×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Windows 8 Tells Microsoft About Everything You Install

Soulskill posted about a year and a half ago | from the they-know-about-your-third-party-minesweeper-clone dept.

Privacy 489

musicon writes "According to Nadim Kobeissi, Windows 8 is configured by default (using a new featured called Windows SmartScreen) to immediately tell Microsoft about every app you download and install. This is a very serious privacy problem, specifically because Microsoft is the central point of authority and data collection/retention here and therefore becomes vulnerable to being served judicial subpoenas or National Security Letters intended to monitor targeted users. This situation is exacerbated when Windows 8 is deployed in countries experiencing political turmoil or repressive political situations." While SmartScreen is enabled by default, it's possible for users to turn it off. Also, it's worth noting that Microsoft is hardly alone in this regard, given the rise of app stores over the past several year. (Not that it exculpates this behavior.)

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

489 comments

Does Windows 8 have an opt-out feature? (5, Funny)

erikwestlund (1003368) | about a year and a half ago | (#41110393)

At the rate Microsoft is going, they might as well add a "Windows 8 opt-out feature."

Re:Does Windows 8 have an opt-out feature? (5, Informative)

Anonymous Coward | about a year and a half ago | (#41110429)

At the rate Microsoft is going, they might as well add a "Windows 8 opt-out feature."

I know this is a joke, but yes, they do, It's called "downgrade rights"

Re:Does Windows 8 have an opt-out feature? (5, Interesting)

Anonymous Coward | about a year and a half ago | (#41110877)

"The Unofficial Windows 8 Developer FAQ

Today, I’m going to attempt to dos something Microsoft staff should have done long ago or didn’t do correctly or simply were held back from doing so. I’m going to release the Unofficial FAQ on “What Just happened” in Microsoft for developer(s) worldwide."

http://www.riagenic.com/archives/960?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+MsMossyblog+(MS+MossyBlog) [riagenic.com]

Re:Does Windows 8 have an opt-out feature? (3, Funny)

cashman73 (855518) | about a year and a half ago | (#41110967)

At the rate Microsoft is going, they might as well add a "Windows 8 opt-out feature."

I know this is a joke, but yes, they do, It's called "downgrade rights"

I thought it was called, "Mountain Lion".

Re:Does Windows 8 have an opt-out feature? (0)

Anonymous Coward | about a year and a half ago | (#41110445)

at the rate your jokes are going, you might as well just quit now.

Re:Does Windows 8 have an opt-out feature? (4, Insightful)

Anonymous Coward | about a year and a half ago | (#41110555)

Does Windows 8 have an opt-out feature?

Yes [ubuntu.com] , they [linuxmint.com] do [fedoraproject.org] .

Re:Does Windows 8 have an opt-out feature? (2)

The MAZZTer (911996) | about a year and a half ago | (#41110597)

Yes, when you configure your privacy settings on first run you can turn it off.

Re:Does Windows 8 have an opt-out feature? (-1)

Anonymous Coward | about a year and a half ago | (#41110649)

Way to completely miss the point. Have some more Kool-Aid.

Re:Does Windows 8 have an opt-out feature? (4, Interesting)

macbeth66 (204889) | about a year and a half ago | (#41111085)

Heh

My 77 year old mother has one on her laptop. Its called Ubuntu. She is still trying to say it right.

And to think I was a little nervouse when she got internet access and started sending me puppy emails. Now she just complains about having to do a sudo and type in her password way too often.

Re:Does Windows 8 have an opt-out feature? (-1)

Anonymous Coward | about a year ago | (#41111195)

I'm assuming your next post will be your brilliant and rational explanation as to why you told her she had to do web browsing and email via the command line, because I sure as hell can't figure one out myself, and my stubborn hope in the concept of "the human race isn't all retards" is the sole thing barely preventing me from just filing you in the "generic troll" bin.

Re:Does Windows 8 have an opt-out feature? (4, Funny)

Anonymous Coward | about a year ago | (#41111205)

I'm extremely tempted to write a program called "Fuck you Microsoft, you worthless sacks of shit", which installs itself only long enough to send Microsoft the notification that this program was installed, before formatting the hard drive.

