back to article Microsoft backports data slurp to Windows 7 and 8 via patches

We recently mused, half seriously, whether the entire point of the Windows 10 upgrade was to harvest your personal information. With Microsoft suffering from a serious case of Google envy, perhaps it felt it had some catching up to do. Now Microsoft is revamping the user-tracking tools in Windows 7 and 8 to harvest more data, …

  1. Andy Non Silver badge
    Big Brother

    MicroNSAoft.

    So not content with shooting themselves in the foot with the Windows 10 rape of user information; now they've aimed the second barrel at their other foot. Thanks for all the fish and goodbye. I want nothing more to do with your operating systems or other products.

    1. Anonymous Coward
      Anonymous Coward

      Re: MicroNSAoft.

      Or

      MicroNShAft

    2. P. Lee

      Re: MicroNSAoft.

      Nice if you have the option of Linux, but if you don't, ms has just removed one obstacle to upgrading - what you already have is better.

    3. foliovision
      Big Brother

      Re: MicroNSAoft.

      I was thinking we could still use Windows 7 at work. Apparently not. A pity I have some licenses.

      The Windows machines will now be put fully out of commission for testing only and on their own private network. Needless to say more won't be bought (neither Windows computers not OS).

  2. Electron Shepherd

    Disable CEIP?

    CEIP can be disabled in the Windows Control Panel. Do these updates still send data in that case?

    "The notes explain that diagnostic telemetry data is sent to settings-win.data.microsoft.com. Privacy advocates note that this is hard-coded, so blocking access via the hosts doesn't work."

    Not sure I follow that. Hard-coded where? Why does hard-coding a DNS name prevent the TCP stack from using the hosts file entries as part of its name resolution process?

    1. Ian Chard

      Re: Disable CEIP?

      I have CEIP switched off, but I can see my laptop still trying to resolve settings-win.data.microsoft.com and vortex-win.data.microsoft.com. I have them in an RPZ on my local resolver so it always gets NXDOMAIN. Haven't tried with the hosts file -- was worried that a future update could just revert my change.

    2. Frumious Bandersnatch

      Re: Disable CEIP?

      Why does hard-coding a DNS name prevent the TCP stack from using the hosts file entries as part of its name resolution process?

      You need to stay in more often.

      If all you have is an IP address, hosts is bypassed. If you have a fully-qualified (or partially qualified) domain name like microsoft.com or localhost, then hosts.txt or the DNS server is involved in the translation into an actual IP address.

      Apparently what the quote in the OP above means is that the FQDN "settings-win.data.microsoft.com" bypasses both hosts and DNS-based name resolution.

      That being the case, the only way to squelch the traffic is to add custom routing rules (probably at the router rather than the PC, just to be sure) for any/all IP addressed associated with that address. With the way things are going, we'll probably also find that there's a custom MS DNS server involved as well whose sole purpose is to resolve that address, so that will probably need to be blackholed too

      How did things get to this stage so soon?

      1. TheVogon

        Re: Disable CEIP?

        "That being the case, the only way to squelch the traffic is to add custom routing rules (probably at the router rather than the PC, just to be sure) for any/all IP addressed associated with that address."

        Or just create a firewall rule on the PC.

        1. Kiwi

          Re: Disable CEIP?

          "That being the case, the only way to squelch the traffic is to add custom routing rules (probably at the router rather than the PC, just to be sure) for any/all IP addressed associated with that address."

          Or just create a firewall rule on the PC.

          I think the reason he suggested "probably at the router rather than the PC, just to be sure" is that MS have, especially in this case (in fact this case alone would be enough) proven themselves not only to not be trustworthy with any data, but also to go to some lengths to bypass security or privacy measures people might actually try to put in place just to prevent this sort of rubbish.

          1. elDog

            Re: Disable CEIP?

            Shirley, you're not suggesting the even MS would stoop so low as to add special rules to its firewall?

            <snark>Since M$s code is open source we can all verify what it is doing.</snark>

            1. Kiwi

              Re: Disable CEIP?

              Shirley, you're not suggesting the even MS would stoop so low as to add special rules to its firewall?

              No, I would never suggest such a thing as them making special rules for their firewakks.

              Making things that bypass any firewall completely OTOH...

      2. foliovision
        Big Brother

        Re: Disable CEIP?

        I think the secret is they've (government agencies and colluding companies, i.e. Microsoft) have been at it a long time. The race is on to total slavery.

        If you wouldn't want to see it in your daily newspaper don't put it online (or even type it into an Internet capable computer).

  3. Steve Davies 3 Silver badge

    And Server 2012 as well

    These patches (according to an article on Forbes.com) also apply to Server installations as well.

    I can't help wonder if a few security people should start asking MS really probing questions about what is actually sent back to the Redmond mothership. If there is the slightest risk of any identifiable data being sucked away from a sever then MS are (IMHO) gonna get into some sticky waters with the regulators.

    As for bypassing the hosts file... this is just nasty.

    that URL resolves to

    C:\Users\numpty>nslookup settings-win.data.microsoft.com

    ...

    Non-authoritative answer:

    Name: onesettings-db5.metron.live.com.nsatc.net

    Address: 191.232.139.253

    Aliases: settings-win.data.microsoft.com

    settings.data.glbdns2.microsoft.com

    C:\Users\numpty>

    1. Anonymous Coward
      Anonymous Coward

      Re: And Server 2012 as well

      I can't help wonder if a few security people should start asking MS really probing questions about what is actually sent back to the Redmond mothership.

      They say no identifying data, but they then mention they take snapshots of RAM.

      Just how do they propose to identify what is "identifying" and what isn't? What happens if the RAM snapshot was of the web browser's RAM just as you were filling out an order form on an online shop?

      They going to find your address in there and scrub it out? I think not.

  4. Bob Vistakin
    Facepalm

    Fucking Hypocrites

    Scroogled

  5. Anonymous Coward
    Anonymous Coward

    Linux for me now

    Enough of this shit.

    1. DainB Bronze badge

      Re: Linux for me now

      So you rather be using SE Linux that was added to Linux kernel by NSA ?

      Wise move.

      1. h4rm0ny

        Re: Linux for me now

        I can, if I wish, not use SELinux, unlike with Windows 10 where it will continue to keystroke monitor even if I have that turned off or potentially even send memory dumps to Microsoft. Anyway, the "NSA effect" of SELinux was more political than anything. It stymied some development of better security approaches but with the latest point release we seem to be breaking away from that,

        Anyway, I'm not someone discovering GNU/Linux as a result of this, I'm someone going back to it. I've out off Windows 10 because of privacy concerns and out of distaste at the way they have tried to force me into it with deeply irritating and very hard to remove ads inserted without my permission into my Windows 8 Pro install. If they backport things I'm not happy with into Windows 8, changing what I regard as the terms of the arrangement I'll go back to Gentoo, or try Mint that everyone's talking about. I still have all the skills, they're just dusty. I transitioned from GNU/Linux at somepoint around Windows 7 when it turned out to be actually good and I've defended MS on these forums many times against their less rational critics. But if MS are now telling me that my money isn't good enough for them and they demand my data too, then they lose my support.

        And this isn't some irrational jump - the number of things I have to do to preserve my personal and professional privacy from them is getting longer and longer. I don't have time for that and if MS's business interests are now no longer "Please me to get my money" but rather "Find ways to get her data", then I don't trust it to be a fight I can win. They can just keep making it harder and harder to stop them until one slip and there it all goes. What it comes down to is that MS are telling me their aims no longer coincide with my own.

        And as someone who prefers to pay for things with money, I'm starting to get quite angry about that.

        1. Anonymous Coward
          Facepalm

          Re: Linux for me now

          "I'm someone going back to it."

          As am I.

          Any recent Ubuntu or Mint will do fine. I find some of the desktop discussions noisy as I can work with most and changing is not that onerous so it's like complaining about the desktop image, just change it!

          I might use Ubuntu just because of the distro's used in the last few years it has probably given me the least issues for time used. Even when I hit an issue I can be pretty sure there will already be a specific solution out there for a two minute search. Sometimes Linux users seem to take pride in rolling their own version of everything and resist any external help, well done you, I'm either too thick to do that or wish to spend my time other ways.

          At work I am considering white-listing the windows boxes and giving users something else for web browsing, this is an intrusion too far and I genuinely think it is not legal in this land.

          There is always a certain amount of hyperbole around MS but this time they seem to be trying to alienate the very users who have previously championed their cause.

          1. GrumpyOldMan

            Re: Linux for me now

            I'm now going back after some years of absence too. As a contractor I need Windies at work so my laptop runs W7 Pro, but it also runs VMware Workstation with a full virty lab several and Linux vms. I come from a Solaris/HPUX background, bit of SCO (remember them?) and was always a SUSE user. I used Ubuntu until Unity came out but as well as being the interface I didn't like, what REALLY p'd me off was adding the web and Amazon to the default searches.

  6. EddieD

    No block through windows

    But you can on your router?

    1. EddieD

      Re: No block through windows

      I blocked these addresses on my router.

      Now, no Bing websites will resolve directly, but they will via the Tor browser.

      Go figure, as they say.

    2. EddieD

      Re: No block through windows

      Since I can't edit a post to this topic, I'll have to make another reply.

      After blocking the two addresses on my router, I'm denied access to just about all microsoft services - bing, bing maps (which really hurts as they have the Ordnance map), Outlook.com, microsoft translate and so on - I don't use Xbox services, but I would think that they would be kaput too.

      All work fine if I use Tor.

      Basically what seems to have happened is "if you don't allow us to hoover your data, whether or not you have consented, adios". I'll be interested to see if my Windows install and office fall out of registration.

      I think a mail to the Information comissioner would be in order

      1. Charles 9

        Re: No block through windows

        It's pretty simple, really, and one I'm not too surprised to see:

        The IP address 64.4.54.253 resolves to a pretty generic Microsoft domain (ns2.msft.net), which means it's probably used for a variety for its services.

        Basically, this means you can't block it outside your PC without collateral damage. I wouldn't be too surprised if it's also the Windows Update IP, meaning security updates would get blocked, too.

      2. Fred Dibnah

        Re: No block through windows

        "....bing maps (which really hurts as they have the Ordnance map)...."

        Try Streetmap, as they also have OS mapping.

  7. a_mu

    data security /

    How does this sit with the data regulation in the UK ?

    I'd have to sign all sorts of stuff that if I kept data on people, I protect it.

    As microsoft are in control of what data they grab, can I say I'd be in control of how personal data is used ?

  8. Michael Habel

    So much for quitely waiting till 2020...

    Looks like a migration back to Mint... And Virtualbox may well, and turly now be in order. If I wanted to have been spyed on I'd have been running Windows 10.

    1. Salts

      Re: So much for quitely waiting till 2020...

      Yep, I was hoping win 7 would get me through to 2020, but enough is enough, I love all this "well you can disable by doing xyz" but that's this week, next week you have to jump through more hoops, who wants to do that shit once a week.

  9. Mage Silver badge
    Devil

    Data Protection Laws

    Which are not just an EU thing. Countries as diverse as Switzerland, Germany, China and Russia are concerned by Google, Facebook and now Window 10 / Microsoft.

