not. I appreciate trying to prod people, but this came off very elitist.
-- someone who's been using Linux since 1998, Linux desktops for work stuff since ~2008 and has more machines with only Linux at home than ones with Windows, but still spends the majority of recreation time on a Win7 box because not all games run nicely with Wine, or at all.
I don't play video games on PC, and neither do most 'normal' users. Most people use PC for browsing the web, writing email, and creating documents. Many people do play games on PC, but not most.
Vote with your dollars. What do you care about most? PC Video games, or having an operating system that respects your freedom and privacy? Critical mass starts with you too, if you want PC Video games that run on free operating systems, us those systems and the vendors will follow.
While not a 'normal' user as such, I've used only Linux at home and at work (Win VM at work occasionally for rare corporate stuff). I develop software, control my guitar amp and audio equipment, play video games, do photo processing, watch videos ....
No, it's not a viable alternative for everything, it's damn close. Valve is doing some incorporation of Wine into Steam that should make many "Windows-only" games play effortlessly.
Don't use Linux if you don't want to obviously, but complaining because you can't play all games written for a completely different OS is a valid complaint. If you know people that are concerned about surveillance and privacy, don't scare them away. At least tell people about multi-boot.
I'm going to go out on a limb and say that anyone surfing HackerNews for fun can easily get their favorite games working in wine, so I'm not sure who that guy is warning off
> Please don't act as if Linux was a viable alternative for everything. It's not.
Please get over the idea that linux will ever be a 100% perfect drop-in replacement for windows. If you can't accept that their will be some pain involved and things they have to give up then you should expect to be stuck in this abusive relationship forever.
> Please get over the idea that linux will ever be a 100% perfect drop-in replacement for windows
Are you saying that generally or to the person to whom you responded, because it looks like you're both saying the same thing with the current wording and I find it a tad confusing.
We both recognize the difficulty but OP doesn't seem willing to accept the self sacrifice necessary to get to the end goal, which is what I was attempting to emphasize.
As long as MS know that people aren't willing to make sacrifices (and we're using the term loosely) like that they will have no reason to change and the cycle will continue.
I would like to live in a world where the parents comment could be interpreted as talking about openbsd / freebsd etc. (Parents username notwithstanding).
It came off very elitist to assume I am running on Windows too. My comment was written from Ubuntu, yet I had to buy a Win10 license last time I bought a laptop.
How do you feel about critical mass for average users though? Debian updating its repositories every two years is kind of antithetical to the android and mac idea of software repositories. I've not tried elementaryOS, but I thought it was similar.
Debian updates its stable release repositories every two years (aside from pure bugfixes and the like, of course) because this is what it takes to have a rock-solid software release-- with a truly negligible amount of issues for the computer-naïve "average user" to be bitten by-- given the resources they have at present and the overall state of upstream software. If people want more frequent updates, coupled with the same overall reliability that Debian has always been known for (far more than many other Linux distributions), they're welcome to contribute.
Average users hate updates, that's a major reason MS (and others like chrome) have to be so aggressive about forcing them, it's why so many stick with XP and 7. They hate security updates because they're an annoyance that does things they don't understand and they hate app updates that change the UI under their nose.
If you gave them a system and promised nothing major would change for 5 years they'd be thankful.
You can run fully transparent updates in Linux using tools from Canonical, Oracle, etc. I have absolutely no idea how people put up with how badly Windows does updates, and really, XBox is not far behind.
Products that serve ads and sell your user data should be free, see Facebook or Google Search.
If I fork out money for a product, I expect to do what is says it does. To have Windows auto update and serve ads in the start bar or lock screen is just too much
The only user-hostile behavior I mostly agree with his forced, frequent updates.
It would be better if:
1) Microsoft didn't beta-test with actual customers.
2) Microsoft figured out how to update things without restarting so commonly (as I understand, this is due to how files are locked and how dependent services are updated).