Or maybe I should just make a program that essentially installs with that name, displays some text saying 'notification to Microsoft sent', then uninstalls itself. The user can install this as many times as they want to tell Microsoft they're worthless sacks of shit.

So? (0)

Anonymous Coward | about a year and a half ago | (#41110395)

Just firewall it off.

Re:So? (5, Insightful)

erikwestlund (1003368) | about a year and a half ago | (#41110471)

I like your vision of a privacy-invasion free world.

Don't want to be videotaped? Don't go outside.
Don't want to be wiretapped? Don't use a phone.
Don't want medical records in the wild? Don't go to a doctor.

Visionary indeed.

Re:So? (2, Informative)

Anonymous Coward | about a year and a half ago | (#41110803)

The first one is a poor comparison. Outside is not a private space in the same way that your computing hardware should be.

Re:So? (1, Informative)

clarkkent09 (1104833) | about a year and a half ago | (#41111103)

Hello Mr. Strawman.

Don't want to use a product that invades your privacy in some way? Don't use a product that does that, or use it but turn off that "feature", or firewall it.

No need to go from there to 'Don't go to a doctor'.

Re:So? (0)

Anonymous Coward | about a year and a half ago | (#41110973)

Just firewall it off.

What's such software worth if you have to explicitly firewall parts of it from doing stupid things.

Wow... (0, Troll)

Dins (2538550) | about a year and a half ago | (#41110407)

You know, I've been resisting Linux all these years, but with the current direction of Windows development and greater Linux game support (Steam, etc.) I may make the switch yet...

Re:Wow... (5, Insightful)

Anonymous Coward | about a year and a half ago | (#41110473)

No you won't. Quit trolling for +5.

Re:Wow... (-1, Troll)

Anonymous Coward | about a year and a half ago | (#41110515)

ah, you're just being a sensationalist little bitch by playing the concerned troll.

take a hike, buddy

Re:Wow... (2, Interesting)

Anonymous Coward | about a year and a half ago | (#41110535)

Honestly, if my Steam library ran on Linux I'd switch today...

Re:Wow... (4, Informative)

hobarrera (2008506) | about a year and a half ago | (#41110683)

Did you check if it doesn't run with wine? You'd be surprised how much it has improved recently.

Re:Wow... (0)

Anonymous Coward | about a year and a half ago | (#41110915)

I did, lots of issues unfortunately :C

Maybe time to start playing with it again, it's been about a year I guess

Re:Wow... (5, Insightful)

SJHillman (1966756) | about a year and a half ago | (#41110583)

What's wrong with sticking with Windows 7 for now?
It's not like Windows 7 is automatically obsolete as soon as 8 hits the market.

Re:Wow... (1, Funny)

macbeth66 (204889) | about a year and a half ago | (#41110637)

Have you used Windows 7? Only marginally better than Vista. I actually miss XP. OMG, Did I really say that?

Re:Wow... (4, Insightful)

OldSport (2677879) | about a year and a half ago | (#41110761)

Is Windows 7 really that bad? I spent about 10 minutes customizing it and find it to be a much better experience than XP. The only thing that chews my balls is the lack of an included utility to password-protect .zip files, but aside from that, I can't think of anything I really dislike about it.

Re:Wow... (1)

Anonymous Coward | about a year and a half ago | (#41110883)

Yeah, agreed wtith below, I believe youare very much alone on this. Used windows 7 since beta and since day 1 it was better then XP. Its like comparing windows 98 to ME - cosmetically similar, but not even close to the same experience. So the question really is, have YOU used Windows 7?

Re:Wow... (-1)

Anonymous Coward | about a year and a half ago | (#41111049)

you wish, fanboi

Re:Wow... (3, Insightful)

Dins (2538550) | about a year and a half ago | (#41110789)

I used to be a die hard Mac guy until the early 2000s when I realized none of the games I wanted to play were available for Mac. So I switched to XP and never looked back. Now I am on Windows 7 and it works for me, but like many 8 scares the hell out of me. I want my task bar, I don't want a tablet GUI, and now this. Will I switch to Linux in the immediate future? Nope. But I won't be "upgrading" to 8. And if MS doesn't see the light and fix it before 7 is no longer supported, then I'll certainly look to Linux. Prior to Windows 8 I would never have considered that. I could probably be forced to get used to the GUI, but privacy issues are a big deal to me.