    1. Anonymous Coward
      Anonymous Coward

      Re: Data Protection Laws

      Ah but you see, once the scandalous free trade agreement is sealed quietly behind all of our backs, the European data protection laws as you know them will begin to be watered down to suit the whims of the American corporates who want a piece of the action in these parts.

      http://www.huffingtonpost.com/mary-bottari/us-eu-trade-negotiations_b_4251035.html

      1. Rich 11

        Re: Data Protection Laws

        Perhaps we need to be telling MPs / MEPs that data on their porn-surfing and duckhouse-purchasing habits are at risk of being collected by Microsoft.

  10. Anonymous Coward
    Anonymous Coward

    Details?

    Is there anything listing examples of what's being reported back in the "telemetry"?

    At one extreme, reporting anonymised statistics of internal service failures is possibly OK, at the other, sending keystroke info (Win10 betas were rumoured to do this) is not.

    1. Anonymous Coward
      Anonymous Coward

      Re: Details?

      I think Microsoft classifies telemetry as anything stored under C:\ or stored on any drives listed by 'net use'.

    2. Gnosis_Carmot

      Re: Details?

      Here's a good write-up

      http://winaero.com/blog/how-to-disable-telemetry-and-data-collection-in-windows-10/

  11. Anonymous Coward
    Anonymous Coward

    Blocked them all long ago... both on my personal devices and on work WSUS. I have the "bad habit" of reading what patches do before installing them - that's why now MS won't tell you what patches are for...

    But it's a very nasty turn by MS - and other companies are following, for example Embarcadero offers its own "telemetry" cloud service (AppAnalytics) for applications written with C++ Builder and Delphi, and I'm not sure applications has to offer the option to disable. it (although AFAIK a warning is displayed the first time you use it).

    What is really worse, is also that data are sent not only to the company you bought the product from - which is enough bad already - it's sent to a 3rd party in a foreign country with no obligations towards you and whose security you can't control. Sure, data are "anonymized" - which may mean nothing, depending on what data are collected.

    IMHO, this kind of behaviour should be forbidden, and that enforced by law. Who needs Hacking Team when the whole OS and most applications are spyware on their own?

  12. Only me!
    Devil

    Honest

    How is a criminal going to stay in business? The police just ask MS, Google, Facebook et al for the info and show it in court? (Of course they will need a court order to first ask)

    Then again, it could be a cost saving exercise for police forces as they will only need half the number of coppers.

    Just thought.....has any considered the human rights of the terrorist in this?

    More to the point, has any considered my human rights to privacy?

  13. Chris G

    MS/NSA

    Has there been a merger I'm unaware of? I know MS was probably the first accused of providing a back door, now they give the impression of working together.

    Given the prospective lives of 7 and 8 and the fact that take up of Win10 is less than they had hoped so far, I had wondered if there could be some slrpy updating. The next worry is that if these current updates are removable then the next round of slurpery will be incorporated into something harder to remove and more necessary to the OS actually operating.

    When or if that happens: Hello Apple/Linux etc.

  14. Dan 55 Silver badge
    Black Helicopters

    You've been Scroogled

    Windows 10 update roll-out not going quite as planned due to people being put off by data harvesting, phase two of data harvesting underway...

  15. elDog

    Excellent article in ghacks about ridding oneself of Microsoft's spyware

    Repeating: http://www.ghacks.net/2015/08/28/microsoft-intensifies-data-collection-on-windows-7-and-8-systems/

    Also the comments on ghacks mention a batch file to do the cleanup: https://github.com/WindowsLies/BlockWindows

    Ahhh. Linux.

    1. Clod

      Re: Excellent article in ghacks about ridding oneself of Microsoft's spyware

      Linked Wordpress: https://blockwindows.wordpress.com/

  16. Anonymous Coward
    Anonymous Coward

    "Privacy advocates note that this is hard-coded, so blocking access via the hosts doesn't work."

    Dunno how that works... Hosts file works closer to the network layer. How/where the domain is coded/configured shouldn't prevent the function of the hosts file?

    Though I'm sure there are ways to get around that... Though if MS is going through all that trouble... It must mean people are using hosts files a lot, and they REALLY want those 'anonymous metrics'...

    1. Charles 9

      Probably hard-coded into the kernel, which is of course below the network driver which is below the TCP/IP stack. Thus why you have to block it outside the PC, thus why they use the same IP as assorted other services, thus why you can't block it without collateral damage, thus why serious gamers are pretty much stuck since there's no real alternative to Windows there.

      1. Sotorro
        Happy

        Re: Charles 9

        You mean you have not discovered yet that 20% of all Steam games have Linux support ?

        I'm currently counting 2800 games with Linux support on Steam !

        And that many games run fine in Linux with Wine ?

        Simply stop buying any game that has no Linux support, and before you know it, you no longer care about Windows.

        1. Charles 9

          Re: Charles 9

          Kinda late for that, don't you think? I've stopped buying games altogether yet I still have the issue of my existing library. And 20% doesn't even cover a fair chunk of my library. Come back when it's closer to 90% so I don't have to leave the vast majority of my game behind. And the games that tend to run on WINE tend to be older ones, not the cutting edge (which will soon include DX12 games with their close-to-metal coding).

        2. Kiwi
          Linux

          Re: Charles 9

          Simply stop buying any game that has no Linux support, and before you know it, you no longer care about Windows.

          There are those who would argue "But so many of the top-rated games aren't on Linux yet"..

          Well, to them I will simply say - why not look around at the games that are? You might find something really good that hasn't had the marketing hype of some of the other stuff out there.

          I spend a lot of time playing games, and while RTS is far preferred I've also played FPS and shoot-em-up. I still play a lot of old games as well - in fact one I still love from time to time is "Carrier Command" which could run on the same 360K floppy disk that had the OS! (SOASER (thanks El Reg commentards for the suggestion!) and the Homeworld series (classic, Remastered stopped me playing HW for some weeks!) are among those I prefer most).

          You'll be pleasantly surprised at the great games available (some very old ones) that run on something other than Windows if you're willing to take a look away from so-called "top hype10" lists and look elsewhere. And no need to worry about the data slurping.

          (I've also played Tib3 on Linux. Installs beautifully on WINE IME without needing anything, and found it faster than the Windows install on that same hardware. )

        3. TheVogon

          Re: Charles 9

          "Simply stop buying any game that has no Linux support, and before you know it, you no longer care about Windows."

          But you would also have relatively few recent blockbuster games to play. And the latest games where actually available on Linux will play with significantly lower graphics performance without Direct-X 12 support...

          1. MJI Silver badge

            Re: Charles 9

            Many recent blockbuster games have versions with no DX and no Windows. See the PS4.

            That uses BSD a sort of Free Unix, like Linux.

            I think if they can do a PS4 version a Linux version is not that hard.

          2. Kiwi

            Re: Charles 9

            But you would also have relatively few recent blockbuster games to play.

            As per my earlier post - blockbuster games aren't always that great, and there's many very good (and often far better) games out there.

            And the latest games where actually available on Linux will play with significantly lower graphics performance without Direct-X 12 support...

            Actually, speaking from significant hours of gaming (I need a 48" monitor now just so I can see it past my gut!), DirectX is the lower-performing graphics system in many cases. Certainly when I've compared games between Windows and running them on WINE, they tend to play a lot better on WINE on the same hardware. This isn't always the case, but then I haven't really tried for a while either so WINE could be much better today, and of course there's various other tools to make it easier to use.

            In fact MS Office (prior to the 365 ripoff version) actually installs much faster and easier under WINE than it does on Windows IME (still not as fast or functional as Libre mind, but if you really must use MS Office then do yourself a favour and install it on Linux! - Then you don't even have to worry about MS stealing your documents while you're working on them, much easier to secure your system from their thieving prying eyes)

            1. Charles 9

              Re: Charles 9

              "Actually, speaking from significant hours of gaming (I need a 48" monitor now just so I can see it past my gut!), DirectX is the lower-performing graphics system in many cases. Certainly when I've compared games between Windows and running them on WINE, they tend to play a lot better on WINE on the same hardware. This isn't always the case, but then I haven't really tried for a while either so WINE could be much better today, and of course there's various other tools to make it easier to use."

              If they're running faster on WINE, odds are it's because the WINE run is using less-intensive graphics settings than Windows. For example, support for DirectX 10 and up is known to be flaky with WINE, so to turn the phrase, "Can WINE run Crysis?" Answer: "Yes, but not as well as on Windows."

              As for my personal experience, I used to play TF2 a lot, and I personally noted the Linux port was somewhat slower and flakier than the Windows version. Also, despite owning a pretty recent AMD graphics card, support could get flaky, and I've more than once had spontaneous X crashes and even panics, no matter what version of driver I used. So let's just say I've been around the block more than once, and each time left me wanting. This whole spyware bit has put me in a very uncomfortable position since I want to jump but risk losing too much. I'd be more inclined if Valve could push to increase Linux compatibility, but until then...

    2. Richard Plinston

      > Dunno how that works... Hosts file works closer to the network layer. How/where the domain is coded/configured shouldn't prevent the function of the hosts file?

      The hosts file is a means of converting from a domain name to an IP address. If the name is not in hosts the system goes to a DNS server to do that.

      If the connect already has the IP address (ie hard coded) then the hosts file or DNS are not used at all.

  17. djack

    Calling all conspiracy theorists..

    settings-win.data.microsoft.com resolves to onesettings-db5.metron.live.com.nsatc.net

    Guess which three letters will get the tim-foil hatters all riled up ;)

    Hmm.

    http://nsatc.net/ produces the standard Ubuntu Apache landing page.

    Double Hm.

    IP address is 191.232.139.253 which looks to be in Brazil.

    What are the South American data protection laws like?

    1. Anonymous Coward
      Anonymous Coward

      Re: nsatc.net

      For myself, having just nslookup'd nsatc.net with a bunch of different public dns's, from both home and work, I find they all resolve to 127.0.0.1 (!)

      Is this new?

      1. David 132 Silver badge
        Happy

        Re: nsatc.net

        For myself, having just nslookup'd nsatc.net with a bunch of different public dns's, from both home and work, I find they all resolve to 127.0.0.1 (!)

        Is this new?

        Depends. Are you posting from Langley, Virginia?

        1. Michael Habel

          Re: nsatc.net

          Depends. Are you posting from Langley, Virginia?

          That would be the other Alphabet Soup Organization... The CIA. The place your looking for is in Odenton md. a.k.a Fort G. Mead...

          1. David 132 Silver badge

            Re: nsatc.net

            D'oh. In my rush to make a Funny I got my TLAs confused.

            Thanks for the correction. Technically correct - the best kind of correct.

      2. djack
        Facepalm

        Re: nsatc.net

        D'oh! I resolved just about everything else - never noticed that.

        Good spot.

        The resolved IP address in Brazil is for settings-win.data.microsoft.com

    2. Roland6 Silver badge

      Re: Calling all conspiracy theorists..

      >IP address is 191.232.139.253 which looks to be in Brazil.

      Wasn't MS one of the companies named a while back who were buying up 'spare' IPv4 addresses allocated to non-US registries and re-using them for US-based hosts?

      1. harmjschoonhoven

        Re: Calling all conspiracy theorists..

        @Roland6

        Present owner of 191.232.139.253 is Microsoft Informatica Ltda. country: BR.

