Windows 10 - Deeper Impressions

[NoelC]

 

 

 

NoelC, what you do think are the prospects (technically speaking) for devising a user-friendly application to enable less-expert Windows users to do these sorts of things without having to "change their own oil," so to speak? Especially with regard to managing the firewall.

 

Never mind that Microsoft might easily undo everything with the next set of updates, I'm wondering about the feasibility of creating a program (at all) that will do this for the user.

 

If such a thing is possible, it could come to make a real dent in Microsoft's plans and maybe persuade them to back off.

 

--JorgeA

 

 

1.  Firewall management is not for everyone; I'd say it's master mechanic level material, based on the effort I'm putting into it and the skillsets I have to rely upon - especially the initial effort.  And it's not the kind of thing that can be fully generalized...  Everyone's system is different.  The overall strategy for blocking by default and allowing just the addresses required of the right system entities might be somewhat portable, but I'm guessing that the lists of "whitelist" addresses I've developed might be good for my neighbor, but less good for someone in a different part of the world.

 

Just as an example, one must decide the right thing to do when the firewall reports:  "Blocked Host Process for Windows Services (NetworkServices) from accessing 123.45.67.89:443"... 

 

• Do I allow it in the future or was this an attempt to spill beans I don't want spilled?
• Who owns that address? 
• What does the particular port number imply? 
• What's not working in the system because that was blocked?  Were errors logged?

 

Ideally I'd want to find the root cause of it trying in the first place to make that contact.  Is it Windows Update trying to do a secret update in the background?  A service that needs to be Disabled by default?  Some of these take more than I know, and I have to guess and see what happens.

 

2.  If someone were to publish a program what would provide a turnkey setup to block everything, soup to nuts (thinking, for example, of a super duper ShutUp10), and which effectively cuts off what Microsoft wants to collect - desperately wants - then I imagine Microsoft's legal team might swing into action and squash them.  All the users DID sign a contract that says "Microsoft is allowed to collect..."

 

3.  My goals aren't others' goals.  I have no current interest whatsoever in Metro/Modern/Universal Apps, for example.  That makes things I choose to do not applicable to those who DO want to run such Apps.  I don't have enough time left in my life to generalize the task into something everyone could live with.  And we can't ignore that in the next 4 months Microsoft IS going to change the system, making things I've done possibly obsolete.  Make that probably.

 

FYI, I'm already having to do much of the same stuff with Win 8.1.  Win 7, not so much, though Microsoft is striving to change that through Windows Update.

 

My best advice for now would be to run O & O ShutUp10 for the biggest privacy gain.

 

 

Tonight, by the way, I have disabled the Windows Update service entirely - something I didn't want to have to do because it makes it that much more difficult to actually DO a Windows Update operation (which will involve Enabling and Starting the service first).  I will leave the monitor pointed to the Win 10 VM tonight see if it tries to contact anyone it shouldn't.  So far, in about half an hour I haven't seen the firewall block anything, so this a hopeful step.

 

-Noel

Edited October 1, 2015 by NoelC

[jaclaz]

All the users DID sign a contract that says "Microsoft is allowed to collect..."

Not really-really .

First thing such a contract may well be null ab initio or ex lege.

Beside that, the opt-out (as opposed to opt-in) form of the proposal could well be in many countries a violation of Law in itself.

 

In any case - in the hypothesis that the agreement is actually valid and binding - what the users allow is MS to collect and use (for a number of vague scopes) the data they manage to collect.

 

As I see it, too bad for them if they cannot collect the data they would like to have. 

 

jaclaz

[NoelC]

Sure, right up until they deactivate your Windows installation.

 

Good luck getting your money back.

 

-Noel

[JorgeA]

My best advice for now would be to run O & O ShutUp10 for the biggest privacy gain.

 

Thanks for the detailed rundown, it looks like this is really the bottom line.

 

One good thing coming out of this whole sorry mess is that it might encourage some Windows users to learn more about the technology as they try to defend against the constant assaults. (Many people won't know at all what's going on, and will care even less.) I know that in my case it was a weird PC problem that first got me digging into the nuts and bolts.

 

Regarding whether users may not stop Microsoft from collecting all this data about them, I've heard this same point made by our dear friend SRFreeman (with the intent of shutting up the opposition to Windows 10, of course). I'll have to block out a chunk of time to find out what exactly it says -- the MSFT agreements are not a model of clarity, especially since the provisions are sprawled out over like three separate lengthy documents (EULA, MSA, Privacy Statement).

 

--JorgeA

[LetsWindows10]

 

"Will they stop at the US borders?", is the gasoline I'd like to add to the fire…

 

 

This really is a fascinating realm of legal hell that I predict Microsoft is going to find themselves sinking into and burning up.  (I am not a lawyer)

We've seen the EU with their stricter anti-monopoly laws strong-arm Microsoft into releasing a special version of Windows - this is why they have Windows N Edition as well as their extended support contract for Windows XP (albeit at a hefty fee).  

Similarly South Korea litigated their way to force the stripped & customized Windows KN Edition.  Their successes at enforcing "follow our local laws or pay fines or get out" could pave the way for other countries to take action under their privacy laws that the US gov't is too corrupt and incompetent to pursue.  

 

There are now VERY tough laws protecting privacy in the EU, China and Brazil.  Collecting private data in Brazil is constitutionally illegal!

Just as a class-action lawsuit in the US was inevitable due to the forced downloads on metered fee connections, I predict a nasty storm of legal trouble coming straight for MS from outside the US.  Here's hoping that this leads to a NEW edition of Windows 10 that is stripped of the data collection mechanisms so we can ease up on the myriad of customizations required to restrain this beast.

 

MS:  "But we don't collect private data, silly!"

