Ongoing discussion of Windows 10 Privacy settings

Topic

New Reply

I’m astounded at the number of Windows 10 settings that are related to privacy, and how they’re scattered all over the place. I’m also overwhelmed by
[See the full post at: Ongoing discussion of Windows 10 Privacy settings]

1 user thanked author for this post.

AJNorth

Reply | Quote

Replies

Has anyone (and can anyone) create an app that puts them altogether.

Reply | Quote

I’ve been playing with the Ultimate Windows Tweaker v 4.3.  They’ve added a special section that lumps privacy settings in one place.  I think there are some missing items. “Show sync Provider Notifications” should be somewhere in there . . .  but overall it does a good job (and it’s improving) on getting the settings you need onto one page.

~ Group "Weekend" ~

8 users thanked author for this post.

HiFlyer, AJNorth, Elly, BobbyB, woody, teuhasn, MrJimPhelps, Bill C.

Reply | Quote

For those that need it:  http://www.thewindowsclub.com/ultimate-windows-tweaker-4-windows-10

Moderators:  if posting that link was not okay, please remove this post with my apologies.

~ Group "Weekend" ~

2 users thanked author for this post.

DeWayne12, teuhasn

Reply | Quote

It’s fine!

I”m just concerned about solutions…. links are great, as long as they don’t point to something nefarious.

Reply | Quote

@NetDef yeah good call one of the few 3rd party apps I let near my sys, it works well, never causes any problems, easy to use interface. Best of all you dont have to install it. I generally just leave it in a folder somewhere and create a shortcut for future use 🙂

obtw there are equally good specific versions for Win7 and Win8.1 as well

Reply | Quote

For those who might want Ultimate Windows Tweaker for Windows 8.1, 8, 7 or Vista, Softpedia also make those versions available, along with the most current one — http://www.softpedia.com/get/Tweak/System-Tweak/Ultimate-Windows-Tweaker.shtml .

Reply | Quote

Thanks NetDef.  I may look into that tool for the organizational laptop.

I think we need to keep in mind that Microsoft does NOT want to make this easy.  If they did, it would be a self contained app or feature set that could be enabled without having to use an online settings panel and the settings would survive feature and version updates.

Overt privacy settings is one of the features that impressed me with my iPhone.  The privacy settings were their own section in addition to being under the individual feature areas.  It makes it fast and easy.

After a few months with the iPhone set pretty tight to minimize battery drain and see data usage, I have loosened it a quite a bit with minimal battery impact or data use impact.   My largest concern was getting better battery life per charge since I was coming from a flip phone that lasted a week.  The privacy aspects and impacts are far better documented by Apple than in Win10.

It is still easy to track a cell or smartphone, but that is another issue that does not concern me that much in routine use.  If it bothers you there are Faraday bags or boxes solutions for that.

Reply | Quote

woody wrote:

I’m astounded at the number of Windows 10 settings that are related to privacy, and how they’re scattered all over the place. I’m also overwhelmed by the dearth of documentation – and conflicting documentation – for Privacy settings in Win10 Creators Update.

Which aren’t at Settings, Privacy? Just Cortana?

Each section there has its own “Learn more …” link. Where’s the conflicting documentation?

Reply | Quote

All over the place. Details to come.

1 user thanked author for this post.

Elly

Reply | Quote

Here’s a partial answer to your question:

https://www.computerworld.com/article/3219656/windows-pcs/the-definitive-guide-to-privacy-settings-in-windows-10-creators-update.html

There’s also a major publication on Win10 privacy coming. I’ll get you more info as soon as it’s available.

4 users thanked author for this post.

MikeFromMarkham, Microfix, AlexEiffel, AJNorth

Reply | Quote

Great article, Woody, as always.

Reply | Quote

woody wrote:

Here’s a partial answer to your question:

https://www.computerworld.com/article/3219656/windows-pcs/the-definitive-guide-to-privacy-settings-in-windows-10-creators-update.html

Oh, lock screen settings are “scattered” under Lock screen. Shocking.

