Microsoft strikes again, flags anti-telemetry HOST file changes as malware

Microsoft does not have a great record when it comes to data collection. Starting with the release of Windows 10, when they insisted that they needed to collect essentially every possible kind of metadata from users in the name of maintaining the platform, only to later admit that at least half of that data collection wasn't necessary after all, Microsoft's built-in telemetry has been a pain point for privacy-conscious users for years.

Windows 10's telemetry system was a major contributor to the slow uptake of Windows 10, and Microsoft's later decision to add the same telemetry, retroactively, to Windows 8 and 7 as well was even harder to defend; neither older OS, after all, needed to be maintained in perpetuity the way Windows 10 did, and both were mature OSes and much more stable to begin with, so why did they need to harvest users' metadata? I'd still like to know; Microsoft never explained.

Naturally, Windows users generally, and Windows 7 users in particular, started looking for workarounds for Redmond's telemetry bullshit. Third party applications like Spybot's Anti-Beacon, or O&O ShutUp10, began to proliferate, turning off telemetry for users that cared enough to take steps to do so; meanwhile, Microsoft continued to ignore calls by data privacy advocates and activists to turn off the telemetry, or at least to allow all of their users to opt out.

Late last week, Microsoft finally responded. As reported by bleeping computer:

Since the end of July, Windows 10 users began reporting that Windows Defender had started detecting modified HOSTS files as a 'SettingsModifier:Win32/HostsFileHijack' threat.

When detected, if a user clicks on the 'See details' option, they will simply be shown that they are affected by a 'Settings Modifier' threat and has 'potentially unwanted behavior,' [...] it seems that Microsoft had recently updated their Microsoft Defender definitions to detect when their servers were added to the HOSTS file.

Users who utilize HOSTS files to block Windows 10 telemetry suddenly caused them to see the HOSTS file hijack detection.

I can attest to this not being restricted to Windows 10, or to Windows Defender; Microsft Security Essentials running on Windows 7 started exhibiting this same behaviour on my own system last Wednesday. Apparently, having already paid for the privilege of using Windows 7 or 8 is not enough; we're now expected to pay again, by allowing Microsoft to harvest our metadata, even though the operating systems themselves are either out-of-service, or approaching end-of-service.

So, what's a Windows 7 or 8 user to do? Well... personally, I switched to Linux.

Specifically, I switched to Pop!_OS, which seemed well-aligned with my game-centric use case. And while it's been a bit of a learning curve, I have to say that the experience of switching to Pop!_OS in 2020 was far less painful than my attempt to switch to Ubuntu in 2019. I won't say that it's been flawless, but it's been nearly flawless, and I won't be switching back.

Good job, Microsoft! You've finally manage to make using your products so unattractive that even a procrastinator like me has finally pulled the rip cord, and bailed on you. Sayonara, and good riddance!

If you're still on an older version of Windows, and wondering what to do next, I cannot recommend strongly enough that you make the shift to Linux. Don't accept an OS that acts like malware, or a giant corporate overlord who never listens to your concerns, and who does not care if you stay or go. Installing your new OS takes only minutes -- a far cry from my last Windows 7 install, which took hours, and even then needed me to install ethernet and graphics card drivers separately, along with hours' worth of updates, and OMG why didn't I do this years ago?

Time saved during OS installation leaves lots of time to acclimatize yourself to the new OS environment... which will still leave you lots of time to actually get back to using your PC. Seriously, I don't have a single regret, and I don't think you will, either. Give it a shot; you've got nothing to lose, except Microsoft's baggage.

Reminder: Windows 10 has serious privacy issues

In addition to being stuffed with a wide range of privacy problems, one of Windows 10's more off-putting "features" was the fact that you couldn't control when it updated itself, and what it installed in the process, and would even reset your privacy settings back to Microsoft's default settings, as demonstrated in videos like this one:

Apparently there are some people who didn't get that memo, though, because I'm still seeing "news" stories like this one, from PC World:

Last night, I finally upgraded my main PC to Windows 10’s major Anniversary Update. I’d been putting it off because of the devastating webcam bug introduced in the Anniversary Update—a deal-breaker for me—but now that a registry hack remedy’s surfaced ahead of an official fix, the allure of Forza Horizon 3 proved too great. So I finally forced the update. Sure, having to practically reinstall your entire OS is a headache, and it rendered my file-packed PC unusable for hours, but the process went smoothly enough.

