"Android apps, forced Microsoft accounts, telemetry, oh my!"

Given how curmudgeonly my immediate reaction was to this week's Windows 11 announcement, I was beginning to wonder if I'm just being far too cynical about all of this. Nobody else was making that much noise about the six-year-old telemetry and data collection that was bundled into Windows 10 (and later back-ported to Windows 7). The biggest substantive criticism of W11 seemed to revolve around its hardware requirements (especially TPM 2.0); the next-biggest criticism was about the removal of the ability to reposition the taskbar from the bottom of the screen to the one of sides.

Apparently, though, other people just needed a little time to catch up; por ejemplo, Jez Corden, at Windows Central:

In our heavily connected, heavily surveilled world, anxiety about government and big tech overreach is at a fever pitch. And Microsoft has increasingly fallen on the wrong side of this argument.

At the Windows 11 event yesterday, Microsoft had an opportunity to meet some of these concerns, founded or not. Yet, it chose not to. [...]

In Microsoft's Windows 11 blog post, the word "privacy" doesn't appear once in the copy, which doesn't exactly bode well for its messaging. Windows 11 will force users to use a Microsoft Account in its free Home Edition, which already speaks of a business model where your data is the monetization engine. Even if you're using the world's best VPN, it's not exactly going to protect your data from going directly to Microsoft if you're signed in. [...]

Microsoft is also enlisting another doubted tech giant, Amazon, to bring Android apps to Windows 11. Amazon is under heavy scrutiny already for the way it treats its workers among other things, but combining this with Android adds another layer of concern. Android is oft-painted as an insecure, privacy-apathetic platform. True or not, the prospect of an Amazon-fronted Android subsystem in Windows 11 compounds data fears.

Microsoft strikes again, flags anti-telemetry HOST file changes as malware

Microsoft does not have a great record when it comes to data collection. Starting with the release of Windows 10, when they insisted that they needed to collect essentially every possible kind of metadata from users in the name of maintaining the platform, only to later admit that at least half of that data collection wasn't necessary after all, Microsoft's built-in telemetry has been a pain point for privacy-conscious users for years.

Windows 10's telemetry system was a major contributor to the slow uptake of Windows 10, and Microsoft's later decision to add the same telemetry, retroactively, to Windows 8 and 7 as well was even harder to defend; neither older OS, after all, needed to be maintained in perpetuity the way Windows 10 did, and both were mature OSes and much more stable to begin with, so why did they need to harvest users' metadata? I'd still like to know; Microsoft never explained.

Naturally, Windows users generally, and Windows 7 users in particular, started looking for workarounds for Redmond's telemetry bullshit. Third party applications like Spybot's Anti-Beacon, or O&O ShutUp10, began to proliferate, turning off telemetry for users that cared enough to take steps to do so; meanwhile, Microsoft continued to ignore calls by data privacy advocates and activists to turn off the telemetry, or at least to allow all of their users to opt out.

Late last week, Microsoft finally responded. As reported by bleeping computer:

Since the end of July, Windows 10 users began reporting that Windows Defender had started detecting modified HOSTS files as a 'SettingsModifier:Win32/HostsFileHijack' threat.

When detected, if a user clicks on the 'See details' option, they will simply be shown that they are affected by a 'Settings Modifier' threat and has 'potentially unwanted behavior,' [...] it seems that Microsoft had recently updated their Microsoft Defender definitions to detect when their servers were added to the HOSTS file.

Users who utilize HOSTS files to block Windows 10 telemetry suddenly caused them to see the HOSTS file hijack detection.

I can attest to this not being restricted to Windows 10, or to Windows Defender; Microsft Security Essentials running on Windows 7 started exhibiting this same behaviour on my own system last Wednesday. Apparently, having already paid for the privilege of using Windows 7 or 8 is not enough; we're now expected to pay again, by allowing Microsoft to harvest our metadata, even though the operating systems themselves are either out-of-service, or approaching end-of-service.

So, what's a Windows 7 or 8 user to do? Well... personally, I switched to Linux.