Has anyone really ever seen a “thumbnail of the latest email” on the lock screen? (That would be truly shocking.)

Email addresses haven’t been displayed on the lock screen by default for more than a year (since 1607 Anniversary Update): https://en.wikipedia.org/wiki/Features_new_to_Windows_10#Lock_screen

Currently underwhelmed by the “conflicting documentation” you find overwhelming (and confused by your “dearth” when each Privacy setting has a “Learn more” link).

Reply | Quote

This will be due an update shortly then 🙂

Windows - commercial by definition and now function...

1 user thanked author for this post.

BobbyB

Reply | Quote

It’s OK to identify “THIS” as O&O ShutUp 10. We still don’t know the exact provenance of its publisher, which is a matter of concern to those of us who don’t want to trade Microsoft spyware for third party spyware. But the utility has had a good track record. It also keeps a config. file, which makes it handy in the event that a MS Update resets something (or everything). ShutUp 10 also gets updated regularly, so it will be ready for the Fall Creators Update.

-- rc primak

Reply | Quote

rc primak wrote:

It’s OK to identify “THIS” as O&O ShutUp 10. We still don’t know the exact provenance of its publisher, which is a matter of concern to those of us who don’t want to trade Microsoft spyware for third party spyware.

b wrote:

The O&O Software site has full details of company, history, management, contacts etc.:
https://www.oo-software.com/en/

2 users thanked author for this post.

Microfix, HiFlyer

Reply | Quote

In addition, O&O ShutUp10 is offered by both MajorGeeks and Softpedia (the latter of which designates it as “100% Clean”, as does VirusTotal).

2 users thanked author for this post.

Microfix, HiFlyer

Reply | Quote

What I think is funny – the priority and the acceptable in Win10 have flip flopped for me.

• Now, I’m OK with Win10 collecting telemetry data on Basic, as long as it honors that choice and doesn’t change itself to Full or gather more than I acknowledge it’s allowed to.
• Now, I’m not OK with Win10 giving (for all intents and purposes) no control over updates, without jumping through hoops and constantly having to monitor and re-adjust things. I also am not OK with Consumer Experiences/Content Delivery Manager downloading crapps in the background and installing them without permission.

Used to be the total opposite….didn’t want the telemetry at all, but was OK with Updates as a Service. One month of visiting AskWoody and the MS-DEFCON system taught me to never be OK with installing updates on day 1 ever again – because most likely, something else is now broken. 😀

Reply | Quote

All of the privacy settings for nearly any modern software.

Reply | Quote

It’s almost exactly 2 years ago that Terry Myerson, then Microsoft’s Executive Vice President of the Windows and Devices Group, stated publicly that:

“You are in control with the ability to determine what information is collected.” (https://blogs.windows.com/windowsexp…3Mlx9lylVI2.97)

Since then I have seen no evidence whatsoever that this is true nor any full disclosure from Microsoft about what exact information is included in telemetry and other uploads to MS (and Akamai) servers. All I’ve seen is the intrusiveness backported to earlier versions of Windows.

Similarly, it’s exactly 2 years since The Verge reported:

“Elsewhere, Windows 10 seems to transmit information a server related to OneDrive even when the feature is disabled and logins are using a local account that isn’t connected to a Microsoft Account. It’s not clear what is being sent, but it’s obvious that Microsoft needs to address this as transparently as possible.” (http://www.theverge.com/2015/8/17/91…ivacy-concerns)

I’ve seen nothing since to refute this assertion (but am happy to admit that I may have missed an update).

As a result, I believe it’s only prudent to continually question Microsoft’s stance on ‘privacy’.

Edit to remove HTML

8 users thanked author for this post.

HiFlyer, MikeFromMarkham, johnf, woody, Elly, flackcatcher, Microfix, AlexEiffel

Reply | Quote

Both your links are 404 due to editing of HTML code.

