none
People installing windows 7 due to distrust of Windows 10 RRS feed

  • Question

  • I have a friend who is a security expert, and he says some of his clients (in 2016) insist on Windows 7, because of various security problems of windows 10.
    So I'll list a few that I noticed in a link he mentioned.  First I should say that I don't mind Microsoft collecting info such as what websites I visit.  But I'm a programmer, and I don't want the software I write ending up somewhere else.
    So lets start with the list (from an article on the web).
    1. Microsoft's EULA grants Microsoft the rights to use any of your content related to the services like Bing, Cortana (a built-in file indexer and search in Windows 10), OneDrive or Skype: "you grant to Microsoft a worldwide and royalty-free intellectual property license to use Your Content".   This raises a question - So does this mean that when I uploaded a zip file of a program I wrote to OneDrive, that Microsoft could get hold of it?
    2. Microsoft tracks voice recording (what are the implications?)
    3. Microsoft tracks keyboard scanning
    4. There is no true safe mode (rogue applications may easily run in it).
    5. The official Microsoft guide on Windows 10 telemetry settings says this: "Ability to gather user content, such as documents, if they might have been the trigger for the issue".  The link says though that Microsoft states that user files can be requested only on the "Full" level of telemetry, however you need to bear in mind that this feature is built-in, it's remotely triggered, and it can be used to get any of your data any time they want.
    6.  Safe Mode has become impossible to access unless you've booted into ... the running OS which totally defeats its purpose. Also Safe Mode is hidden behind almost a dozen of steps vs. a single F8 key press on boot in every Windows version from 95 to
    7. Windows 10 violates the basic networking principles: it ignores the hosts files, the DNS protocol and firewall rules and sends telemetry data regardless.
    Are these real security issues to worry about?  Does Microsoft have a reply to these items?
    Thanks
    Thursday, November 17, 2016 10:27 PM

Answers

  • All of that is pretty much like defending, "Do you still beat your wife?".

    1. Start by reading the EULA for the products you are concerned about.

    https://www.microsoft.com/en-us/useterms

    Windows 10 is the most secure version of Windows ever.


    Rob Brown - Microsoft MVP - Windows and Devices for IT - Windows Insider MVP : Bicycle - Mark Twain said it right.

    • Marked as answer by Gidmaestro Friday, November 18, 2016 11:10 AM
    Friday, November 18, 2016 12:36 AM
  • I personally feel there are ways around it. If you encrypt files (not bitlocker) that you consider private they cant view them. I imagine over VPN any of their data will be encrypted on the way out making it useless to them. If you have a dedicated firewall (not windows firewall) I dont see how their traffic would skip it. And in all honesty I am not doing anything crazy to the point if MS saw it I honestly wouldnt care. I feel the people who complain are people with something to hide. Also I feel MS is just coming forward saying they CAN do it not that they are. Like if FBI comes and asks for use info on your computer they can look into it. I doubt they hired a huge crew to monitor all windows 10 users files. MS is being honest about your data. Any company with cloud storage can conceivably access your data but they may not list that they can to have an illusion of privacy, MS is being decent and saying "hey your data might be monitored" Verizon can see all of your cell traffic and use but no one complains. there are numerous examples of similar instances that no one complains about. I wouldnt be surprised if Apple was the one to bring out the privacy concerns in Windows 10. Obviously my opinions on the matter lol take it as you will.




    • Edited by ITTom2.0 Thursday, November 17, 2016 11:30 PM
    • Marked as answer by Gidmaestro Friday, November 18, 2016 11:10 AM
    Thursday, November 17, 2016 11:22 PM
  • Gidmaestro,

    I recommend to ask separate questions for each concern, those are "somewhat connected", but to get meaningful answers, please provide background for each item: what have you read and where? Link and quote each item.

    Please also acknowledge the fact that windows 7 has telemetry as well. It didn't use to, when it came out, but now it has. And if you connect a system to the internet, you cannot guarantee the OS is not sending out data - by no means. And if you cannot verify that data, you need to trust the OS. Same with win7.


    • Edited by Ronald Schilf Friday, November 18, 2016 8:19 AM
    • Marked as answer by Gidmaestro Friday, November 18, 2016 11:16 AM
    Friday, November 18, 2016 8:19 AM
  • Hi,
     
    Am 17.11.2016 um 23:27 schrieb Gidmaestro:
    > 1. [...] So does this mean that when I uploaded a zip file of a
    > program I wrote to OneDrive, that Microsoft could get hold of it?
     
    No, they can not ignore and compromise copyrights.
     
    > 2. Microsoft tracks [...]
     
    Disable all tracking applications:
     
    > 6.  Safe Mode has become impossible to access unless you've booted
    > into ... the running OS which totally defeats its purpose.
     
    Thats, what the recovery drive is for.
     
