Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Vista is Watching You

CmdrTaco posted more than 7 years ago | from the also-up-is-higher-than-down dept.

Privacy 458

greengrass writes "Are you using Windows Vista? Then you might as well know that the licensed operating system installed on your machine is harvesting a healthy volume of information for Microsoft. In this context, a program such as the Windows Genuine Advantage is the last of your concerns. In fact, in excess of 20 Windows Vista features and services are hard at work collecting and transmitting your personal data to the Redmond company."

Sorry! There are no comments related to the filter you selected.

Egomanical monitoring of the populace? (4, Interesting)

LoadWB (592248) | more than 7 years ago | (#19717103)

Is this another example of Bill Gate's Microsoft micromanagement leaking out into the general public, or is this truly a way for Microsoft to help fool-proof Windows operations?

If this is nothing more than a way for Microsoft to ensure that Windows operates properly and to find potential issues, data collection should be an option. A lot of power users won't want it, and a lot of paranoid public won't either.

Of course, what choice do they have if they want/need to run Windows? If enough of the system monitors your usage and activity, not using those services pretty much makes your computer a brick.

Aside from privacy concerns, how much storage space and processing power is being used for this endeavor? Couldn't all that be put to much better use?

Re:Egomanical monitoring of the populace? (5, Funny)

Necreia (954727) | more than 7 years ago | (#19717153)

"Aside from privacy concerns, how much storage space and processing power is being used for this endeavor? Couldn't all that be put to much better use?"

Of course, Aero.

Re:Egomanical monitoring of the populace? (5, Interesting)

brunascle (994197) | more than 7 years ago | (#19717159)

Of course, what choice do they have if they want/need to run Windows? If enough of the system monitors your usage and activity, not using those services pretty much makes your computer a brick.
if the OS can function without an internet connection, it damn well better be able to function on a firewall that blocks access to MS servers.

Re:Egomanical monitoring of the populace? (4, Insightful)

LoadWB (592248) | more than 7 years ago | (#19717315)

heheh Until the first update to Vista which requires that the information be dumped. It appears that Microsoft is slowly trying to head towards a near-constant connection of the end-user to their system, for what purposes is a matter for conjecture. And might this be precursor to a subscription-based OS?

Microsoft is stepping over some big lines here.

Something else comes to mind... what about users still on dial-up? Won't the transmission of this user information completely clog the line?

Re:Egomanical monitoring of the populace? (4, Funny)

Hoi Polloi (522990) | more than 7 years ago | (#19717347)

It should be interesting how this clashes with China's own obsessive need to control people's PCs. I can see it now at Redmond, thousands of Vista inquiries being returned "Nothing to see here, move along."

Re:Egomanical monitoring of the populace? (2, Informative)

KenRH (265139) | more than 7 years ago | (#19717481)

It should be interesting how this clashes with China's own obsessive need to control people's PCs.

Kina as many other Asian nations is moving towards Linux. They don't want to pay M$-tax and they espesialy don't want MS or NSA spying on them.

Re:Egomanical monitoring of the populace? (4, Insightful)

Bert64 (520050) | more than 7 years ago | (#19717523)

How about people who pay for bandwidth usage?
Would you be able to charge microsoft for the bandwidth used by this unwanted feature?

This is my single biggest push to free software (5, Insightful)

maillemaker (924053) | more than 7 years ago | (#19717619)

>It appears that Microsoft is slowly trying to head towards a near-constant connection of the end-user to their system, for what purposes is a matter for conjecture.

And it's not just Microsoft doing it.

This "phone home" crap is the single biggest thing that is driving me to consider open-source alternative operating systems and software.

The second biggest thing is that it seems more and more that with commercial software every time I install an "upgrade" it is really an upgrade for the /author/ of the software, not the user - more DRM, more restrictions on how I can use the software, instead of better software for /me/. It's seriously getting to where I don't trust commercial upgrades anymore. It seems like 90% of the time or better a commercial upgrade limits what I can do with the application instead of enhances it.

It's really all come down to games for me. If my games would all run on Linux I'd be there tomorrow.

Re:This is my single biggest push to free software (3, Informative)

kryten_nl (863119) | more than 7 years ago | (#19717693)

http://games.cedega.com/gamesdb/ [cedega.com] check it out, add it as a bookmark.

doubt it (5, Insightful)

DogDude (805747) | more than 7 years ago | (#19717643)

Microsoft is stepping over some big lines here.

Either that, or they're just using their pool of hundreds of millions of users with tens of millions different hardware/software configurations in order to collect bug data.

That's really the most obvious and the most likely answer.

Re:doubt it (3, Informative)

SatanicPuppy (611928) | more than 7 years ago | (#19717717)

They already do that with the "Report this bug to Microsoft?" screens that pop up in XP every time a program crashes...And frankly, I SHOULD be able to opt out if I choose to do so. Hell, they should want me to be able to opt out, so if I do something and crash a program, I don't send them weird data.

The OP is right; this is a precursor to a subscription based OS; that's microsoft's dream, where everyone just pays the OS tax on a monthly/yearly basis, and gets "free" upgrades on a once-a-decade cycle.

Re:Egomanical monitoring of the populace? (4, Interesting)

B'Trey (111263) | more than 7 years ago | (#19717477)

it damn well better be able to function on a firewall that blocks access to MS servers.

Has anyone done any network captures to see what sites are being contacted? Is blocking *.microsoft.com sufficient? Is there a list of IPs that can be blocked?

Re:Egomanical monitoring of the populace? (5, Interesting)

click2005 (921437) | more than 7 years ago | (#19717657)

In XP, Microsoft hard coded the IP addresses of various servers into libraries and software so it bypasses any attempt to use DNS resolution to block it. I'd bet in Vista there is something worse. Maybe thats why they were working on some kind of BitTorrent/P2P protocol. Route the data through other people's machines to get around blocking.

If you get burned, it's your own damn fault. (1)

FatSean (18753) | more than 7 years ago | (#19717201)

Come on, knowledge of Microsoft's shadey buisness and programming practices has been well documented for over a decade. Plenty of time to migrate away. W2k is going to fade away, and I'm already looking into becoming all-Linux here at home. My employer still uses windows on employee machines, but I don't care because I only do work-related stuff on the laptop. I suppose I might want to segregate the VPN-using MS machine from the rest of my network incase Vista+1 decides to sniff my packets or something.