Any chance of reposting both links?

 

Windows - commercial by definition and now function...

Reply | Quote

It looks like the links came via a Windows Secrets copy>paste (it was their source editing, not the html edit, that was the link issue), and should lead to:
1) https://blogs.windows.com/windowsexperience/2015/09/28/privacy-and-windows-10/#q7a3J3Mlx9lylVI2.97
2) https://www.theverge.com/2015/8/17/9164153/windows-10-privacy-concerns
🙂

5 users thanked author for this post.

woody, Elly, Microfix, Rick Corbett, satrow

Reply | Quote

anonymous wrote:

Has anyone (and can anyone) create an app that puts them altogether.

Because settings are all over the place (and because I would prefer having something that is absolutely open instead of 3rd-party tools) I created an AutoHotkey script to configure new installs of Win 10 to MY liking, not Microsoft’s. I won’t include it here (it’s very long) but, for example, will just include the following snippet:

; Feedback frequency – Windows should ask for my feedback – NEVER (SIUF = System Initiated User Feedback)
RegWrite, REG_DWORD, HKCU\SOFTWARE\Microsoft\Siuf\Rules, NumberOfSIUFInPeriod, 0

; Diagnostic and usage data – Send your device data to Microsoft – BASIC
RegWrite, REG_DWORD, HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection, AllowTelemetry, 1

RegWrite, REG_DWORD, HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection, AllowTelemetry, 0

The format is comment/explanation (preceded by a semi-colon as a comment marker) followed on the next line by the action to carry out.

These 3 registry changes amend some of the behaviour of the default telemetry settings. Other parts of the script amend the default settings of some Windows services, for example – disabling the Connected User Experiences and Telemetry service. Other parts of the script amend/disable some of the default scheduled tasks.

My point is… I believe it IS possible to construct one’s own utility – either on your own or jointly with like-minded others – rather than rely on MS’s privacy ‘controls’ or 3rd-party utilities.

2 users thanked author for this post.

HiFlyer, rc primak

Reply | Quote

I’ve been using O&O ShutUp10 on a number of computers.  It offers basic, moderate and all-out groups of settings or you can do them individually.  It also makes restore points as it applies the settings changes.

Reply | Quote

And even more importantly, it saves a config file in case MS Updates changes something (or everything). I keep a copy of that file on an external flash drive, just in case. (Belt and suspenders, you know.)

-- rc primak

Reply | Quote

First commenter here. I don’t know if Microsoft has any reason to make a solution themselves, so I think going third party might be the only choice. I was just worried that Microsoft had made it where other apps couldn’t change the settings, just to make it harder.

Even before I knew about this site, I’ve linked Computerworld guides on how to shut this stuff off. Still, I myself still just use Windows 7 (I tried 10, but it didn’t play well with my computer. Hard drive got really slow after the second big update. Guess that’s why Microsoft didn’t offer me the automatic upgrade.) I’ve considered trying again when I get an SSD and a GPU update.

So I don’t know a lot myself about Windows 10. I’m just here to find out when it’s safe to patch Win7, after an unfortunate incident. But it does seem to me that Microsoft is intentionally making it difficult, and doesn’t want there to be a solution.

Reply | Quote

Because Microsoft is pushing updates, and every six months it releases a major update. Microsoft could easily break these third party apps that are available to change privacy settings. I’ve seen some that use command line to uninstall Cortana, and a host of other uninstallable apps the traditional way. Of course this all can lead to unstable results. Personally, I think Microsoft has opened up a whole series of potential questions about privacy for litigation. It’s going to take time, but already we see many privacy groups and governments looking at this closely. For me I went back to Windows 7 on one PC, and my Windows 10 machines are as close to private as I can get them. If Microsoft breaks them so be it, I will find news ways around their obsession with data collection.