    > 7. Windows 10 violates the basic networking principles: it ignores
    > the hosts files, the DNS protocol and firewall rules [...]
     
    Right, and it will copy all your personal documents directly to
    OneDrive, it will create videos via Windows Hello to deploy them to
    youporn, aswell it will heal the world from whateverwentwrong and gives
    free entry to disneyland for everyone. #sarcasm
     
    Sorry, thats just simply not true. Just try yourself. I did it 5 minutes
    ago and my fake name entry to my router in hosts file is perfectly
    pingable by name.
     
    It does NEVER ignore firewall rules, the problem of sending data is: as
    long as you allow sending data, the action comes from internal and by
    default die Firewall allows all outbound traffic.
     
    But sadly yes, there are some differences ans misbehaviors in the IP
    stack in handling round robin and netmask ordering and other issues,
    but saying it /ignores hosts and dns protocol/ is simply wrong.
     
     
    Mark
    --
    Mark Heitbrink - MVP Group Policy - Cloud and Datacenter Management
     
    Homepage:  http://www.gruppenrichtlinien.de - deutsch
     
    • Marked as answer by Gidmaestro Friday, November 18, 2016 11:16 AM
    Friday, November 18, 2016 9:29 AM
  • Am 18.11.2016 um 18:50 schrieb Gidmaestro:
    > [...] Windows 10 collects more data about users than Windows 7 did
     
    like apple, android, google, facebook ... and all the others.
     
    Microsoft is the only one, who tells you how to switch it off. See link
    I provided earlier.
     
    YOU can control it, the only thing is: You need to do it. It´s not the
    out of the box behavior and 99% of all private persons will not do it.
     
    Mark
    --
    Mark Heitbrink - MVP Group Policy - Cloud and Datacenter Management
     
    Homepage:  http://www.gruppenrichtlinien.de - deutsch
     
    • Marked as answer by Gidmaestro Friday, November 18, 2016 6:42 PM
    Friday, November 18, 2016 6:37 PM

All replies

  • I personally feel there are ways around it. If you encrypt files (not bitlocker) that you consider private they cant view them. I imagine over VPN any of their data will be encrypted on the way out making it useless to them. If you have a dedicated firewall (not windows firewall) I dont see how their traffic would skip it. And in all honesty I am not doing anything crazy to the point if MS saw it I honestly wouldnt care. I feel the people who complain are people with something to hide. Also I feel MS is just coming forward saying they CAN do it not that they are. Like if FBI comes and asks for use info on your computer they can look into it. I doubt they hired a huge crew to monitor all windows 10 users files. MS is being honest about your data. Any company with cloud storage can conceivably access your data but they may not list that they can to have an illusion of privacy, MS is being decent and saying "hey your data might be monitored" Verizon can see all of your cell traffic and use but no one complains. there are numerous examples of similar instances that no one complains about. I wouldnt be surprised if Apple was the one to bring out the privacy concerns in Windows 10. Obviously my opinions on the matter lol take it as you will.




    • Edited by ITTom2.0 Thursday, November 17, 2016 11:30 PM
    • Marked as answer by Gidmaestro Friday, November 18, 2016 11:10 AM
    Thursday, November 17, 2016 11:22 PM
  • All of that is pretty much like defending, "Do you still beat your wife?".

    1. Start by reading the EULA for the products you are concerned about.

    https://www.microsoft.com/en-us/useterms

    Windows 10 is the most secure version of Windows ever.


    Rob Brown - Microsoft MVP - Windows and Devices for IT - Windows Insider MVP : Bicycle - Mark Twain said it right.

    • Marked as answer by Gidmaestro Friday, November 18, 2016 11:10 AM
    Friday, November 18, 2016 12:36 AM
  • Gidmaestro,

    I recommend to ask separate questions for each concern, those are "somewhat connected", but to get meaningful answers, please provide background for each item: what have you read and where? Link and quote each item.

    Please also acknowledge the fact that windows 7 has telemetry as well. It didn't use to, when it came out, but now it has. And if you connect a system to the internet, you cannot guarantee the OS is not sending out data - by no means. And if you cannot verify that data, you need to trust the OS. Same with win7.


    • Edited by Ronald Schilf Friday, November 18, 2016 8:19 AM
    • Marked as answer by Gidmaestro Friday, November 18, 2016 11:16 AM
    Friday, November 18, 2016 8:19 AM
  • Hi,
     
    Am 17.11.2016 um 23:27 schrieb Gidmaestro:
    > 1. [...] So does this mean that when I uploaded a zip file of a
    > program I wrote to OneDrive, that Microsoft could get hold of it?
     
    No, they can not ignore and compromise copyrights.
     
    > 2. Microsoft tracks [...]
     
    Disable all tracking applications:
     
    > 6.  Safe Mode has become impossible to access unless you've booted
    > into ... the running OS which totally defeats its purpose.
     
    Thats, what the recovery drive is for.
     