  18. Frank Bitterlich
    Terminator

    Newspeak...

    "Customer experience" => Data grabbing

    consent.exe => "No need for you to consent, it's all in the EULA."

    "By applying this service, you can add benefits..." => "That's benefits for us, not for you, of course."

    Hardcoding the host address: "Preventing us from siphoning you usage data? Ha ha, nice try."

    The MS legal department must be bored, so they're trying to pick a fight with various data protection agencies.

  19. Anonymous Coward
    Anonymous Coward

    KB3068708 very slow to complete uninstall

    Uninstalling KB3068708 on W7 took nearly an hour to complete the mandatory restart. Appeared stuck on the "Configuring Windows. Do not switch off..." screen. Eventually it did complete ok - when I had just about given up.

    1. Ian Michael Gumby

      Re: KB3068708 very slow to complete uninstall

      You do realize that they can probably do a check, see that the patch is missing and re-install it again the next time you update your Windows....

      1. CaNsA

        Re: KB3068708 very slow to complete uninstall

        Right click, hide update.

        1. Michael Habel

          Re: KB3068708 very slow to complete uninstall

          Right-click -> Hide Update(s)

          Yes 'cause that has worked solo well in recent times with MicroSofts noisy Windows 10 Notifier. I must have told that thing to bugger off no less then the last Three Months of Patch Tuesdays. Besides on that note why are we speaking of this now, and not say, on the Eighth? (i.e. Patch Tuesday). Could it really be that when MicroSoft said they were nixing PT the really ment it across the board? I had just assumed it was only in relation to Win 8.x, and 10 though.

      2. Dan 55 Silver badge

        Re: KB3068708 very slow to complete uninstall

        They have done and do. They just raise the version number and push it out again and it is downloaded and installed despite you expressly hiding it.

        1. David 132 Silver badge

          Re: KB3068708 very slow to complete uninstall

          c.f. Silverlight, the monthly security scanner tool (no option that says "I don't want to ever run this tool, not this month, not next month either"), etc.

  20. James 51

    Thanks for the warning.

  21. Soap Distant

    B'stards!

    Oh they're such barstuds! Don't think I'll bother installing those updates...

  22. NotBob

    Escalate beyond the hosts file?

    Wouldn't it be simpler to simply block settings-win.data.microsoft.com (and vortex-win.data.microsoft.com) at the internet connection? Even my cheap DSL router has a built in "firewall" that can handle a task that straightforward.

    I realize this may be above the average home user's ability, but for those prepared to go to the trouble of removing, it should be possible.

    Then again, maybe I'm missing something and that wouldn't work...

    1. drexciya

      Re: Escalate beyond the hosts file?

      This works if your PC is only running at your home network. I'm taking my work laptop to different locations (on-site training and so on) and then these measures become way more important.

      1. Charles 9

        Re: Escalate beyond the hosts file?

        Plus the IPs they resolve to are the same ones that host most Microsoft-based services. Meaning you can't block it without collateral damage.

        Can anyone see if Windows Update is among those services, meaning blocking the IP also blocks future security updates, meaning you're pwned either way?

        1. DropBear
          Devil

          Re: Escalate beyond the hosts file?

          "Plus the IPs they resolve to are the same ones that host most Microsoft-based services. Meaning you can't block it without collateral damage."

          Oh, I think you could. Exactly because it's hardcoded. You'll just need to:

          1) Block the relevant domain / ip at your router

          2) Define the same domain in your host file to something else

          3) Instruct your router to re-route something else to the original domain

          At least I'm pretty sure that's what the BOFH would do...

          1. .JMB.

            Re: Escalate beyond the hosts file?

            The problem with this is that it only works if the computer will never be used on any network other than your own. But you can instead put windows 7 in a virtual machine running on Linux. That way you can block the relevant IP in the Linux firewall, do the domain redefinition/re-routing in the Linux hosts file and finally the re-routing back to the original domain in the Windows hosts file within the virtual machine. That way you get the same benefits in a more portable, WLAN/router agnostic way.

  23. Christopher Reeve's Horse
    Flame

    Cheeky Ba$tards

    Why I oughta.... *shakes fists*

  24. john devoy

    Where are the hackers when you need them?

    Maybe some friendly hackers could make a tool to overwrite the hard coded addresses with some localhost redirects.

    1. John Bailey

      Re: Where are the hackers when you need them?

      "Maybe some friendly hackers could make a tool to overwrite the hard coded addresses with some localhost redirects."

      Ahh. but they did better. It's called a "Linux install disk".

      Put the disk on the drive, reboot, and after a few simple questions. Problem solved.

      1. .JMB.

        Re: Where are the hackers when you need them?

        Your solution also gives the added benefit of inmunizing your PC against ALL FORMS of data slurps and spyware. It's a set-and-forget solution that once implemented you can just lay back and relax while seeing everyone else wrestle the spyware.

  25. Kit-Fox
    Stop

    Dear Microsoft,

    Pulling this kind of shit will result in the exact opposite of what you hope to achieve in the PC market, instead of people patching & updating their machine right away, they will wait to see if the latest slew of patches are attempts to install backdoors/rootkits/spyware & other 'telemetry' software onto their computers leading to a greater percentage of insecure unpatched machines.

    Also there is no consent, informed, implied or otherwise if you dont tell people in big unavoidable text that something you are having them install on their machine as a 'critical security patch' will SPY on them.

    1. thtechnologist

      Re: Dear Microsoft,

      You are assuming more than 1% of people care, and that's a high estimate I think. People have to care first, that's the first step.

      Windows 10 is the fastest adopted OS of all time, as of stories breaking today. People are willing to make the trade it seems. I have people at work badgering me every few days, "When is the update coming"

      1. Teiwaz

        Re: Dear Microsoft,

        "People are willing to make the trade it seems."

        I think most people don't even think of it in terms of 'trade'. After all it's not trade if it's 'free'

      2. Kepler
        Boffin

        Re: Dear Microsoft,

        "People are willing to make the trade[,] it seems.

        The salient point is not, as Teiwaz would have it, that it's not actually a trade if Microsoft's customers give nothing additional in exchange for the updates to Windows. (The updates were already purchased with whatever original consideration was given. Obviously.)

        What "thtechnologist" and his statement overlook is that people can't consent to the trade — to the privacy they are giving up in exchange for whatever ostensible "benefits" the updates in question provide — if they are unaware that they are making it! Which is why Microsoft should not be hiding the ball.

        (Duh!)

      3. Kepler
        Facepalm

        Re: Dear Microsoft,

        And if — God forbid — anyone should object that Teiwaz and "thtechnologist" were both talking about Windows 10 (which they were), and not the surreptitious updates to Windows 7 and 8.1 that were the actual subject of the article we are all responding to, just see Andrew's original article of August 6 discussing Microsoft's horrendous lack of disclosure to downloaders of Windows 10!

        ("The updates [to Windows 7 or 8.1, as the case may be] were already purchased with whatever original consideration was given [for Windows 7 or 8.1]. Obviously."

        And so, of course, was Windows 10.)

    2. Ilsa Loving

      Re: Dear Microsoft,

      This is why Microsoft has forced Windows Update on in Windows 10, and it can't be shut off.

  26. David 132 Silver badge
    Unhappy

    Thanks for the heads-up.

    No doubt all three of these are described in the Windows Update client as "Resolves issues with Windows" or something equally vague.

    Yes, obviously any IT administrator worthy of the name should be carefully evaluating and analysing every WU patch to determine its relevance, but it's getting to the point that every home user and their grandma has to do the same. Gone are the days when one could reflexively hit "install all", with the assumtion that Newer Code = Better; simply can't trust the patches to be for your benefit rather than Microsoft's any more. Yes, you could argue that "well, anyone sensible should be evaluating and carefully reading every patch anyway"...but no, home users have more important things to worry about. To use an analogy, I don't have to carefully read the small print before & after taking my car for it's scheduled service, just in case the dealership decided to install a data-logger for their benefit.

    It's not so much the data-slurping, it's the fact that Microsoft seem to be going out of their way to do it in as sneaky and surreptitious way as possible, handing ammunition to the privacy nuts and haters. I mean, if it's all so innocent, why not be more up-front about it?

    1. Primus Secundus Tertius

      Re: Thanks for the heads-up.

      @David132

      "if it's all so innocent, why not be more up-front about it?"

      Indeed. We the proles are always told, if we have nothing to hide we have nothing to fear.

      Let's see that applied to the big boys.

  27. Novex

    Microsoft seem determined to get me to start using Linux...

    1. t20racerman

      But you never do.....

      But you, and millions of you "I'll-move-to-Linux-if-this-s**t-continues" guys never do, do you? You just come on here claiming you are tempted and will do so, maybe, possibly, soon etc........

      Sorry, don't believe you. Just do it and stop prattling on with idle threats.

      (NB Before the down votes start - I've been using Linux as my main operating system (>95% of the time) since 2007. Only boot Windows for Photoshop as I prefer it to Gimp)

      1. Novex

        Re: But you never do.....

        Actually, I have been investigating going to Linux Mint, and have tried an older version of it some time ago.

        The problem is that I need to be sure that all the software and hardware I have can work on Linux. There are some software/hardware combinations I have that are Windows only and will never be able to work on Linux (they're older and now unsupported). Until I can find some way of replacing them then a full move to Linux isn't possible.

        However, I am looking at getting my laptop moved across, but it will still need a Windows 7 VM for some of the software I use so I'm not going to be entirely free of Windows even then.

        1. Kiwi
          Linux

          Re: But you never do.....

          The problem is that I need to be sure that all the software and hardware I have can work on Linux.

          The hardware site is easy. Download an ISO and burn to DVD or USB (or if you really have time on your hands set up network booting...). If you're really seriously worried about the data on your HD then shut your machine down, remove the power and/or data cables from your machine. Boot into your chosen ISO.

          Now you may get something come up to say that there are "restricted drivers" available for your machine. These are often from NVIDIA, and are still easily installed - just for some reason they can't be automatically installed (I've not cared enough to look further into this, I just know message comes up, I click "install the driver" and it's done). That may need a restart (seldom), so if you've used a USB it should be able to load the new drivers, if not or on DVD don't bother.

          Put in your wireless details if needed.

          Open up Firefox (comes with most Mint distros I've seen - as well as full office suite and tons of other goodies you have to get separately with Windows) and visit Youtube or some other video site (or select a video you have elsewhere if you wish), and play a HD video (or best quality you have available). If you have sound and video, and of course network, then you're good to go unless you have a printer or scanner or something that doesn't work. IME most of the time they're quick and easy to find and install, but a few Lexmark and HP ones aren't. There's probably others, I don't use paper much myself so don't normally need printers or scanners.

          As to the programs, that's another issue. I've found many install quite well on WINE, and there's the likes of Play On Linux and other tools to get things going that don't. I cannot recall it atm but there's other WINE-like systems out there, one maybe named "Cross Over" (can another commentard help here please?) - try them and if they work you're done with MS, enjoy a life of peace and running machines rather than stress, multi-hour multi-gig updates (with 10billion restarts) just to make a few bytes of change to a friggin web browser!), and lots of breakage.

          One other thing you may like to consider.. Where I have desktops or laptops that can handle more than one HDD, I have my Windows and my Linux on separate drives - one per OS where I can. That way you're less likely to have any issues with installing and can go back to the old system easily if you really want to.

