Microsoft strikes again, flags anti-telemetry HOST file changes as malware

Microsoft does not have a great record when it comes to data collection. Starting with the release of Windows 10, when they insisted that they needed to collect essentially every possible kind of metadata from users in the name of maintaining the platform, only to later admit that at least half of that data collection wasn't necessary after all, Microsoft's built-in telemetry has been a pain point for privacy-conscious users for years.

Windows 10's telemetry system was a major contributor to the slow uptake of Windows 10, and Microsoft's later decision to add the same telemetry, retroactively, to Windows 8 and 7 as well was even harder to defend; neither older OS, after all, needed to be maintained in perpetuity the way Windows 10 did, and both were mature OSes and much more stable to begin with, so why did they need to harvest users' metadata? I'd still like to know; Microsoft never explained.

Naturally, Windows users generally, and Windows 7 users in particular, started looking for workarounds for Redmond's telemetry bullshit. Third party applications like Spybot's Anti-Beacon, or O&O ShutUp10, began to proliferate, turning off telemetry for users that cared enough to take steps to do so; meanwhile, Microsoft continued to ignore calls by data privacy advocates and activists to turn off the telemetry, or at least to allow all of their users to opt out.

Late last week, Microsoft finally responded. As reported by bleeping computer:

Since the end of July, Windows 10 users began reporting that Windows Defender had started detecting modified HOSTS files as a 'SettingsModifier:Win32/HostsFileHijack' threat.

When detected, if a user clicks on the 'See details' option, they will simply be shown that they are affected by a 'Settings Modifier' threat and has 'potentially unwanted behavior,' [...] it seems that Microsoft had recently updated their Microsoft Defender definitions to detect when their servers were added to the HOSTS file.

Users who utilize HOSTS files to block Windows 10 telemetry suddenly caused them to see the HOSTS file hijack detection.

I can attest to this not being restricted to Windows 10, or to Windows Defender; Microsft Security Essentials running on Windows 7 started exhibiting this same behaviour on my own system last Wednesday. Apparently, having already paid for the privilege of using Windows 7 or 8 is not enough; we're now expected to pay again, by allowing Microsoft to harvest our metadata, even though the operating systems themselves are either out-of-service, or approaching end-of-service.

So, what's a Windows 7 or 8 user to do? Well... personally, I switched to Linux.

Specifically, I switched to Pop!_OS, which seemed well-aligned with my game-centric use case. And while it's been a bit of a learning curve, I have to say that the experience of switching to Pop!_OS in 2020 was far less painful than my attempt to switch to Ubuntu in 2019. I won't say that it's been flawless, but it's been nearly flawless, and I won't be switching back.

Good job, Microsoft! You've finally manage to make using your products so unattractive that even a procrastinator like me has finally pulled the rip cord, and bailed on you. Sayonara, and good riddance!

If you're still on an older version of Windows, and wondering what to do next, I cannot recommend strongly enough that you make the shift to Linux. Don't accept an OS that acts like malware, or a giant corporate overlord who never listens to your concerns, and who does not care if you stay or go. Installing your new OS takes only minutes -- a far cry from my last Windows 7 install, which took hours, and even then needed me to install ethernet and graphics card drivers separately, along with hours' worth of updates, and OMG why didn't I do this years ago?

Time saved during OS installation leaves lots of time to acclimatize yourself to the new OS environment... which will still leave you lots of time to actually get back to using your PC. Seriously, I don't have a single regret, and I don't think you will, either. Give it a shot; you've got nothing to lose, except Microsoft's baggage.

Windows 10 breaches Dutch data protection law

I had a feeling that Microsoft's anti-consumer data collection bullshit wasn't done getting them into trouble with European regulators, but I'll admit that I wasn't expecting the next chapter in that story to come out of the Netherlands.

As reported by ZDNet's David Meyer:

Microsoft breaches the Dutch data protection law in the way it processes the personal data of people using the Windows 10 operating system, the country's data protection agency has said.

On Friday, Dutch data protection authority (DPA) the Autoriteir Persoonsgegevens said that Microsoft doesn't tell Windows 10 Home and Pro users which personal data it collects and why. It also said the firm makes it impossible for users to give their valid consent to their personal data being processed, due to the multiple ways in which that data might subsequently be used.

The data watchdog added that Microsoft "does not clearly inform users that it continuously collects personal data about the usage of apps and web surfing behaviour through its web browser Edge, when the default settings are used".

"It turns out that Microsoft's operating system follows about every step you take on your computer. That results in an intrusive profile of yourself," said Wilbert Tomesen, the regulator's vice-chairman. "What does that mean? Do people know about this, do they want this? Microsoft needs to give users a fair opportunity to decide about this themselves."

The issue, naturally, is telemetry.

While Microsoft offers users an overview of the categories of data that it collects through basic telemetry, it only informs people in a general way, with examples, about the categories of personal data it collects through full telemetry, the regulator said.

"The way Microsoft collects data at the full telemetry level is unpredictable. Microsoft can use the collected data for the various purposes, described in a very general way. Through this combination of purposes and the lack of transparency Microsoft cannot obtain a legal ground, such as consent, for the processing of data," it said.

