Discussion in 'privacy problems' started by reasonablePrivacy, Oct 28, 2017.
Ditch Windows and use Linux. That's what I do now.
I have some programs that need Windows.
BTW I have ditched Gnu/Linux in favor of OpenBSD OS.
I had the same problem, I even had to reinstall Win 8.1 because of it. I get the impression that's there no way to stop M$ from phoning home in Win 10, at least not without breaking stuff. So that's why I'm sticking with Win 8.1. With a tool like WFC you can block all apps and system processes from connection out, except the ones that really need it to function like svchost.exe. That will block most of the phoning home.
LOL, good one.
Disabling Cortana and Windows defender shouldn't cause you issues, in my opinion, its better to do it yourself, and not use a program to do it. I disabled WD via registry and with Cortana, during first run of the laptop, setup gave me the choice to disable Cortana, and I took it. Its off. Even if I want to turn it back on, I cant via settings. There is no setting to do so.
Store. I am never going to use the Store or any Store app. All I do with the Store is update the apps, close the Store and ignore it. I uninstalled every app that came with an uninstaller but left the rest alone. I feel is healthier for the computer not to mess with the apps that don't have an uninstaller.
Windows error reporting. It doesn't bother me. Its probably a good thing as is supposed to report errors in programs to Microsoft. MS takes the feedback and sends your PC a fix. I dont see nothing wrong with that. Perhaps if your PC dont get the fixes, your PC with time gets more buggy and you blame it on MS but is actually your fault for disabling WER.
Windows has its uses, no doubt. There's no better spreadsheet than Excel, for example.
Just don't use it for anything that needs to be private.
Yes I agree. One day we may be able to trust the internet corporations again, but that day is a long way away, IMO.
Never. Pandora's box cannot & will not be closed. No matter what promises, assertions or proof is offered to the contrary.
These reports can contain sensitive information like emails, password or keys. And it is not working like that single report is going to make a difference. MS takes a feedback, but it have not so many resources to fix every bug reported by this method. No one has. They are only looking at most common bugs. Not to mention that a lot of this automatically generated reports can contain too few information to debug a problem (binaries released to market usually have compiler optimizations and stripped debug symbols for better performance and to make reverse engineering not so easy).
Totally forget to say that I also use Spybot Anti-Beacon, but it may be not enough on Win 10. At the moment Win Update and Win SmartScreen are both not working on my Win 8.1 machine, because of all of the blocking. But I'm not bothered with it.
I think the thing is, Who do you trust? Myself, I trust Microsoft so I feel comfortable using their product. If I didn't, I wouldn't use their systems. No ifs. At the same time, I am very very wary of the programs I install, extensions I use, addons, so I am reluctant to install just about anything. Basically, I get the new computer, install a few well known program that I used in my older computers, and then is set and forget for the lifetime of the computer.
People see things differently, for example, I read one guy here the other day say how much he distrusts MS but he uses torrents. To me, that doesnt make sense. Or guys using 30 extensions, worry about MS but not about the possibility that one of their extensions is malware that can hijack the browser and use it to steal sensitive information, passwords, and send it home.
I disable most settings that have to do with privacy via Settings But I feel MS having access to the computer is probably a good thing. They know what you have installed and what you are missing. This is good information for them to have so when is time to update, they only deliver the updates you dont have. I think is healthier for the PC for them to have access. If you fight them, you will have problems, that's my view. I changed a few things from how I used to handle things in XP and W7. Like Windows updates, when I got my W10, I was thinking of disabling Windows updates in Services. But I realized that would probably be a disaster and in the end decided not do it and play along. And playing along I am. When Fall Creators Update came out, I didnt get it via Windows update, If my thinking was still like in the past, that would have been a blessing as I would have chosen to wait a couple of months before updating. But no, I changed, and forced the update the day FCU came out. I am happy I been able to use W10 in a way in which I am comfortable and is not hurting the system. You can say I found a balance.
Right. There's no one threat model. For you, Microsoft isn't a likely adversary. Others worry that it is.
I am also concerned about programs, addons I install.
Actually if you are sending error reports, they are likely to be intercepted by NSA. This was stated directly in documents leaked by Snowden. So even if you trust Microsoft, there are third-parties whose you don't trust.
I also think that it is more complicated. Even if I trust Microsoft as a whole company (because compromising security is against their interest, because it may broke their reputation), they still can be a few rotten apples (employees) in this company, whose can use information you provided against you.