Specifically, I switched to Pop!_OS, which seemed well-aligned with my game-centric use case. And while it's been a bit of a learning curve, I have to say that the experience of switching to Pop!_OS in 2020 was far less painful than my attempt to switch to Ubuntu in 2019. I won't say that it's been flawless, but it's been nearly flawless, and I won't be switching back.

Good job, Microsoft! You've finally manage to make using your products so unattractive that even a procrastinator like me has finally pulled the rip cord, and bailed on you. Sayonara, and good riddance!

If you're still on an older version of Windows, and wondering what to do next, I cannot recommend strongly enough that you make the shift to Linux. Don't accept an OS that acts like malware, or a giant corporate overlord who never listens to your concerns, and who does not care if you stay or go. Installing your new OS takes only minutes -- a far cry from my last Windows 7 install, which took hours, and even then needed me to install ethernet and graphics card drivers separately, along with hours' worth of updates, and OMG why didn't I do this years ago?

Time saved during OS installation leaves lots of time to acclimatize yourself to the new OS environment... which will still leave you lots of time to actually get back to using your PC. Seriously, I don't have a single regret, and I don't think you will, either. Give it a shot; you've got nothing to lose, except Microsoft's baggage.

Windows 10's telemetry violates GDPR, according to Dutch regulators

OMG, has this news item ever been a long time coming. From The Reg:
Microsoft broke Euro privacy rules by carrying out the "large scale and covert" gathering of private data through its Office apps.

That's according to a report out this month that was commissioned by the Dutch government into how information handled by 300,000 of its workers was processed by Microsoft's Office ProPlus suite. This software is installed on PCs and connects to Office 365 servers.

The dossier's authors found that the Windows goliath was collecting telemetry and other content from its Office applications, including email titles and sentences where translation or spellchecker was used, and secretly storing the data on systems in the United States. That's a no-no.

Those actions break Europe's new GDPR privacy safeguards, it is claimed, and may put Microsoft on the hook for potentially tens of millions of dollars in fines. The Dutch authorities are working with the corporation to fix the situation, and are using the threat of a fine as a stick to make it happen.

The investigation was jumpstarted by the fact that Microsoft doesn't publicly reveal what information it gathers on users and doesn't provide an option for turning off diagnostic and telemetry data sent by its Office software to the company as a way of monitoring how well it is functioning and identifying any software issues.

I always thought that there ought to be a law against Microsoft's data collection practices, and had hoped that GDPR might be that law, but I'll admit that it feels really satisfying to see it actually happen. I only wish that it had been the data collection in Windows 10 itself that had triggered this.

Microsoft aren't the only company facing an uphill battle when it comes to transforming their anti-consumer practices into GDPR-compliant ones (The Reg dubbed this "GDPRmageddon," which is just fabulous). Considering just how stubborn Microsoft have been when it comes to addressing the inadequacies of their business practices, though, I have a feeling that they'll struggle with GDPR compliance more than most companies... except, of course, for Facebook.

Reminder: Windows 7 really is the new XP

Back during the darkest days of Microsoft's GWX campaign, when they'd abandoned all pretense of believing in the quality of the product and offering Windows users a free upgrade, and instead started switching users' systems to Windows 10 no matter how many times they'd refused previously, it was already becoming clear that Microsoft had done lasting harm to their own brand, and to the relationship of trust and goodwill that they'd previously enjoyed with users of Windows 7.

I wasn't alone in referring to Microsoft's GWX fiasco as "upgrade-gate," or to point out the consequences with which Microsoft would have to deal for the next several years; pieces like this one, from Makeof.com, were pretty easily found at the time:

Steve Jobs famously said “people don’t know what they want until you show it to them.” Microsoft must think this is true for Windows 10. And so its developers keep finding new ways to trick Windows 7 and 8 users into upgrading because surely they will like Windows 10 once the see it. Or they’ll just surrender.

Personally, I do like Windows 10, but I also appreciate the reasons of those who oppose the upgrade. And I think what Microsoft has been doing is deeply disturbing and unethical. Microsoft acts as if its goal for 1 billion Windows 10 users supersedes the company’s responsibility for its existing Windows customers.