3) Microsoft didn't push out unnecessary crap as "critical" or essential/important updates.
4) Microsoft didn't force updates on shutdown.
I mean Apple has made their phones the preferred secure devices of several organizations because of how well they keep them updated. It's a pain for me in IT when an app wants to require a recently-released version of iOS, but I do see the benefit to forced, frequent updates.
My Win10 PC sometimes wakes up in the night to complete an update and reboot. My working sessions are lost as a consequence. And since my PC reboots to Linux it stays up until I wake up due to the humming. Quite annoying.
This morning I researched a way to turn off these forced updates but Win10 wouldn't let me apply the option without entering some obscure credentials that I don't know.
But wouldn't it be better if your apps supported hot exit, so you could wake up the next morning with updates already installed AND all your work still there?
Well, they don't. And more generally, restoring the original session state, whether after a "hot exit" or not, is not really possible. Processes are bound to a running OS. Shutting down causes closed file descriptors, broken TCP connections, and what not. No matter how much effort you are willing to put into restoring a session, it will be unreliable at best.
It's a standard expectation on mobile that all apps should work that way, and consumers seem to like that pattern better. So is it really anti-consumer to try and push app developers in that direction?
Dude, this is not mobile. I'm using my Desktop PC for real work. Desktop applications are more complex and have more complex interaction patterns than mobile apps. I might be able to restore my session manually (lose an undo buffer here or a private browsing session there) but its still an annoyance.
My KDE desktop will restore about 95% of my previous session in its previous state on restart even after a crash or power loss. It doesn't restore private browser sessions or running games in their current state or anything like that. But it restores most of my desktop software to exactly what i had open with undo buffers, terminal states and just about everything exactly the way it was.
I'm not trying to excuse microsoft....if anything there's really no excuse for them not to have a proper session restore and non-forced updates that don't auto-restart your computer.
Just pointing out they really dropped the ball twice here.
There's no reason desktop apps can't by default use near-continuous saved state and assure completely persisted state on shutdown request.
They usually don't, because of historical UI paradigms, but there is no reason they can't. It's universal on mobile because mobile rebuilt UI paradigms from the ground up, discarding desktop legacy nonsense in the process.
Mobile apps don't restore very well either, but it doesn't matter so much. There is usually not much to restore because they have less state.
Let's say I have a private browsing session. Or a password manager session where I've been manipulating an unlocked database. I might have manually mounted a file system over the network and might have a bunch of programs running, editing the files over there.
You cannot restore these things automatically after a shutdown. It's annoying each time, and sometimes you are simply going to lose data.
You are presenting situations that are hard but not impossible to deal with.
If you can keep the stuff in RAM, you can also serialize it to disk and then restore it from there. The only thing you cannot do is reply to external inputs during that time (so keepalive connections may be a problem if your updates take too long), but that can also be dealt with.
> The only user-hostile behavior I mostly agree with his forced, frequent updates.
.. by default.
An owner should always have the final say in what his machine does. If they choose to disable automatic updates, then that's their prerogative and they bear the consequences.
I've noticed my computer now restarts, reopens all the applications I had running, and sometimes even has them all in the same positions I left them in. If I didnt get signed out of Steam and my VPN wasnt open I wouldnt even notice half the time.
I want to be able to decide if my computer updates... It's not even that big of an ask.
As for the opening of you windows after a restart/shutdown that too is a Registry or Group Policy change you can make to adjust its behaviour (They may have promoted the setting to somewhere in the settings app since I changed the behaviour myself)
Basically if you don't want it to reopen your applications / windows when you next log in you make a small change to the shutdown command that executed when you shutdown in your preferred method (If you shutdown / restart with a certain flag windows won't do this).
EDIT: A quick google tells me they have indeed promoted such behaviour to the Settings App.
To change this setting, head to Settings > Accounts > Sign-in Options. Scroll down to the Privacy section and set the “Use my sign-in info to automatically finish setting up my device and reopen my apps after an update or restart” option to “Off.”