IMO local process of Windows updater has every piece of information to make decision what should be installed. There is no need to send this information to Microsoft. At least until some error is encountered, but even there is a little chance your report would be read by some specialist, which would fix the bug. I doubt Microsoft have resources to personalize providing updates and making fixes to this level.
@bo elam - I know you subscribe to the "trust no program" mantra. It seems to me that pretty much all programs (including operating systems) have to be at best partially trusted, because, after all, most breaches are human oriented. So multi-layer compartmentalisation whether through Sandboxie, Firejail, RBAC, or virtual machine technology makes sense. I'd agree with your scepticism regarding too-many-add-on syndrome, because it's very hard to keep an eye on all of them.
There is nothing to stop running Windows 10 perfectly happily in a virtual machine with no network adaptors, and with no privileged access to your complete filesystem, so no worries about exfiltration. Of course, there are occasional VM breaches, but nothing like the rate of operating system defects and potential privacy exposures.
I have resource hungry apps and processor without VT-x. It makes performance degraded a lot.
Yep. Yet these days, costs of ram and cores and ssd are more reasonable than they used to be. I've found the biggest issue is the common 8G limit on many laptops.
That is what you call bloat. Can you imagine telling people 10 years ago you need 8GB RAM? Never mind saying that is not enough.
They would have laughed, but do we really use computers for anything more complex than we did ten years ago?
I trust the NSA, to me they are the good guys. Snowden is a bad boy, that's my opinion.
By the way, all telephone conversations, email communications, text, and instant messages you take part of, are being tracked, recorded and intercepted. Thats known before Snowden went rogue. So, what are you going to do? Stop using the phone or sending mails?
Yes For anything that could cause problems.
Yes, programs you install in your computers are programs you trust (the installer runs trusted). I try to minimize the amount of programs, addons, etc that run trusted in my computers. I feel the lesser amounts of programs I install, use or test, the safer I am.
Right this moment, I am using 3 extensions in Firefox with no plugins. By the time Firefox 57 comes around, it ll be down to two, perhaps I ll get it down to one. If I was using 30 extensions, I would feel more insecure than how most of the people here feel about the NSA examining and sorting data. All programs I installed in my new computer were installed during the first 2/3 days I had the laptop, that's security. Again, if I was installing uninstalling programs left and right or testing a new program every few days, same here, that would make me feel insecure instead of secure as I feel now.
I think the Sandboxie motto/slogan (Trust no programs) means different things to different people. Tzuk never said what he meant exactly with it but this is what it means to me. It means running all programs and files in your computer untrusted/sandboxed during their lifetime in the PC is the way to do it. If you do that, then the only times you ll be unsafe is when you install new programs or update your programs. That lowers the risks considerably.
Yes, the surveillance is on for detecting plans to do harm, damage (or problems, as you called them).
I don't trust that many organisations as you do.
The problem with NSA being the good guys is that a) you are still prone to false-positives and the toxic effects of mistakes in databases - this has real-world consequences, sometimes very bad and b) they have been so busy spreading their "collection" with a huge number of other organisations and people, it cannot possibly be kept safe, nor is it restricted in purpose, and c) they have genuinely over-reached with the mass surveillance. Sorry but that's the bottom line. A major driver for the end-to-end encryption, especially for pesky non-US citizens who have no rights whatsoever according to the US IC, is simply the mass surveillance. This seems quite a rational response to me.
Hi deBoetie, that's your bottom line, not mine. In a perfect world, I am all for the individual and nothing for the state but right now, we are living in an age were people harm others while praying to god. This people are attacking our freedom, my freedom. They want you to think when you travel, they want you to think when you go to a concert, they want you to think when you go watch a football game, etc. We have to deal with that, and I ask, what are we going to do about? Nothing? In my personal case, I am willing to give up some of my personal freedoms in order to be safer more secure when my family or I travel or go anywhere and wherever we want to go. Either way, with or without NSA doing their work, we are losing freedom. But at least someone is doing something about. I said this here before and I tell it to you now, as far as I am concerned, the NSA works for me. I want people doing the work they do as I see it as necessary..
No it is not obvious. The question was, again "What should I do before connecting win 10 to the internet"
FB is an afterthought.
Well as this is a discussion forum you might expect that some people will respond directly to the OP, while others comment on things people said in response to the OP.
I think the post in question was type 2.
Separate names with a comma.