Re:Wow... (3, Insightful)

spacepimp (664856) | about a year and a half ago | (#41110885)

Ethically it is hard to support any company which obviously has zero respect for user/consumer rights.

Re:Wow... (3, Funny)

genkernel (1761338) | about a year and a half ago | (#41110675)

While I am a linux user already, a friend of mine recently said something along these lines. He then qualified it with something like:

"But then, linux probably won't have AAA games until windows 9. Now it seems to me that every other version of windows sucks (2K/XP, Vista/7), and the version after it is just fine. So I'll probably continue using windows if 9 doesn't suck. At least, until windows 10, which will suck. I'll probably switch then."

Re:Wow... (5, Interesting)

Kjella (173770) | about a year and a half ago | (#41110743)

You know, I've been resisting Linux all these years, but with the current direction of Windows development and greater Linux game support (Steam, etc.) I may make the switch yet...

You sound like me about 5 years ago, when Vista was supposed to be Microsoft's hot new OS. I figured the way that was going, I might as well go Linux now and get over the hassle of switching. Long story short I spent 3.5 years on Linux as my primary desktop before I gave up the fight and switched to Win7. If you want to try Linux go right ahead, but if you're just think Win8 is a dead end I suggest just buckling down with Win7 and see if Microsoft comes to their senses. There's plenty time and being 64 bit I think it's even more of a stayer than XP, that and SSD support were really the only two "must have" features of Win7 for me. I expect the coming decade to have even less such "must have" features.

Re:Wow... (0)

Anonymous Coward | about a year and a half ago | (#41110767)

You know, I've been resisting Linux all these years, but with the current direction of Windows development and greater Linux game support (Steam, etc.) I may make the switch yet...

All my systems all duel boot with Ubuntu. Only reason my personal system still run Windows is I have too much software that needs it, otherwise, BYE BYE Micro$oft

Re:Wow... (2, Informative)

ljw1004 (764174) | about a year and a half ago | (#41110923)

Steam is configured to report back to Valve about every app you download+install on it, and every time you launch an app, and there's NO way to opt out. (Well, you can switch it to offline mode, but that will prevent multiplayer and updates).

Re:Wow... (1)

Anonymous Coward | about a year and a half ago | (#41111027)

Sorry to disappoint, but Steam also takes the installed applications on your PC and returns it to the mothership.
look up published stats on steampowered if you don't believe me.

I hate to say it, but Steam is the same DRM/spyware only with better, friendlier marketing spin behind it.

There is a better way... (0)

Anonymous Coward | about a year and a half ago | (#41110415)

Done for performance not privacy, but Chrome ships with bloom filters of URLs that may contain bad stuff. Only hits are sent to Google. There's no reason MSFT can'd do this as well (and probably should, for performance if not privacy).

Really if it does something to stem the flood of security holes in Windows, I'm all for it. I don't use windows but people who do inundate me with spam.

Re:There is a better way... (4, Interesting)

wiedzmin (1269816) | about a year and a half ago | (#41110747)

Right, use Chrome as the example of a privacy-conscious application... it's not like it sends not only every URL you type in the location bar, or knows and pre-fetches every possible combination of the URL while you're typing it, or anything. It doesn't take URL's you're typing and try to suggest search results for those words either, no sir! And it definitely, definitely doesn't let Google store and analyze all of that information against your account, should you happen to be logged in to Gmail or anything.

Re:There is a better way... (2)

oakgrove (845019) | about a year and a half ago | (#41111095)

If you want to use Chrome without sending that stuff to Google it's really easy. Go into the settings and click on Privacy. Uncheck everything. Done.

uh, wha? (0)

kid_wonder (21480) | about a year and a half ago | (#41110433)

"(Not that it exculpates this behavior.)"

You French have some purty words.

Re:uh, wha? (0)

Anonymous Coward | about a year and a half ago | (#41110827)

Exculpate actually comes straight from Latin, not via French. The seemingly more common synonym 'justify' is from Old French -- I can't actually think of a single-word synonym of non-Latin origin, though "Not that it makes this right." would have served well.