AND
launch File Explorer, click the “View” tab on the Ribbon and click the “Options” button. On the View tab, scroll down and locate the “Restore previous folder windows at logon” option. Ensure it’s unchecked or Windows will reopen any folder windows when you sign into your PC.
Even a full Shutdown/Restart, I open the machine and boom, Chrome opens and the speakers are blasting whatever I had playing on YouTube the day before.
Shutdowns should be respected. What if I had something inappropriate open before doing the shutdown ?
I actually had it happen on me.. visited certain websites, pressed "Restart" in Windows and left the room, computer came back on with Chrome displaying my last session in its full glory. Thankfully no one else was home.
Apparently Microsoft is doubling down on "we will make things CONVENIENT and you WILL like it!".
Incognito mode should prevent one aspect of that - Chrome won't remember what it had open as soon as the tab is closed (useful for bank account info, etc).
Then you know that and quit Chrome first. I made similar mistakes by simply closing the lid and going to work, but it's always my fault and not the OS's.
I won't restart my chrome now, but i'm pretty sure a YouTube tab will only keep playing if it's in focus.
> The way the user has no control over certain Microsoft processes unless they have been lucky enough to be allowed to pay for a Group Policy Editor license should also be criminal.
regedit.exe All the tweaks I make to friend's & family's machines can be done in either the registry or in GPE, Its just GPE is a bit more user friendly than regedit but when I've come across a home licensed machine I can still make all the needed tweaks in the registry.
> The way they reset settings after forced upgrades should be criminal.
They have stopped the resetting of privacy settings after updates. I only notice major resets with large insider build updates (But those updates are more "refresh installs" then "Update installs" so I will let them off on that one) apart from one thing...
Audio. Seems like they are transitioning audio config from control panel to Settings and every now and then they reset my preferred audio settings But I do have a pretty weird audio set up.
> They [Microsoft] have lost me for life. I'll be switching to Mac and Linux from here on out.
The power you rightly object to is not limited to Microsoft, or the Windows OS. That power comes from the power of proprietary software over the user. All proprietors possess that power and leverage that power largely in ways we can't describe in detail until it is too late to stop it from being used against users. But we know that all proprietary software is untrustworthy precisely because it doesn't respect a user's software freedom.
Microsoft got caught leveraging that power against their users before, this isn't new. But given how long it took us to learn about some of their abuses, it's a safe bet that there are other ways they have of using the Windows OS to report on the user without their consent and do anything else the endpoint is capable of doing. After all, Microsoft has a universal back door on every version of Windows. Since a lot of those endpoints are connected to the Internet, it is not hard to get those endpoints to do whatever Microsoft wants them to do.
Switching to Apple won't address the underlying problem -- a lack of software freedom. There's plenty we know about Apple's proprietary malware too listed at https://www.gnu.org/proprietary/malware-apple.html. But picking one proprietor over another isn't gaining freedom, it's switching masters.
Consider a free software GNU/Linux distribution (some are listed at https://www.gnu.org/distros/free-distros.html) and run it on hardware you get to control (https://www.fsf.org/ryf has pointers to such hardware), and then install nothing but free software on top of that. That will go quite a ways to keeping you in control to the degree you're willing to look into things or have others do this work for you. I find it's a big job I can't do all myself, so I have to trust others in this. There's no known guarantee against malware. But a free system is the best practical means to avoid malware, and computer security is impossible without free software. The structure of proprietary software immediately tells me that we simply can't do away with the malware you mention if we run proprietary software. You'll also need to have a stiffened spine against those who try to frame the issue around convenience -- run the software on this website, install and run this program, etc. -- because there are a lot of ways to run proprietary software on your computer these days (installed or not). Liberating yourself from forced upgrades, ignored/reset settings, advertising, nagging, surveillance, DRM, and more is all possible. But not with proprietary software.
