Yes totally agree. I've read that there are now more options in the latest Win 10 version, but it's not clear to me if that will block all of the tracking.
EULAs have no legal meaning in Europe as they are shown to you after you payed for the product and those are null and void. So MS has no right to spy on their EU users no mater what they have put in the EULA. https://de.wikipedia.org/wiki/Endbenutzer-Lizenzvertrag Just not connect your PC to the internet until you finished the setup and the disabling of all that spying telemetry stuff. Sometimes, most of the times, privacy is more important than security.
1) MS EULA is already available before you can buy the product. This is available here. 2) Not connecting to the internet and trying to 'fix' the telemetry topic is maybe not even possible if MS hardcoded some stuff, so it would bypass your 'tweak'/'firewall' anyway. 3) I doubt this, there is no privacy without any security. Security starts with knowledge. The only big con I see is that MS should be more transparency but they working on it. Of course conspiracy people saying that they are forced or implementing backdoors but there isn't really any prove since no one ever found any backdoor or things which really comprises you (except metadata collection). Even Linux has telemetry (also enabled by default) it's legit technique to collect data to improve the product and as long it not hurts someone it's okay when there are controls given.
Maybe install Ubuntu and check yourself. Closed or open source also has nothing much to do when it comes to telemetry.
I laugh a those privacy paranoids , they just hamper their life for nothing... you can't "manage" your privacy...since you connect to internet, your privacy is gone. Whatever the OS, whatever the website, whatever counter-measures you deploy. You want be sure your OS keep your privacy intact? make your own. Telemetry is needed, with telemetry some infos about you are disclosed , does those infos hurts you in real life, mostly not...
Exactly @guest . Telemetry is a legit technique to obtain data to help e.g. to fix the software/drivers otherwise everyone would need to do it manually with a chart and no one does this, even 95% of all MS beta testers never submitting anything manually so how MS should find or work with this, if no one provide necessary informations? As said the only thing I can complain about is that a) the data should not be sold by MS/Google/.. b) deleted after xyz days and c) there should be control so that there are toggles given (Ms already changed that with RS2). Again telemetry isn't spying (as long you get control over it and you're real data aren't included like IP/Name or something which really could compromise you). On entire internet no one ever did DPI to show and check against 'ms words' that they really spy .. and as long no one decrypt it it's all BS. In cryptography and OS related topics this never ends up good, touching known secure stuff is a no go if you aren't an expert and even then it's critical. I not even want it, all I want is control. Like most users I think.
The availability does not mater if it is not shown to you by your merchant before you pay for the product its null and void, you are not obliged to have to find it on your own. a legit technique that might be, but it should never not be compulsory! Only if you can completely disable it.
No proof for that, also it's not possible to handle the EULA (without a link...) to you before you buy the product. I'm sure it isn't null and void, otherwise someone had already mentioned this and MS would be forced to changed this. It's not only 'new' with Windows 8 or 10. The thing is you also can say 'no' by not clicking 'accept' and send the product back or re-sale it. Software products have special rules because of mentioned reason. From wikipedia: Then they even mention this case. Germany isn't different here. I only see all over the place on entire internet BS which says spying without any wireshark proof. Cause no one can since the data is encrypted. Saying spying is compulsory. Otherwise you need to say entire protocols are spying because they also leak http-header, that's by design - and MS decided to include it to improve the product - that's by their design. As said Linux has this too. I think everyone made his statement now.
Yes it is just read the google translate of the german wiki page on that subject. For a EULA to be binding in the german speaking realm you have to read it before paying, otherwise its not worth even the the bytes its stored on. The proof is windows communicating with M$ servers against the users wishes at all, the content of that communication is not relevant, the mear fact of unwanted communication with M$ is already the breach of trust. When the user disables the windows update service, windows should not send any communication to Microsoft at all if the user chooses so. Periode. That is a BS argument, the MS way of "by design" is like when the http protocol would mandate all headers to be send to a third party server. or put it differently failing to protect your privacy due to negligence (http) is an entirely different can of worms than compromising your privacy on purpose (telemetry). Irrelevant! Linux is open-source and everyone who does not want that can remove it entirely, you can't do that under windows now can you. And even if you manage to delete all the relevant files etc without bricking your system in the process, it will be back after the next compulsory update.
