Microsoft Retrofitting Windows 7, 8.1 With Windows 10's Privacy-Invading 'Features'
from the unavoidable-Redmond-umbilical dept
Last week we noted that while Windows 10 has generally seen good reviews in terms of spit and polish, there’s growing concern that the OS is too nosy for its own good, and that the opt-out functionality in the OS doesn’t really work. Even when you’ve disabled a number of the nosier features (like Windows 10’s new digital assistant, Cortana), the OS ceaselessly and annoyingly opens an array of encrypted channels back to the Redmond mother ship that aren’t entirely under the user’s control.
Now some of the information being transmitted is purportedly harmless, and some of the problems appear to be overblown (like Windows 10 being banned from some BitTorrent trackers for fear of it reporting user piracy activity), but an operating system you can’t fully control is still undeniably stupid and annoying. And it’s a curious choice for a company intent on moving beyond the fractured Windows adoption of yesteryear and encouraging the lion’s share of Windows users to hop on to a new platform.
Making matters worse, Microsoft now seems intent on retro-fitting its older operating systems (specifically Windows 7 and Windows 8.1) with many of the annoying, chatty aspects of Windows 10. GHacks has noticed that four updates to the older operating systems, described as an “update for customer experience and diagnostic telemetry,” connect to vortex-win.data.microsoft.com and settings-win.data.microsoft.com. These addresses are hard-coded to bypass the hosts file, and ferry all manner of personal information back to Microsoft.
Fortunately, it appears that users in this instance can configure Windows firewall and routers to block the traffic, and users can avoid much of the snooping by opting out of the Customer Experience Improvement Program (CEIP):
“The concern with the new Diagnostic Tracking service is much the same as with Windows 10’s tracking: it’s not clear what’s being sent, and there are concerns that it can’t be readily controlled. The traffic to Microsoft’s servers is encrypted, sent over HTTPS, so it can’t be easily examined. While the knowledge based articles describing the new service list the DNS names of the servers that the service connects to, there are reports that the service ignores the system HOSTS file. As such, a traditional and simple method for redirecting the traffic doesn’t work.
However, we’re not sure just how big an impediment this is in practice; in our testing of Windows 8, the builtin Windows Firewall, for example, is more than capable of blocking the traffic, and this appears to be working entirely as it should. Disabling the service is also effective for those who don’t trust its behavior.”
Still, it’s annoying that Microsoft continues to insist on expanding this kind of OS behavior, without making opting out simple and comprehensive. And it certainly doesn’t exactly deflate arguments by folks like Richard Stallman, who consistently argue that Windows is effectively malware. More than anything though, it’s a continued advertisement for Linux and operating systems that the end user actually has some degree of control over.