Many free-software and open-source advocates would of course not be shocked at this. They would tell you that this is why it is a grievous mistake to rely on proprietary software for your baseline computing needs. And of course Microsoft LOVES open source these days, so it has selflessly embarked on a mission to prove them right.
As far as everything on the internet tells me, GDPR was made for exactly this reason, to prevent this kind of data collecting without the users consent. But what is happening instead is that small companies, starrups, etc. are getting fucked over by the sheer amount of "rules" they have to follow and implement while large companies can get away with collecting everything and anything, leaking personal user data all over the place, etc.
Conclusion: GDPR was made to help monopolies grow even larger and prevent smaller companies/start-ups from ever growing more than just a little bit. Change my mind?
So it's ok for small companies to leak personal data?
Doctors' surgeries are small companies here in the UK.
The issue here is that literally every company across the world doesn't give a crap past the end of their nose and has abysmal data protection policies in place because it affects the bottom line. They introduced local legislation to help this and a few large fish got fined and that was it. Ultimately it wasn't worth doing anything about it because it wasn't an operational risk.
GDPR is about making it a major operational risk to do a shitty job. The rules should be the same for every company and the fines proportional, which they are.
The "sheer amount of rules" isn't a lot really and you owe it to your customers.
Conclusion: most of the anti-GDPR whiners are worried about spending on data protection and training because it hurts the bottom line. Change my mind?
> So it's ok for small companies to leak personal data?
The GDPR doesn't just require companies not to leak personal data, it's a huge complex regulatory framework designed to handle the megacorps it was passed to target and imposes unnecessarily high compliance costs, and those costs disproportionately affect smaller entities.
In particular, it is possible to have perfectly sound data protection practices that would never lead to leaking personal data, while still not being in compliance because they're not the specific ones required.
These specific unnecessarily complex rules or total anarchy is a false dichotomy.
Do you have any specific cases of how much the GDPR has cost to some small companies? My experience (I work in the EU) has been that the GDPR has not particularly difficult or expensive - and in particular it was easier than ISO9001, which we also implemented at a small company -, but I don't have any hard numbers.
> Do you have any specific cases of how much the GDPR has cost to some small companies?
I work at a medium sized company and know they had to retain a few lawyers at $500/hr to explain what changes had to be made to be GDPR compliant. The changes themselves were not too hard, but hiring the lawyer and knowing what changes to make were.
> I have done GDPR prep for my one man limited company. Took about a day. I don’t even use that company!
How sure are you that you're really compliant? You did it yourself, do you know all the rules? Have you seen how they have been enforced and where the trends are going? Doing a half-baked review isn't good enough for most.
Major operational risk is not linear. Joe's Coffee shop doesn't have an army of lawyers to defend their collection and us practices that would possibly be lawful, while BigCorp has an army of lawyers to successfully defend their unlawful practices.
Even if the fines scale (I don't know what the punitive measures are) the cost to litigate won't.
The regulatory agencies don't start with litigation. If you are unintentionally out of line they will contact you to fix it first, and if you do so in good faith that will be the end of it.
How do they find your are in compliance or not, through what methods? Anonymous complaint? Random audit? What if you decide you are in compliance and what they deem unallowable is critical to your business?
I know what bigcorp's strategy is! Outsource data collection to a 'marketing analytics' firm that specializes in 'GDPR compliance'. Sounds like a new boutique consulting industry.
Similar situations exist for small businesses in the US already, we call them the "IRS" While you might argue that if you don't cheat on your taxes you have nothing to fear, the IRS might decide you took some deductions you shouldn't have, pay up or litigate. If you successfully defend? Oopsies, we might audit you again for the same thing next year (happened to a friend of mine)!
> Conclusion: GDPR was made to help monopolies grow even larger and prevent smaller companies/start-ups from ever growing more than just a little bit. Change my mind?
