Take your hexedit, strike Windows down with all of your hatred, and your journey towards Linux will be complete...

https://en.wikipedia.org/wiki/...

Ok, so this is Traffic deaths as a fraction of total population. We are currently down to less than half of the maximal values that were from the 30s through the 70s. We are back down to 1920 levels of traffic deaths as a fraction of total population.

Has this dramatic decline since 1980 sent these companies out of business?

> And don't forget, even if you do turn off all those default settings, you can't turn off automatic updates... and Microsoft has a track record of their updates changing settings back to default...

Home can't turn off auto-update, but Pro can. Updates are heavy enough that there will be other reliable technical workarounds for this issue, but the fact that it can't be disabled trivially on all Windows 10 is very much a big problem. I just think the others are bigger because they don't have any workarounds outside of temporary hacks that still function (or using Enterprise or something).

>1. User enters a password, and the computer hashes it and discards the plaintext. This has is called the PSK (pre-shared key).
Terminology I guess? It changes nothing. The point is that that the piece that gets sent to your friends is able to grant access to your network. That access piece needs to be reconstructed- not a hash of it, and it needs to be reconstructed bitwise correctly or it will not work. If the point is that the literal password isn't sent, but instead the literal number that grants access, the point is the same- the thing that grants access is accessible in plaintext by anyone granted it, via this new method.

> You never use the password to authenticate, only the hash.

Meaning that the "hash" (in this case the PSK) is the "password" from the perspective of security- the thing that "you know" that proves you are you. I guess if you have an embarrassing password, this spares you that embarrassment, but the point about it sending the stuff needed to access your network to your contacts remains the same.

Note that this is, in my opinion, not really a big deal. It is easy enough to turn off, and you have to actually add the networks to a thing to make this happen. The rest of the OS is the privacy shit-show.

> You mean the handy options screen that shows up after installation, where you can turn all of sharing off with a few clicks?

So, I have several problems with this.
1- This screen is not going to be there on every machine, as several won't have been installed fresh.
2- This screen needs to be changed for every user, I'm... pretty sure?
3- The option is like start -> settings -> accounts -> sync settings
Settings has a zillion things. Why would you guess "accounts" contains the option to "leak all browser everything"? Once you are in accounts, "sync settings" is a pretty odd place to put that. Once you are in there you still aren't done- there's several switches. The one with all your browser history and favorites is called "browser settings". Would you rationally put your browsing history behind that label? This is very tricky! In what universe would you call your history a "setting"? Even "favorites" have a hard time being called this.

So yes, it's a burden. You have to disable it everywhere all the time, or it gets zipped up to the cloud. Exactly like I said, it's one more burden you have to remember every time you do anything new on a box, one more thing to carry forward, one more stressful thing to remember for here to forever- and that assumes that the menu functions as advertised, and doesn't get all dicked around like everything else with every new version. So this gets added to your list of Things To Learn Anew Yearly. Fuck all that, trashbin this crap!

> You find it surprising that Microsoft will comply with legal data requests, and they are legally required to do so?
First, yes, it's a bit odd that they would comply with law enforcement requests. I'd hope that they would comply with subpoenas only- that leaves a paper trail and a judge and has oversight (or at least it is supposed to). Second, you are taking this out of context- the issue isn't that they will hand over data when asked, it's that they will *have all the plaintext data in hand to begin with*. Right now, Microsoft (or anyone) will obviously share information on a suspect- that's only common sense. But there's a big difference when your OS is snooping on you to this degree.

From Microsoft:
"Examples of data we may collect include your name, email address, preferences and interests; location, browsing, search and file history; phone call and SMS data; device configuration and sensor data; voice, text and writing input; and application usage."

Who you are, everything you've typed including passwords, everything you've said, who you've said it to, and which local files you have accessed? That sound like a reasonable set of data for Microsoft to hand out?
Nothing implies that they will ONLY do this in response to a legal subpeona, by the way. This implies a pretty massive back door that you are authorizing, and cannot opt out of.

> Considering that Cortana works by knowing stuff about you, how do you expect it to work if you opt out of telling it anything?
Out of context and irrelevant. First, pieces of this could be handled locally. Second, assuming that's not an option, there's no reason to leak this much information- when you first use Cortana, she doesn't know all that stuff, but she'll still work, right? So how about we lock in that stateless mode, knowing full well that pieces of the customization will be missing?

"To enable Cortana to provide personalized experiences and relevant suggestions, Microsoft collects and uses various types of data, such as your device location, data from your calendar, the apps you use, data from your emails and text messages, who you call, your contacts and how often you interact with them on your device. Cortana also learns about you by collecting data about how you use your device and other Microsoft services, such as your music, alarm settings, whether the lock screen is on, what you view and purchase, your browse and Bing search history, and more."

