SoylentNews is people
SoylentNews
Arthur T Knackerbracket has found the following story:
Microsoft claims seven out of ten Windows 10 users are happy with Redmond gulping loads of telemetry from their computers – which isn't that astounding when you realize it's a default option.
In other words, 30 per cent of people have found the switch to turn it off, and the rest haven't, don't realize it's there, or are genuinely OK with the data collection.
Ever since Windows 10 was released, folks have been complaining the operating system is far too grabby and that it allows Redmond to collect huge volumes of intelligence on its users. In April the software giant responded by simplifying the collection.
There's basically two levels in Windows 10 from the Creators Update onwards: basic and full – the full setting includes everything in the basic level plus a load more. Full is the default for Win 10 Home and Pro, otherwise there's basic. Windows 10 Enterprise and Education have full and basic, plus an extra level called security, which transmits a little less about your system than basic.
Essentially, if you're on Home or Pro, you can't tell your OS to not phone home. And, sure, this information – from lists of hardware and apps installed to pen gestures – is useful to Microsoft employees debugging code that's running in the field. But we're all adults here, and some folks would like the option to not have any information leaving their systems.
"... and we welcome your feedback in helping us make [Creators] the best Windows ever," [Marissa] Rogers concluded.
(Score: 2, Interesting) by fustakrakich on Friday August 11 2017, @02:28AM (12 children)
Is there any product out there, free or commercial, that effectively blocks all MS telemetry? Can we grant exclusive access to the internet to the browser only?
La politica e i criminali sono la stessa cosa..
(Score: 1) by tftp on Friday August 11 2017, @03:14AM (4 children)
If you have to have system-wide access, route it through your proxy (auth optional) that only permits the whitelisted locations (SN and whatever else you frequent.) Other destinations will be blocked.
(Score: 2) by Pino P on Friday August 11 2017, @06:06PM (3 children)
That's effective at home but not at the restaurant where you have opened your laptop, associated to the AP named after the restaurant, and submitted your assent to the terms of service of the restaurant's complimentary Internet access.
And the installation of a root certificate in order to MITM the Windows 10 box's HTTPS connections, correct?
(Score: 1) by tftp on Friday August 11 2017, @06:23PM (2 children)
Anything complimentary is provided on someone else's terms. Carry a R-Pi firewall with you :-)
No, Windows will not be able to connect even to the DNS, let alone to TCP ports of Microsoft servers. Only the browser that you installed, one that does not tell Windows what the proxy login is, will be able to talk to the proxy. The direct route to the gateway (destination 0.0.0.0) will be denied.
(Score: 2) by Pino P on Friday August 11 2017, @07:54PM (1 child)
I am aware that only the browser will be able to reach the Internet. But won't the browser see the proxy's untrusted HTTPS certificate and complain about there even being a proxy?
(Score: 1) by tftp on Friday August 11 2017, @08:17PM
That behavior would break all the proxies in the world. Here are some explanations [squid-cache.org] - but the executive summary is that the proxy simply forwards encrypted packets back and forth without looking into them or understanding them. Filtering is achieved by access control directives that work on the IP address, for example, or some other criteria. In my example no filtering is needed, unless you want some (adblocking, trackers, etc.)
The proposed "trusted" browser can be replaced with a VM-based solution that does, essentially, the same thing, just increasing the separation between Windows and the browser. Deployment of this architecture in a small company is pretty easy, as Windows boxes will be entirely cut off of the Internet and safe (as they ever can be) from viruses. The Internet comms will be done by a different, isolated component that may, for all practical purposes, be Linux-based, for example, or a VM that frequently gets reverted to a snapshot. With modern PCs this can be completely transparent to the user, and you get to brag about extra security as well :-)
(Score: 1, Informative) by Anonymous Coward on Friday August 11 2017, @03:36AM (1 child)
Yes... DBAN, then www.ubuntu.com
(Score: 2) by Pino P on Friday August 11 2017, @06:03PM
That works for some people but not for everyone. Some laptop users who try switching from Windows report lack of audio, inability to adjust backlight brightness, inability to connect to the WLAN, and inability to come out of suspend. Is Ubuntu worth buying a new laptop?
(Score: 0) by Anonymous Coward on Friday August 11 2017, @04:38AM
https://www.safer-networking.org/spybot-anti-beacon/ [safer-networking.org]
"Spybot Anti-Beacon is a standalone tool which was designed to block and stop the various tracking (telemetry) issues present in Windows 10. It has since been modified to block similar tracking functionality in Windows 7, Windows 8 and Windows 8.1 operating systems."
(Score: 0) by Anonymous Coward on Friday August 11 2017, @04:55AM
http://www.getblackbird.net/ [getblackbird.net]
"How Blackbird Works ... For instance, Blackbird does not edit the HOSTS file in any way, nor does it mess with your firewall settings. It does not run in the background, instead relying on persistent routes and resolving hostnames to IP addresses each time Blackbird is applied by the user."
(Score: 0) by Anonymous Coward on Friday August 11 2017, @12:36PM
Ntlite
(Score: 1) by WillR on Friday August 11 2017, @04:09PM
(Score: 0) by Anonymous Coward on Friday August 11 2017, @06:48PM
translation: "my operating system has proven time and time again to be my enemy, but is there any other enemy slaveware i can blindly fund so that i can still keep sucking up to my master?".