          1. Charles 9

            Re: But you never do.....

            "Now you may get something come up to say that there are "restricted drivers" available for your machine. These are often from NVIDIA, and are still easily installed - just for some reason they can't be automatically installed (I've not cared enough to look further into this, I just know message comes up, I click "install the driver" and it's done). That may need a restart (seldom), so if you've used a USB it should be able to load the new drivers, if not or on DVD don't bother."

            The main reason is because they're non-free and have strings attached. I think the condition is they have to be explicitly permitted by root in order to be legal, plus non-free stuff in a distro is frowned upon as it goes against the Linux copyleft philosophy.

            "As to the programs, that's another issue. I've found many install quite well on WINE, and there's the likes of Play On Linux and other tools to get things going that don't. I cannot recall it atm but there's other WINE-like systems out there, one maybe named "Cross Over" (can another commentard help here please?) - try them and if they work you're done with MS, enjoy a life of peace and running machines rather than stress, multi-hour multi-gig updates (with 10billion restarts) just to make a few bytes of change to a friggin web browser!), and lots of breakage."

            CrossOver is simply an advanced, supported implementation of WINE. That said, the newer the software (particularly games), the less likely it'll run via WINE. In particular, support for Direct X 10 and up is known to be flaky. Plus I've personally had issues with graphics support on Linux, running afoul of multiple X crashes and kernel panics.

          2. Whistlerspa

            Re: But you never do.....

            With regard to Wine I tried it a few times but always had license activation issues with MS Office when trying to run it through Wine. I need to be able to run this as Open and Libre office do not translate correctly when files are opened with MS Office software in a Windows environment.

        2. Whistlerspa

          Re: But you never do.....

          I did try Mint as a matter of fact. For many of the reasons stated in this forum. Unfortunately Mint OS 17.2 Cinnamon did not perform as needed. Mint installed fine, looked great and booted quickly but then problems emerged.

          Firstly I could not get the Broadcom wifi to connect to my business wifi network as it would not connect to the enterprise network there.

          Next Libre Office Writer could not replace MS Word 2013 as when I tried uploading files created with it to the network (remotely from home or from removable media on a company desktop) they were sometimes missing data or had nonsense symbols or misspelling (despite using the spell check beforehand). They were also sometimes not formatted properly once uploaded and opened with MS Word.

          Finally problems with the START menu emerged, in fact it disappeared completely and I could not get it back.

          I have used Linux since 1997 so am not a newbie to the platform. I trawled Mint and other forums for hours and implemented many suggested solutions but none worked. I had no more time to spend so in order to remain productive - and a computer for me needs to give reliable output, I sadly and reluctantly returned to a Windows OS solution. I accept that the fault may well be on the Windows side rather than Linux itself, but unfortunately I have to work with a Microsoft environment.

          This isn't posted as a lament it's simply my experience. I want to be able to use software of my own choice and hope it will be possible someday. But for now it seems that it's not.

  28. Mark Allen

    Hard-coded?

    The notes explain that diagnostic telemetry data is sent to settings-win.data.microsoft.com. Privacy advocates note that this is hard-coded, so blocking access via the hosts doesn't work.

    So what does that mean? Are they saying the IP Address is hard coded? Usually I block this kind of stuff in the DNS not the hosts file. I'm assuming that they are not doing a lookup and going direct to the IP Address. If that is the case, why don't these articles list the relevant IP Addresses to be blocked by a firewall?

    1. Charles 9

      Re: Hard-coded?

      They do, but it's the same IP that hosts various Microsoft services, meaning you can't block at the IP level without collateral damage. And before you say, "Who needs them?" one of them could be Windows Update, which is the mechanism for pushing security updates.

      1. Doctor Syntax Silver badge

        Re: Hard-coded?

        "the mechanism for pushing security updates."

        I think you meant insecurity updates.

        1. Charles 9

          Re: Hard-coded?

          No, I meant security updates, or would you rather be left wide open to the next thing the black hats reveal in Windows?

          1. Kiwi

            Re: Hard-coded?

            No, I meant security updates, or would you rather be left wide open to the next thing the black hats reveal in Windows?

            You mean like security holes where someone in a South American country (or somewhere else) could conceivably get a copy of a private document you're working on by pulling files right out of your system's RAM?

      2. Kiwi

        Re: Hard-coded?

        which is the mechanism for pushing security updates.

        But when they can no longer be trusted not to include spyware, can they really be called security updates?

        Until recently I (a FATM Linux fanboi/user and MS hater) still at least trusted the updates to not need checking UNLESS there was one known to be causing a lot of problems. Only with the GWX and other nasty stuff since then have I been looking closely at the updates before installing. And even then, I don't trust them to only do what is suggested - how do we know one that states "A bug has been found in the way xxx filetype is handled, this fixes that bug" doesn't have a hidden "and adds code to send us a pile of data you'd rather keep private"

        I have client data on my machines. I have a responsibility, defined in NZ law and other places as well as a simple reasonable expectation by my clients to do the best I can to protect their data. Now I have to wonder how much extra work I should be doing - whereas I would often let them do updates in the past (sometimes a great way to fix corrupted files where all else fails) now I have to think a lot more about those updates and whether or not they could constitute a breach in privacy. And I have to make sure my co-workers are aware of the same issue. Do we risk a privacy lawsuit by allowing updates to run on a machine while it's in our possession?

        MS - you need to either 1) do some serious culling of your staff (preferably in the true farming sense - sending them off to a meatworks somewhere to be slaughtered) or 2) HURRY UP AND DIE!.

        1. Charles 9

          Re: Hard-coded?

          "I have client data on my machines. I have a responsibility, defined in NZ law and other places as well as a simple reasonable expectation by my clients to do the best I can to protect their data. Now I have to wonder how much extra work I should be doing - whereas I would often let them do updates in the past (sometimes a great way to fix corrupted files where all else fails) now I have to think a lot more about those updates and whether or not they could constitute a breach in privacy. And I have to make sure my co-workers are aware of the same issue. Do we risk a privacy lawsuit by allowing updates to run on a machine while it's in our possession?"

          Do you risk a privacy lawsuit by NOT allowing updates to run and leaving a hole open by which a hacker can invade your system and pilfer your client files? Sounds like pick your poison to me, especially if the software required for your business can't be run on anything but Windows.

          1. Kiwi
            Linux

            Re: Hard-coded?

            Do you risk a privacy lawsuit by NOT allowing updates to run and leaving a hole open by which a hacker can invade your system and pilfer your client files? Sounds like pick your poison to me, especially if the software required for your business can't be run on anything but Windows.

            Not at all. If we install these spyware "updates" from MS while the machine is in our care, we are knowingly acting in a manner that would cause their data to be sent to other people.

            However, as we make recommendations on other security measures which would mitigate and probably prevent any hacker getting far enough into the machine to exploit these things, it becomes a completely different matter. We actively install software (along with normal AV software) to prevent tracking and leaking of data, and recommend things that should not be installed because they're known to leak (just like recommending people steer clear of certain h/w brands (not looking at Lenovo at all, honest!) for the same reasons).

            Besides, making sure the stolen"telemetry" data doesn't go back to MS is not the same as leaving a system unpatched. When MS makes it so you either have the telemetry data going back to them OR you don't get updates, then we'll be upping the rate in which Linux is installed on machines, with Windows in a VM if necessary (these days very few people actually need it for anything anyway - there's much better software out there to replace a lot of the stuff on Windows, especially any of the crap that comes from MS)

  29. Destroy All Monsters Silver badge
    Mushroom

    GAAHHHHH

    1. GrumpenKraut

      Exactly.

  30. Pascal Monett Silver badge
    WTF?

    So, settings-win.data.microsoft.com is hard-coded, eh ?

    Sounds like DDOS time !

    Effing bastards. From now on, I am nuking anything with "telemetry" in its description.

    Now, more than ever, it is a good idea NOT to auto-install WU patches and wait for feedback before choosing anything.

    Really Nadella, if you want us on the warpath, keep it up.

    1. Someone Else Silver badge
      Coat

      Re: So, settings-win.data.microsoft.com is hard-coded, eh ?

      Nuke it from (low) orbit....

      It's the only way to be sure.

      1. Charles 9

        Re: So, settings-win.data.microsoft.com is hard-coded, eh ?

        No, it'll just turn out to be an Andromeda Strain, meaning nuking it will only make it stronger...

  31. An0n C0w4rd

    settings-win.data.microsoft.com.

    anyone know how this is "hard coded"? Would blocking it on the DNS server work?

    1. GrumpenKraut

      Re: settings-win.data.microsoft.com.

      As I understand: "hardcoded" is for access vie raw IP, so DNS-something will not work. You'll have to block the IP with a device between your system and them interwebs.

      Nasty fuckers.

    2. LB45

      Re: settings-win.data.microsoft.com.

      dnsapi.dll?

      Maybe there will be an open source code that can be compiled to replace the MS supplied one shortly.

      1. GrumpenKraut

        Re: settings-win.data.microsoft.com.

        > ...an open source code...

        ...followed by a Microsoft update to take care of it. Rest assured the spying functionality will be near impossible to stop from within the system.

      2. Charles 9

        Re: settings-win.data.microsoft.com.

        "Maybe there will be an open source code that can be compiled to replace the MS supplied one shortly."

        Given the low level, it's likely (1) kernel-level, and (2) signed. Meaning replacement files are a no-go.

    3. diodesign (Written by Reg staff) Silver badge

      Re: settings-win.data.microsoft.com.

      I've added a few extra details on this.

      C.

      1. GrumpenKraut

        Re: settings-win.data.microsoft.com.

        Thanks!

  32. Zog_but_not_the_first
    WTF?

    WTF^100

    Criminal behaviour IMHO. Thanks for the uninstall details but I'm wondering how long it will be until "Control Panel" isn't. For us anyway.

  33. Anonymous Coward
    Anonymous Coward

    what was the replacement for peer guardian again?

    1. Charles 9

      PeerBlock. Trouble is, the IP for the service also hosts other Microsoft Services. The concern is that Windows Update will be among them, meaning blocking the spyware also blocks the security fixes.

  34. Gnosis_Carmot

    Fully serious question

    How does this work out for entities covered by HIPAA/gov security clearance requirments/etc?

    I can't see how these places could continue to operate Windows if the data inside document files can be siphoned up to MS.

    1. bobgameon

      Re: Fully serious question

      I can't be completely sure about this but there is a good chance enterprise versions of windows won't get the telemetry stuff. Enterprise is Microsoft's bread and butter and adding telemetry to that version of windows would piss off a lot of companies and Microsoft's can't afford to do that.

      1. Kiwi

        Re: Fully serious question

        I can't be completely sure about this but there is a good chance enterprise versions of windows won't get the telemetry stuff.

        That was supposed to be true of W7-W10 updates as well, but the "Your Topics" column just to the right of where I am typing this has a link to another article where even domain-attached 7 machines were getting W10 forced on them "by mistake" (if I recall the article correctly)

  35. Anonymous Coward
    Anonymous Coward

    settings-win.data.microsoft.com

    Added to DNS on router, of course the IP might be wrong.

    1. GrumpenKraut

      Re: settings-win.data.microsoft.com

      As explained above, this may not help. Do block the IP on your router.