So, what if you use Cortana on a blank machine without any device history, any data in a calendar, having used any apps, without access to emails and texts, without any call history, without a contact list, without previous use of other services, without any music attached, without any alarms set, and without having viewed or purchased anything?

Will Cortana break?

I bet you know she won't. This data is not needed to function. It's needed to improve the user experience, but it has no way of being disabled. Forcing this stateless intro, or disabling the majority of this toxic access, would still result in a usable Cortana. In fact, you'll probably be able to GET to this with an application firewall or localside software edit, and maybe someone will do that later- but the default is "if you won't share your literally all things, you don't get this feature". That's VERY user hostile, quite deliberate, entirely baseless from a technical perspective, and a privacy nightmare, not waiting to happen, but literally happening now.

> You can be specific about what telemetry you can't turn off?
Sure, but note this is only the stuff we KNOW about- there's no way to be sure there's not more, because the EULA and privacy agreements are so all encompassing that they don't bind themselves in any way, and these methods are technical work arounds that could fail at any time (such as the Windows 10 Home edition failing to respect the registry key that controls auto-updates on every other version of Windows, including Windows 10 Pro and Enterprise).

1- Telemetry can't be disabled.
This is by design, because in Enterprise, you *can* disable it, but they hoark it up in Home and Pro. The lowest you can set it to is "basic".

Because it's a computer you have admin on, you can (and should) fuck with it until it stops breathing, of course.
http://winaero.com/blog/how-to...

This discusses command line workarounds that work only if you have admin, and are only work arounds, not solutions- a later update could easily blow away this setup.

2- The Microsoft Apps transmit data and you can't stop it if you use them. The only way to stop the leaks (for now) seems to be hosts files:
https://www.reddit.com/r/Windo...

This has all the stuff you mention (and the stuff that is in the GUI), but as I keep pointing out, this is only the stuff that Microsoft chooses to point to. The final step involves making a bunch of domains fail to resolve, a temporary workaround that some mandatory patch will "fix" for you.

Remember: Because you AGREE TO SHARE THIS WITH MICROSOFT IN THE TOS, they can do whatever they want technically to make it happen. They already disclosed that they are actively collecting:

> Every file you access.
> Every website you access.
> Every call you make, to whom, and how long
> Every program you run
> Every keystroke you type

So *whatever* you turn off, by whatever hacky means, doesn't stop the fact that you've AGREED to let Microsoft collect all this shit. The fact that you can use a page long guide of command line hacks to get shit under control temporarily (maybe) is by no means ok.

Honestly, if only the "home" version was like this, I wouldn't care as much as I do. It would be a big deal, but the solution would be obvious- buy Pro.

But- everything I said applies to pro. The only thing pro offers is the ability to turn off windows updates without strange hacks.

No, I'm pretty sure your privacy is forfeit unless you are a corporation, no matter the price you pony up in dollars.

Note: I could be mistaken. Maybe an extra 50 bucks buys you the non-awful version, I'm not sure- but the line is certainly not "when you pay money".

It means you either supplied an invalid user for the environmental execution in question, or you supplied an invalid user for the execution environment. You should see to that. I hear there is a pill.

In this dystopian future, we are all crazy HOSTS guy.

"We don't know who struck first, the users or Microsoft. But we know it was the users who scorched domain name resolution..."

Seriously- it's unknown how aggressive Microsoft will be about pushing their shit-stacks around, at least at first. But the fact that this level of nonsense is going to happen is absolutely a looming poop front. At the point where we're all trying to root out all the hidden local places this stuff is cached so we can get security patches without uploading everything, we are definitely dealing with the Worst OS Ever.

Good info for sure though.

Here we go:

http://windows.microsoft.com/e...

Lets do a little walking here:

----
Data We Collect

Microsoft collects many kinds of information in a variety of ways to operate effectively and provide you the best products, services and experiences. We may combine this data with information that is linked to your user ID, such as information associated with your Microsoft account.

When you acquire, install and use the Program software and services, Microsoft collects information about your use of the software and services as well as about the devices and networks on which they operate. Examples of data we may collect include your name, email address, preferences and interests; location, browsing, search and file history; phone call and SMS data; device configuration and sensor data; voice, text and writing input; and application usage.
----

Is literally anyone here ok with this? "name, location, every file you access, every search you do, every call you make, every text you send, everything you say, anything you type into any application, and every executable you run, correlated with your MAC address, IP address, and timestamp".

That's LUDICROUS. Am I missing something here? Who cares about a wifi password that you have to opt into, when sharing EVERYTHING YOU EVER DO AT ANY TIME IN MELEE OR DETECTION RANGE OF YOUR COMPUTER, is something you just legally agreed to share with Microsoft?

It then gives examples, right below, that make it sound like this is about performance monitoring. But those are examples, not what you just agreed to share.

Am I missing something? Shouldn't this be the story?