Explains the IE10 DNT Hullaballoo (1)

Anonymous Coward | about a year and a half ago | (#41110475)

No need to get the same information twice and you get to smear your competitor...

Time for Linux, finally? (4, Interesting)

Anonymous Coward | about a year and a half ago | (#41110505)

Look, I'm just a regular user, albeit more technically capable than the vast majority, but not a developer, sys admin, etc., and it's starting to look more and more like it's time to consider making the move to Linux.

This private company invasiveness seems to be growing in parallel with government invasiveness, and I'm not happy about either, but at least I can choose one, for now.

Not unexpected. Cant have it both ways. (4, Insightful)

Kenja (541830) | about a year and a half ago | (#41110507)

If you are going to blame Microsoft for what third party software does on your computer, then you can't also blame them when they start to track and address such problems. With things like EAs Origin, Steam, etc, what you do on your computer is no longer just your business. At least Microsoft lets you turn it off.

Re:Not unexpected. Cant have it both ways. (0)

Anonymous Coward | about a year and a half ago | (#41110897)

Holy false dichotomy KenjaMan. How about Microsoft develop a more secure OS and not spy on my every move by default? These two ideas are not mutually exclusive especially when your contention is a strawman anyway since the user is the one that installed the hypothetical malware in the first place so how is it Microsoft's fault?

The real problem is by handing more and more information over the user is less and less secure by definition. The only thing being secured here is Microsoft's reputation and that is low on the vast majority of user's list of priorities. And if you think Microsoft deserves their reputation preserved then you are wrong. Then only thing they deserve is the licensing fee for their software. Nothing more and nothing less. Certainly not an itemized list of everything installed on my computer.

Re:Not unexpected. Cant have it both ways. (1)

Githaron (2462596) | about a year and a half ago | (#41111011)

Maybe they just want to be the only organization that can spy on you. The information is worth more money that way.

Common or not? (1)

Anonymous Coward | about a year and a half ago | (#41110519)

Don't all app stores do this? Otherwise how would they target ads to you (google) or own your balls (apple), or both (facebook)?

Re:Common or not? (2)

0123456789 (467085) | about a year and a half ago | (#41110971)

App stores do this for apps installed via the store; the difference here is that Windows is doing it for every app being installed whether via an app store or not.

Re:Common or not? (1)

rtfa-troll (1340807) | about a year and a half ago | (#41111105)

Don't all app stores do this?

All app stores of course record what Despite what the summary implies, this is completely different from what an app store does. With an app store, you navigate to the app store, you download from it and it's obvious to you that the owner of the app store is going to know what you just did. That's only a privacy violation at the point where they sell the data without you having opted into it.

With the Android app store you can opt out of this simply by side loading those applications you don't want Google to know about (and making sure they don't sync up to somewhere of course). With the Apple app store you can legally opt out of this by buying an Android device as well as your iDevice and using Android whenever you want to be free.

With Windows it's automatically opting you in to sending up a list of all the executables you download. It's very easy for a dissident downloading tor to end up accidentally giving this fact away.

Don't use IE (3, Informative)

mshenrick (1874438) | about a year and a half ago | (#41110533)

It seems from the MSDN link this can be avoided by simply not using Internet Explorer, as if you needed another reason not to

Re:Don't use IE (1)

gewalker (57809) | about a year and a half ago | (#41110655)

If you are correct about this being IE only, there will be plenty of people that never notice the feature in the first place -- as long as they can download their browser of choice without tripping over this feature in the first place. However, for the lazy / ignorant users of IE, Microsoft has finally decided them to punish them for their behavior, certainly this must be a good thing.

Re:Don't use IE (3, Informative)

VGPowerlord (621254) | about a year and a half ago | (#41110943)

It seems from the MSDN link this can be avoided by simply not using Internet Explorer, as if you needed another reason not to

This was IE only in Windows 7 with IE9, but it's built into Windows 8 now [msdn.com]

and applies to all applications marked as downloads.

So, if you download something from Firefox, then attempt to run it, data about it is sent to Microsoft.