The conclusion you should be coming to is that if Microsoft is doing this they will be hauled over the coals in a really quite painful way. Not this month or next, because the GDPR enforcers are snowed under at the moment.
As for the “rules” small businesses have to follow to be compliant, for the most part I strongly believe that they just codify the things people should be doing anyway: Thinking about how you collect users data, why you need it; how long you keep it for; how you secure it; who you pass it to - how they use it.
1) regulators are bringing first rounds of sanctions against Google, Facebook, and large Banks.
2) the sort of data GDPR protects is typically only valuable for larger companies -- you're definitely not running a small business selling to <10,000 customers if your business model is selling data for, say, $6.18/user (Facebook's return).
> what is happening instead is that small companies, starrups, etc. are getting fucked over by the sheer amount of "rules" they have to follow and implement
Nope. The GDPR is a European-style regulatory framework: it sets out principles and expects people to apply them in a reasonable and sensible way. The national regulating agencies are there to steer organisations into doing the right thing, rather than beating them up when they don't. I have literally telephoned the UK regulator and had a polite conversation when I needed a clarification of a particular point in their (most clearly written) online guidance.
The regulators do have strong powers so that large and well-funded companies can't just deploy lawyers to get away with things. Cambridge Analytica is one obvious case: they tried to play games with a GDPR regulator, and got a very hard smack-down.
That is probably a standard side-effect, but I doubt the GDPR was proposed with the intent of helping the Google, Facebook and Microsofts of the world.
Now that I think about it, yeah, I think Microsoft is probably gonna land in some big trouble with GDPR because of this. There's not really a way out of it because of how little control they give the user. I think it's just going to take time, because there's so many high-profile GDPR cases going on right now.
Plus, it's not like the big companies can afford to get hit by GDPR in a way that small companies can't. GDPR fines are based off of the company's revenue, which works well for preventing Microsofts from making more money from doing it anyway and paying the fine.
What data are you collecting and do you share/sell it?
Do you collect more then you need? If yes why and is it hard to provide the option to the user not to collect non essential data ?
What part of GDPR is the one that is giving you a lot of work and you think is a disadvante for a small startup? If the answer is that I want to move fast and not think about securing the data, making it easy to delete etc then moving fast is not an excuse, you should secure the data from the start, follow the laws when the data is leaked etc
Regulation in general tends to be a regressive tax. Larger companies have the bureaucratic overhead to handle it and can also often lobby or litigate their way around it. If they do get tripped up they can pay the fines or hire lawyers. Smaller companies have neither the time nor the money to deal with regulatory complexity.
Small companies can and do abuse personal data just as well.
I'll never forget how some period tracking app that my partner was using was updated with much more invasive privacy policy terms. It was take it or leave it, no way to use the app any more except by clicking the accept button.
In the US, we have rules to stop this sort of thing for e.g. background check data. If you collect personally identifiable information from a third party, it's the same as if you collected it yourself.
> The requirements for small companies are less stringent.
Conditioning various minor requirements on entity size is no help if they don't actually reduce the complexity. Otherwise the cost of determining what they have to comply with is as expensive as the cost of determining what they have to do to comply.
What smaller entities need is an entirely separate framework with fewer, simpler, narrower rules that don't have to be as robust against a huge team of lawyers finding loopholes because smaller entities don't have a huge team of lawyers finding loopholes.
Then you can have an entirely different set of robust arbitrarily complex rules that all only apply to companies with more than 1000 employees because they can afford to handle the complexity.
The recent MS behavior is baffling, like one suffering multiple personality disorder. Policies both customer-friendly and actively hostile at the same time. Leadership really needs to get everyone "on the same page" (groan) and decide if they want to stick with being evil or not.
Agile software development practices. Nobody created a user story for 'respect user's settings during upgrades'. If I had to guess, the settings were renamed/refactored and default values were enabled by default. Or perhaps the 'system upgrade service' doesn't talk to the 'system user setting services' and has no way to discover those settings.