Windows not gets installed before you not read(accept) the eula, so your argument is not understandable. You can accept or not accept it, BEFORE you install or format something. The files for setup are read by setup on the dvd/usb stick. The tmp dir gets removed if you stop the setup. I don't understand what should be wrong with it. My last words on the eula. 'Wishes' yes. But it's their product not yours. As said as long toggles are included they could implement whatever they want (imho). As said MS already changed a lot since first Windows 10 release with RS 2 you can opt-out everything except basic telemetry. On LTSB it not even uses basic. Every AV on earth does the same, communicating with a cloud it collects more in fact since it also submits all your file checksums I doubt MS does the same, WD (which can be disabled) only submit e.g. the samples or unknown things (like every other AV too). Windows Update service is update service. Maybe you should re-read my mentioned links, some connections are for security reasons like certificate checks .. disabling it even lowers your security but that's the thing someone writes BS on the net and everyone believes that (fake news). They can code their OS how they want, same like http protocol it's up to you if you agree or not. If the OS leaks data (security risk) it's totally comparable, now show me how meta-data (which MS collects) now compromise me. Should I give you my unique machine ID windows set after each new installation? - You can't do anything with that.... Same like https headers .. but it plays another role when we talk about spying or possible holes, the fact that MS already provided documents what they collect shows I'm right, useless things. When you activate your windows it collects a lot of more private things (and this since the beginning) and no one cried and now the 'I hate MS' train is here and everyone post anything without any proof. It's not relevant, do you audit every software and every connection? Good luck wasting your time with this + not everyone is skilled enough to understand this. You not need to remove anything, when there is a toggle (as mentioned). Open source is not better as proven several times (OpenSSL, TrueCrypt, Android,...) . Because just because there is a source not means lot of user have the skills to do an audit which would be necessary to fulfill your argument. Even I can't understand VeraCrypt sourcer to come to an conclusion if it's secure or not it requires an entire team to do such serious conclusions. You can, check their documentation against wireshark/Burp and then you can compare and come to an conclusion. Same like on Linux.
Exactly and MS doesn't force you to use Win10 , don't like it , don't use it. simple as that. Some governments tried to get away from Windows because they listened the same BS "spying" argument , after they realized the mistake, they came back to MS asap... Why most of the biggest companies and government agencies are upgrading to Win10? because it is efficient and better in term of security, and believe me they have far more secret to hide than you. Exact. i agree, as if telemetry will upload your secret docs or hot pictures of your girlfriend and put them all over the net...come on , come back to reality... Privacy Paranoids are funny , they bash MS' telemetry while they use social networks, android, google, do online banking, send forms to their administration online, send emails, etc...while all this captured by cookies and co... Some sites can even know what portion of the page you are reading by tracking your mouse via specialized tools and you worry about MS telemetry , gimme a break...
What is wrong with that? That you already payed for the product in the store and all conditions demanded after the perches was completed are null and void as they were not part of the Purchase contract. As simple as that. But they have a huge monopoly so they should NOT be free in designing their product as they see fit. How about ClamAV? Great so now the Government knows what manifestos I was reading recently, don't you see any danger in that. ~ Removed Off Topic Political Remarks ~ And it should be up to the user if he wants certificate checks or not. For the average jo having his certificates checked and all his file checksums Submited to the government might be beneficial, but what about all the dissidents around the world? First can you show that they really only collect metadata? Oh right you can't as windows is closed source. ~ Removed Off Topic Political Remarks ~ Because that was technically optional, you could get a VL key (win xp) or a KMS activator tool (win 7, 8 and even 10) and don't go through any activation process that would require your PC to talk to M$. And yes I know the legality of such methods may be questionable but it was a working method to defend your privacy in the past. In fact in the past people were complaining much more about the online activation than they are complaining today about all the telemetry crap.
I'm not using Facebook or alike and my android is self compiled without any google apps on it. But I can't self compile windows that is the problem. And On Linux many of the software I require for my job simply does not run.
OK, Ubuntu. But at least with Ubuntu, there's a simple control panel, where you can turn off telemetry. I normally use Debian, and I've never seen any complaints about telemetry.