Don't try to be apple (3, Insightful)

Dyinobal (1427207) | about a year and a half ago | (#41110543)

Dear Microsoft, don't try to be apple, we already have apple and you'd just be playing catch up and alienating your current customer base to try and get a customer base that already despises you more than your current one.

Re:Don't try to be apple (-1)

Anonymous Coward | about a year and a half ago | (#41110785)

ikr, apple already took all the elitist simpletons who wouldn't care if their mothership keeps tabs on them and leads them by the hand in all of their choices...

Re:Don't try to be apple (0)

Anonymous Coward | about a year and a half ago | (#41111099)

I bet they would pay to get anally probed if the probe was called iProbe. Lucky for them it rounded corners.

Re:Don't try to be apple (4, Insightful)

UnknowingFool (672806) | about a year ago | (#41111189)

You mean don't try to be Apple badly. Even though Lion and Mountain Lion added iOS features, they didn't force iOS as the default UI onto their desktop/laptop OS users.

He put a spin on it (0)

Anonymous Coward | about a year and a half ago | (#41110561)

This is actually the expected behavior of the software. You can also disable it. The blog post is rather bizarre scare-mongering (which would have gone completely unnoticed if it weren't for you-know-what) and he is potentially mistaken about it using SSLv2.

Would it be possible... (4, Interesting)

macbeth66 (204889) | about a year and a half ago | (#41110563)

... to build an app that fakes the install of programs? In other words, overwhelm MS with hundreds of false install notices to them. As certain programs become 'of interest' to certain parties, we add that program to the list. Eventually, the information would become useless and would be abandoned.

Or am I missing something?

Re:Denial of App attack (0)

Anonymous Coward | about a year and a half ago | (#41110699)

DOA - the new denial of service.

Wait... (1, Insightful)

Ryanrule (1657199) | about a year and a half ago | (#41110577)

How do you people thing virus scanners work?

Re:Wait... (4, Informative)

wiedzmin (1269816) | about a year and a half ago | (#41110819)

How do you people thing virus scanners work?

Erm, by checking against a local signature database of known viruses or running local heuristic checks?

Poor comparison (4, Insightful)

wvmarle (1070040) | about a year and a half ago | (#41110579)

Also, it's worth noting that Microsoft is hardly alone in this regard, given the rise of app stores over the past several year. (Not that it exculpates this behavior.)

Can't compare this. If I download something from the Play Store, I know Google knows I install that app. After all I have to log in using my Google account, and use their app to download from their store. Afaik they do not know what I install from third-party sources, like alternative app stores. Nor do they have any right knowing that.

Apparently MS monitors what you install from third-party sources. Without telling you, and without asking explicit permission. That's simply evil. They have no business knowing what I install from third-party sources. The fact that this data is stored in some foreign country (the US is a foreign country to me, and some 95% of the world's overall population) with notoriously poor privacy protection only helps making it a lot worse.

Re:Poor comparison (1)

LVSlushdat (854194) | about a year and a half ago | (#41110995)

Simple fix: Dont use Windows 8... That's what I'm doing.. Linux on all machines, what little Windows stuff I have to do, that isn't usable in wine, gets run on an XP virtualbox vm.. From trying out the preview of Win 8, its a turd, arguably worse than Vista and ME...

How is it not alone? (5, Insightful)

SuperKendall (25149) | about a year and a half ago | (#41110581)

Also, it's worth noting that Microsoft is hardly alone in this regard, given the rise of app stores over the past several year.

Come on. This is just excuse-making - sure in any given app store the store owner knows what you downloaded - by definition they had to for you to download it!

But here aren't we talking about a more general notion that ANY application installed from anywhere is known by Microsoft? When you use the Amazon app store on Android, does Google know what you have? When I use Cydia on a iPhone, Apple doesn't know what applications I install from there... on the Mac I can use the app store but if I get applications from elsewhere Apple doesn't know about those either.

Just because App Stores exist does not give Microsoft the right to track every app installed.

Re:How is it not alone? (0)

Anonymous Coward | about a year and a half ago | (#41110959)

if you did not use Cydia, Apple would also know all your installations and the iOS environment IS set up so that they do get all your information, plus 30% of the cost, and do you really think they are only doing this to "make sure you have a good experience?" today information is a valuable commodity and advertisers want it so that they get there target audience more efficiently.