      1. Anonymous Coward
        Anonymous Coward

        Re: settings-win.data.microsoft.com

        "Do block the IP on your router."

        ...routers.

        1. Anonymous Coward
          Anonymous Coward

          Re: settings-win.data.microsoft.com

          Doesn't every household have three routers on the 2.4 GHz band? And a couple more on 5 GHz?

  36. Anonymous Coward
    Anonymous Coward

    These "updates" seem to declare fairly openly what they do and link to the CEIP description. though that document is dated 2009.

    1. tony72

      Also you only get them if you install optional/recommended updates. Personally I only allow Windows Update to install important updates automatically; I'll only install optional/recommended updates if I have a specific reason to do so. And this set of updates are the exact reason I do it that way.

      1. John Bailey

        "Also you only get them if you install optional/recommended updates."

        For now.

        "Personally I only allow Windows Update to install important updates automatically; I'll only install optional/recommended updates if I have a specific reason to do so."

        Like access to some MS related service perhaps?

        "And this set of updates are the exact reason I do it that way."

        WGA was the exact reason I quit Windows. They followed a similar strategy back then. WGA was a "customer run installation verification" so people who bought a PC from some dodgy shop didn't get a pirated copy.

        Funny how it became unavoidable. a wee while later, And baked into later versions.

        As no doubt will this be in Win 10.x

        At some point, you get tired of the cat and mouse crap, and say fuck this.

        Then you start to look elsewhere for an alternative.

        Hope you find one.

  37. ma1010
    Big Brother

    With aplogies to Simon Travaglia

    It's morning in mission control, and the PFY and I are monitoring the bugs customer experience and diagnostic telemetry devices in the boss' office.....

  38. Valarian

    Fear, Uncertainty and Doubt

    No, not the story - my feelings towards Microsoft. I have always been a staunch advocate of their products, until...

    ...when they dumped Blades in favour of Metro on Xbox360, I began to doubt their strategy

    ...when they forced Metro into Win8, I became uncertain as to their rationality

    ...when they subverted their OS family with privacy-violating 'upgrades', I began to fear their motives

    There is a gambling adage I feel is increasingly appropriate to my standing as a Microsoft customer:

    "Look around the Poker table; if you can’t see the sucker, it's you"

    I think the time is fast approaching when Ubuntu stops being the 'hobby' OS on my laptop and graduates to 'serious' status on the big rigs I run. The only thing keeping me on Windows now is gaming, and I think I can justify a PS4 if I cut that cord...

    1. Bluto Nash
      Big Brother

      Re: Fear, Uncertainty and Doubt

      I'm in the same boat. I've been messing around with Linux (Mint 17.2 over the last week or so) and came to the realization that except for gaming, Linux CAN handle everything that I normally use my PC for. I took an old netbook and put Mint xfce on it, and while a bit slow, is perfectly capable of doing what I need it to. Next step is to throw a decent rig together and do the same with x64 & Cinnamon to play around a bit more seriously. My only hesitation is that I still don't understand the underlying functions well enough to be completely comfortable with it and couldn't fix it if I somehow broke it - like I can with Windows.

      Aside from that, if I could get Battlefield and its ilk to run on it, I'd be out of the Windows business altogether.

      1. asdf

        Re: Fear, Uncertainty and Doubt

        >My only hesitation is that I still don't understand the underlying functions well enough to be completely comfortable with it and couldn't fix it if I somehow broke it - like I can with Windows.

        With modern Linux you shouldn't have too. You only have to take decent care of your home directories for the most part and back them up. I recommend putting them on another drive so if things do get FUBAR you can simply reinstall Linux off the DVD without worry about your home directory (other than perhaps having to tell it where home is and not to format it). I personally hate what RedHat has done to Linux (made it a windows lite non POSIX hairball) but they have made it more friendly for the windows users to migrate.

      2. Supa

        Re: Fear, Uncertainty and Doubt

        Just use apps like "Timeshift" or APTIK to restore your OS should anything go skewiff while you are on Linux. It's saved me a days worth of installing stuff and adding repositories and apps back on my system a few times. Timeshift works a bit like System Restore does on Windows and APTIK allows you to make a backup of your install settings.

        1. asdf

          Re: Fear, Uncertainty and Doubt

          Personally I go with zfs snapshots on my BSD system but glad someone piped up with a more windows/mac like solution on Linux.

        2. Kiwi

          Re: Fear, Uncertainty and Doubt

          Just use apps like "Timeshift" or APTIK to restore your OS should anything go skewiff while you are on Linux.

          Thanks for that. One of the "problems" I have with Linux is a severe lack of experience in repairing it. I mean, unlike certain other OS's it just tends to work and work and work. Don't matter what you do to the poor thing, it laps it up and comes back for more. Mostly.

          Perhaps the best thing MS ever did was System Restore (at least when it works, which IME is more often than not unless some twit turned it off), and I've wanted something like it for a while for Linux. I've always had a little bit of a concern with things where I haven't had that (although I've only broken one thing in any reasonable way, thank God!).

          I'll get this installed and feel that much more confident. Thanks!

      3. Len Goddard

        Re: Fear, Uncertainty and Doubt

        Hehe, I've moved all my productive work and anything private onto an i5 based intel NUC. With 16GB memory and a 512GB M2 SSD it is very responsive and apparently capable of doing 4k graphics, although that does not interest me. It does happily drive a pair of HD+ monitors, though. I'm using Mint 17.2 Xfce. Bulk data is on a Synology NAS.

        My win7 system is now a gaming ghetto. I don't have any of the spyware updates that are identified here but who knows what has crawled in masquerading as a vital security fix? So the worst that can happen is for someone to steal my MMO characters which would be irritating but not catastrophic. The Winbox is untrusted - having limited access to a small part of the NAS and in general no connection to other machines on my home network.

        I accept that for those new to linux the learning curve can be a bit daunting but there is a lot of advice available on the net. Just don't be afraid of the command line - people giving advice will generally tell you how to do things via the CLI because it is far less variable across linux distros than the GUI. Plus you can cut and paste CLI commands which reduces user error ...

  39. Jim-234

    I was just musing the other day that M$ might do this and low and behold!

    Just the other day I was posting that I was suspicious that Microsoft might start messing with windows 7 and low and behold they wasted no time in cramming spyware into windows 7 as part of the mandatory updates!

    I highly doubt that the data is fully "anonymized" as I'm sure there is still some identifying information that they can tell what installation / computer ID / Hash value sent them. If you can harvest what someone clicks on, what menus they use, programs they use, when they use things, how their windows are arranged, their language/user/keyboard settings & all kinds of stuff, you are most of the way to having the information you need for a nice targeted hacking job.

    My guess is they will start selling off this data in big batches to people willing to pay and somebody will figure out how to match it up, perhaps by checking flash installation IDs or other such things as people visit websites.

    I've been very impressed with Linux Mint (Cinnamon) and with a pretty good set of open source software, I can get just about everything done except for gaming & some programs (like quickbooks) that I'm still working on getting running. Printer / Scanner / MFD drivers however are a huge pain.

    1. David 132 Silver badge
      Headmaster

      Re: I was just musing the other day that M$ might do this and low and behold!

      Pardon my pedantry, but the phrase is "Lo and behold".

      And I agree with your comment.

      1. Bob.

        Re: I was just musing the other day that M$ might do this and low and behold!

        I also feel behooven to point out that only cattle low.

        1. David 132 Silver badge

          Re: I was just musing the other day that M$ might do this and low and behold!

          I also feel behooven to point out that only cattle low.

          You're going to milk this for all it's worth, aren't you?

          1. Doctor Syntax Silver badge

            Re: I was just musing the other day that M$ might do this and low and behold!

            "You're going to milk this for all it's worth, aren't you?"

            Enough with the cheesy jokes!

            1. David 132 Silver badge
              Coat

              Re: I was just musing the other day that M$ might do this and low and behold!

              Enough with the cheesy jokes!

              Au lait off them you mean?

              1. Chika
                Trollface

                Re: I was just musing the other day that M$ might do this and low and behold!

                Oh come on! Don't have a cow!

                1. David 132 Silver badge

                  Re: I was just musing the other day that M$ might do this and low and behold!

                  Oh come on! Don't have a cow!

                  Charolais you can't be serious.

                  (Ok, ok, I admit I'm scraping the barrel now. Enough.)

      2. Jim-234

        Re: I was just musing the other day that M$ might do this and low and behold!

        Yes you are quite correct

    2. Bluto Nash

      Re: I was just musing the other day that M$ might do this and low and behold!

      Dunno about Quickbooks, but Quicken runs perfectly happily under Wine, as does my old and relatively oddball subwoofer design program that was written for Win 3.1.

  40. Anonymous Coward
    Anonymous Coward

    Hackintosh?

    I need Windows or OSX for Photoshop ( no GIMP won't cut it for my commercial photo work yet ) so it's looking like I might be heading back to Hackintosh territory again for a short while, that is until I rake up the cash to buy a proper Apple desktop. At least Apple smile when they bend you over the desk for your "punishment"....

    1. David 132 Silver badge

      Re: Hackintosh?

      And the other factor, one that people never seem to take into account when complaining about the expense of Apple kit, is that resale/residual values tend to be very high.

      Take my wife's old iMac for example - 24", 2007. Still fetching upwards of 250 quid on eBay. Not that it matters, because it still works very well and seems perfectly speedy - I just updated Bootcamp from XP to Windows 7. Last I checked, a PC of that age would be landfill.

      So yes, the Apple tax is painful, but at least you get a goodly chunk of it back when you sell.

      1. GrumpenKraut
        Linux

        Re: Hackintosh?

        > Last I checked, a PC of that age would be landfill.

        Not with a proper O/S on it. Sitting at a 2010 PC here (that was cheapo town when I bought it), no plans to replace it in the next three years. I did upgrade RAM once (for HPC), and that was it.

        A top range new system is performance wise "up to" twice as fast (old: AMD Phenom, new: expensive intel Xeon). Yes, I measured it myself.

        Icon for "anything but Microsoft".

      2. Anonymous Coward
        Anonymous Coward

        Re: Hackintosh?

        £250 on Ebay you say for an 8 years old MAC ?

        Second hand MAC buyers

      3. Doctor Syntax Silver badge

        Re: Hackintosh?

        "Apple ... resale/residual values tend to be very high."

        And about to get higher still I suspect.

      4. Michael Habel

        Re: Hackintosh?

        Perhaps so... But, I'm on a ca~2006 Core 2 Duo 2x2.13Ghz System on Windows 7. and, for everything need this machine to do... It does! I guess you right about being lucky to still get ~100.00€ for it complete. But, then Beige Boxes just never came with that aura of Cr(Apple) BS attached to it. 'cause these aren't some lovely polished white plastic boxes. These were sold as the then modern workhorses of the world.

  41. theloon

    XP still looking attractive :)

    and that was the final reason I needed to never upgrade my XP machine which runs any type of finance packages... and yes, they all still run on XP, never crash zero problems. Unlikely trying to run them on anything later.... the disaster that is MS.

    1. Charles 9

      Re: XP still looking attractive :)

      But no security updates. How do you keep them from getting pwned over the network or by a stray USB insertion?

