Windows 10 Privacy Annihilator

Tuesday, August 4, 2015

Why would Microsoft, a company whose revenue comes entirely from sales of Windows and Office, start giving Windows 10 away – not just giving it away, but foisting it on users with unbelievably annoying integrated advertisements in the menu of Win 7/8 that pop up endlessly and are tedious to remove and reinstall themselves constantly?

Have they just gone altruistic? Decided that while they won’t make software free like speech, they’ll make it free like beer? Or is there something more nefarious going on? Something truly horrible, something that will basically screw over the entire windows-using population and sell them off like chattel to any bidder without consent or knowledge?

Of course, it is the latter.

Microsoft is a for-profit company and while their star has been waning lately and they’ve basically ceded the evil empire mantle to Apple, they desperately want to get into the game of stealing your private information and selling it to whoever is willing to pay.

So that’s what Windows 10 does. It enables Microsoft to steal all of your information, every email, photo, or document you have on your computer and exfiltrate it silently to Microsoft’s servers, and to make it legal they have reserved the right to give it to whoever they want. This isn’t just the information you stupidly gifted to Google by being dumb enough to use Gmail or ignorantly gifted to Apple by being idiotic enough to load into the iButt, but the files you think are private, on your computer, the ones you don’t upload. Microsoft gets those.

Finally, we will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary.

They’ll “access” your data and “disclose” it (meaning to a third party) whenever they have a good faith belief that doing so is necessary. No warrant needed. It is necessary for Microsoft to make a buck, so if a buck is offered for your data, they’re gonna sell it.

If you install Windows 10, you lose. So don’t. If you need to upgrade your operating system, it is time to switch to something that preserves Free like speech: Linux Mint is probably the best choice.

If you’re forced to run Windows 10 for some reason and can’t upgrade to windows 7, then follow these instructions (and these) and remain vigilant, Microsoft’s new strategy is to steal your data and sell it via any backdoor they can sneak past you. Locking them down is going to be a lot of work and might not be possible so keep an eye out for your selfies showing up on pr0n sites: they pay for pix and once you install Windows 10, Microsoft has every right to sell yours.


Update: you can’t stop windows 10 from stealing your private data

That’s not quite true – if you never connect your computer to a network, it is very unlikely that Microsoft will be able to secretly exfiltrate your private data through the Windows 10 trojan. However, it turns out that while the privacy settings do reduce the amount of data that gets sent back to Microsoft, they continue to steal your data even though you’ve told them not to.

Windows 10 is spyware. It is not an operating system, it is Trojan malware masquerading as an operating system that’s true purpose is to steal your data so Microsoft can sell it without your consent. If you install Windows 10, you are installing spyware.

Win 10 has apparently been installed 65 million times. That’s more than 3x as many users’ most intimate, most private data stolen as by the Ashley Madison attack. If you value privacy, if the idea that you might be denied a loan or insurance because of secret data stolen from your computer without your consent bothers you, if the idea of having evidence of your potential crimes shared with law enforcement without your knowledge and without a warrant worries you then do not install windows 10. Ever.

Posted at 11:00:30 GMT-0700
Comments

11 Responses

  1. Yikes. Do you think the legalese means they actually *are* scraping data or that they want the option, or that they don’t want to be sued if they actually do it while debugging something or…?

  2. It appears that the default settings result in massive data snarfing. It is not clear that digging through all the “privacy” toggles and asking them not to engage in wholesale snarfing result in the same level of presumptive privacy one assumes with Win 7.

    I’m not sure what the business model of Win 10 is if not predicated on trafficking in stolen data, using the term “stolen” in the normal sense rather than the presumptive legal sense currently in vogue in tech companies: all your data are belong to us.

  3. think they’ll sell a “commercial” or “business” version for actual money as opposed to data monetization? Kinda hard to see that ELUA flying for banking or medical or government customers.

  4. You’d think, but lots of companies with real security requirements have nonetheless elected to abdicate ownership of their data through Google Docs, Office365, hosted exchange, etc.

    What could possibly go wrong with a massive, internet accessible, centralized data store?

  5. I think a lot of that is based in ignorance though. People simply don’t think about the implications of losing control of their data like that.

  6. I wonder if this is something that could be blocked at the network perimeter. I mean, when I set up perimeter firewalls I usually limit outgoing sessions to what people actually use: web (tcp/80 and 443), mail (25), dns (53), etc. If MS uses some bizarre port for this it should be easy enough to block along the path to the internet.

  7. True, it is abstracted a bit. Cause and effect are a bit too isolated for rational correlation.

  8. I bet they’re using 80/443, but it’ll be interesting to see how it plays out.

  9. It’s also a convenience vs. concern thing. I’ve seen people use Dropbox to share some pretty sensitive data just because it’s so easy.

  10. Yeah, it will be interesting. I mean, I have whole lists of IPs that I block for my higher security customers (banks, for example). It’s basically a list of IPs associated with known hacking organizations. The firewalls are set so that no traffic can come from or go to those IPs on any interface. Would be nothing short of hysterical if I have to start adding Microsoft to that list.

  11. You know? I’m sure Microsoft has employed better legal minds than mine in this venture. But I’m wondering if this would even be legal in a health care setting due to HIPPA. I know I have to be careful around that kind of data as it’s illegal for me to share it. Why wouldn’t that be the case for Microsoft?

    And I would say that the government/DoD folks will freak about this. But then again, from what I’ve seen any security they think they have is more of a perception than a reality anyway. The stories I could tell if only I hadn’t signed some piece of paper saying I wouldn’t . . .

Leave a Reply

354 Views