This morning, I sat down with a fresh cup of coffee, ready to sling words while Forzadownloads in the background. And that’s when I saw it pop up on my screen.

A “Get Office” notification.

What. The. Hell.

It’s no secret that Windows 10’s stuffed with revenue-generating hooks for Microsoft, but I find the idea of a paid-for operating system shoving straight-up ads in my face distasteful, and disabled the Get Office ads and every other ad-related setting months ago. After a bit of poking and prodding, I discovered that beyond reinstalling the Get Office app that surfaces those notifications, the Anniversary Update also re-enabled Start menu and lock screen ads, essentially tossing my explicit choice to disable them out the window. And it did so without consent or even a notice that these changes were happening in the background.

Funnily enough, several other customizations I’d made to the Windows 10—from disabling ad tracking in Windows Store apps to tweaking the BitTorrent-like distribution of updates to my wallpaper—remained intact after the upgrade. As far as I can tell with a quick perusal, these ad-pushing settings are the only ones that changed when I installed the Windows 10 Anniversary Update.

Not cool, Microsoft. Not cool.

No, Brad Chacos, it's not cool. It's also not new, and it's something that people like you were supposed to be reporting on, during Microsoft's big GWX push.

Seriously, this kind of horseshit is why I refused to switch to Windows 10, even when it was being given away for "free." Of course, Windows 10 Home was never truly free, no matter what Microsoft said at the time. Remember, if you're not paying for it, then you're not the customer -- you're the product being sold.

Bottom line: if you're running Windows, then you should be running Spybot Anti-Beacon. That doesn't just apply for Windows 10, either; Microsoft has added their "telemetry" crap to earlier versions of Windows, too, which is why I recommend Spybot's Anti-Beacon over options like O&O ShutUp10 -- ShutUp10 only runs on Windows 10, while Anti-Beacon runs on Windows 7 & 8, as well. Microsoft has proved, beyond any doubt at all, that they cannot be trusted to respect your privacy, or to respect your clearly-expressed wishes on the subject of privacy, so take the steps to defend yourself.

Microsoft now straight up trolling on Windows 10 updates.

Seriously, WTF?

Microsoft has faced criticism for changing the pop-up box encouraging Windows users to upgrade to Windows 10.

 

Clicking the red cross on the right hand corner of the pop-up box now activates the upgrade instead of closing the box. And this has caused confusion as typically clicking a red cross closes a pop-up notification.

So, just to recap, your options when told that it's time to upgrade are now:

1. "Upgrade now," which starts the upgrade right away; 
2. "OK," which schedules the upgrade for later; and 
3. closing the window... which now also schedules the upgrade for later. 

Microsoft is still claiming that "Customers can choose to accept or decline the Windows 10 upgrade," which seems rather disingenuous since the pop-up box doesn't have a single option on it anywhere which leads to that result.

The change occurred because the update is now labelled "recommended" and many people have their PCs configured to accept recommended updates for security reasons. This means dismissing the box does not dismiss the update.

Brad Chacos, senior editor at the PC World website, described it as a "nasty trick".

Yeah, no shit, Brad. But that's today's Microsoft for you: hard at work, losing friends and alienating customers.

By the way, if you're still auto-installing Windows updates whenever Microsoft tells you to, it's long past time to stop. You might also want to look into GRC|Never10, to stop Windows from upgrading anyway, even against your wishes, because Microsoft clearly cannot be trusted to respect your wishes. And if you aren't already running Spybot's Anti-Beacon, then you should consider doing that, too (those of you who have been upgraded to Windows 10, whether or not you actually chose to upgrade, can run O&O ShutUp10 instead).

And, seriously, people... Linux. If you are tech savvy at all, you should be at least looking into running a dual-boot Linux set-up. I know that I am, and will be actually setting it up in about a month, as my summer vacation project, with a goal of completely "defenestrating" when Microsoft sunset Windows 7 ahead of schedule. Because that's obviously their next move.