      1. Roland6 Silver badge

        Re: XP still looking attractive :)

        >How do you keep them from getting pwned over the network or by a stray USB insertion?

        Lock down OS (remember XP can be hardened to EAL 4+ ) and deploy decent third-party firewall/security software. The only real question mark is how long will you be able to meaningfully browse the web using an XP-based browser...

      2. Anonymous Coward
        Anonymous Coward

        Re: XP still looking attractive :)

        Ahem ... *cough*, "cash register", *cough*

      3. Kiwi
        Linux

        Re: XP still looking attractive :)

        But no security updates. How do you keep them from getting pwned over the network or by a stray USB insertion?

        You mean like Windows 10 in 2015?

        "MS15-085: One CVE-listed flaw in Windows Vista through Windows 10 allows an attacker to gain administrator-level access if they plug in an evil USB device."

        From http://www.theregister.co.uk/2015/08/11/windows_august_patch/

        1. Anonymous Coward
          Anonymous Coward

          Re: XP still looking attractive :)

          Please note: Windows Vista through Windows 10

          Windows XP is excluded. Meaning this flaw is not being patched, meaning you are permanently at risk from this flaw, and odds are this flaw can bypass any and all third-party mitigations you try, meaning a "bad friend" or "evil maid" can hack your system in a few seconds and there's no way for you to stop it.

          1. Kiwi

            Re: XP still looking attractive :)

            Please note: Windows Vista through Windows 10

            Windows XP is excluded.

            Oh. That makes it all perfectly fine then. It's 2015 and your Windows machine can still be pwned(must be the first time I've typed that horrid word!) from an infected USB stick.

            But that's perfectly fine as MS aren't going to patch this issue for XP. All's OK. MS made a mistake that should be causing heads to roll but that's fine. They aren't fixing the mistake for XP.

            (That said, as Vista was "a complete re-write" then XP could conceivably be safe anyway - if as MS advertised Vista was completely new then there's a very good chance that the idiotic decisions that allowed this to be possible in V-10 weren't made in XP...)

    2. MJI Silver badge

      Re: XP still looking attractive :)

      Glad my main home PC is still XP

  42. Brandon 2

    bend over...

    ... grab your ankles... I don't walk around naked in the street, because my genitals are private. I don't want MS collecting data on what I'm doing on my computer... not because what I'm doing is illegal... it's JUST PRIVATE! And I value that. I sincerely hope that update has not installed, and I will not be updating Win7 in the near future. I wish Adobe CC worked on linux... i'd never touch windows ever again.

    1. Doctor Syntax Silver badge

      Re: bend over...

      " I wish Adobe CC worked on linux"

      Have you checked whether it will run under Wine.

  43. Anonymous Coward
    Anonymous Coward

    Does the "Keep Calm..." mug exist?

    I would really, really like one of those so that when the chore of continually checking updates on my machines to keep the slimy fuckers out, one glance at the mug will remind me why I'm doing it.

    What is encouraging about all this is the number of forums that have threads on the subject of Windows 10 data slurping and on keeping Windows 7 and 8 machines free from W10 and the telemetry threat. Threads such as this on Wilders Security Forums List of Windows 7 telemetry updates to avoid are quite handy.

    Plenty of self help about it seems. Which is fortunate, as we don't seem to be well served by the security industry or regulatory bodies.

    1. Dan 55 Silver badge

      Re: Does the "Keep Calm..." mug exist?

      It was a mug originally sold by Microsoft on the now non-existent Scroogle store. The Chrome logo has been changed to a Windows logo by Photoshop.

      1. Anonymous Coward
        Anonymous Coward

        @Dan 55 - Re: Does the "Keep Calm..." mug exist?

        Ahh. I didn't realise how appropriate that pic was. Just went to the Microsoft Store - it says "This product is currently unavailable".

        Perhaps they've pulled them in order to change the logos as per the article pic. Wouldn't put it past the arrogant tossers.

  44. Zog_but_not_the_first
    Meh

    Unfortunately

    Unfortunately, the incisive comments here represent a couple of hundred people. OK, maybe more, but much, much less than the ocean of Windows users. Through ignorance, or most likely disinterest, the affairs discussed here don't bother them.

    I'm loath to resort to trite clichés like "sheeple", but maybe the originators have a point.

    1. GrumpenKraut

      Re: Unfortunately

      Over time people who care influence those that do not (or to a lesser degree). Let's hope.

      1. David 132 Silver badge

        Re: Unfortunately

        Over time people who care influence those that do not (or to a lesser degree).

        Indeed. Is it fair to say that the Reg commentards tend to be IT influencers, either within their companies or at least their families/friends?

        At the risk of sounding insufferably pompous, I am the "go to" person for IT questions for my relatives, friends, and many of my colleagues. Whatever my opinion - right or wrong - that'll be their guidance. So as I'm lukewarm on Windows 10, that means a whole circle of other people have inherited the same attitude. Probably 30-40 people in total are now putting their Windows 10 updates on hold, based on my "wait and see" guidance.

        My point is that.. yes, you can argue that we are unrepresentative of the market at large. That we're nerds, whiners, ivory-tower techies, or whatever. But we do often have a disproportionate amount of influence.

        As I've said before, I think Microsoft's biggest and earliest mistake was to allow Windows 10 feedback from only those beta-testers who agreed to sign in with a Microsoft ID. Then and there, they excluded feedback from anyone who might have concerns about privacy and data-gathering. So now the OS is released, all this fuss is kicking up, and Microsoft - let's give them the benefit of the doubt - are sitting there wondering "why are so many people upset? We never had any inkling of this during the beta phase!"

        1. Anonymous Coward
          Anonymous Coward

          @David 132 - Re: Unfortunately

          I think you're spot on about the influence of the 'small' group of unsatisfied techies. People who play down our misgivings don't seem to understand your point - that we tend to be listened to by the less knowledgable.

          I would personally not give Microsoft the benefit of the doubt on this matter. The Insider forum has many members who are quite vocal about the flaws in Windows 10 and particularly about the privacy issues. Indeed, some of the useful info on what updates to avoid in Windows 7 and 8 can be found on the Insider forum.

          The problem is not that Microsoft didn't get the feedback, but that they did not take any account of it. Indeed the suspicion of some is that Microsoft never intended to listen to contrary opinions - just to use the Insiders' machines as a source of telemetry.

          If they're going over a cliff it is with their eyes wide open.

  45. Mikel

    Is it time to give up Windows yet?

    Everyone has to hit their personal limit of how much of this they will tolerate before they will install Linux or get a Mac.

    1. Andy Non Silver badge
      Stop

      Re: Is it time to give up Windows yet?

      I started dabbling with Linux since Windows 8 as I disliked it from a technical and usability perspective; but this user tracking/spying business is a whole new ball game and my trust in Microsoft has now gone. Like many others I take my privacy seriously and use various add-ons such as Adblock+, NoScript, Ghostery and various other privacy and security measures but when the snooping is at the level of the operating system, it is too far, way too far for my comfort. I have confidential/sensitive customer data on my computers and I do not like the idea that Microsoft may be hoovering up anything they like from those computers. I'm now in the process of rewriting all my Windows based application software to run on Linux. I don't consider my privacy and the privacy of my clients fair game for Microsoft to nosey around in.

  46. Teiwaz
    Linux

    Microsfoot!!

    "Update for customer experience and diagnostic telemetry"

    I get the 'telemetry', it's been mentioned/discussed enough in this forum so far, What 'Customer experience' were they referring to though?

    Or is that merely a typo, and it should be 'Customer expletive'.

    Penguin 'cause I'm happy to have been frolicking with the penguin since 2000...Otherwise I'd be even more annoyed World>Hell>Hand-basket etc. & once all commercial OS are like this. it's only a matter of time before 'actors' start demanding Linux et all report in for whatever reasons this is really about...

  47. Spoonsinger

    Well this sucks...

    I was waiting till my dotage before going full on hair shirt.

  48. Anonymous Coward
    Anonymous Coward

    10 update

    My friend is with plusnet and has win7 on his m/c. He just had an email from plusnet to say he'd exceeded his 10GB data allowance and they'd stuck a bit more on for £5. He had a look at his usage allowance to find this huge 6GB download- he thought he'd been hacked. I think it's windows downloading win10 without permission as that's about 6GB iirc. Will know more when I go to see the m/c. Extremely naughty if correct, are Microsoft going to refund his £5?

    1. Captain DaFt

      Re: 10 update

      "are Microsoft going to refund his £5?"

      Yes. He can expect the check about the time Satan needs earmuffs and a wooly scarf.

    2. Asok Asus

      Re: 10 update

      "I think it's windows downloading win10 without permission"

      It was. I've found that was downloaded without permission on every PC where KB3035583 was left installed. The folder is C:\$Windows.~BT and can take up to 1GB. Only easy way to remove it is with cleanmgr using the Clean up system files option after the first scan has finished.

    3. Andy Non Silver badge

      Re: 10 update

      MS quote 3.8 GB for the update, but it took nearer 7 GB on my 8.1 laptop, making a big hole in my 12 GB per month quota. The first I knew that it had got around to doing the automatic update was when the internet was down for the entire household. We are limited to 2 GB per day and the update took the whole lot before breakfast leaving us without email, skype, internet etc for the rest of the day. Thankfully these automatic updates wont be a problem going forward as nobody will be using Windows 10 in this household any more.

  49. JEF_UK

    This is frankly unacceptable.

    Put Linux on the laptop at the weekend. Previously just on servers...

    Off to turn off all auto approval on my WSUS.

    Thanks for increasing my work MS.

  50. Anonymous Coward
    Black Helicopters

    Am I safe

    "Search" doesnt show up any of these updates on my PC; but is "Search" telling the truth??

    The PC I am currently building is going to have Linux on it anyway; as soon as I am comfortable with it, this Win7 box gets Nuked and from then on, only gets used for games.

    1. Kepler
      Facepalm

      Re: Am I safe[?]

      "'Search' doesn[']t show up any of these updates on my PC; but is 'Search' telling [me] the truth??"

      If you open Windows Update in Control Panel, and then click on "Installed Updates", you will be presented with the option to "Search Installed Updates" in the Search box in the upper right-hand corner. This worked for me just now.

      But you have to do your search in that Search box! When I tried to search Windows Update and Control Panel for these three updates last night, nothing turned up! Only a few minutes ago did I discover what I did wrong.

      (If you try to search from Windows Update itself or from "View update history", the Search box that is presented in the upper right-hand corner just says "Search Control Panel". But if you try to search from "Installed Updates", the Search box that is presented in the upper right-hand corner says "Search Installed Updates". Last night, either I tried to search from "View update history" rather than from "Installed Updates", or else — and I think this is more likely — I did do it from "Installed Updates", but I tried to commence the search before allowing sufficient time for Control Panel to fully populate the list of installed updates, thereby causing the search to fail.

      Because Search failed me when I first tried it last night, I had to browse down the list of installed updates with my tired, aging eyes. When I did so, I found that all three of these updates had in fact been installed earlier this month. And as it happened, August's Patch Tuesday fell on my birthday! What a thoughtful trio of gifts from Microsoft! ("[D]on't worry too much about the myrrh next time"!))