    > 7. Windows 10 violates the basic networking principles: it ignores
    > the hosts files, the DNS protocol and firewall rules [...]
     
    Right, and it will copy all your personal documents directly to
    OneDrive, it will create videos via Windows Hello to deploy them to
    youporn, aswell it will heal the world from whateverwentwrong and gives
    free entry to disneyland for everyone. #sarcasm
     
    Sorry, thats just simply not true. Just try yourself. I did it 5 minutes
    ago and my fake name entry to my router in hosts file is perfectly
    pingable by name.
     
    It does NEVER ignore firewall rules, the problem of sending data is: as
    long as you allow sending data, the action comes from internal and by
    default die Firewall allows all outbound traffic.
     
    But sadly yes, there are some differences ans misbehaviors in the IP
    stack in handling round robin and netmask ordering and other issues,
    but saying it /ignores hosts and dns protocol/ is simply wrong.
     
     
    Mark
    --
    Mark Heitbrink - MVP Group Policy - Cloud and Datacenter Management
     
    Homepage:  http://www.gruppenrichtlinien.de - deutsch
     
    • Marked as answer by Gidmaestro Friday, November 18, 2016 11:16 AM
    Friday, November 18, 2016 9:29 AM
  • Here are two links, the first was given to me by the friend I mentioned earlier:

    https://itvision.altervista.org/why-windows-10-sucks.html

    The second I just noticed this morning:

    http://www.pcmag.com/article2/0,2817,2421733,00.asp

    Friday, November 18, 2016 11:15 AM
  • So, you declare this resolved?

    The links you have added are piles of conspiracy and also piles of lose accusations. If you are interested in debating those, it should be done one by one.

    Just that much for now: who doesn't trust a company, shouldn't use their software. It is hardly possible to prove any accusations to be outright wrong or right. See, as soon as encrypted data packages are leaving the pc, who knows what's inside and where those will end up? No one.

    Just ask yourself, if you were part of the military of a state in conflict with the US, would you use windows? You surely wouldn't. If you were part of a company that has fear of economic espionage, would you use the software of a company that might potentially (be forced to) cooperate with a state that is in pursuit of its own economic interests? You wouldn't? Well, that is what half the world does.

    Friday, November 18, 2016 12:44 PM
  • I'm just telling you what my friend said that some of his clients do - which is go for windows 7, on which they feel they have more control, and which has more privacy than Windows 10 does.  I have passed the various answers on this thread to him, and it would be interesting to see if he agrees or not.  Interestingly, China, though contributing to Windows, will not use it in parts of its economy, because of the reason you gave, which is they don't trust another country's company with their secrets. 

    Personally, I like Windows 10, I like the features, and I am not knowledgeable about security apart from the basics.  I will read the Windows 10 EULA  now, and see if it is alarming or not.

    Friday, November 18, 2016 5:27 PM
  • I read Microsoft.com/privacy just now, and also some associated links, and I see that OneDrive is encrypted, and so forth.  I understand Ronald Schif's point that if you don't trust a company you should not use its software, and I also get that anytime you put something on the cloud, you are trusting the cloud provider. 

    On the counter-argument side, any software company has to trust its programmers.  If you have a product like Windows which has so many lines of code, and so many programmers contributing to it, from different countries, there is a possibility for misuse of data.  Windows 10 collects more data about users than Windows 7 did, and that's why these clients of my friend are "paranoid" "of Windows 10.

    There are many products by small companies on the web that I don't know whether to trust or not, so I (and many other people) don't visit their websites or buy their products.  We assume Giants like Amazon, Google, Microsoft, Target, American Airlines etc are safe, but again, nothing is 100%.

    I was once part of a company that had a server that was compromised.  This was in the early days of Windows, and we when we realized what happened, we got a tech person to look at it who told us that the default settings on installation had been all set to be open - i.e. vulnerable.   I'm not sure if that was Microsoft's fault, or the fault of the person who installed it for us, but incompetence, and sometimes malice, is unavoidable.


    • Edited by Gidmaestro Friday, November 18, 2016 5:51 PM
    Friday, November 18, 2016 5:50 PM
  • Am 18.11.2016 um 18:50 schrieb Gidmaestro:
    > [...] Windows 10 collects more data about users than Windows 7 did
     
    like apple, android, google, facebook ... and all the others.
     
    Microsoft is the only one, who tells you how to switch it off. See link
    I provided earlier.
     
    YOU can control it, the only thing is: You need to do it. It´s not the
    out of the box behavior and 99% of all private persons will not do it.
     
    Mark
    --
    Mark Heitbrink - MVP Group Policy - Cloud and Datacenter Management
     
    Homepage:  http://www.gruppenrichtlinien.de - deutsch
     
    • Marked as answer by Gidmaestro Friday, November 18, 2016 6:42 PM
    Friday, November 18, 2016 6:37 PM