Re:Egomanical monitoring of the populace? (1)

ericrost (1049312) | more than 7 years ago | (#19717211)

"Of course, what choice do they have if they want/need to run Windows?"

Linux with Wine :)

Google (1)

MontyApollo (849862) | more than 7 years ago | (#19717675)

It kind of depends on what info they are capturing.

Google keeps track of all your searches, and this seems like this could be more of a privacy concern in some situations. There was a story a while back about some murderer or attempted murderer where they recovered all of his Google searches, which included stuff like "how to murder and not get caught". Not using Google must not have been on the list.

No, it isn't. (5, Funny)

jollyreaper (513215) | more than 7 years ago | (#19717121)

I don't have nearly enough ram.

Re:No, it isn't. (3, Funny)

FredDC (1048502) | more than 7 years ago | (#19717455)

Just put a tin foil hat over your computer!

If only they told me, (3, Interesting)

sumi-manga (948999) | more than 7 years ago | (#19717137)

like Google does, maybe I wouldn't be microwaving genuine Vista Ultimate DVDs into petrol...

Notice how it's not "My Computer" anymore? (5, Funny)

Junior J. Junior III (192702) | more than 7 years ago | (#19717139)

I hear the icon on the desktop isn't called My Computer anymore, it's now just "Computer". I guess in the fine print it says "BillG's Computer".

Re:Notice how it's not "My Computer" anymore? (3, Funny)

kendoran (1091611) | more than 7 years ago | (#19717209)

With the new vista tech, it definitely doesn't ACT like my computer anymore.

Re:Notice how it's not "My Computer" anymore? (1)

zakeria (1031430) | more than 7 years ago | (#19717303)

a PC that runs Vista should be called an OC "owned computer"

pu (-1, Troll)

Anonymous Coward | more than 7 years ago | (#19717155)

s bu , pu

I'd leave a comment. (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#19717169)

But I'm on vacation this week.

Ah! The irony! (5, Interesting)

c0l0 (826165) | more than 7 years ago | (#19717177)

In the article, there's a Vista technology referred to as "Rights Management Services (RMS) Client" - I guess I'm not the only one who's midldy amused about the acronym used for that service ;-)
What's especially delicate about it is that the service's name uses the term "Rights", where many who are in favour of digital freedom would probably deem "Restrictions" a much better fit.

I bet if Richard Stallman were dead by now (please note that I'm glad and happy that he's alive and kickin'!), there'd be a chance he'd be rotating in his grave at high speeds because of this.

Re:Ah! The irony! (4, Funny)

mwvdlee (775178) | more than 7 years ago | (#19717239)

If I promise to manage my rights, can I disable this system?

Re:Ah! The irony! (4, Funny)

Actually, I do RTFA (1058596) | more than 7 years ago | (#19717257)

I bet if Richard Stallman were dead by now (please note that I'm glad and happy that he's alive and kickin'!), there'd be a chance he'd be rotating in his grave at high speeds because of this.

Then, we could hook his body to a generator. So, everytime something like this happened, we could say "at least we just cut down on greenhouse emissions."

Re:Ah! The irony! (-1, Troll)

Anonymous Coward | more than 7 years ago | (#19717263)

"I bet if Richard Stallman were dead by now (please note that I'm glad and happy that he's alive and kickin'!)"

What what I've seen of him and heard about his hygeine it is hard to tell what state he is in so I'm glad to have that confirmed.

Re:Ah! The irony! (1)

Junior J. Junior III (192702) | more than 7 years ago | (#19717445)

Perhaps there's hope, and RMS can sue MSFT for the illegal infringement of his initials.

Re:Ah! The irony! (1)

lawpoop (604919) | more than 7 years ago | (#19717519)

I bet if Richard Stallman were dead by now (please note that I'm glad and happy that he's alive and kickin'!), there'd be a chance he'd be rotating in his grave at high speeds because of this.
No, he would be rolling in his grave if GNU or some other GPL software were hijacked into this level of privacy invasion.

If he were in his grave, he would be resting soundly, like a baby in a bilum, because the course of events are turning out just as he predicted [gnu.org] -- non-open, unfree software is being used to limit the freedoms and access to information of the average computer user.

I work in an FDA-regulated environment,... (5, Interesting)

Yewbert (708667) | more than 7 years ago | (#19717179)

... and this kind of undisclosed(?) sneaky communication has to be considered a security risk from our side, and one which may very possibly invalidate the state of validation (in, again, the FDA-regulated sense) of numerous production-related systems that might eventually run on Vista platforms. We're testing Vista now, and as soon as I get my hands on a copy, I'm gonna poke arounnd and try to figure out what data is sent where, what happens if you cleverly block it, what options there are to just shut these features the f*** off, and many et ceteras,...

Re:I work in an FDA-regulated environment,... (1, Insightful)

krunk7 (748055) | more than 7 years ago | (#19717713)

I'm not sure which reaction is stronger:
  • that I'm pleased that someone working in my government is concerned about this and intends to put in the man hours to get to the bottom of it
  • Or disgust that my government is wasting money by first purchasing an operating system, then putting in the man hours to try and reverse engineer the security risk so they can put more man hours into figuring out how to circumvent said security risk so they can continue to buy this really expensive spyware.

Really? (0)

Anonymous Coward | more than 7 years ago | (#19717183)

I'm impressed, no one in my house installed Vista yet, and no one in my office will, since the IT shop wont support it.

How's it do that, when I'm not around a Vista computer, ever?

Re:Really? (0)

empaler (130732) | more than 7 years ago | (#19717705)

I'm impressed, no one in my house installed Vista yet, and no one in my office will, since the IT shop wont support it.

How's it do that, when I'm not around a Vista computer, ever?
That's how awexome Microsofts 1337 úber hacker skills are. U R PWND!

Vista's biggest enemy (5, Insightful)

drgonzo59 (747139) | more than 7 years ago | (#19717189)

Vista's biggest enemy is not Linux -- it's Vista. Americans take their privacy too seriously to ignore this if this becomes public. Of course, one could argue that by now the 'war on terror' has taught us to just bend over when the government says so, but hopefully, the reaction will be a little bit more violent when Microsoft asks us to 'submit'....who knows.
 