      So unless you are sure you clicked on "Installed Updates" — and then waited sufficiently — before commencing your search, and that you therefore searched Installed Updates rather than the rest of Control Panel, I would not trust the answer Search gave you. Instead I would look for the three updates again, in the way I described above, just to be sure.

  51. bobgameon

    Again?

    Another article making people nervous and inciting declarations of a move Linux. Lets see how many follow through. Considering that they have proclaimed(never executed) this over and over again after every pig headed move by Microsoft I wouldn't be surprised its not many.

  52. spam 1

    Turn off Telemetry (W7 Server 2008 R2)

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\AIT\AITEnable

    Change AITEnable from 1 to 0.

    Problem solved. Don't mention.

  53. Henry Wertz 1 Gold badge

    Change to the user agreement?

    "Why is it that Comments rubbishing Ubuntu (Unity, I assume) always seem to come from 'Mint' Evangelists, and usually from the 'Mate' congregation? It always seems to strike me as trying to make up for an inferiority complex."

    Probably because Mint and Mate come out of the box without any of the types of changes Unity made to the UI. I just install the "Ubuntu flashback" and don't have to deal with Unity.

    Shouldn't there be a change to the user agreement, or at least a notification, to this much new information being collected? I mean, when people install Win10 it's there in the fine print that they can collect virtually anything they want, and people know what they are getting into. Adding all sorts of "telemetry" in like this seems very shady. (I'm glad I'm not using Windows personally.)

    1. Teiwaz
      Thumb Up

      Re: Change to the user agreement?

      "Probably because Mint and Mate come out of the box without any of the types of changes Unity made to the UI. I just install the "Ubuntu flashback" and don't have to deal with Unity."

      Doesn't really answer the question though. It's rarely the Cinnamon XFCE or LXDE refugees, occasionally you get 'tards commenting from a Gnome-Shell or KDE refuge, but it's the users fled who fled to Mate who generally seem to harbour such a bitter and long-running resentment*.

      Must admit, though, you don't come across many who admit to using 'Ubuntu Flashback' though. Do you get a lot of Mate users trying to 'convert' you?

      * I know many Mate users are happy and confident in their choice, buts it's the bores who harp on about that old schism that colour my perceptions.

  54. Pomgolian
    Terminator

    Security Essentials

    They really want this info - I am regularly in the habit of blocking hosts I don't like or adding other hosts while the DNS catches up in my windows hosts file. Never had an issue before, but after pointing settings-win.data.microsoft.com and vortex-win.data.microsoft.com to 127.0.0.1 Security essentials pops up a warning about "SettingsModifier:Win32/PossibleHostsFileHijack". Clearly it's a big deal for Microsoft, so it ought to be an even bigger deal for all of us to avoid it.

  55. raving angry loony

    Not mandatory

    Don't know if anyone's mentioned this, but none of the three updates mentioned were specified as "mandatory". Thanks to this warning I was able to make sure they're never installed on my gaming system. Hopefully. Unless they change how things are done in the next few months. Which they might.

    32 years I fought the beast. The beast won. My parting shot is "I fucking told you so" when it comes to Microsoft continuing to prove that it's just plain evil.

    1. Dan 55 Silver badge

      Re: Not mandatory

      There was however also a mandatory update KB3022345 installed several times between April and June and was not mentioned in the article, presumably because it's superseded, but it is mentioned on ghacks. As it's superseded it's not offered to new machines but if you haven't uninstalled it it's still there. That needs to go too.

  56. Asok Asus

    how to nuke this crap

    to nuke all of this crap on W7:

    from an admin account, select Programs and Features from control panel, select View Installed Updates from the left, wait until that finishes finding all the updates (could be a few minutes), then use the search box to search for each of:

    KB3035583

    KB3022345

    KB3068708

    KB3075249

    KB3080149

    find one at a time, and if found (not all will necessarily be there), right click and uninstall each one in turn.

    check Change Settings on the left in Windows Update selected from Control Panel and make sure Install Updates Automatically IS NOT selected.

    when all are uninstalled, reboot, which btw way can take hours sometimes after these are uninstalled (i have no idea what that BS is about; retribution by MS?).

    after the reboot, go back to control panel, select Windows Update, then Check for Updates. Find all the ones you just deleted, uncheck them, right click and select Hide Update, or otherwise they will come back.

    Also, check to see if C:\$Windows.~BT exists, which is the Windows 10 installer. If so, it can be wasting up to 12GB, so nuke it with cleanmgr started from a cmd window. once cleanmgr finishes its initial (very lengthy) scan, you should select Clean up system files, which will do another very lengthy scan, then check the box for that folder and select OK to nuke it.

    1. Michael Habel

      Re: how to nuke this crap

      KB3035583

      KB3022345

      KB3068708

      KB3075249

      KB3080149

      It would have been nice to have actually taken the time to list these little buggers

      KB3035583 - Windows 10 Notification THAT WILL NOT DIE!

      KB3022345 - Prequel of kb3068708 if you have this.. Like I had then kb3068708 will / should NOT show up. More on this in a sec.*

      KB3068708 - Update for customer experience and diagnostic telemetry

      KB3075249 - Update that adds telemetry points to consent.exe in Windows 8.1 and Windows 7

      KB3080149 - Update for customer experience and diagnostic telemetry

      * I only noted the earlier kb3022345 'cause of the lack of a kb3068708 in the Windows Update. Apparently kb3068708 was meant for all the bad children who didn't get the earlier kb3022345 update.

      Removing this earlier update seemed to be of little consequence as in regard to the newer version of said update I was back up and, running inside of Five minutes. The dirty little bugger called Diagtrack.*) however is unfortunately still left in place. apparently the trick to getting that piece of trash of your system is to fire up a command prompt. In Admin mode, then enter in:

      sc stop diagtrack

      sc delete diagtrack

      This should then hopefully fully remove the earlier kb3022345 update then.

      1. Spoonsinger

        Re: how to nuke this crap

        Actually probably easier just restoring to a point previous to the 'patches', then just turn off updates. Then think about what you actually want from your computer.

  57. Anonymous Coward
    Windows

    May I be the first to welcome our Cortana overlord?

  58. Michael Habel

    Re: KB3068708 very slow to complete uninstall

    Well lookie here kb3068708 is just kb3022345 (Diagtrack) by another name... I did kinda think it strange that I had noticed the other Two Updates, but was seemingly missing out on this Third One... Now I know why!

    Needless to say I soon as I found this POS! I removed it from the Control Panel -> Programs, and Features -> Installed Updates. Apparently though this still isn't quite enough to kill the undead that is Diagtrack.

    Apparently to do that you have to open up a Command Prompt with admin privileges and enter:

    sc stop Diagtrack

    sc delete Diagtrack

    ... To be finally rid of this bloat.

    P.s. To the Webmaster / Fourm Mod(s) why is it I can't post cmd.eᵡe without getting what appears to be a B& Hammer message about not being able to post this? I don't frankly get it to be honest.

  59. Zog_but_not_the_first
    Devil

    In the week Wes Craven died...

    We've spent years building firewalls, running anti-virus software and being vigilant on software installations, but THE MONSTER IS INSIDE IN THE HOUSE.

    1. Andy Non Silver badge

      Re: In the week Wes Craven died...

      If any third party applications did what these Microsoft updates are doing they would rightly be called rootkit spyware, especially when seen in conjunction with the unremovable firmware updates MS are propagating. The average Windows user is clueless about this insidious direction Microsoft are going in: "All on board the cattle trucks for a great customer experience, trust us." The sad/alarming thing is that the average Windows user is clambering onboard with enthusiasm.

      1. GrumpenKraut

        Re: In the week Wes Craven died...

        And finally it becomes true: WIndows, the virus with a user interface.

        1. davidp231
          Angel

          Re: In the week Wes Craven died...

          Your terminology is incorrect, for viruses are small and efficient in what they are designed to do... Windows is by no means small, and efficient? Well...

  60. Captain Badmouth
    WTF?

    Have uninstalled the following, one by one, from my win7 system as per the list on Wilder security. The ones with an asterix required a system restart after uninstall. I then checked for updates and windows wanted to re-install 9 essentials. I hid them last night then restored them this morning. Checking again for updates I find I now have no "essential" updates but have 18 optional ones - including those 9 that were essential last night.

    Has something changed?

    I tried stopping Diagtrack but it doesn't exist on my system, it says.

    KB2923545 RDP

    KB2970228 *

    KB3035583

    KB2990214

    KB3021917 *

    KB3068708 Telemetry *

    KB2592687 *

    KB2660075 *

    KB2506928

    KB2952664 x2

    KB3050265

    KB2726535 *

    KB2994023

    KB3022345 Replaced by KB3068708 Telemetry KB3022345 Caused false sfc result

    KB2545698 (IE9) *

    KB3065987

    These not found on my system. (didn't expect to find the win8 one)

    KB2876229 SKYPE, If you want Skype then install it.

    KB 3068707 - Customer experience telemetry points

    KB 3050265 - Windows Update service updated to accept upgrade to W10

    KB 2977759 - W10 Diagnostics Compatibility telemetry

    KB 3044374 - W8,8.1 Nagware for W10

    KB 3075429

    KB 3080149

  61. Someone_Somewhere

    You can run...

    but you can't hide.

    Before everyone rushes off to embrace the penguin, it might be an idea to investigate systemd, Redhat and their clients.

    I wouldn't recommend Slackware or Gentoo to people new to linux but, unless you're unshakably convinced that the linux dev community is filled entirely with saints possessed of infallible intellect, diamond-strong willpower and is imperviois to infiltration by individuals with personality disorders, character flaws and agendas as nefarious as any that might be pursued by MS/Apple/some_government_TLA, they might well be the only options available to people here.

    And even then, what are you going to secure them with?

    AppArmor is more or less out of the question on anything other than *buntu.

    SElinux is a questionable option, given its origins.

    The future of GRSecurity looks uncertain.

    RSBAC will require people to get their hands well and truly dirty and roll their own - with all the attendent dangers of non-experts implementing their own security solutions.

    I'm not saying people shouldn't make the jump - I did myself - but it's not quite the utopia people might imagine either.

    </my two cents>

  62. Kepler
    Windows

    Offensive, sure, but is it actually HARMFUL?

    I am deeply offended — though hardly surprised — that those venal idiots in Redmond would install such new functionality without giving me any hint of its existence or notice of its nature beforehand, and even go so far as to activate it without my consent (let alone my informed consent).

    All the same, is it actually in my interest to edit my Registry to disable these new "features", and/or to uninstall the three updates, and thereby deprive myself of their attendant "benefits"?

    My first impulse is to say Yes, of course. But I do not wish to act rashly, out of spite. Just how harmful to me is the disclosure of the information that will be disclosed to Microsoft without my knowledge or consent? How much connection-bandwidth and how many CPU cycles will this spyware actually eat up, and how likely is it that Microsoft would glean anything I actually might mind having disclosed?

    And on the other hand, is it possible that by allowing these three updates to remain in place and continue to operate, I might actually contribute in some small way to making user experiences — including my own — better in the future?

    It seems to me that if there's a chance of that, and the CPU toll and risk of genuinely harmful disclosure are both trivial, then perhaps I should calm down, take a stress pill (thank you, HAL!), and just leave the situation alone.

    I am not asking rhetorically, as a defender of Microsoft or of these three surreptitious updates. I am genuinely curious and puzzled, but clueless!

