[KirinDave]

So... there's no evidence the "Justice Department can search your computer if Win10 is installed" assuming your device is actually secure. Bad passwords, no supported integrated TPM or other issues (common to custom built machines) will comprimise your local device security and thusly make them the easiest method of attack.

If served a lawful subpoena, ANY cloud service provider may be required to hand over your data if they have that power. If you've got something truly critical (e.g., evidence you're transsexual in NC and use the "illegal"/correct bathroom) you should encrypt it even on top of what your CSP does. Windows, OSX and Linux all offer methods for doing this effectively.

I've used OneDrive with encrypted VHDs. It works fine, so long as you don't access the VHD from multiple places at once. I do this more because my OneDrive syncs to a surfacebook than because I am concerned about subpoenas.

As for the telemetry collected, it's probably not of any use to them. It's the same sort of stuff every app on your phone sends up to mixpanel. I wouldn't worry about that, as it's not a substantially greater privacy violation than the natural telemetry collected by the cell network and local ISPs. The only way it might be used against you is in proving a certain access pattern to the device at a certain time.

[daveguy]

Oh I expect telemetry would be of great use to them. What you have installed, what your using and when. Log information would be extremely useful toward matching a person up with a crime. I doubt it is just OneDrive data they are providing.

[KirinDave]

> Log information would be extremely useful toward matching a person up with a crime.

As opposed to the information that the ISPs are already offering? Sorry, but your underlying networks are already in collusion with the feds.

Were they not, the telemetry might provide signals that wouldn't be more easily obtained elsewhere.

But it's also worth noting that the telemetry for 'apps installed' is just your license list from the store. We don't have a ton of evidence that MS is combing your computer for random executables and reporting that back on a signal, or passing up full untrimmed process lists.

[chopin]

>As opposed to the information that the ISPs are already offering?

Log information can be much more revealing if you are communicating only via encrypted protocols or Tor. We don't know for sure what exactly MS is transmitting in their logs but we do know quite well what traces we leave (or leave not) behind via our ISP. And that's definitely much less than what our machine can reveal via (encrypted) telemetry.

[KirinDave]

Three thoughts here.

1. We really don't know the extent of telemetry collected via our ISPs, do we? Unless application authors go to the trouble of specific certificate or signatory cert pinning, it's not terribly challenging for certain classes of attackera to enter that connection.

2. Wouldn't substantial data in Tor logs be a bug with your Tor client anyways? I've never seen a Tor client ship in a logging debug mode. But I haven't taken Tor terribly seriously for years. Did they start doing it wrong?

3. The contents of the data that is being sent to Microsoft is entirely knowable. I'm waiting for a security researcher to just do it. I suspect most of what we see is something along the lines of standard app telemetry for core apps.

The amount of FUD that has been brought to bear against MS for this practice is pretty unsurprising given the scroogled campaigns, but it's funny to see a bunch of 3rd parties buy into it while posting from Macs that do the same thing.

[daveguy]

Good points about the ISP. But don't we have pretty good evidence for apps installed being tracked? Installed apps are certainly recorded with the windows install system. Login and app use are both recorded in logs -- I'm pretty sure when they say they are collecting general use information to improve the windows experience it means they are sending those logs back to MS.

Edits: clarity

[ocdtrekkie]

As a note "no integrated TPM" is common among retail machines too. TPMs are generally shipping with business line PCs just as Dell OptiPlexs and Latitudes, but not with consumer PCs like Dell Inspirons and Vostros.

[morganvachon]

Dell Vostro is a business line, but it's the cheapest one and doesn't always have "pro" features like TPM and vPro.