Re:How is it not alone? (1)

oakgrove (845019) | about a year ago | (#41111179)

The day has finally arrived where I agree with every sentence in a SuperKendall post. Time to go buy that lottery ticket!

Slight difference between app stores (4, Insightful)

0racle (667029) | about a year and a half ago | (#41110603)

App stores will know everything you download from them for the same reason any other retailer would, you bought it there so there is a transaction record. This is tracking and sending to Microsoft information about EVERY application you download outside of their eventual marketplace. Apple doesn't know that I downloaded Handbreak from their site but with this Microsoft would, or to put it in a way that could cause an issue, Apple doesn't know that I downloaded LOIC, but Microsoft would. That is why it becomes an issue over and above something like the Mac App Store.

Re:Slight difference between app stores (0)

bmo (77928) | about a year and a half ago | (#41110721)

>Apple doesn't know that I downloaded LOIC

Anyone who installs LOIC is a dumbass of epic proportions. No, really. It's not infectious or anything, but the mere idea of turning your computer's control to someone who you don't know, never met, and shouldn't trust, isn't exactly bright.

Just so you know.

--
BMO

Re:Slight difference between app stores (1)

Anonymous Coward | about a year and a half ago | (#41111005)

You do know LOIC is a generic, open-source, you-specify-the-target DoS/stress-testing tool, right? Yes, there are modified versions to automatically join some collective attack, but downloading and using the original is no more "turning your computer's control to someone" than downloading and using any other binary.

Re:Slight difference between app stores (1)

hobarrera (2008506) | about a year and a half ago | (#41110723)

There aren't several thousand app stores for windows 8, while there are several thousand retailers. Also, I can just pay cash and there's no record of who made the transaction at a retailer. Finally, freeware doesn't got through a retailer.

Opt-in vs opt-out (3, Interesting)

bmo (77928) | about a year and a half ago | (#41110615)

"While SmartScreen is enabled by default, it's possible for users to turn it off."

And this is what's wrong with this setup. Debian has popcon, which is a survey of what you use and how often you use it, and you can participate by having a cronjob send off the file.

http://popcon.debian.org/README [debian.org]

But it's not a privacy concern because it's opt-in.

If this equivalent of popcon on 8 was opt-in, this thread wouldn't be here.

--
BMO

Re:Opt-in vs opt-out (2)

hobarrera (2008506) | about a year and a half ago | (#41110749)

opt-in vs opt-out is really a huge difference.
Also, Debian's popcon has a different goal, to improve which packages are included in the installation CDs, etc. They're politely asking you to contribute information in exchange for a free product/service.

Re:Opt-in vs opt-out (1)

Missing.Matter (1845576) | about a year and a half ago | (#41110831)

But it's not a privacy concern because it's opt-in.

No, the privacy concern TFA raises is two-fold:

1) Microsoft is centralizing the data collection and Governments could subpoena them for information about an individual.
2) A malicious individual could intercept the data as its transferred and decrypt it.

These are two very big problems for someone concerned about privacy. But that it's an opt-out feature means that it actually has a chance to protect the people who need this kind of protection most. The fact that you can turn if off on install means that you never even have to worry about it if you're concerned about your privacy.

Re:Opt-in vs opt-out (1)

bmo (77928) | about a year and a half ago | (#41110911)

>1) Microsoft is centralizing the data collection and Governments could subpoena them for information about an individual.
>2) A malicious individual could intercept the data as its transferred and decrypt it.

So how is that any different than Debian's popcon? Hint: it isn't.

You're wrong. The actual problem is that it's opt-out. And most people just don't even know the option to turn it off is even there.

--
BMO

Re:Opt-in vs opt-out (0)

Anonymous Coward | about a year and a half ago | (#41110837)

But Microsoft and the shovelware vendors (and the laptop vendors) routinely put evil/stupid/memory eating stuff in Task Scheduler (Windows-cron) which the average user is completely unaware of. Not to mention default-enabled services, which are every bit as invisible to my wife and parents.