@mirimir @DavidXanatos that is for you. https://www.androidheadlines.com/2017/04/john-mcafee-making-super-secure-phone.html
Stop saying null and void - you're wrong that's all here. If it would be null and void 20 years ago someone already had complained. END Never used or tried it, does it have a cloud reputation database like kaspersky? If not you argument is null and void No, it shouldn't every browser act the same. It lowers the security if you disable it and most people wouldn't understand it at all - same like you I think. You can reverse engineer it, it's more effort but possible, same goes with encrypted connections it's more effort. I as security expert never found anything. If you not believe check my GitHub gists (no direct link sorry I have to many gists and GitHub now allows forking your own gists). KMS is also legit how else you activate 1000 PC's? No telemetry is what people complain about not KMS, first time I hear this (from you). You don't get it, telemetry isn't evil and as long we take control over it there is no point in complaining about that. AGAIN RS2 changed a lot there is an opt-out for everything now EXCEPT basic telemetry and MS explained that this is for security and improvement. As my link showed it's meta data. I prefer submitting it instead of complaining afterwards why yet another KB makes troubles. If it really helps, but I'm unsure about this. Sorry to say but most what I read is wrong, or you not give any solutions to solve your complains. This is useless to talk about without showing how MS should solve this. Some connections are necessary as I explained it - others are optional and some should be (as I suggested) maybe changed but since Windows is 'as service' we can expect a lot of changes anyway in next builds. When it comes to this topic non experts talking without any proof or false proof since they not understand what they talking about. This is a serious topic and it should be analysed seriously so pls before you come up with something check your sources and do some research. Most people here in the forum relay their security setup only on external software/AV but complaining about MS sending things back .. ridiculous (imho). MS now changed their security to improve the product and fix known stuff and it's still not good enough. If you want security you need some connections for NTP, Cerificate checks and other things. I hope people understand this (one day).
Well, I am not wrong and I have sources to support that: https://de.wikipedia.org/wiki/Endbenutzer-Lizenzvertrag here the surprisingly good google translate of it: "In Germany, EULA are only part of the standard software if they have been agreed between the seller and the purchaser of the software at the time of purchase. This presupposes the possibility of acquiring knowledge when the contract is concluded. Licenses made accessible to the purchaser after the purchase (eg during the installation or as a printed insert in the packaging) are ineffective for the buyer. This is also the case when the buyer clicks "I agree to the license agreement" or the like, otherwise the software will refuse the installation. [1] [2]" "are ineffective for the buyer" to me that is pretty the same as null and void. another source even in English: https://en.wikipedia.org/wiki/PearC EDIT: You are from Swiss don't you read German? No it just uses a local signature database etc, it does not send confidential informations about the files you open to anyone. You got me wrong here! I'm not complaining about KMS, I'm just saying that people who want their windows 7+ activated without their PC talking to M$ can use tools like KMSPico to do so. Its not legal but it ensures your windows gets activated without ever once talking to M$. Right, but taking control for some means being able to disablie it entirely. That's all I'm saying should be possible, add a switch disable all telemetry including the security related one. And it should not be up to Microsoft to decide if the PC should send any telemetry at all it should be up to the user. "without showing how MS should solve": They should add two switches 1. disable all telemetry and diagnostic data 2. disable all communication with Microsoft servers (except windows updates) and if someone does not like windows update if he flicks switch nr 2 and sets the update service to disabled than the PC should not longer contact any M$ servers at all. Here a suggestion how M$ should solve that. "Some connections are necessary": no they are not, they are useful in certain scenarios, detrimental in others and it should be up to the user to decide if he wants to allow them or not. Sorry, what wrong things have I claimed? I don't think its ridiculous, do you always want to relay on your pi hole to black hole all the traffic your PC is trying to send to M$, what about laptops and tablets. You cant use the build in wifi without going through a portable pi hole, etc.... and if M$ adds a new telemetry server pi hole will fail anyway. Look your threat scenarios of cause depend on many factors. For me its merely a matter of principle, one I held high since the first time I made ma first dial up connection in the last Millennium. But for others this may be a matter of even as much as life and death. Look here M$ has a special Win 10 version for china: https://translate.google.com/translate?sl=de&tl=en&js=y&prev=_t&hl=de&ie=UTF-8&u=https://www.heise.de/newsticker/meldung/Spezialversion-von-Windows-10-fuer-die-chinesische-Regierung-kommt-voran-3155763.html&edit-text= "The focus of the special issue is less on consumer-oriented apps and services than on control functions for the management and security of the proprietary software. Product activation, updates and support should be controlled locally from China and not from Redmond." Isn't that just great! A totalitarian government which does not care much for the lives of their opposition possibly getting checksums of all files all Chinese win 10 users open. I say possibly its just a thing to be afraid of, no prove yet that this happened, but the point is it could happen. And people to whom the government knowing as little as only the checksums of the files on their PC may lead to enhanced interrogation or death, should have a switch to turn all that great security features of. As simple as that. And please keep in mind I am not saying that M$ is already spying or sharing checksums with the NSA I am only saying they could if they would want to, or be forced to. And imho the risk of them getting forced to is to damn high to let them have this power. As simple as that. I want more privacy then security. I personally don't want any security that can only be obtained at the cost of my privacy. IMHO the worst case in the situation of a breach of once security is his privacy being violated. So obtaining security at the cost of privacy is like paying your bodyguard in hmmm... physical favours *if you know what i mean* in order to protect you from being raped. Somewhat counterproductive if you ask me.