> It is only enabled when you optionally check it for a specific Wi-Fi network.

True.

> It shares a *hash* of your password

False.

> (Slashdot of old would know the difference)

Depends. If you were on it, at least you wouldn't know the difference.

It shares an ENCRYPTED version. Not a hash. If it shared a hash, it wouldn't let them access it, now would it?

Hashes normally throw away data. So if you have a local /etc/shadow file with hashed passwords, you can't unscramble / unhash / decrypt them, because there's a many-to-one mapping involved. The encrypted data, on the other hand, is one to one. This is because the people you share it with have to decrypt it locally and use it. This means that it is available in plaintext on their boxes (and how that key is managed I don't know- if they screwed up anything about that, it could be decryptable in transit too).

There's a lot to complain about in Windows 10. Enough that I will never use it personally, and I was planning on upgrading to Pro before I read their absolute nightmare combo of dick-kicking bullshit.

Here's the scoop:

1) By default, this OS will leak your local data. You can opt out of this, but good luck constantly finding that setting, and having one more horrendous weight to lug around every time you have to reinstall, or use a new machine. This goes up to some microsoft account, and it includes all your favorites, any active websites at any time, etc. Again, you can opt out of this crap, but why on earth would you need to opt out of this?

2) It mentions giving law enforcement all your data if asked, which, I mean, we JUST saw that exact thing become both automated, and globally used against all Americans. Like JUST saw it. Importantly, even if somehow this isn't used for massive and warrantless data collection the next time anything bad happens anywhere, it still means that whatever this back-orifice negafeature is, will be installed in all Windows 10 systems by default, with no opt out (only a bad guy would opt out, right?), and that it will sit there waiting patiently for some black hat to hack it. Even if you are still ok with this massive overreach, just ask yourself- wouldn't it be smarter to use a product that doesn't have this built in?

3)- Many new features require you to opt in to wholesale uploading of your activities. Cortana is a huge feature of this OS, but everything from your location to *lists of played media files* is uploaded when you use this feature. You can opt out, but this disables Cortana.

4)- You can't turn off a lot of the telemetry.

The only safe way to use Windows 10 is on a fully airgapped machine. If you are interested in turning off Windows Update, auto-telemetry, and whatever that amazing law enforcement backdoor is, you'll need some rather intelligent application firewall to make that happen.

Windows 10 will be an absolute nightmare. This should have been obvious the moment that they told you that you can't turn off Windows Update- that means that they will use Windows update to turn your destkop into an X-Box load screen, with everything full of advertisements and assorted diseases. Taking out your opt-out from that was never about security, it's about ensuring that the coming advertisements hit as many eyes as possible. You'll be downloading AdBlock Desktop soon enough.

Oh, and most of this shit (especially the wholesale user monitoring) isn't enabled on the corporate boxes. Businesses, after all, have a right to privacy. Because they are more human than human, now?

Psh, no TRUE Linuxman values boot time. The boot time is when you install Linux. It's all UPTIME after that! A good boot time is January 1st, 1970. Your uptime should be equal to the Unix epoch!

Some engineers are also invisible and intangible.

I mean, until proven otherwise.

I suggest flash block or whatever you have to do to prevent flash loading by default in general. Terrible sites require flash- slashdot just offers it, and works fine without.

"We couldn't destroy the forum because the users complained, so we've gotta sell!"

It took them a decade to remove the patent some asshat snuck in on fucking XOR, no way the patent trolls are out of ammo. The system is literally made to provide them with an endless amount of it.

Malware in Windows is bad because Windows only has one "distro" at a time, so Windows is the whole OS. That means, there's no group of people elsewhere doing it correctly that you could have used instead, and much more importantly, *it's almost impossible to replace any part of the Windows OS anyway".

The complainers are correct. Since every Windows comes "stamped and sealed", it either fails or works entirely holistically. Since Linux has so many more pieces, it's not nearly as interesting if a single Distro, or a replaceable piece thereof, has an issue- and it won't hit the whole ecosystem.

I also think that the "stamped and sealed" concept encourages Microsoft to underengineer certain parts. "Ok, well, the ONLY guy that interacts with this dude is X, and X never gives us that input" is a valid thought when trying to implement Y, but in Linux world, you end up needing development to handle the other cases from the start.

Windows is not fundamentally broken or anything like that, but it certainly seems to be entirely exploitable and ludicrous to use in any fixed hardware / embedded cases. And yet, it is. A safe should not be running XP, or 7, or 10, or anything else by Microsoft- it should be running a real time OS, or, *worst case*, a stripped down / locked down BSD or Linux. Windows is a consumer OS, a gaming OS, and a creativity, development, and productivity OS. Microsoft intends it to be a server OS and you can make a solid case for that (I wouldn't), but for use in a fixed platform hardware device? It's a sitting duck.