Not new (2)

The MAZZTer (911996) | about a year and a half ago | (#41110647)

IE has done something similar for a while now with every program you download. MS is just moving it from IE to Windows so that users of ALL browsers get the same technology. To be fair I don't know if IE sends the same data that Windows does.

Regardless you can turn this off along with the other privacy-imparing features in Windows during the first run setup.

The actual tracking... (4, Informative)

Galaga88 (148206) | about a year and a half ago | (#41110657)

There's no indication that Microsoft themselves keeps track of which individuals downloaded/installed which programs.

The issue this article seems to propose is that somebody could sniff the network traffic between yourself and Microsoft to grab the SmartScreen data and see what you'd installed when Windows contacts MS to see if the file is marked as safe/unsafe/unknown.

If they're in a position to do that, wouldn't they theoretically be in a position to have potentially snooped on the download of the software which is triggering the SmartScreen traffic? (Depending of course, on where in the network their sniffer is at.)

The only valid complaint seems to be that Microsoft is using a known-insecure version of SSL for the website all this data is sent to. If they fix that, I'm not sure what reasonable issue would be there.

I would argue that for the average user, SmartScreen is a useful feature and having it turned on by default (assuming MS is tracking individual user downloads of software for some nefarious purpose) is a good thing.

Re:The actual tracking... (1)

Galaga88 (148206) | about a year and a half ago | (#41110703)

That should be "assuming MS is not tracking individual"... Way to use the preview there, self.

Re:The actual tracking... (0)

Anonymous Coward | about a year and a half ago | (#41110741)

yeah the article is excessively alarmist and misleading for the purpose of scaring people into privacy hysteria.

Re:The actual tracking... (1)

wiedzmin (1269816) | about a year and a half ago | (#41110855)

Someone mod parent informative please. The only thing I could add, is we should probably wait and see what this will look like when it's actually released, but yeah, all excellent point.

Re:The actual tracking... (2)

N0Man74 (1620447) | about a year and a half ago | (#41110939)

I have to agree. I don't really like this on principal, but I don't think Microsoft is doing this to intrude on your privacy. I think they are motivated by trying to improve the quality of their own products.

Face it, many of the criticisms that Microsoft and their products receive are really rooted in software (or malware) that comes from sources outside of themselves. It might be overstepping, and should not be opted in by default, but I don't think there are any diabolical intentions here.

I may be critical of Microsoft in many areas, but I have to acknowledge that goals of security, freedom, and ease of use are sometimes in opposition to one another.

Not sure if this is a big deal (1)

onyxruby (118189) | about a year and a half ago | (#41110705)

Cell phones and the like have been doing this for years. I may be wrong but I'm fairly certain Mac OS tells Apple about anything installed through the app store at a minimum. Frankly Microsoft will aggregate this information and use it to find out what causes thinks like crashes and system instability as well as malware and the like. For those kinds of uses I don't see a problem.

Potential abuses come in terms of using it for marketing purposes and if it can be subponead or requested by law enforcement and used to invade your privacy. Microsoft could resolve the privacy issues by abstracting the data with a simple hash of some kind so that your data can't be tracked back to you. In and of itself the concept isn't a bad one.

Microsoft, can you please hash this data to protect peoples privacy and still serve your otherwise legitimate needs?

Linux is basically the same... (1)

Anonymous Coward | about a year and a half ago | (#41110737)

I'm pretty sure most Linux distributions could easily track everything I have installed as well if they wanted too...

apt-get and yum

Sure you can manually compile some application from its tar.gz, but the vast majority of people use the package managers, which can all easily be tracked if they aren't already.

Re:Linux is basically the same... (0)

Anonymous Coward | about a year ago | (#41111173)

yeah sure it's going to be easy, just get a complete list of everything everyone downloaded from all of the mirrors.... oh wait.

yeah that's right, everyone downloads debian updates from a different mirror.

Not Windows 8, Internet Explorer 9+ (4, Interesting)

Anonymous Coward | about a year and a half ago | (#41110751)

Um, check the date on that blog post. March 22nd, 2011.

This was a feature added, by default, to Internet Explorer 9.0. It is a part of the browser. If you are running Windows 7 and have updated to Internet Explorer 9.0 then it is already doing this. All Windows 8 does is have Internet Explorer 10 installed by default.