Re:Vista's biggest enemy (3, Insightful)

EveryNickIsTaken (1054794) | more than 7 years ago | (#19717265)

Americans take their privacy too seriously to ignore this if this becomes public.
Either you're not American or you don't pay attention to the news. Most Americans have been FUD'ded into ignoring privacy concerns.

Re:Vista's biggest enemy (1)

LoadWB (592248) | more than 7 years ago | (#19717493)

And there is it: Privacy is a tool of terrorism.

If you're trying to keep your affairs private, then you must have something nefarious to hide... you terrorist.

Re:Vista's biggest enemy (5, Insightful)

Hoi Polloi (522990) | more than 7 years ago | (#19717319)

I was all for protecting my privacy until they offered me a free copy of "Minesweeper 3D" and "The Best of American Idol" audio tracks!

Re:Vista's biggest enemy (0)

Anonymous Coward | more than 7 years ago | (#19717325)

Americans take their privacy too seriously to ignore this if this becomes public.
Ooooh, that is the funniest thing I've read all year. Americans don't seem to be worried about their privacy at all as far as I can see. People seem to think I'm paranoid when I don't want to give my SSN to everyone who asks.

Re:Vista's biggest enemy (5, Funny)

UbuntuDupe (970646) | more than 7 years ago | (#19717327)

Americans take their privacy too seriously to ignore this if this becomes public

You mean, you wish they wouldn't ignore this?

"OMG! Vista violates my privacy!"
"So what are you going to do about it?"
"I'm going to use a different operating system!"
"Which one?"
"Well, uh, the other one."
"Which other one."
"Like, the other Windows."
"Which other Windows?"
"Um, I guess ... XP, is it?"
"Do you know how to install an operating system?"
"Well, no ... I mean, I just won't buy computers with Vista."
"And where do you buy a computer without Vista?"
"Um ... I can just choose XP when I order one."
"And when XP is discontinued?"
"Then I'll get a completely different operating system, from a different company."
"You mean a Mac?"
"Oh, heavens no."
"Then what?"
"Um ..."

Re:Vista's biggest enemy (1, Funny)

Anonymous Coward | more than 7 years ago | (#19717593)

"Um ... a Dell! I'll get a Dell computer instead."
"That runs the same operating system."
"No, I'm pretty sure it runs the Microsoft Office operating system. I sure hope it has minesweeper!"

Re:Vista's biggest enemy (1)

truthsearch (249536) | more than 7 years ago | (#19717349)

I don't know about that. XP did pretty much the same thing, to a smaller extent, and with similar statements in the EULA. That didn't stop sales.

Now if corporate desktops attempted to send too much information to Microsoft then some heads would roll. But that's not going to happen.

Re:Vista's biggest enemy (4, Insightful)

apathy maybe (922212) | more than 7 years ago | (#19717355)

Americans take their privacy seriously? Since when as the average yank done that?

Sure you have some folk who do, but considering the supermarket "loyalty cards" (and it isn't just in the US of course), the various voting things (e.g. who's the hottest "singer"?), using plastic cards to pay for everything and so on...

Meh, I'm sure you get my point, which is that only some people (around the world), take their privacy as seriously as you seem to think.

Is this really news, or enlightening (1)

El Fantasmo (1057616) | more than 7 years ago | (#19717193)

or just proof of what we've come to know and love from The Great MS. All Hail Bill Gates!

Re:Is this really news, or enlightening (1)

BlackSnake112 (912158) | more than 7 years ago | (#19717407)

kind of reminds me of the scenes from the Men in Black movies. Those little people in the locker. The question is does microsoft know that against the masses, they are the little people in the locker.

Tagged as paranoia? (1, Insightful)

numbski (515011) | more than 7 years ago | (#19717241)

I wonder...

Is it paranoia if the OS really *is* sending tons of data to Redmond?
Is it slander if it's true?
How many licks does it take to get to the tootsie-roll center of a tootsie-pop?
Just WTF *is* the cream filling in the middle of Hostess snack cakes????

Re:Tagged as paranoia? (2, Informative)

jonnythan (79727) | more than 7 years ago | (#19717301)

It's a little OT, but truth is an absolute defense to slander. Slander is, by definition, untrue.

Re:Tagged as paranoia? (0)

Anonymous Coward | more than 7 years ago | (#19717601)

This is quite a bit OT. As a law student, a question I haven't had the nerve to ask is whether you can file a dilemma-form tort action.

Complaint
1. A did knowingly and maliciously engage in the defamation of B and in particular asserted falsely that B does X.
2. Alternatively, if B does in fact do X, A did knowingly and maliciously engage in the public dissemination of private facts, the disclosure of which a reasonable person would find objectionable.
Or something similar. It would, after all, seem a bit contradictory if a suit for public disclosure of private facts required that you admit the private facts.

Re:Tagged as paranoia? (1)

gEvil (beta) (945888) | more than 7 years ago | (#19717421)

Yes, but it's justified
No
A-one, a-two, a-three. Three.
Lard, sugar, vanilla, other nasties.

Re:Tagged as paranoia? (1)

MSG (12810) | more than 7 years ago | (#19717685)

Lard, sugar, and titanium oxide.

Re:Tagged as paranoia? (1)

MontyApollo (849862) | more than 7 years ago | (#19717499)

There is some quote about just because you are paranoid doesn't mean someone is not out to get you.

I think the paranoia is more about what info MS is collecting and what they are doing with it. There's probably a low chance of this info being used negatively against you since they don't track your identity, but you never know.

Re:Tagged as paranoia? (1)

Coopjust (872796) | more than 7 years ago | (#19717721)

1) No, it's not paranoia then.
2) Can't be slander if it's true. Of course, it might be seen a different way with the legal army of Microsoft against you.
3) It depends on the way the pop is licked and the licker in question, but the average is 413 licks [emptyv.org] .
4) Well, Twinkies used to use a banana filling, but switched to vanilla in WWII. Of course, it's mostly flavored random chemicals at this point. Yummy.

Anonymous? (5, Interesting)

MontyApollo (849862) | more than 7 years ago | (#19717259)

Seems like they would want to keep this data anonymous as much as possible too, or it would seem like they would have an endless barage of subpoenas for civil lawsuits like divorces, where one spouse wants evidence that the other was cheating.

Re:Anonymous? (1)

db32 (862117) | more than 7 years ago | (#19717451)

When they have shown that you can identify a person by their google searches, or by browsing habits, and any other number of things "anonymous" data is just a bullshit artists way of calming you while he takes your info.