Prove it and provide a way for us or a competent and independent 3rd party to examine the data being sent instead of trusting your word alone. Hopefully this capability will be available after the storm, but unlikely.

 

Quote from a decent article on data collection outside the US

 http://www.insidecounsel.com/2012/01/01/the-challenges-of-collecting-data-outside-the-us?page=2

[...]counsel should bear these tips in mind when trying to mine foreign data. It’s critical for companies and outside counsel to understand the differences between U.S. rules and foreign rules. 

[NoelC]

FYI, my test system made it through the night (with the Windows Update service Disabled) without trying to contact a single outside server.  However, during the day today, without a configuration change but with some desktop activity by me, it DID contact several systems that are whitelisted for Windows Update.  Was that an activation check?  A check for certificate validity/revocation?  Not sure.

 

-Noel

Edited October 1, 2015 by NoelC

[Drugwash]

[...] There are now VERY tough laws protecting privacy in the EU, China and Brazil.  Collecting private data in Brazil is constitutionally illegal!

Just as a class-action lawsuit in the US was inevitable due to the forced downloads on metered fee connections, I predict a nasty storm of legal trouble coming straight for MS from outside the US.  Here's hoping that this leads to a NEW edition of Windows 10 that is stripped of the data collection mechanisms so we can ease up on the myriad of customizations required to restrain this beast. [...]

Unfortunately, many governments are economically and/or politically blackmailed into accepting orders from 'outside'. As such, very few states would be able (and dare) to hold M$ to account.

 

Besides, I've recently seen a screenshot of the Win10 EULA that apparently expressly forbids US users from proceeding to class action suits, if I read it correctly. If so, this means they already knew what was going to happen and covered their rear in advance. They have an army of lawyers, we - the users - have nothing, not even rights. And realistically speaking, no choice either.

 

And speaking of being realistic, there is no way M$ would have simply made a mistake in releasing such monster. This was planned and approved by higher quarters. Such "mistakes" just don't happen. Eyes open, there's more to come - I can feel it.

[vinifera]

 

You can change your password if it's stolen. It's a little more difficult to change your fingerprint.

 

--JorgeA

 

go to nearest hospital, look into dump trash

find those white rubber gloves, reverse them, and voila

 

or even easier, go to nearest pub, order a simple soda

who ever brings it will leave fingerprints on it you just must look where it was holded

 

bring with you ordinary sticky (transparent) tape, the rest you should know

[Ridrok]

For me, I think MS can be attacked for Win 7 and Win8.1, since we did not accept any EULA about there patches that add the telemetry to these OS since 2015/04, and I did open a request to French CNIL about this.

[vinifera]

I stopped with updating, when last was without telemetry

and won't be updating anymore, by the expiration, better linuxes will come

[Tripredacus]

Besides, I've recently seen a screenshot of the Win10 EULA that apparently expressly forbids US users from proceeding to class action suits, if I read it correctly.

That type of clause is becoming the norm. The first time I heard about it was when Sony added it to one of the Playstation Network update EULAs, following that time PSN was down for almost a month.

http://kotaku.com/5840517/new-playstation-network-terms-of-service-include-a-no-suing-sony-clause

[NoelC]

For me, I think MS can be attacked for Win 7 and Win8.1, since we did not accept any EULA about there patches that add the telemetry to these OS since 2015/04, and I did open a request to French CNIL about this.

 

As far as I know, there's been a clause in there that says they're allowed to change the agreement at will.  I'm no lawyer, and I'm CERTAINLY not reading it again to see if it's really there, but I have a recollection that it basically says they're allowed to do whatever the hell they want.

 

But I agree - it's beyond the expectation of virtually all Win 7 users that Microsoft should drop-load junkware into our older installations via Windows Update.  Back when we all bought Windows 7 Windows Update was considered the way to fix bugs - that's all.  We wouldn't have accepted the quality of the OS without their promise to keep fixing bugs!  Now it's a malware foot in the door.  WAY different than original expectation.

 

What is the single biggest reason for taking in a Windows Update?  Because if one doesn't then the OS will likely be compromised by nefarious actors owing to security vulnerabilities that have been in there all along.

 

So on the one hand we have Windows Update to save our butts from Microsoft's errors, and on the other hand we have Windows Update to force us to swallow junkware we don't want.  It's like a freaking chess game where we're each just a lone King, systematically being boxed in for the Checkmate.

 

Someone recently posted this graphic, which is worth reposting:

 

 

-Noel

Edited October 2, 2015 by NoelC

[Drugwash]

I remember that quote/screenshot from a movie but can't remember its title. Not important, anyway.

Thing is, the winning move may be for some smart guys to start building Win9x drivers for all the recent hardware and then write light, open-source versions of the current bloatware applications. Because Linux is quickly going down the drain, in my opinion (after a few quick tests and failures). And I don't know of any other operating system capable to fully replace either Windows or Linux - OS X excluded.

Am I wrong?

[NoelC]

My opinion:  Unix and its derivatives (one of which is OS X) will persist.  Apple will continue to hold a minority market share, though will advance slowly.  Microsoft will recede, while Google - for some reason - will advance with products that are no better than any others and deliver just as much adware.

 

Those with skills seeking to do serious computing will struggle for a while but probably adopt a Unix derivative system in the end and be mostly irrelevant.  They'll deplete their retirement funds faster than usual and may end up destitute or wards of the state.

 

Those of us who still remember the legacy of  will just fade away

 

-Noel

[JorgeA]

For me, I think MS can be attacked for Win 7 and Win8.1, since we did not accept any EULA about there patches that add the telemetry to these OS since 2015/04, and I did open a request to French CNIL about this.

 

Please keep us posted on what happens with your request.

 

--JorgeA