[Njtechdiv] Windows 10 Privacy

[Mario]

again, not to alarm anyone, just be aware:

Windows 10 privacy problems: Here’s how bad they are, and how to plug them.
http://www.slate.com/articles/technology/bitwise/2015/08/windows_10_privacy_problems_here_s_how_bad_they_are_and_how_to_plug_them.single.html

Aug. 3 2015 12:24 PM

Apple and Google may have ignited the trend of collecting increasing 
amounts of their customers’ information, but with Windows 10, Microsoft 
has officially
joined that race. By default, Windows 10 gives itself the right to pass 
loads of your data to Microsoft’s servers, use your bandwidth for 
Microsoft’s own
purposes, and profile your Windows usage. Despite the accolades 
Microsoft has earned for finally doing its job, Windows 10 is currently 
a privacy morass
in dire need of reform.

The problems start with
Microsoft’s ominous privacy policy,
which is now included in the Windows 10 end-user license agreement so 
that it applies to everything you do on a Windows PC, not just online. 
(Disclosure:
I worked for Microsoft in the days of Windows XP.) It uses some scary 
broad strokes:

block quote
Finally, we will access, disclose and preserve personal data, including 
your content (such as the content of your emails, other private 
communications
or files in private folders), when we have a good faith belief that 
doing so is necessary.
block quote end

Some have spun conspiracy theories out of that language. I’m more 
inclined to blame vagueness and sloppiness, not ill intent. With some 
public pressure,
Microsoft is likely to specify how and why it will share your data. But 
even that won’t excuse Microsoft’s ham-fisted incursion into users’ 
data, nor how
difficult it is restore the level of privacy back to what it was in 
Windows 7 and 8.
Apple
’s and
Google
’s privacy policies both have their own issues of collection and 
sharing, but Microsoft’s is far vaguer when it comes to what the company 
collects, how
it will use it, and who it will share it with—partly because Microsoft’s 
one-size-fits-all privacy policy currently applies to all your data, 
whether it’s
on your own machine or in the cloud.
As Microsoft puts it:

block quote
Rather than residing as a static software program on your device, key 
components of Windows are cloud-based. … In order to provide this 
computing experience,
we collect data about you, your device, and the way you use Windows.
block quote end

In other words, Microsoft won’t treat your local data with any more 
privacy than it treats your data on its servers and may upload your 
local data to its
servers arbitrarily—unless you stop Microsoft from doing so. Microsoft’s 
security story has been far from perfect; this move could make it far 
worse. For
now, it’s not easy to restrict what Windows collects, but here’s how.

Don’t Use Express Settings During Setup

During installation, Microsoft will encourage you to accept its “express 
install” defaults. Without exceptions, these defaults will result in the 
maximum
sharing of your information with Microsoft. Instead, select the “custom 
install” option, which will bring up a bunch of toggles. The first set 
of toggles,
concerning personalization and location, looks like this:

These settings all send your personal data to Microsoft with little 
upside for you (unless you like customized advertising). I recommend 
turning them all
off.

The second set of toggles is more cryptic but more important:

While the first two settings here, for SmartScreen and page prediction, 
simply send more of your activity to Microsoft, the next two are 
subtler. Automatic
connection to open hotspots and to your contact’s networks means that 
your computer will connect to certain networks without your explicit 
consent. Unless
you trust Microsoft’s judgment and all of your contacts, it’s best to 
disable those. Last, sending error and diagnostic information may seem 
harmless,
but when something goes wrong, that “information” might include tons of 
sensitive stuff—if you were editing a spreadsheet of your romantic 
dalliances when
your computer crashed, it’ll get uploaded. If you feel like helping out 
Microsoft, you can leave this enabled, but I turned it off.

Turn Off the Secret Settings

The install settings are only a subset of Windows 10’s privacy settings, 
which occupy more than a dozen different pages and dialogue boxes across 
the user
interface, none of them in plain sight. Moreover, one of them reveals 
that Microsoft wasn’t being quite honest during setup. When you turned 
off “Send
error and diagnostic information,” you really only turned it down from 
“Full” to “Enhanced.” To really reduce the amount of information sent to 
Microsoft,
you need to go to the Start menu, select Settings, choose Privacy from 
the list of settings, and then go to the Feedback and Diagnostics section:

Choosing “Basic” will keep the amount of random data sent to Microsoft 
to a minimum.

That leaves, however, the other 12 Privacy sections. I recommend going 
through all of them, painful as that may be, and carefully assessing 
what you’re
willing to share. In a pinch, however, there’s only one really important 
one that wasn’t already changed during install, which is under Account info:

This gives any app you install permission to see an arbitrary amount of 
your account info. Until Microsoft makes this considerably more 
fine-grained and
transparent, as Apple and Google have done with their app stores, it’s a 
bad idea to leave it on.

Use a Local Account

Microsoft will encourage you to create a “Microsoft account” (formerly 
known as a Live ID) so that signing on to Windows is akin to signing 
into Microsoft’s
online services. In this Microsoft is following Apple’s lead of 
associating your OS with a single account. This is the single biggest 
privacy compromise
you can make. As long as you’re signed in, Microsoft could conceivably 
upload whatever data it wants to your server-side profile without you 
knowing. Without
a Microsoft account, it’s harder (though hardly impossible) for 
Microsoft to lump your data together, and it disables other potentially 
problematic features
like
Wi-Fi Sense.
Not using a Microsoft account will single-handedly protect you from many 
of Microsoft’s attempts to collapse the local-remote distinction in its 
privacy
policies. Instead, use a local account, and use Gmail or Yahoo Mail or 
anything other than Microsoft.

Don’t Let Microsoft Steal Your Bandwidth

By default, Microsoft turns your computer into a peer-to-peer node to 
help it distribute Windows 10 updates, in order to save Microsoft server 
bandwidth
costs. “Microsoft calls it Windows Update Delivery Optimization,” or 
WUDO. WUDO really should have been turned off by default, because it may 
slow you
down and may even cost you additional money if you have a metered 
connection. Instead, it is also one of the hardest settings to turn off, 
requiring clicking
through four obscure screens. I’ll walk you through it.

First, start up Settings and click on Update & security.

In the Windows Update screen of Update & security, select Advanced options.

In Advanced options, select Choose how updates are delivered. (You may 
also want to change the drop down to “Notify to schedule restart” so 
that Windows
won’t spontaneously reboot your machine after installing updates.)

Finally, turn off peer-to-peer distribution of updates:

It’s almost as though Microsoft didn’t want you changing that setting. 
(Microsoft really wants your bandwidth.)

Don’t Use Edge or Cortana

Microsoft’s Siri-imitating Cortana personal assistant and its new Edge 
browser are designed to take advantage of as much personal information 
as possible
to customize user experience, take annotations, and learn all about you. 
Until Microsoft clarifies its privacy policies, I recommend against 
using them.
Stick with Firefox or Chrome as a browser, or even good old Internet 
Explorer.

This is not a complete list, but it hits the most important spots where 
Microsoft has made the defaults uncomfortably intrusive, nosy, or simply 
greedy. Microsoft needs to centralize these and other settings in a far 
more transparent and easy-to-understand box, clarify their implications, 
and pledge to users that it won’t upend their privacy settings in so 
egregious a way again. Until then, protect yourself.