There's so many innovative ways to write terrible software, Microsoft is truly a pioneer in this area.
Come'on I was taking a shot at dogmatic agile beliefs and Microsoft in one swing!
I mean to say that strict adherence to 'agile' without qualified engineers and management results in obvious features missing because the left hand isn't talking to the right hand. The jab at Microsoft is to imply they employ such a detrimental process because it's the only conceivable way to arrive at such a poor quality product.
I don't think Microsoft is engaging in what it believes is predatory behavior, I'm confident that someone in a suit somewhere is cooking up all these 'good ideas' about collecting 'metrics' and their underlings faithfully implement these 'good ideas.'
Their behavior is bad, I don't condone it. I also don't use Microsoft products (see username).
Let's phrase it differently: agile causes two teams to desync.
If for whatever reason to teams become siloed and are agile: if their sprints don't line up, then requirement thrashing causes agile hell.
A needs Y
B is working on X
Given timelines: B must quickly switch to Y or A must implement it without support from B.
The biggest problem I have with software development is coordinating 100 TEAMs to operate on the same page (I own a library of interesting and old functionality at my company).
This happens on occasion, without someone to reign in affected parties: things rot faster from be features than can be managed
Yeah the adoption of open source and getting involved in that community is great, but then all the user-hostile product decisions have me like "make up your mind!"
> The recent MS behavior is baffling, like one suffering multiple personality disorder.
It's not baffling, open source was a threat. OSS tools frequently have second rate windows support so it was a threat to windows servers, mssql and possibly they're desktop. They don't wont <next killer app> to not work in their ecosystem.
They build OSS tools where they're own products always have first class support to ensure their relevance, not out of any sort of goodwill.
I don't get it. This article and Reddit post is very misguided.
Why are people upset that you're sending data to Microsoft if you enable the settings in Windows that specifically allow Microsoft to collect this data?
Maybe I'm biased since I run Windows 10 Pro but you can simply turn off activity history and set your diagnostic settings to basic. Now your non-anonymous data won't be sent to MS (unless they are secretly sending it against your will which is a totally different topic than this article).
I don't even have a "privacy dashboard" that this article and the Reddit post speaks of because I log into Windows with a local Windows username, not a Microsoft Live account. If you're concerned about privacy, why would you login to your OS using a Microsoft Live account?
This really sounds like people using the default settings without looking into protecting their privacy then saying Windows is evil because they didn't check into the settings of their operating system.
In other words:
1. Use a local Windows login, not MS Live
2. Set your diagnostic data to basic
3. Disable activity history
Also as a bonus step, if a big content update happens in the future and it introduces features that sounds like it's an invitation to be spied on, double check your settings after patching to make sure they're disabled.
It is lame that telemetry exists in the first place, and don't get me wrong, I hate things like being forced to patch / reboot for MS updates but if you volunteer to use Windows, it's the price we have to pay for the time being.
After spending two days to setup my Win10 Procame some glorious update and MS decided to reset settings on their own. That was the first and last time. Next day I downgraded to Win 8.1 Pro. Win 7 Pro memory and disk usage can't be compared to Win8 or Win10, but I'm happy.
Those are shady steps taken by MS but I don't experience them with Windows 10 Pro. Maybe it's only isolated to Windows 10 Home?
I still double check all of my privacy settings after a major content patch, but so far so good. I keep nearly everything disabled too (basic diagnostics, limited access to my webcam / microphone, Cortana is disabled, no timeline, etc.).
It nulls out a bunch of telemetry related addresses in your /etc/hosts file, and allows you to configure over a 100 different privacy settings from 1 place.
Microsoft have a long history of overriding and ignoring hosts configurations to their own addresses so I am skeptical on the utility of this. I think you might be a little too trusting.
I do not have time to repeat the efforts outlined by government contractors in the above links with this add on applied, I doubt you do either.