It's hard to say exactly what effect this will have. When France's data watchdog had issues with Windows 10, Microsoft was able to find a bare-minimum level of compliance which resulted in a closed file, and mostly cosmetic changes to Windows' telemetry, an outcome that they're clearly hoping to replicate (ZDNet's piece quotes Microsoft Windows privacy officer Marisa Rogers as prioritizing compliance with the Dutch data protection law, while sharing "specific concerns with the Dutch DPA about the accuracy of some of its findings and conclusions"), so it could be that very little will actually change this time, either.

But with Windows 10 still struggling to win converts, and signs that Windows 7 users are leaving Windows entirely, for Linux, it's hardly good news for Microsoft that Windows 10's data collection and privacy issues are once again back in the news. They'd clearly hoped that this issue would go away, but since they haven't actually fixed the problem, that may be unlikely.

Hey, Microsoft! Do you want to know what will make this problem go away, completely, and forever? Let people turn the telemetry completely off. If telemetry is opt-in, rather than can't-really-opt-out-but-there's-a-lower-level-of-intrusiveness-available-you-pussies, people will stop complaining about the telemetry system. You might even win some converts amongst dug-in Windows 7 users (no promises, though - those folks have dug in pretty deeply).

Oh, and before I forget.... If you're reading this, then you should be running Spybot's Anti-Beacon, or something similar. Don't forget that Microsoft retconned this telemetry bullshit into Windows 7 and 8/8.1, too, so you should be taking steps to protect your own privacy, regardless of which Windows version you use. Microsoft sure as shit aren't going to.

Turn off the ads in Windows 10

Thanks, Cybershack:

How to disable ads on the Windows 10 lock screen
Disabling ads on the Windows 10 lock screen simple requires you to disable a setting called Windows Spotlight. You can find this by following the steps below.

1. Open the start menu and open the Settings app
2. Select "Personalisation"
3. Select "lock screen" from the menu on the side
4. Under background, change "Windows Spotlight" to either "picture" or "slideshow"
5. Toggle "get fun facts, tips, tricks and more on your lock screen" to off

How to disable ads in the Windows 10 start menu
Windows 10 will occasionally show "suggested" apps in your start menu. Once again, these are fairly easy to get rid of.

1. Open the start menu and open the Settings app
2. Select "Personalisation"
3. Select "start menu" from the menu on the side
4. Toggle "occasionally show suggestions in Start" to off

How stop Windows 10 tracking you for targeted ads
This is a bit more ominous than it sounds, but Windows 10 is able to track your usage across apps you've gotten from the Windows Store. This information is then used to provide you with more personalised ads in other apps. If you want to switch this off, you can do this be following the steps below.

1. Open the start menu and open the Settings app
2. Select "Privacy"
3. Toggle "let apps use my advertising ID for experiences across apps" to off

Don't forget to install SpyBot Anti-Beacon, too, and update it frequently, and make sure you check your privacy settings after each Windows Update, since Windows 10 can (and will) add new privacy settings and reset your existing privacy settings, all without notifying you or asking your permission.

Unintended consequences of #upgradegate

From makeuseof.com:

Personally, I do like Windows 10, but I also appreciate the reasons of those who oppose the upgrade. And I think what Microsoft has been doing is deeply disturbing and unethical. Microsoft acts as if its goal for 1 billion Windows 10 users supersedes the company’s responsibility for its existing Windows customers.

This reckless battle has unintended consequences, which not only hurt Microsoft’s customers, but also its business.

At this point, the article lays out the five consequences in question:

1. Lost trust in Windows

2. Users completely disabling Windows updates

3. Lost time, money, and bandwidth

4. Home users abandoning Windows entirely

5. Undermining consumers' faith in consumer protections

Microsoft now straight up trolling on Windows 10 updates.

Seriously, WTF?

Microsoft has faced criticism for changing the pop-up box encouraging Windows users to upgrade to Windows 10.

 

Clicking the red cross on the right hand corner of the pop-up box now activates the upgrade instead of closing the box. And this has caused confusion as typically clicking a red cross closes a pop-up notification.

So, just to recap, your options when told that it's time to upgrade are now:

1. "Upgrade now," which starts the upgrade right away; 
2. "OK," which schedules the upgrade for later; and 
3. closing the window... which now also schedules the upgrade for later. 

Microsoft is still claiming that "Customers can choose to accept or decline the Windows 10 upgrade," which seems rather disingenuous since the pop-up box doesn't have a single option on it anywhere which leads to that result.

The change occurred because the update is now labelled "recommended" and many people have their PCs configured to accept recommended updates for security reasons. This means dismissing the box does not dismiss the update.

Brad Chacos, senior editor at the PC World website, described it as a "nasty trick".

Yeah, no shit, Brad. But that's today's Microsoft for you: hard at work, losing friends and alienating customers.

By the way, if you're still auto-installing Windows updates whenever Microsoft tells you to, it's long past time to stop. You might also want to look into GRC|Never10, to stop Windows from upgrading anyway, even against your wishes, because Microsoft clearly cannot be trusted to respect your wishes. And if you aren't already running Spybot's Anti-Beacon, then you should consider doing that, too (those of you who have been upgraded to Windows 10, whether or not you actually chose to upgrade, can run O&O ShutUp10 instead).

And, seriously, people... Linux. If you are tech savvy at all, you should be at least looking into running a dual-boot Linux set-up. I know that I am, and will be actually setting it up in about a month, as my summer vacation project, with a goal of completely "defenestrating" when Microsoft sunset Windows 7 ahead of schedule. Because that's obviously their next move.