[sudioStudio64]

Every company that has access to your encryption keys can be prompted to give them up with a warrant.

You can keep them from having the key. That's one way around it. Using hardware of some kind (and there are multiple.)

You are also free to use another solution that might meet your strict requirements to personally review the encryption, filesystem, device driver, and memory management code of your operating system to verify it's operating to your specifications. There have literally never been so many options for the privacy minded person with the time to pour through a metric ton of C code.

[the8472]

I'm not talking about encryption keys.

I'm talking about the data itself. Sitting on my harddrive, as it is.

As I understand it microsoft is saying that they could siphon data from my computer if they deemed it necessary.

Maybe that's an adversarial reading of their privacy statement[1]. But it clearly speaks of accessing files in private folders.

[1]: https://www.microsoft.com/en-us/privacystatement/default.asp...

[sudioStudio64]

I believe that you are mistaken. Could they turn over your BitLocker recovery key to the authorities that would then use it to decrypt your HDD that they have already taken from you? Yes.

Are they going to reach out over the internet and take your data? No. They are not going to do that. I follow this stuff really closely. I promise I haven't seen or heard of a capability where they can remotely take data from your machine and turn it over to the government.

[the8472]

The point is that they're granting themselves the permission to do so if anyone ever deemed it necessary and that the user has to agree to their terms to use windows.

So you're basically signing away your rights to privacy. Not based on due process but on "good faith belief".

Someone at microsoft thought there is a need to do that to cover their legal asses. They would only think that in case they anticipated needing it in the future.

[sudioStudio64]

You are completely free to not use it. I'm not trying to be a smart-a here. There have never been more options for end users.

You aren't signing away your rights to privacy without due process...that's your part to evaluate. "Is this useful enough to me that it's worth agreeing to this?"

Also, this is version dependent. The TOS for an individual consumer is different than a developer with an MSDN license, and a business with a volume agreement. Do you have different privacy requirements? Are you willing to pay for them? If they can't make money with the product that they built in the manner that they came up with then it isn't illegal, or really even remotely morally odious, for them to ask for a different payment arrangement.

Now. Do I like everything about life in a capitalist national security state? No way. But do I whine when some vendor doesn't do exactly what I want when I'm really not event scratching the surface of enough money to get their attention? Seriously, man.

[the8472]

you're going off tangents here.

Obviously the premise of this discussion is that you install their software.

IF you install windows 10 THEN you agree to their terms of service which includes granting them access to your private files.

[sudioStudio64]

I'm going off on a tangent?

YOU installed their software. You didn't have to. No one forced you to. Don't like the TOS? Call them and schedule a meeting to talk about coming up with a different arrangement...they will want money for that, but you can certainly have it.

The truth is that there is jack all that I or anyone else can say to you that would change your mind about any of this.

Also, I'm not willing to grant that you are reading the TOS correctly...so there's that point. No offense, but its pretty dense and things that are probably pretty reasonable come across as a privacy invasion to people that are really sensitive on the subject.

[JoshTriplett]

There are two approaches: give someone a pile of power over you and trust them not to abuse it, or never give them that power in the first place. Given the repeated demonstrations of what can and does go wrong with the former...

[sudioStudio64]

One other thing. A "pile of power over you"...that's not helping, man. They have some commercial legal arrangement that you don't particularly care for. They can't come and kick you in the shin and torture you. They can't beat you to death and plant a weapon on you or anything. We are talking about an issue that is squarely within middle and upper class privilege in an industry that literally could not exist without government defense funding.

Take, for instance, Richard Stallman is an Alumn of Harvard and MIT. There literally can't be a place that is more establishment. So all of that "freedom" is about being able to use an expensive commercial product that was developed with RnD money from the DOD...but somehow it's morally wrong to not ship source code to a compiler? Can you see where I'm coming from here? The moralizing is pretty arbitrary.

Furthermore, if they did give your content to the Government because of a national security letter how is that abuse of power? Should they not comply with the law? I disagree with a lot of the laws that have been passed in support the war efforts of the last decade, but that's kind of the way that democracy works. I lost, but I still have to live by the rules.

I just think that the privacy absolutism that everyone keeps bringing up isn't reasonable. Even Bruce Schneier says that the way that you actually change these things is through the political process.

Power is a boot on your neck. This is more of an inconvenience.

[JoshTriplett]

Leaving aside the tangent in your comment (we were talking about governments having access to your encrypted data, not about Free Software)...

> Furthermore, if they did give your content to the Government because of a national security letter how is that abuse of power? Should they not comply with the law?

I fully expect that they would have little choice in doing so if they received a warrant from a government with jurisdiction over them. (Though I'd also be unsurprised if they did so even if asked without a warrant.) I don't want them to have anything to give if asked.

> I just think that the privacy absolutism that everyone keeps bringing up isn't reasonable.

Different people value their privacy differently. If you don't value it as much, feel free to trade it for things you consider more valuable. Don't assume everyone else wants to make the same trade you do, though.

I'm not advocating absolutism. You should be able to have as much or as little privacy as you want, which may even mean different amounts of privacy in different contexts.

> Power is a boot on your neck. This is more of an inconvenience.

The government having full access to the contents of your encrypted drive is an "inconvenience"? I'd hate to know what you consider an abuse of privacy, then.

The whole point of encryption is to keep unauthorized people from having access to your data.

[sudioStudio64]

Those aren't even remotely the only two choices here. There have never been more options for an end user of technology.

You don't have to use agree to it. It's a trade off.

If you have different requirements they are more than willing to come up with a different arrangement with you. (Yes, for a fee.)

They aren't the government. They are an overblown bubble gum factory. It's up to you if you chew or not. And there have never been so many flavors!

[Dylan16807]

What kind of fee do you have in mind for not using their contract of adhesion? Unless I'm buying thousands of copies of the OS I doubt I can even get that negotiation started.

[sudioStudio64]

Some of it's pay as you go, oddly enough. But you are largely correct that more money equals more access to these kinds of things.

There is a company in China that paid them to install Office 365 in their data center. There is an amount of money that will make them install it in your data center, too.

I just think that there has never been more choice for end users and a lot of this stuff about privacy is disingenuous. There are a group of people that wouldn't be happy even if MS released their own version of TAILS and hosted part of the Tor network. (It would be "embrace, extend, extinguish!"..."Tor is part sponsored by the Navy...I be MS gives your Tor traffic directly to the NSA."...It's really not hard to imagine the BS.)