Olds for nerds?

Re:Not Windows 8, Internet Explorer 9+ (3, Informative)

VGPowerlord (621254) | about a year ago | (#41111149)

Um, check the date on that blog post. March 22nd, 2011.

This was a feature added, by default, to Internet Explorer 9.0. It is a part of the browser. If you are running Windows 7 and have updated to Internet Explorer 9.0 then it is already doing this. All Windows 8 does is have Internet Explorer 10 installed by default.

Yes, this article [msdn.com] is the one they should have linked to.

Scroll down to the part labeled "Microsoft SmartScreen for Internet Explorer and now for Windows too."

Was this changed? (0)

Anonymous Coward | about a year and a half ago | (#41110755)

I really want to know if this was changed. What does it mean? Hello?

Thank you from the US. (1)

DontLickJesus (1141027) | about a year and a half ago | (#41110769)

I'd like to point out that this is the first story in recent memory that points out the problem for US users directly. While having a company monitor your activity is certainly non-optimal, the bigger problem comes in light of recent US cases involving subpena by the US government. How a company will use one's information can be argued. We have direct, documented proof of how the US government has been using this information.

Don't forget popcon (1)

Anonymous Coward | about a year and a half ago | (#41110853)

I know M$ is considered the axis of evil round here, but the would of linux is not entirely free from this kind of thing http://popcon.debian.org/
(although popcon is anonymised)

Help wanted! (-1)

Anonymous Coward | about a year and a half ago | (#41111007)

I am an intermediate C++ programmer and I am wanting to create a video game. What would be a good book that covers data access and manipulation with an SQL-style back end? I have no access to a computer ATM - this was posted for me - hence the book request.

Do you want a killbit or not? (1)

LostCluster2.0 (2637341) | about a year and a half ago | (#41111009)

In order for Microsoft to kill rogue software they have to know something about what you're installing. SmartScreen is Microsoft's attempt to implement this kind of malware prevention, just like the age-old send error report features lets Microsoft know about programs that crash into the operating system's area.

Opt-In according to microsoft (1)

Cyko_01 (1092499) | about a year and a half ago | (#41111017)

If a user opts into enabling the SmartScreen Filter, application downloads without established reputation result in a notification (see below) warning them that the file may be a risk to their computer.

What can't you do... (1)

Nethemas the Great (909900) | about a year and a half ago | (#41111035)

when you choose to "opt-out"? What am I prohibited access from for turning it off? Is this like the "Windows Genuine Advantage" malware where you cannot update/patch unless this is turned on? Or is it like the little dialog that pops up when an app crashes asking if it can send details to HQ?

It started with Win95 (2)

budcub (92165) | about a year and a half ago | (#41111083)

Does anyone remember the controversy (one of many) about Windows 95 when it would do the same thing? When you went to register it, it would supposedly tell Microsoft what programs you had installed. When I got my Win95 machine in December 1995 I watched carefully to see what it did. The phoning home and telling them what you had installed was voluntary, and the only program that Win95 could accurately detect was MS Office 95. It couldn't detect any of the DOS games I had installed, nor did it seem to recognize the 3rd party email apps, etc I had installed.

Is this really "new" news? (0)

Anonymous Coward | about a year and a half ago | (#41111089)

Don't I remember that Microsoft has been busted before trying to gather information on all installed applications clear back to Windows '95? Maybe Windows 98? Seems like back then they tried to do it under the radar, and beta testers with packet sniffers caught them and forced them to back down. Happened on a couple of releases of Windows.

I've seen the future (0)

Anonymous Coward | about a year and a half ago | (#41111091)

Somehow I'm running a copy of Windows that is 90 versions ahead (a time vortex must have deposited it in my basement). I can tell you that, in the future, Microsoft will return to a simpler, more familiar UI.

Not by default (1)

matt007 (80854) | about a year ago | (#41111125)

I just checked my installation and it was already turned OFF.
I Installed Win8 two days ago. You just have to answer installation questions correctly I guess.

Just like iOS and Android (1)

Cigarra (652458) | about a year ago | (#41111169)

$100 on iOS and Android having the same feature. Not that I like it, but why the Windows-only bashing?
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...