Monday, August 31, 2015

Microsoft Adding Windows 10 Style Spyware in 'upgrades' to Windows 7 and Windows 8.


Microsoft Adding Windows 10 Style Spyware in 'upgrades' to Windows 7 and Windows 8. HT: Ghack.

Microsoft has been criticized by privacy advocates in regards to the data hunger of its Windows 10 operating system. The operating system slurps data like there is no tomorrow, especially when systems are set up using the express settings.

Experienced users may disable telemetry and data collection partially during setup, and then some more afterwards using the Registry or Group Policy.

What makes this problematic however is the fact that it is nearly impossible to stop all of the data collecting that is taking place.

While users may disable some, for instance by using privacy tools (of which there are plenty), others cannot be disabled or stopped that easily, for instance because of hardcoded host and IP address information that bypass the Hosts file of the operating system.


Windows 7 and 8.

Windows 7 and 8 users have been plagued by "upgrade preparation" updates but left alone otherwise up until recently when it comes to this new level of data collecting.
This changed recently with the release of several updates for both operating systems that step up the game.
  • KB3068708 Update for customer experience and diagnostic telemetry - This update introduces the Diagnostics and Telemetry tracking service to existing devices. By applying this service, you can add benefits from the latest version of Windows to systems that have not yet upgraded. The update also supports applications that are subscribed to Visual Studio Application Insights. (Windows 8.1, Windows Server 2012 R2, Windows 7 Service Pack 1 (SP1), and Windows Server 2008 R2 SP1)
  • KB3022345 (replaced by KB3068708) Update for customer experience and diagnostic telemetry - This update introduces the Diagnostics and Telemetry tracking service to in-market devices. By applying this service, you can add benefits from the latest version of Windows to systems that have not yet been upgraded. The update also supports applications that are subscribed to Visual Studio Application Insights. (Windows 8.1, Windows Server 2012 R2, Windows 7 Service Pack 1 (SP1), and Windows Server 2008 R2 SP1)
  • KB3075249 Update that adds telemetry points to consent.exe in Windows 8.1 and Windows 7 - This update adds telemetry points to the User Account Control (UAC) feature to collect information on elevations that come from low integrity levels. (Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 7 Service Pack 1 (SP1), and Windows Server 2008 R2 SP1)
  • KB3080149 Update for customer experience and diagnostic telemetry - This package updates the Diagnostics and Telemetry tracking service to existing devices. This service provides benefits from the latest version of Windows to systems that have not yet upgraded. The update also supports applications that are subscribed to Visual Studio Application Insights. (Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 7 Service Pack 1 (SP1), and Windows Server 2008 R2 SP1)
If these updates are installed on the system, data is sent to Microsoft regularly about various activities on it.
Microsoft lists two host names in KB3068708 that data is received from and sent to:
  • vortex-win.data.microsoft.com
  • settings-win.data.microsoft.com

These, and maybe others, appear to be hardcoded which means that the Hosts file is bypassed automatically.

What you can do about it. Read the full story here, MUST READ more here.

No comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...