ClamAV isn't a reference...worst engine ever...i rather give up some telemetry than use it. So the argument is null. if you use illegal methods , so you must accept that others to do the same. Their OS , their rules, you don't like it, go use something else; you can't? live with it. Simple as that. Business is business. 99% of them do it because they use pirated Windows via KMS. those people are accomplice of the huge malware spreading born from WinXP/7. That is why MS forced Windows Updates in Win10 Home versions; because those people get botnet-ized by vulnerabilities that shouldn't be present if they patched their OS as everybody else. There is better ways for gov agencies to invade your privacy than "spying" via the OS... You never had it and you will never have it , it is way too late; your rhetoric should have been applied 40-50 years ago when there was no computer to centralize citizen's datas. In our modern society , your privacy is invaded even before you are born. Mass surveillance is applied everywhere , you can't change anything unless you explode EMPs all over the globe and destroy all servers farms, and even that may won't be enough.
Dear guest, Forgive me to put things in some historical perspective ..... I'm trying, but it is so difficult ..... "40-50 years ago" ; "centralized citizen's datas" I'm from a country where more than 70 years ago citizen's datas were centralized. That, and other reasons, has lead to mass murder on more than 100.000 citizins. Resitancefighters have given their life to try to destroy "centralized citizen's datas". One has to understand why some people are so afraid of "centralized citizen's datas" Peace
I don't follow that logic. That is like saying if you are a criminal its ok for the state to break its own laws to catch you. And that is not how the world works. Now M$ is not the state, but they are a big company so even if some of their users may break the law it does not allow them to break the law as well. As I said earlier, a monopolist should not be free to design his product as he sees fit. Simple as that. You know that with your windows activated using KMSPico you can use windows updates normally and there is currently no reason to disable updates if you have a pirated version of windows. And of cause if you are going for a KMS activated windows you are going for a enterprise edition that has the most flexibility with regard to not installing updates swiftly. Yes definitely, but should that mean that we should make it easier for them to do "spying" via the OS? ********. Its like saying only because the doctors have a picture of you naked after birth its now fine to run around naked all day everywhere. The state collecting some data about you is bad sure I admit that. But don't you thin that your PC may contain more personal stuff that currently the state is collecting on you? I think it does. I think its like the difference between someone touching your butt and raping you, booth is sexual assault but really if you become the victim of the lather you wished you'd only have fallen victim to the former. So what the state spies on you that is not good but does that mean that you should stop protecting your privacy all together? Its like saying oh I was robbed once, now I don't even close my door when going out what's the point? Its idiotic that's what it is.
i don't question the morality of this, i just say that now you can't eradicate the system, it is too ingrained. 70 years ago, you could burn the documents; now, all is backed up 100 times. You are such a naive...laws are made to control the masses while those in the real spheres of power are not bind by it; the ones that makes the laws are the first to break it when they feel the need to...and they make sure to be covered. Not their fault if the MS marketing team was efficient and other OSes were crap and couldn't rivals MS so most companies selected Windows. I'm sure you never created a product or own a business; because if you did , you would be "annoyed" that an handful of people tell you how should be your product/company especially if most of your customers are happy with what you do. i know it , but most of those using it are scared and disable updates in fear that they may be traced or an update kills the activator. no, what you are doing in this whole debate is shouting to your neighbor how bad was the thief...pointless...you just made a spectacle of yourself and afford nothing to the community...
