Hacker News new | ask | show | jobs
by daveguy 3720 days ago
Oh I expect telemetry would be of great use to them. What you have installed, what your using and when. Log information would be extremely useful toward matching a person up with a crime. I doubt it is just OneDrive data they are providing.
1 comments
KirinDave 3720 days ago
> Log information would be extremely useful toward matching a person up with a crime.

As opposed to the information that the ISPs are already offering? Sorry, but your underlying networks are already in collusion with the feds.

Were they not, the telemetry might provide signals that wouldn't be more easily obtained elsewhere.

But it's also worth noting that the telemetry for 'apps installed' is just your license list from the store. We don't have a ton of evidence that MS is combing your computer for random executables and reporting that back on a signal, or passing up full untrimmed process lists.

link
chopin 3720 days ago
>As opposed to the information that the ISPs are already offering?

Log information can be much more revealing if you are communicating only via encrypted protocols or Tor. We don't know for sure what exactly MS is transmitting in their logs but we do know quite well what traces we leave (or leave not) behind via our ISP. And that's definitely much less than what our machine can reveal via (encrypted) telemetry.

link
KirinDave 3717 days ago
Three thoughts here.

1. We really don't know the extent of telemetry collected via our ISPs, do we? Unless application authors go to the trouble of specific certificate or signatory cert pinning, it's not terribly challenging for certain classes of attackera to enter that connection.

2. Wouldn't substantial data in Tor logs be a bug with your Tor client anyways? I've never seen a Tor client ship in a logging debug mode. But I haven't taken Tor terribly seriously for years. Did they start doing it wrong?

3. The contents of the data that is being sent to Microsoft is entirely knowable. I'm waiting for a security researcher to just do it. I suspect most of what we see is something along the lines of standard app telemetry for core apps.

The amount of FUD that has been brought to bear against MS for this practice is pretty unsurprising given the scroogled campaigns, but it's funny to see a bunch of 3rd parties buy into it while posting from Macs that do the same thing.

link
daveguy 3720 days ago
Good points about the ISP. But don't we have pretty good evidence for apps installed being tracked? Installed apps are certainly recorded with the windows install system. Login and app use are both recorded in logs -- I'm pretty sure when they say they are collecting general use information to improve the windows experience it means they are sending those logs back to MS.

Edits: clarity

link