Have we learned nothing? (5, Interesting)

kebes (861706) | more than 7 years ago | (#19717267)

The privacy concerns are obvious. I, for one, do not want to agree to having all kinds of (largely unspecified) information transmitted to Microsoft.

But even putting that aside for a moment. Assume that Microsoft is a friendly company and that you are confident they will never use this information "against you." Even in that case, this is a really bad idea. Why? Because security works best when you *minimize* the avenues of attack. By sending this information to Microsoft HQ, your OS opens itself to new attacks. On the one hand you have the possibility of MS's servers being hacked, and your information stolen (or the transmission being intercepted and copied). But much worse, this transmission functionality can be co-opted by malware or viruses.

Every functionality you include in the OS is a functionality that "the enemy" (malware, viruses, crackers, etc.) can (and will) use against you. In particular, every network-enabled program is a potential security breach. Hence, we should always be disabling as many services (especially network services) as possible. By having all kinds of code that is constantly communicating outside the machine (with no notification to the user), built into services that the user cannot sensibly disable, you are leaving a tempting target for "the enemy" to find vulnerabilities.

Add to this the fact that it makes it harder on network admins to pick out suspicious traffic. If all these Vista installs are constantly sending out packets of information, how can the sysadmin tell when one of those machines has been taken over, and that "phone MS HQ" service is now sending nefarious packets?

Get used to it. (2, Insightful)

Anonymous Coward | more than 7 years ago | (#19717277)

Face it, the advent of the internet has brought to the world many great and wonderous things. However, there is a dark side to connectivity, and it's name is, connectivity. If you want to be part of the whole, you have to accept the inherit lose of privacy that is associated with it. Doesn't matter how much you dislike it, but as a whole EVERYTHING is becoming more connected, you can't truly expect your privacy to somehow remain immune from all this "openness".

Those who thrive in this environment (and in this case, thrive means are able to navigate it with the majority of their private information private) will be those who understand, accept, and deal with it.

Re:Get used to it. (1)

voice_of_all_reason (926702) | more than 7 years ago | (#19717467)

Not really. It's a reasonable assumption that you can disable these services to some degree like in XP (error reporting service, for example). No fuss, no muss. Either through the system itself or some sort of hax.

Re:Get used to it. (1, Insightful)

Anonymous Coward | more than 7 years ago | (#19717571)

Not really. It's a reasonable assumption that you can disable these services to some degree like in XP (error reporting service, for example). No fuss, no muss. Either through the system itself or some sort of hax.

Your missing the point. Have you learned nothing from what happened with iTunes? This isn't just about Microsoft, once again the masses get tunnel vision. This is about EVERYTHING. Going forward, as more and more infrastructure is interconnected, as we depend more and more on online services, any true notion of privacy is pretty much moot. You can disable services all you want, and it will make folks who are collecting data very happy, because you are focused on the obvious.

I know I'm sounding tin foil hat'ish here, but that's not where I'm coming from. Simply that we have to understand the world in which we live (truly understand, not just what gets fed to us), and then take whatever measures we deem appropriate to maximize our wellbeing within that world.

Re:Get used to it. (1)

voice_of_all_reason (926702) | more than 7 years ago | (#19717711)

If you focus on the obvious, and the majority don't, I doubt they'll try very hard to get around you. Decreasing returns. They'll already have more than enough profitable information.

Participating with caution (2)

Lonewolf666 (259450) | more than 7 years ago | (#19717673)

If you want to be part of the whole, you have to accept the inherit lose of privacy that is associated with it. Doesn't matter how much you dislike it, but as a whole EVERYTHING is becoming more connected, you can't truly expect your privacy to somehow remain immune from all this "openness".
To some extent this is true, but that does not mean we should give up more privacy than what is unavoidable.
In the context of this article, I think it is bad to have a bunch of services on my computer that send more data to the software vendor than immediately necessary. It might be useful for Microsoft to run statistics about the habits of Windows users, but that does not mean I have to accept being monitored.

BTW, my private computers are still on Windows 2000, because I found the product activation in XP too annoying. Vista is completely disqualified. The new machine I've just bought will probably be my last Windows PC, because it already approaches the limits of what Windows 2000 Professional can handle (Dual Core, 2 GByte RAM).
Any significant upgrades from that will make a switch to a proper 64 bit OS necessary ;-)

Devil's Advocate (1, Insightful)

BlueLightSpecial (898144) | more than 7 years ago | (#19717293)

Disclaimer: I run Vista, I am slightly upset by these findings, but I'm just gonna ponder the positives. As long as the info is sent anonymously, whats the big deal? This information is probably being used to make sure the operating system run the smoothest it can, the info sent can be used to help update the system and keep MS on top of bugs and holes in the OS

Re:Devil's Advocate (0)

Anonymous Coward | more than 7 years ago | (#19717427)

This information is probably being used to make sure the operating system run the smoothest it can

Yeah, probably.

The core question remains (5, Insightful)

Opportunist (166417) | more than 7 years ago | (#19717465)

Why don't they tell you? Every halfway serious program I use that has to report information home (or at least wants to, for statistical purposes) asks me first, or at least informs me that it is going to do that now. Some programs even tell you what exactly they're going to send (and, behold, checking source and the transfered data shows that they actually tell you the truth).

Usually I don't mind. They probably sell that information (not about me, but about their "user base") to someone to make some money that way, since I don't pay for the honor to use their program for free. No problems there.

A problem arises when said data is transmitted without my consent. Without me even knowing that it is being sent. Am I supposed to trust a company that it isn't going to do shady business with my data when they're sneaky about it?

Now, I'm not saying MS does. But, seriously, why the cloak-and-dagger approach? Just tell the user "Vista is now gonna send MS the following information about your system, anonymized so it can't be tracked, and we want it to see what hardware platforms our system should run best on. Thanks for your co-op."

What's wrong about that? If someone doesn't care, heck, one more click on "accept" isn't going to be even noticed in Vista. And if someone does care, the smell of fish is not gonna hit his nose when something like this is being exposed.

Re:Devil's Advocate (5, Insightful)

kebes (861706) | more than 7 years ago | (#19717501)

Well they say the information is anonymous, but it includes things like your IP address. So they can convert that it non-anonymous information quite easily.