2 users thanked author for this post.

lurks about, AlexEiffel

Reply | Quote

The 6 month update cycle coupled with the short support period means constant updating. Not only are privacy applications at risk but just about any 3rd party application is at risk of breaking. Plus, going through and updating all the settings (not just privacy) often gets irksome at best even if MS does not change their location or layouts.

Reply | Quote

This is why it is wise to select an app or a method which is kept up to date by its authors.

-- rc primak

Reply | Quote

In an ideal world, I would agree with that suggestion. But rapid rollouts, short support cycle, and not LTS version means developers are spending too much time trying to determine what MS is going to do them and not spend enough time improving their applications. So or later, MS is going to change something, delete something, etc. that you are relying on for your application to work properly. Depending on the details this could mean a complete rewrite of the application or force abandoning development.

1 user thanked author for this post.

rc primak

Reply | Quote

rc primak wrote:

This is why it is wise to select an app or a method which is kept up to date by its authors.

With all due respect, that’s what companies tried to do when Microsoft switched from DOS to Windows. Microsoft gave their own application groups the internal info about Windows, but didn’t give it to outside companies. Consequently, Microsoft was ready with Windows-ready compilers, MS Office, etc., but other companies were not (e.g. Borland, WordPerfect, etc.). By doing this, Microsoft took over these markets.

This wasn’t the only reason Microsoft took over these markets, but it was a big reason.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

1 user thanked author for this post.

rc primak

Reply | Quote

Microsoft in last update claimed to make it easier for user to opt out. Of course they cherry picked what options they offered and many users probably thought that was all of them. Hardly scratched the surface on how much data Microsoft collects. Even if your OK with it, I have to wonder how useful all of it is to Microsoft or the end user. Especially since we are seeing a trend where collecting data on use, performance, and issues seems to be the norm.

1 user thanked author for this post.

Elly

Reply | Quote

Thing is, collection of data isn’t really bad – it certainly can help Microsoft understand how their operating system is being used and what problems it may have. Lord knows they need to know about the problems and they’re not terribly good at listening to users (perhaps that’s understandable when users number in the hundreds of millions).

The problems come in when you realize that the data could contain information that a user might not want anyone else to know. Examples of this, just pulling some things out of the air, might be:

• What web sites the user visits.
• What programs they run.
• What data they may be viewing or editing.
• Keystrokes they type.
• When they do things.

Let’s say you do a Google search for something, and are taken by a link to a page where illegal software is downloaded. Boom, some database somewhere shows that you’ve visited an illegal download site. Or maybe you receive a junk eMail from the Middle East containing a link to a terrorist site, and your eMail client / browser pre-scan embedded links. Boom, you’re on a list that someone could mine looking for suspected terrorists.

Maybe the data collected includes keystrokes you type into the address bar of your web browser. Maybe once you visited your bank’s web site and you accidentally typed your password into the address bar. You deleted it right away and felt relief when you realized no one saw it. But did they? WILL they?

There is the possibility of future interpretation of the data that’s collected – and make no mistake, if it’s collected it’s stored somewhere, so the ramifications do reach into the future. Maybe it’s stored under digital lock and key. Hey, encrypted stuff from a decade or two ago can now be easily broken by today’s computers. Maybe it’s stored physically in a secure vault. Who empties that vault when the company that owns it goes out of business? Maybe it’s actively deleted, but what about system backups? What about data theft?

Thing is, even if you’re the most above board law-abiding citizen there are a whole BUNCH of legitimate reasons why you don’t want data that describes what you’ve done looked over by anyone. Some of those reasons we can’t even think of yet. The consequences of someone being able to see what you were doing aren’t clear, but it’s not hard to imagine that they could be devastating to your life and the lives of your family.

And it’s clearly valuable or so many folks wouldn’t be trying to collect it!