This reckless battle has unintended consequences, which not only hurt Microsoft’s customers, but also its business.

From loss of trust in the Windows; to users simply turning off Windows Update to avoid the hated GWX payloads; to actual monetary costs in the form of lost time, bandwidth, and productivity; reasons abounded why Microsoft's overly-aggressive GWX push was a bad idea. And while the worst of these for Microsoft, "Home Users Will Abandon Windows," hasn't yet come to pass, there's still no sign that consumers have forgiven Microsoft for the liberties, excesses, and borderline (or actual) abuses of GWX.

Microsoft's GWX push was of a piece with Terry Myerson's Windows-centric strategy, which Microsoft has since abandoned. Two years after GWX's failure, Myerson is no longer at Microsoft; his Windows and Devices Group no longer exists, its various teams having been redistributed across other business units which, according to Microsoft, are actually the future of the company. And Windows 10 is still not as popular as Windows 7... depending on who you ask, of course.

The fallout from GWX still hasn't stopped falling, either. Every month, Microsoft delivers updates for Windows 7, and every month, the description of those updates includes the same disclaimer: "does not include windows 10 upgrade functionality." That's still necessary, more than two years after GWX; that is truly epic levels of fail.

But it actually gets worse for Microsoft.

Microsoft makes it official

It looks like the "Diagnostic data viewer" is, indeed, going to be a thing, as Microsoft have announced on their own blog:

To kick off the new year ahead of Data Privacy Day we are giving our Windows Insiders an early preview of the Windows Diagnostic Data Viewer coming in our next release of Windows. Our commitment is to be fully transparent on the diagnostic data collected from your Windows devices, how it is used, and to provide you with increased control over that data. This is all part of our commitment to increase your trust and confidence in our products and services.

This brand new commitment of full transparency is, of course, new - up to now, Microsoft have acted in the privacy interests of Windows 10 users only when threatened with regulatory action, and have consistently done just enough to keep regulators at bay, while continuing to harvest users' data. So, call me cynical, but I have to wonder what regulatory action was in the offing here, that we don't yet know about, and which Microsoft is trying to mitigate by bolstering Windows 10's privacy regime.

Windows 10's "Redstone 4" update (actual name TBA, but hopefully better than Creators Update) should be rolling out in March or April, if Microsoft stay on schedule, and these new changes are supposed to be part of it, so Windows 10 users should get the DDV at the same time that they get Timeline... which was supposed to roll out two updates ago. Moderate those expectations, folks!

That said... this is an improvement, and a long overdue one, so I'm going to go ahead and call it a win for consumers. Now they just need to restore Cortana's off switch...

In a long overdue move, Microsoft might finally tell you what data they're collecting, and let you delete it, in Windows 10

File this one under "It's about fucking time, Microsoft." As reported by TechRadar:

In a move that will certainly please privacy-conscious users, it seems that Microsoft is about to introduce the ability to view and delete the telemetry data that Windows 10 collects, according to new options that have popped up in the operating system’s latest preview builds.

[...]

Last April, after taking what seemed like endless heat on the issue, Microsoft clarified what personal data Windows 10 collects on a basic level (the minimum amount of telemetry data you can elect to send).

But as Ghacks spotted, the most recent preview builds of Windows 10 (released this month and last month) have a pair of new options at the bottom of the Diagnostics & Feedback screen: ‘Diagnostic data viewer’ and ‘Delete diagnostic data’.

At the moment, these are merely placeholders which don’t function or do anything when clicked, but hopefully they will be live for those testing Windows 10 soon enough.

As a result, it’s not clear exactly what their function is at this point, but it seems obvious enough: the former should allow the user to fully view all the diagnostic data being collected on their system, and the latter should facilitate its deletion.

It's important to note that Microsoft haven't announced anything about this themselves, yet, and nobody's seen this feature in action, either, so there's a lot of assumptions in this report. In particular, there's no indication yet whether this functionality would be available to all Windows 10 users, or whether Microsoft might end up restricting it to high-priced SKUs of the OS, as they've previously done with tools like the Group Policy Editor, or the ability to turn off the "Microsoft Consumer Experience."