So... some reasons why this is probably a bad idea:
1. If they discover that you are running non-legit software, they can track you down. (And considering that any such analysis will always make mistakes, even users of legitimate copies of software should be worried.)
2. If MS's servers get compromised (or a bug is found in the "secure transmission" protocol), third parties can obtain your data. Depending on exactly what is being sent, this could be a privacy breach, security breach, or both.
3. Having services constantly establishing these connections is a security risk. Malware or viruses may be able to exploit it as a point of infection. Or, they may be able to use it as a means of spreading copies of themselves, or secretly transmitting information back to a third party. Every unnecessary service (from a user perspective) is a security breach waiting to happen.
4. Having code running that doesn't explicitly benefit the user is a waste of resources. This means overhead on your computer and overhead on your internet connection.
5. The EULA seems to state that they can change the terms as it suits them. This means that they can push updates through Windows Update that increase the scope of the data obtained. Perhaps they eventually decide to drop the anonymous clause. I don't think signing over so much freedom and privacy is a good idea, regardless of how "well-intentioned" the recipient of your rights claims to be.

And finally, there is the general "bad vibes" I'm sure we're all getting about this. It would be one thing if it were an additional feature that you could turn on if you wanted to. Something like "Help MS improve the quality of service by sending reports on how your software is running. This voluntary service is under your control, and only human-readable summaries will be sent, which you can inspect before they are sent. Do you wish to participate? Cancel/Allow"

Instead we get something like: "MS reserves the right to monitor your computer and transmit information to MS HQ. We can change these terms at our leisure. By using any of these features, you implicitly agree to this monitoring."

This is not an act of charity on MS's part. This is part of a plan to obtain information that they want, without customers noticing it is happening. That can only be a bad thing.

Re:Devil's Advocate (1)

voice_of_all_reason (926702) | more than 7 years ago | (#19717505)

Same issue with the google cookie. The machine sends the data with a unique ID for your machine. As long as they can match your name once to the ID, it's good for tracking all transmissions. Stuff like Error Reporting send a dump of whatever document/webpage you're running at the time, that can certainly be enough. And don't you have to give your name when you activate it in the first place?

You're being sarcastic, right? (0)

Anonymous Coward | more than 7 years ago | (#19717599)

Or do you just not understand what's happening here? Sending your personal information to Microsoft doesn't make your OS run smoother - it's another strain on your system and then end result consists of telemarketers calling during dinner and junk mail overflowing your box. If any of this affects the OS, it's probably just Microsoft's way of ensuring that you use Vista "legally."

Re:Devil's Advocate (1)

XnavxeMiyyep (782119) | more than 7 years ago | (#19717681)

I'm just gonna ponder the positives.

Like Aero!

Don't worry, it's not Vista... (5, Funny)

Actually, I do RTFA (1058596) | more than 7 years ago | (#19717329)

It's just: Windows Update, Web Content, Digital Certificates, Auto Root Update, Windows Media Digital Rights Management, Windows Media Player, Malicious Software Removal/Clean On Upgrade, Network Connectivity Status Icon, Windows Time Service, and the IPv6 Network Address Translation (NAT) Traversal service (Teredo).

See, typical /. overreaction

Re:Don't worry, it's not Vista... (2, Informative)

j.sanchez1 (1030764) | more than 7 years ago | (#19717397)

It's just: Windows Update, Web Content, Digital Certificates, Auto Root Update, Windows Media Digital Rights Management, Windows Media Player, Malicious Software Removal/Clean On Upgrade, Network Connectivity Status Icon, Windows Time Service, and the IPv6 Network Address Translation (NAT) Traversal service (Teredo).

And Activation, Customer Experience Improvement Program (CEIP), Device Manager, Driver Protection, Dynamic Update, Event Viewer, File Association Web Service, Games Folder, Error Reporting for Handwriting Recognition, Input Method Editor (IME), Installation Improvement Program, Internet Printing, Internet Protocol version 6 Network Address Translation Traversal, Network Awareness (somewhat), Parental Controls, Peer Name Resolution Service, Plug and Play, Plug and Play Extensions, Program Compatibility Assistant, Program Properties--Compatibility Tab, Program Compatibility Wizard, Properties, Registration, Rights Management Services (RMS) Client, Update Root Certificates, Windows Control Panel, Windows Help, Windows Mail (only with Windows Live Mail, Hotmail, or MSN Mail) and Windows Problem Reporting are the main features and services in Windows Vista that collect and transmit user data to Microsoft.

Re:Don't worry, it's not Vista... (2, Informative)

Actually, I do RTFA (1058596) | more than 7 years ago | (#19717435)

Sorry, I left out: Activation, Customer Experience Improvement Program (CEIP), Device Manager, Driver Protection, Dynamic Update, Event Viewer, File Association Web Service, Games Folder, Error Reporting for Handwriting Recognition, Input Method Editor (IME), Installation Improvement Program, Internet Printing, Network Awareness (somewhat), Parental Controls, Peer Name Resolution Service, Plug and Play, Plug and Play Extensions, Program Compatibility Assistant, Program PropertiesCompatibility Tab, Program Compatibility Wizard, Properties, Registration, Windows Control Panel, Windows Help, Windows Mail (only with Windows Live Mail, Hotmail, or MSN Mail), Windows Problem Reporting, Windows Defender, Support Services, and Internet Explorer 7.

"This extensive enumeration is not a complete illustration of all the sources in Windows Vista that Microsoft uses to gather end user data"

Re:Don't worry, it's not Vista... (2, Informative)

LordEd (840443) | more than 7 years ago | (#19717521)

Sarcastic Microsoft bash aside, all of the listed services are those that require connection to an external source. The "windows time service" makes me a bit suspicious that the author just picked everything that made any form of network communication without regard to information sent/received.

On Windows time service [microsoft.com] :

The following list describes various aspects of Windows Time Service data that is sent to and from the Internet and how the exchange of information takes place:

  Port: NTP uses User Datagram Protocol (UDP) port 123 on time servers. If this port is not open to the Internet, you cannot synchronize your server to Internet NTP servers.

  Protocol: The service on Windows Vista implements NTP to communicate with other computers on the network.


The NTP Protocol is described here [wikipedia.org] . I can't verify that they haven't implemented the evil NTP protocol (not running Vista), but I don't see why i should trust the author after listing this one.