No doubt the engineers at Microsoft use discretion when choosing what information to collect. The engineers are not evil. But they are just people, and no matter how pure their thoughts are, in fact they have several conflicts of interest…

• They would like to know every single little thing you did that led up to a crash; sometimes that’s the only way to know why something failed. What file did you open, what keystrokes did you type, what data did you work on?
• Their marketing people would like to accumulate information about what you like to do so they can target advertisements to you. Not to say anything against the programmers, but we can easily see who’s in charge at Microsoft.
• They may fully believe that whatever data they’ve collected is secure, while in fact they’re not perfect (newsflash: no one is) and it may not stay secure – even if it is now.

There are those who might say, “If you’re not doing anything wrong, you have nothing to hide.”

To them, on the presumption that they are also good, law-abiding folks, I might ask in return:

Do you openly tell everyone your bank account passwords? Do you lock your doors? Do you leave the window blinds open? Do you close the stall in a public restroom? Do you post all your personal details on social media? Have you ever wanted to shield what’s on your computer screen from those wanting to sneak a peek? Those are situations in which you are in control. Now let’s talk about those where you aren’t.

A desire for privacy is not wrong. It is not nefarious. It does not imply wrongdoing.

It’s normal and reasonable. It’s smart.

-Noel

18 users thanked author for this post.

rc primak, anita.yk, Bill C., dononline, woody, Elly, johnf, MrJimPhelps, Cybertooth, HiFlyer, satrow, Microfix, lurks about, flackcatcher, NetDef, samak, thymej, Karlston

Reply | Quote

Very well said.  Especially the last couple of paragraphs.

Thanks!

5 users thanked author for this post.

rc primak, Elly, Noel Carboni, HiFlyer, Microfix

Reply | Quote

Fully agree, there is some information that either needs a context, should have very limited sharing, or should not be shared ever. Context includes searches; what was the reason for the search. Some information needs to be shared with a very limited number of people (such as who you bank with, credit card numbers), or never shared (passwords).

4 users thanked author for this post.

anita.yk, Elly, rc primak, Noel Carboni

Reply | Quote

Here’s another reason how someone could use perfectly innocent information against you: What if you run for office? If your opponent can obtain all of the info you have put online, then he could spin it in such a way to make you look ridiculous or evil, even though you are not; and by doing so, he could cause you to lose the election.

Suppose you are running for sheriff. The current sheriff has access to confidential location data, data which is available only to emergency services, even if you have turned location off in your phone. If you’ve ever attended a meeting of a group that is controversial (e.g. a church or political group), that information could be spun to make you look bad.

In short, you should be able to control the info that goes out. You can’t control it all, but it would be nice if you could at least control what Windows collects, because chances are, just about all of your online time is in a Windows environment (if you are using a computer).

By the way, I feel exactly the same way about the info that goes out from your smart phone.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

5 users thanked author for this post.

anita.yk, flackcatcher, Cybertooth, Elly, Noel Carboni

Reply | Quote

By Jove, he’s got it!!!  Thanks.  That was a very well thought out post.

1 user thanked author for this post.

Noel Carboni

Reply | Quote

What about Skybot Anti-Beacon? Is it still useful in this situation?

Reply | Quote

Spybot anti beacon seems to have been updated at least as recently as June 2017, so that shows this utility as being maintained and updated from time to time. It should still be useful.

-- rc primak

1 user thanked author for this post.

anita.yk

Reply | Quote

I think you’ll find that Spybot Anti-Beacon latest version is 1.6.0.42 which was released 2016-11-11

Spybot Anti-Beacon

Windows - commercial by definition and now function...

Reply | Quote

I found a more recent version mentioned in their Support Community. That’s the info I’m going on.  Your link is to an old discussion of their Portable Version, which is not the same.

See a more current discussion thread of the Installed Version here:

https://forums.spybot.info/showthread/?74668-Spybot-2-6-is-here!

(Posted June 19, 2017, and clearly Version 2.6 Installer, not 1.6 Portable. )

The Post links to their announcement, here:

https://www.safer-networking.org/2017/spybot-2-6/

-- rc primak

1 user thanked author for this post.

Microfix

Reply | Quote