Still, assuming that Windows 10 Home users get access to these tools, too, it could be a long-overdue addition to the privacy and personal information management tools that the OS should always have included. Honestly, giving users a greater degree of control over Windows 10's telemetry bullshit is the kind of thing that might have convinced me to switch, had they done it back when switching was still a free upgrade.

Now, of course, upgrading will cost extra, which means that I still won't be switching until the time comes to buy a new PC... which won't happen for me until AMD releases new, Spectre-free CPU designs, which is about the only "feature" that I'd really consider switching PCs to obtain (and, no, I'm not even considering switching to Intel). In the meantime, regardless of which version of Windows you're running, you should still be running an anti-telemetry application like SpyBot's Anti-Beacon as well. Don't forget, Microsoft's telemetry bullshit isn't restricted to Windows 10 anymore.

Microsoft moguls name privacy and surveillance as major issues needing attention in 2018.

Apparently they're oblivious to the irony of taking a position like this one:

The past 12 months brought another important year in a decade filled with milestones relating to privacy and surveillance. And there is every reason to believe that 2018 will offer more of the same. Two specific topics rose to the top in 2017.

The first involves a sea change in privacy regulation, marked by the European Union’s General Data Protection Regulation. It moves beyond the European Data Protection Directive adopted in 1995, enough so that “GDPR” has become a well - known word across the tech sector. The new EU regulation takes effect on May 25, imposing added requirements on companies that have the personal information of European consumers, regardless of where the company is located. While many regulations tell companies what they cannot do, GDPR also tells firms what they must do. Among the changes, the regulation requires that companies ensure that European consumers can learn what information businesses have about them, change the information if it’s inaccurate, move the information to another provider if desired, and delete it if they “wish to be forgotten.” In effect it prescribes new business processes and even product features.

Gee... does that mean that Windows 10 users will be able to opt out of telemetry at some point in 2018, or have an option in the control panel to turn off Cortana without a fucking registry edit? Or is Microsoft planning to continue doing the absolute minimum required to avoid (more) regulatory action, while continuing to treat users' PCs and personal data like Microsoft's pseudo-feudal fiefdom? Place your bets!

Microsoft, naturally, quickly move on to talking about government surveillance, while blowing their own bugle about the handful of court cases they're currently litigating to prevent the U.S. Government from encroaching on their big data fiefdom, but you shouldn't be fooled into thinking that Micrsoft have your best interests at heart, because they don't. This is all about protecting their interests; any benefit that you receive in the process is incidental.

Probably not a good sign

If you're Microsoft, and still hoping that the world will flock to your flagship OS (which is totes going to happen any day now, folks, just keep waiting for it), then might not be a good sign for fairly pro-Windows sites like Betanews are advocating for Linux as an alternative, in stories with headlines like this one:

Yeah.... ouch.

Quoting from the article itself:

Linux Mint is a great operating system. For those that want an alternative to Windows 10, it is a wonderful choice for two specific reasons. For one, it has a superior user interface. Whether you opt for the Cinnamon desktop environment or instead choose Mate, you will have a more intuitive experience than the insanity that is Windows 10. Secondly and more importantly, however, you don't have to worry about a billion dollar company tracking all of your activity. While telemetry sometimes has its benefits, Microsoft seems to have forgotten that their operating system is a guest on your computer. Again, it is your computer -- not the Windows-maker's.

[...]

Are you ready to take back your computer and ditch Windows 10? Use the below links to download the ISO. While both Cinnamon and Mate are solid environments, the latter is the prettier of the two. I would only recommend Mate if your computer is very under-powered. With that said, if you are already running Windows 10, your computer should handle Cinnamon perfectly fine.

[...]

• Linux Mint Cinnamon (64-bit Download) (Release notes)
• Linux Mint Mate (64-bit Download) (Release notes)

Man, the telemetry business really isn't going away, is it? And it's really not helping Microsoft at all; every time I see telemetry mentioned, it's negatively. You'd almost think that Microsoft could do themselves a huge favour by making it possible to easily opt out of data collection, or something.