Re:Don't worry, it's not Vista... (1)

Actually, I do RTFA (1058596) | more than 7 years ago | (#19717691)

Yes, sarcasm aside, the author listed anything where Microsoft could harvest your IP address due to connecting over the Internet. He's not shy about it either (FTFA): "... all they really need is your IP address."

This is a surprise to WHO? (1, Redundant)

damn_registrars (1103043) | more than 7 years ago | (#19717333)

Really... Is there some reason why we didn't expect this?

Privacy? (1)

Dusty00 (1106595) | more than 7 years ago | (#19717345)

If in fact they aren't and have not desire to identify me then they should be making it a point to abstain from recording information that can ID me.

Actually my biggest objection to this was it was initially not disclosed in a sufficiently conspicuous manner and seems to have no simple way to be deactivated save identifying and disabling all the services in question. I'll allow that Microsoft has something to be gained in product improvement by collecting some of this data but they ought to ask before using my bandwidth to do it.

Negro, puhleeese (5, Insightful)

$RANDOMLUSER (804576) | more than 7 years ago | (#19717351)

Microsoft will get your "Internet protocol address, the type of operating system, browser and name and version of the software you are using, and the language code of the device where you installed the software." But all they really need is your IP address.
Huh, I thought I supplied that information to every website I visit.

Every time you install a Plug and Play device, you tell Microsoft about it in order to get the necessary device drivers. The same is the case for PnP-X enabled device, only that Windows Update is more actively involved in this case.
Oh noes!!! They need to know my device to supply the driver?

Good grief, I hate Microsoft as much or more than the average Slashdotter, but most of TFA is just alarmist FUD.

Re:Negro, puhleeese (1, Insightful)

brunascle (994197) | more than 7 years ago | (#19717671)

except, i already have the drivers. they came with the doohickey. contacting MS for them should be a user-selected option.

Nothing new (0)

DrDitto (962751) | more than 7 years ago | (#19717361)

X-ray machines, Jet engines, and more all report operating conditions and usage information back to the manufacturer. Microsoft is doing this anonymously to improve the products. I have no problem with this. They aren't sending back any "personal information" like credit card numbers or even identification information.

Re:Nothing new (4, Insightful)

PhysicsPhil (880677) | more than 7 years ago | (#19717567)

X-ray machines, Jet engines, and more all report operating conditions and usage information back to the manufacturer. Microsoft is doing this anonymously to improve the products. I have no problem with this. They aren't sending back any "personal information" like credit card numbers or even identification information.

There are plenty of reasons you still don't want this happening. Consider...the war on terror continues and somebody gets caught up in the Feds dragnet. They press charges, but don't quite have the evidence they need. The defendant's lawyer (and the ACLU) is probably going to get him to walk unless they can find something. Little known to all, the President (or these days, the VP) issues a secret Executive Order that strips "terror suspects" of the right to attorney-client privilege. The Feds show up at Microsoft's door with several court orders. They order the tracking of the suspect, and they provide the IP addresses of computer in the offices of the defendant's attorney and the ACLU and demand that Microsoft install a backdoor patch to download documents off that computer. Of course the download will be indiscriminate...maybe this lawyer will also have you as a client, and your files will go to the Feds also.

Far-fetched? Perhaps, but certainly plausible. Suppose it's not the American government, but the Chinese looking for a few journalists or Falun Gong members. Still far-fetched? Which way do you think Microsoft will go when the choice is a few journalists in prison or losing access to the Chinese market?

Privacy is always good.

Re:Nothing new (2, Insightful)

value_added (719364) | more than 7 years ago | (#19717701)

X-ray machines, Jet engines, and more all report operating conditions and usage information back to the manufacturer.

And X-ray machines and jet engines are multi-purpose devices that store gobs of personal information?

They aren't sending back any "personal information" like credit card numbers or even identification information.

I'd like to know how you've achieved that conclusion given the fact that you and just about everyone outside of Microsoft lacks meaningful information as to what *is* being sent, in what form, and how.

Someone long ago said "Doubt is not a pleasant state of mind, but certainty is a ridiculous one." But no worries, right?

It's not Microsoft you should be worried about (1)

MikeRT (947531) | more than 7 years ago | (#19717373)

It's the government. If the government leans on them to ramp up the monitoring of their users, then the public will be truly SOL. Right now Microsoft seems to be content with detailed diagnostic information and preventing piracy, not spying on their users. In fact, there would be precious little they could gain versus the heaping cargo ship loads of what they would lose by preemptively spying on their users.

Far fetched? The government just demanded all of those search records a while ago. I think that speaks for itself as to where things are going.

Re:It's not Microsoft you should be worried about (1)

TechForensics (944258) | more than 7 years ago | (#19717557)

Wait 'til Bush's Attorney General Gonzalez decides to ask M$ to aid the war on terrorism by monitoring hard drives (as part of the Windows Desktop Search Service, perhaps?) for "suspicious" keywords. Geez, if you're a law-abiding Muslim, that would mean a world of hurt.

And once you're monitoring for some keywords, it really wouldn't mean much to monitor for a few others, would it? Everyone ought to see where this is going.

Spyware? (1, Interesting)

CaptainPatent (1087643) | more than 7 years ago | (#19717379)

Isn't it ironic that the very company charging insane amounts for a "safe and secure" OS is essentially using spyware embedded in the system itself when the average user shells out a decent amount of money to prevent spyware programs?

If there wasn't enough of them already, add this to the stack of reasons not to use Vista.

1984^H^H^H^H 2007 (2, Insightful)

Anonymous Coward | more than 7 years ago | (#19717653)

Isn't it ironic that the very company charging insane amounts for a "safe and secure" OS is essentially using spyware embedded in the system itself when the average user shells out a decent amount of money to prevent spyware programs?

War is Peace; Freedom is Slavery; Ignorance is Strength.... and now Spyware is Security.

Stop the ball from rolling... (2)

ProdigySim (817093) | more than 7 years ago | (#19717413)

Unfortunately, it's likely that we will be feeling the need to upgrade to Vista within a few years. I think more effort needs to be taken to show that we don't want things like this. Can anyone say "boycott Vista?" It's too bad OEM sales are doing so well though.