They do ignore the hosts file, it’s true - but they don’t ignore windows built-in firewall. I used it to blacklist a bunch of hosts when I had wireshark open to diagnose an unrelated problem and noticed all my keystrokes in the start menu search box were being sent to MS, as well as details about every application I launched. The search box keystrokes were going to onedrive - presumably to show me files matching from there, but I don’t see why they can’t download a list of files and locally search that. Sending every keystroke in that box is unnecessary.
I don't think it's a matter of being too trusting. I know what I'm getting into by using Windows.
I don't sweat it because I know I did everything I could on my end to minimize being spied on without it really affecting me in a negative way. Like you said, I don't have time to match the efforts of full time govt employees.
I spent a grand total of 30 minutes researching and tinkering with privacy related settings since I started using Windows 10, and I'm ok with that.
I use the tool I linked not only for modifying my hosts file, but it's a 1 stop menu to access all of Microsoft's scattered privacy settings.
No, I understand that I'm not in full control over what MS does with privacy related settings.
By using Windows, I'm accepting that, and in my case, instead of hunting through 15 different privacy settings screens in the control panel, I use that app to have them all in 1 place.
You conveniently left this out of your original comment, where you called people silly for not having things configured correctly.
This is a bit like saying that you've never had a problem with your car guzzling gas, or falsifying emissions, and then later casually mentioning that you actually own an electric motorcycle.
> You conveniently left this out of your original comment, where you called people silly for not having things configured correctly.
To prevent the issue the article spoke of only requires setting (2) options in the standard Microsoft settings, and also not signing in with a Live account.
Stopping an OS from collecting my data should not require research. If it's anything but a clear, comprehensive choice that you make when you install the OS and stays made forever, something is fucked.
> if you volunteer to use Windows, it's the price we have to pay for the time being.
> If you're concerned about privacy, why would you login to your OS using a Microsoft Live account?
Why would I expect there to be a difference in my level of privacy between the two? This is frankly a ludicrous thing to expect users to understand. I would certainly not expect this.
> Why would I expect there to be a difference in my level of privacy between the two? This is frankly a ludicrous thing to expect users to understand. I would certainly not expect this.
I don't know. Maybe I'm just old and paranoid.
As soon as the Windows installation menu requested to link a MS Live account to my Windows login, I thought "wtf, when did MS require having an online account to install Windows?", then I clicked whatever sub-link was there to create an offline user account instead.
It seems natural to me that they would try to log additional information about you and then store it "in the cloud" if you used an online account to login to Windows. Not only that but now they have a direct way to convert anonymous data into non-anonymous data through your MS Live details.
Whether or not their documentation is exhaustive is another issue, but they do at least provide non-ambiguous wording on what's being collected. There's also other links to see what's collected using full instead of basic (check the sidebar).
Unambiguously-worded it may well be, but there's obfuscation through overload, particularly when writ in explicit technical jargon.
I consider myself a fairly knowledgable computer user (I've been using computers for 35 years, Windows since 3.1) and the page you've linked there means nothing to me - what hope has the average consumer?
that's a bit disingenuous: the issue here is that even if you turn off activity tracking, activity is still tracked if you have error reporting enabled, a setting that is much less explicit about what it is collecting.
> A setting that is much less explicit about what it is collecting.
It's pretty explicit on what it's collecting given the article's context.
The linked article's tagline is:
> Microsoft baffles Windows 10 users by apparently collecting data about recently opened websites and apps when users have opted against sharing that information.
But if you look at the help text next to the radio button in the diagnostics settings it specifically says if you turn it on it will track which websites you visit (among other things).
There are other things that get tracked which is less explicit in the wording, but then again, you can set this to "basic" and then it's only anonymous data that gets sent.
If someone is serious about protecting their privacy and happens to be stuck using Windows, in my opinion it's their responsibility to at least look at the configuration options of Windows.