    (At least in regard to the answers to the questions I pose, if not more generally!)

    1. Kiwi

      Re: Offensive, sure, but is it actually HARMFUL?

      It depends on your circumstances. Are you a home user, who only ever works on your recipe collection and other such things that have no privacy or other such issues, your banking not done online (or not done with that machine) and so on, little to nothing you use passwords for?

      Then fine.

      Are you a home user who sometimes takes work home, has client data or works with documents relating to clients on your home machine (under at least some privacy laws ALL client information is to be considered "sensitive" to avoid resultant lawsuits and public shaming if you let it out)? Or perhaps you have something in the family or something with your friends you (or they) want kept absolutely private, perhaps researching some embarrassing medical condition or into gay furry or other such stuff and stuck in the closet? Then maybe not - according to the article they could get stuff from your ram including documents you're working on.

      If you're in a work environment and this affects your machine, then it's simply not on. If you have any government contracts, NDA's, deal with client data or company secrets then this must be a no-go. You're trusting a party who has stated they could (read would) pass your data on to another party to make sure they never leak your data accidentally and never deliberately pass it on, "anonymised" or not (am I the only one who remembers the fun we had when AOL(?) released dumps of peoples search terms, making it "anonymous" by removing user names but forgetting to remove vanity searches, home address lookups and so on?).

      Actually something that could perhaps be even worse - what if a leaked memory dump holds parts of a couple of documents (IIRC there was something not to long ago about a "new" word document containing data from documents worked on in that session?) where you have some name and address from the first document and some disease or some other nasty in the second, making it appear that you're saying "Jane Doe from xxx street is actually Joe Bloggs on yyy"?

      tl;dr If you're in business and handle personal information/data or have NDA's/government contracts etc, or at home and have documents you don't want the world to read, this could be very harmful.

      1. Kepler
        Devil

        Re: Offensive, sure, but is it actually HARMFUL?

        Many thanks for sharing your perspective, Kiwi. You raise some very good points.

        I thought I would try to wait a goodly while before replying to you, in the hope that others might weigh in as well, but it's beginning to look like you may be the only one.

        "IIRC there was something not to[o] long ago about a 'new' word document containing data from documents worked on in that session?"

        I could be mistaken, but hasn't WinWord been doing that for at least 20 years now? (Don't know whether Word for DOS did it too.) I'm pretty sure I remember doing some DOS comparisons ("FC /T") of Word documents that were supposed to be identical, and being astonished by how they were not. Or else bit-wise comparisons of same in the file viewing pane that was included in PC Tools for Windows. In either event, I recognized the extraneous text — having written it myself — that apparently was being used as filler material, for no other purpose than to make the file larger, but wondered what the Hell it was doing in a different document, and how the Hell it had gotten there!

        More broadly, your points about the dangers of memory dumps/snapshots, and the imperfection of past "anonymising" efforts (assuming they really tried!), are all well-taken. Even when dealing with a vendor of absolutely trustworthy intentions, things can go wrong, and can go much farther than one intended or expected. Plus I keep reminding myself how the sneaky way Microsoft foisted these updates on me/us pretty-well proves their bad faith, ill will, and lack of trustworthiness.

        (Thus my choice of posting icon.)

        At one point my tentative position was that if they had had the decency to disclose and ask up-front, I might well have been willing to say Yes to sharing my data with them, but since they instead were such sneaky bastards, I would not. But the thrust of your reply is that even if they had asked first and asked nicely, and behaved in an entirely reputable fashion worthy of my trust, it still would have been a mistake on my part to provide that much data, no matter how badly I might want to help Microsoft improve its buggy products!

    2. Kepler
      Pirate

      Re: Offensive, sure, but is it actually HARMFUL?

      P.S. This whole experience makes me want to suggest that El Reg adopt a new Forum-posting icon for "Windows user" — one more consistent with the reality of being a Microsoft customer, but less consistent with The Register's standards of Forum decency. And also consistent — for those who are familiar with it — with the details and history of Microsoft's former relationship with IBM.

      (I am alluding, of course, to the coining of the shorthand "BOGU", and the famous presentation to Steve Ballmer of a jar of Vaseline with that expression attached. A picture of a person actually bending over in preparation to take it up the arse would be ideal, but far too graphic and unsubtle. A picture of a jar of Vaseline, on the other hand, would be amply subtle and discreet!

      "FYIFV" was another charming and colorful early Microsoftism that was not quite up to El Reg's standards of decorum and politeness. With which I agree wholeheartedly.)

  63. Sir_Hops_A_Lot

    It's interesting to see people catching Microsoft's BS with Windows 10 - and now these patches - but no one really noticed that the whole point of removing the START button in 8 was to force the captive audience of Windows users into an operating environment supported by an app store where MS thought they'd be able get a chunk of the piles of billions of dollars that Apple, Google and Amazon were playing in that Balmer et all, dimissed as a fad.

    1. TheVogon

      "an app store where MS thought they'd be able get a chunk of the piles of billions of dollars"

      They seem to be making progress in doing that. MS recently announced they have had 3 billion visits to the store since Windows 10 was released. Also of note - Windows 10 customers are generating four and a half times more revenue per device than Windows 8 users.

      Full blurb here: https://blogs.windows.com/buildingapps/2016/02/04/windows-store-trends-february-2016/

  64. Kepler
    Big Brother

    Which is worse: Windows 7/8.1 with these 3 updates, or Windows 10 with custom settings?

    Another question just occurred to me: Where do these three updates to Windows 7 and 8.1* leave those who install them, relative to those who have "upgraded" to Windows 10?

    It strikes me that, immediately upon installing these three updates** — which make no provision for customization of privacy settings at all — users of these earlier versions of Windows might actually have less privacy and more exposure than someone who "upgraded" to Windows 10 but who opted for "Customise settings" during installation rather than "Express settings"! Presumably one would still not be subject to keystroke logging*** (nor would the Windows 10 user who chose "Customise settings" and then checked "No" during installation), but one would — or at least might — be more exposed to the risk of disclosure of personal information through memory snapshots.

    Thinking about the matter some more, it occurs to me that the answer might depend on whether one has previously said "Yes" to Microsoft's Customer Experience Improvement Program (CEIP). The newly installed spyware might start slurping one's data immediately, but it also might remain inactive so long as CEIP has not been activated. (And it may or may not activate CEIP itself, as part of its/the three updates' installation!)

    So, does all this newly installed Windows 7/8.1 spyware lie dormant until CEIP is activated? Or does it start slurping users' data immediately? Does anybody here know the answer?

    .

    * And what about users of Windows 8?

    ** Whether unwittingly, as in my own case, or even wittingly.

    *** "Telemetry" does not include the keystroke logging "feature", does it?

    1. Anonymous Coward
      Anonymous Coward

      Re: Which is worse: Windows 7/8.1 with these 3 updates, or Windows 10 with custom settings?

      You have a good question, though the answer might be a matter of opinion.

      Windows 10 does at least have the virtue of being up-front about the privacy settings (provided, of course, that you go looking).

      On the other hand, the only permission available for Windows 7 is the CEIP opt-in. I can't remember whether it defaulted to IN or OUT, but I imagine Microsoft are targetting the millions of people who wouldn't have a clue what CEIP stands for and who happen to have it set to IN.

      Pretty scummy really. When Windows 7 came out I imagine plenty of people who were aware of CEIP thought of it as a minor feature. Now of course it is anything but that, but Microsoft are happily extending the features that the Opt-in sanctions, without any indication to the user of what is happening.

      I'm just wondering now when we're going to start seeing new optional updates for Vista. Gotta catch 'em all, after all.

      1. Anonymous Coward
        Anonymous Coward

        Re: Which is worse: Windows 7/8.1 with these 3 updates, or Windows 10 with custom settings?

        @ JustaKOS

        Of course the default for CEIP is opt-in ..... it is MS.:)

        Win10 is a beta testing ground for MS to discover what they can get away with.

        All they learn will be rolled out to Win7 & 8.

        This is the new MS.

        They are trying so hard to emulate the total control Apple have and by necessity the transition is brutal.

        You all need to decide very soon which world you want to live in.

        MS, Apple, Google or something else such as Linux.

        Make your investigation, and an informed decision is possible.

        Delay and prevaricate too long, you will be assimilated by one of them unless you fall back to the abacus and/or scratching in the sand with a stick.

        Personal computing is all but gone and privacy is a inconvenient obstruction to profit.

        Don't worry though you will get the digital equivalent of a bag of beads and some old blankets for your privacy, so well worth it :)

  65. paulf
    Unhappy

    Recommended update

    It looks like the primary offending update KB 3068708 is a Recommended update. I've always unchecked the "Give me recommended updates the same way I receive important updates" option in Windows Update since most of those updates tend to only hold some nice to have patch for some obscure HDD running on some other more obscure Motherboard. Great if you have that HDD and MB but I've never found anything in there of use.

    That could all change if MS decide that updated spying^H^H^H customer experience telemetery is now an Important update...

    Trying to out Google Google - I can only see that working as well as it did when they tried to out Apple Apple (Zune anyone?)

  66. Valarian

    Leap of Faith

    I took a few days to mull it over and dispassionately consider the pros and cons.

    Then last Friday night I plugged a newly-created Ubuntu boot stick into my laptop, and without a moments' hesitation let it blow the Windows partition away, reformat, and install itself.

    Five days on, I'm running nearly all my applications - still a few to re-install - either as native Linux versions or (for DVDFab) as a Wine cuckoo. Everything works.

    Sure there's a learning curve ('sudo apt-what the heck? aargh quick Google') but on the whole I'm getting the hang of it. And importantly I feel like I'm in charge of my computer again.

  67. Someone_Somewhere

    Re: Leap of Faith

    "I plugged a newly-created Ubuntu boot stick into my laptop, and [...] I feel like I'm in charge of my computer again."

    You do?

    Running Ubuntu?

    Are you sure?

    1. Anonymous Coward
      Anonymous Coward

      Re: Leap of Faith

      I'll trust Canonical over Microsoft. At least the former do ship the source code and it's a very small step from there to Debian if they do something nasty.

  68. Someone_Somewhere

    >I'll trust Canonical over Microsoft. At least the former do ship the source code and it's a very small step from there to Debian if they do something nasty.

    Hmmmm

    Granted, not everyone has the inclination, opportunity or wherewithal to go Slackware/Arch/Gentoo/whatever. And those who don't have it need something reliable that isn't going to end up as abandonware, leaving them at the mercy of whatever 0-day exploits are discovered after the cessation of security updates.

    So, yeah, of the three (Microshaft and Crapple included), Cannonical looks like the best of a bad lot, sure. But that's a bit like leaving an abusive relationship for a slightly less abusive relationship. And that never works out well either.

    Do I want my left testicle wired up to a car battery?

    The right?

    What about the perineum instead?

    How about "none of the above"?

    How about one of the other non-*buntu derivatives?

    OpenSUSE is pretty good from the little experience I've had of it*.

    I've heard good things about PCLOS - same about Manjaro.

    Devuan might be a runner in future.

    If you suspect Debian might be a better solution in the long run then why wait until it's already too late to make the switch?

    * Had to do some comparative study of Ubuntu/Fedora/SUSE recently - Glad I don't have to use them myself!!!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like