Is Vista a product, or a service? (4, Interesting)

Morgaine (4316) | more than 7 years ago | (#19717423)

I expect that the majority of people believe that they're buying a product when they purchase Vista, or when they purchase a PC with Vista pre-installed. That presumption may be entirely wrong though.

Certainly from Microsoft's point of view, and in view of their total focus on WGA, you've agreed to a single-payment licensing deal. EULAs may not be valid in some jurisdictions, but that doesn't seem to concern them. You live within their worldview, or else ... or else nothing, that's the only option. In fact then, you haven't purchased a product at all, but a service without any agreed terms.

Likewise, from the content providers' point of view, your PC and its software certainly doesn't belong to you, which implies that you haven't purchased Vista as a product. Instead, it's just a delivery vehicle for their content, and Microsoft is the guarantor of DRM safety to ensure that this is so. The fact that you've paid for your hardware and software as if it were yours seems to have escaped both content providers and Microsoft alike.

Perhaps in the future, people who are not technical will not own computers at all, but only rent content delivery vehicles?

That's where Vista seems to be heading ... although Microsoft probably wants you to continue purchasing without owning.

Re:Is Vista a product, or a service? (1)

Esion Modnar (632431) | more than 7 years ago | (#19717503)

...but only rent content delivery vehicles?

It's called Screw-Haul.

Re:Is Vista a product, or a service? (1)

Tx (96709) | more than 7 years ago | (#19717655)

Perhaps in the future, people who are not technical will not own computers at all, but only rent content delivery vehicles?

As someone who constantly spends quite a large chunk of free time sorting out IT issues for non-technical friends and family, I can't wait for the day when non-techies don't own their own machines, and don't even have administrative access at all. I'm sick of being Microsofts unpaid tech support, they're welcome to take over.

vista (-1, Troll)

Anonymous Coward | more than 7 years ago | (#19717433)

Vista is watching you masturbate.

Won't matter (1)

SnarfQuest (469614) | more than 7 years ago | (#19717461)

Very few people will care about this. Even if MicroSoft were collecting their credit card numbers and access codes, they still wouldn't care. Just look at how often they click on all those "verification" emails, and give this information away. You can make up an obvious "evil" email, explaining that you want to steal all their savings, and they will still click the link and enter their personal information.

Most people are just stupid when it comes to computers and securing their personal information.

Re:Won't matter (1)

Actually, I do RTFA (1058596) | more than 7 years ago | (#19717561)

Are you kidding? If Microsoft was collecting (and using without my consent) my credit card numbers, I'd go out and buy a Vista machine right now. As my lawyer friend would say "How do you punish a company with hundreds of billions of dollars?"

Article Breakdown (4, Insightful)

thePsychologist (1062886) | more than 7 years ago | (#19717473)

This article is a lot of FUD. But there's lots of truth in it too. Even though some of this transmission of data is optional and can be turned off, it still goes too far because most average computer users don't know about this stuff. Hence it's taking advantage of people without their knowledge.

hardware hash, which is a non-unique number generated from the computer's hardware configuration but no personal information.


This is not good. Probably only used to invalidate your copy of Windows once you change the motherboard.

The Customer Experience Improvement Program (CEIP) is optional, and designed to improve software quality.


This service asks your consent, and is okay and OPTIONAL.

Via the Device Manager, Microsoft has access to all the information related to your system configuration in order to provide the adequate drivers.


Again: if a device is plugged in, a dialog first comes up and asks the user if he/she wants to search the internet for a driver. And the service NEEDS the name of the device to search for one.

Similarly, Dynamic Update offers your computer's hardware info to Microsoft for compatible drivers.


That's because you ASK for it. Similarly if I Google a problem, Google gets my search query. But they're collecting stats on hardware, and that's pretty normal for an OS company. After all, it'll help them build a better OS (not likely though).

Event Viewer data is collected every time the users access the Event Log Online Help link. By using the File Association Web Service, Microsoft will receive a list with the file name extensions.


Just the extensions?? Big deal. Here's a partial list for my computer: *.raw, *.mov,...wait, this person has some Apple format on their computer...DESTROY. Can they use this information to help with vendor lock-in? Maybe.

Metadata related to the games that you have installed in Vista also finds its way to Microsoft.


Maybe this is going a bit off the deep end. What I install is my business and not theirs.

The Error Reporting for Handwriting Recognition will only report to Microsoft if the user expressly desires it to.


This asks your consent, and is okay and OPTIONAL. Why are they even including this in this article?

Through IME Word Registration, Microsoft will receive Word registration reports. Users have to choose to participate in the Installation Improvement Program before any data is sent over at Microsof[t].


This asks your consent, and is okay and OPTIONAL. So, if you register, it receives the data. No surprise there.

Ever used a print server hosted by Microsoft? Then the company collected your data through Internet Printing. Network Awareness is in a league of its own. It does not premeditatedly store of send directly information to Microsoft, but it makes data available to other services involving network connectivity, and that do access the Redmond company.


Makes data available to services that contact Microsoft does not mean this data will be SENT to Microsoft. FUD.

Via Parental Controls, not only you but also Microsoft will monitor all the visited URLs of your offspring.


If this is actually true, then it's too far. Direct monitoring of the sites!

Hashes of your Peer Name tied to your IP address are published and periodically refreshed on a Microsoft server, courtesy of the Peer Name Resolution Service.


Too far. But I'm not sure what a Peer Name is now. And I doubt it's very useful.

Every time you install a Plug and Play device, you tell Microsoft about it in order to get the necessary device drivers. The same is the case for PnP-X enabled device, only that Windows Update is more actively involved in this case.


Ick. Of course they need to know what the device is to get the drivers.

The Program Compatibility Assistant is designed to work together with the Microsoft Error Reporting Service, to highlight to Microsoft potential incompatibility errors. For every example of compatibility settings via the Compatibility tab, Microsoft receives an error report. The Program Compatibility Wizard deals with similar issues related to application incompatibility. File properties are sent to Microsoft only with the item that they are associated with.


Hmmm. What kind of file properties? Extension and version of program that made it probably.

You can also volunteer your name, email address, country and even address to Microsoft through the registration process.


This asks your consent, and is okay and OPTIONAL

All the queries entered into the Search box included in the Windows Vista Control Panel will be sent to Microsoft with your consent.


This asks your consent, and is okay and OPTIONAL

The Help Experience Improvement Program also collects and sends information to Microsoft. As does Windows Mail when the users access Windows Live Mail, Hotmail, or MSN Mail. And the Windows Problem Reporting is a service with a self explanatory name.