If you think your 3 points cover privacy for Windows 10, you are grossly underestimating the extent of the problem, and have no idea what you are talking about. It's not even possible to outline in a comment twice as long as yours how to go about configuring Windows 10 to prefer privacy.
Yeah I stopped using Windows years ago. However my clients still get stuck buying 10 on new computers. I try to explain the downsides but mostly they resign themselves to it since they don't want to learn a new OS.
Best I can do is only setup local accounts for them, turn off OneDrive, and have them run O&O's shutup program periodically (like monthly) to help mitigate Microsoft's pervasive, invasive data collection:
Another nail in the coffin of MS telemetry apologists.
Really, MS is freaking evil when it comes to this stuff. Wonder which asshole greenlighted this huge telemetry push. Must have been sanctioned from the very top.
"I'm a huge privacy advocate, but telemetry doesn't have to be a dirty word. With PowerShell Core, we went through an RFC process to define our telemetry goals and implementation[1], we publish our data to a public dashboard[2], and all of the telemetry source code is out there in the open[3]. Our telemetry enables to help drive prioritization and decisions around platform/OS usage, and disabling it as simple as setting an environment variable[4]."
That's basically MSFT policy:
1. Telemetry is good for you
2. We do X, Y, Z (but forget to mention the times they got it wrong like the environment variable didn't work on Debian packages they built for .net core).
3. Default is opt out, if you can (windows 10 pro has no opt out option).
4. Stick fingers in ears.
MSFT, you can go to hell at this point. This is just disrespecting and abusing your customers. I will ALWAYS put a privacy respecting vendor at the top of the list.
But think about all the cool contributions they're making to open source! They've really changed their ways!</sarcasm>
Microsoft is indeed, Evil. Not evil as in mustache-twirling damsel-on-track-laying villain, but evil as in how cancer or ebola is evil. Those who place their trust in that (or any other) company deserve what they will (inevitably) get. It's not that have malicious intent. I don't think about the countless numbers of microbes that my body destroys everyday either.
It's just, you know, Business™: Humans are resources, and resources are to be used.
The first point is a worrying one despite the sarcasm. They are attaching themselves to a lot of major open source platforms and projects. I don’t think this is the old embrace, extend, extinguish approach but something new and unknown.
They’re doing too well and doing bad things too often for me to feel sorry for them.
They're just a cursed company. Their culture is so disconnected from what users want that they're incapable of ever making a good product. Nothing will ever change within them, no matter how many times they remind us that they Love Open Source.
I think we’ve passed the point of simple choice for a lot of technologies now. If you expect people to stop using X, you need solutions to stop using ecosystems Y and Z, plus convince them to retrain and probably repurchase some apps.
And I somehow doubt this is considered in monopoly situations: we’re not just talking one product.
Typing this response from my Debian Testing system. I'm needing Windows less and less. Now that I can run Elite: Dangerous using WINE, I don't even need Windows around as a game OS. I can develop my applications in the Debian system and if needed I can boot a Windows 7 or 8 VM to produce a Windows distribution of said application (Python, PySide, Qt).
Basically, everything I need to do I can do whilst not booted into Windows. I'll keep that Windows 10 partition handy to boot, just in case. Otherwise, I'm free from its shackles.
I agree. I'm on Linux and BSD now for good. The fact that MS bought GitHub was alarming enough. Their desire to get involved with Free/Libre/Open Source has an agenda. I don't think it's as innocent as it appears.
I try to use the buggy Windows 10 Microsoft family screen time features to control how my children use the computer. Unfortunately it is a global configuration. I must also allow Microsoft to collect my data.
The way they reset settings after forced upgrades should be criminal.
The way the user has no control over certain Microsoft processes unless they have been lucky enough to be allowed to pay for a Group Policy Editor license should also be criminal.
The ads, the nags, the surveillance.
It is not an operating system I can use anymore. They have lost me for life. I'll be switching to Mac and Linux from here on out.