This asks your consent, and is okay and OPTIONAL

But is this all? Not even by a long shot. Windows Genuine Advantage, Windows Defender, Support Services, Windows Media Center and Internet Explorer 7 all collect and transmit user data to Microsoft. Don't want them to? Then simply turn them off, or use alternative programs when possible or stop using some services altogether. Otherwise, when your consent is demanded, you can opt for NO.


What kind of data? If the author knows so much, why is he just not filling in the details? Because the data is mostly harmless.

Re:Article Breakdown (1)

sid0 (1062444) | more than 7 years ago | (#19717647)

The File Association Web Service does not send the whole list. that wouldn't make sense. All it sends is the EXTENSION of the file you are looking for a program for.

The Games data is used to download info and covers, especially for old games.

Parental Controls, I believe you have to opt-in for this. It sends URLs to check Allow/Block lists. Nothing serious.

The PNRP data is sent only when you USE PNRP. It's just like (and as necessary as) sending data to a BitTorrent tracker, only you wouldn't send pirated data over it.

Source: http://www.microsoft.com/windowsvista/privacy/vist artm_detail.mspx [microsoft.com]

Oh, the article is just plain old FUD.

It's the Boogie Man Under the Bed! (1)

rueger (210566) | more than 7 years ago | (#19717485)

Lord, there are surely a hundred SERIOUS attacks on our privacy every day that deserve attention. Why is someone wasting time getting all paranoid because MS software sends back error reports?

Will we now see a companion story about how OS X, Firefox, and Thunderbird are all collecting "personal information" and transmitting it back to Apple and Mozilla.org?

The tone of TFA/S isn't what it should be (5, Insightful)

sid0 (1062444) | more than 7 years ago | (#19717507)

The things that get transmitted are:
1. Activation info. Well, duh.
2. Windows Update. -do-
3. Auto Root Update. Updates the list of trusted certificate authorities. You know, Verisign etc.
4. Windows Media DRM. Not an issue if you don't use DRM files, and no, information isn't transmitted every time you play the song.
5. Windows Media Player. To download album art/track names. Again, no different from other players. Easy to disable completely.
6. Malicious Software Removal. What's the problem if info is transmitted to Microsoft that you had an infection and it was cleaned? Non-issue. You can choose not to use it at all.
7. Network Connectivity Status Icon. This doesn't TRANSMIT anything except the HTTP request. It just downloads a small page to check if the Internet connection is working. Easy to disable, no problem.
8. Windows Time Service. Syncs time. Again, what's the problem? It's easy to disable if you really have a problem.
9. Problem reports. It asks you very clearly if data is to be sent to Microsoft, and asks you again if you want to send personal data. And reporting problems is good.
10. Games. Come on, it downloads fucking info and covers.
11. Event Viewer. Data is sent only when you specifically REQUEST for more online help. http://technet2.microsoft.com/WindowsVista/en/libr ary/28cd5e13-e955-4941-91d9-fec2525e96c71033.mspx? mfr=true [microsoft.com]
12. Customer Experience Improvement Program. Microsoft *SPECIFICALLY ASKS YOU* if you want to opt-in. Once you say no, it never asks you again.

- etc -

The paranoia claims are really ridiculous. The operating system uses Internet resources to improve your experience, like telling you when you are connected to the Internet. Please take your tinfoil hat off for a minute and look at this objectively.

Enterprise license (1)

thomasa (17495) | more than 7 years ago | (#19717577)


Any idea how this works with a Microsoft Enterprise license? Will half the Internet
traffic be Microsoft computers calling home?

Someone say FUD??? (1)

ThirdPrize (938147) | more than 7 years ago | (#19717587)

I think thay did.

speculative and pointless (1)

kwikrick (755625) | more than 7 years ago | (#19717615)

Very speculative article. Author claims all kinds of information is gathered by Microsoft, but does not
specify what exactly. Sound like FUD to me. Anyhow, how does he know? Because of the closed-source nature
of their products, there's nothing stopping MS from getting any information they want from your computer.
Also, such claims are hard to verify or debunk, so nothing's stopping anti-MS fud-spreading bloggers
and journalists.

So, if you are concerned about privacy, use an open source product that you trust, or if you don't trust it,
(have someone) look at the source code.

Oh No! Microsoft has my IP... Wait... (1)

zeppy (794957) | more than 7 years ago | (#19717641)

Microsoft will get your "Internet protocol address, the type of operating system, browser and name and version of the software you are using, and the language code of the device where you installed the software." But all they really need is your IP address.


Oh No! Microsoft will have my IP Address, OS, Browser, Name and version of the software I'm using, and the language I use!

Oh wait, every website I've ever visited has the potential to have that information.

IP address, I can somewhat understand. But the other stuff? Yes, I'm among the millions that use Firefox, Windows XP, and speak English. Tell me how that is going to help anyone identify me? Even the IP address I use isn't static. Just look at how much trouble the RIAA has had tracking down users via IP address. And honestly, of the millions upon millions of people that use Windows do you really think that Microsoft is going to come after YOU? If you are that paranoid perhaps you should disconnect your computer and put on your tin foil hat. It'll free up some space on the tubes for the rest of us.

Lies Lies Lies! (2, Funny)

Anonymous Coward | more than 7 years ago | (#19717645)

MS just wants to steal pr0n!

Big deal / Paranoia (-1)

gravis777 (123605) | more than 7 years ago | (#19717665)

I am not siding with Microsoft here, but there is really nothing new here. I mean, is it really that big of a surprise that Activation and Digital Rights Management phones home? Duh. And in the article it says that it reports about spyware. Doesn't Windows defender ask you in XP if you want to report findings to Microsoft? Is it that big of a surprise that Vista has it on by default? OMG, Vista phones home to look for codecs! Hasn't that been part of WMP for years? OMG, Vista looks for updates to hardware drivers! Hasn't that been part of Windows Updates for years? OMG, E-mail via Hotmail gets sent to Microsoft! Duh! I can see why the article was flagged as paranoia, there is nothing in this article that is news to me, or that concerns me. Now if it starts telling Microsoft about every non-drm file I play, every picture I put on my computer, and sends the contents of every word document and excel file to Microsoft, then I would be concerned.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?