But I digress. Back to Linux Mint itself, the new "Sylvia" release of which comes with some solid-sounding features, like native Flatpak support (which simplifies software installation, allowing you to "install bleeding-edge applications even if their dependencies are not compatible with Linux Mint," according to Clement Lefebvre of Linux Mint) and TimeShift (which simplifies system backups), and is available now.

Did I mention that it's free? Yeah, it's free.

Windows 7 is good until 2020, so there's no rush to switch operating systems, but if you were wondering if there were other viable options available besides Windows 10, the answer would seem to be a resounding yes... and sites like Betanews are giving them more attention and good press, something which may be only just beginning. NetMarketShare may have massaged their OS market share reports until the Linux Shift was invisible again, but that doesn't mean that a shift isn't happening, or that Windows 10's ascendancy is assured. I suspect that we're in for a couple of years of interesting developments on this front... stay tuned.

Windows 10 breaches Dutch data protection law

I had a feeling that Microsoft's anti-consumer data collection bullshit wasn't done getting them into trouble with European regulators, but I'll admit that I wasn't expecting the next chapter in that story to come out of the Netherlands.

As reported by ZDNet's David Meyer:

Microsoft breaches the Dutch data protection law in the way it processes the personal data of people using the Windows 10 operating system, the country's data protection agency has said.

On Friday, Dutch data protection authority (DPA) the Autoriteir Persoonsgegevens said that Microsoft doesn't tell Windows 10 Home and Pro users which personal data it collects and why. It also said the firm makes it impossible for users to give their valid consent to their personal data being processed, due to the multiple ways in which that data might subsequently be used.

The data watchdog added that Microsoft "does not clearly inform users that it continuously collects personal data about the usage of apps and web surfing behaviour through its web browser Edge, when the default settings are used".

"It turns out that Microsoft's operating system follows about every step you take on your computer. That results in an intrusive profile of yourself," said Wilbert Tomesen, the regulator's vice-chairman. "What does that mean? Do people know about this, do they want this? Microsoft needs to give users a fair opportunity to decide about this themselves."

The issue, naturally, is telemetry.

While Microsoft offers users an overview of the categories of data that it collects through basic telemetry, it only informs people in a general way, with examples, about the categories of personal data it collects through full telemetry, the regulator said.

"The way Microsoft collects data at the full telemetry level is unpredictable. Microsoft can use the collected data for the various purposes, described in a very general way. Through this combination of purposes and the lack of transparency Microsoft cannot obtain a legal ground, such as consent, for the processing of data," it said.

It's hard to say exactly what effect this will have. When France's data watchdog had issues with Windows 10, Microsoft was able to find a bare-minimum level of compliance which resulted in a closed file, and mostly cosmetic changes to Windows' telemetry, an outcome that they're clearly hoping to replicate (ZDNet's piece quotes Microsoft Windows privacy officer Marisa Rogers as prioritizing compliance with the Dutch data protection law, while sharing "specific concerns with the Dutch DPA about the accuracy of some of its findings and conclusions"), so it could be that very little will actually change this time, either.

But with Windows 10 still struggling to win converts, and signs that Windows 7 users are leaving Windows entirely, for Linux, it's hardly good news for Microsoft that Windows 10's data collection and privacy issues are once again back in the news. They'd clearly hoped that this issue would go away, but since they haven't actually fixed the problem, that may be unlikely.

Hey, Microsoft! Do you want to know what will make this problem go away, completely, and forever? Let people turn the telemetry completely off. If telemetry is opt-in, rather than can't-really-opt-out-but-there's-a-lower-level-of-intrusiveness-available-you-pussies, people will stop complaining about the telemetry system. You might even win some converts amongst dug-in Windows 7 users (no promises, though - those folks have dug in pretty deeply).

Oh, and before I forget.... If you're reading this, then you should be running Spybot's Anti-Beacon, or something similar. Don't forget that Microsoft retconned this telemetry bullshit into Windows 7 and 8/8.1, too, so you should be taking steps to protect your own privacy, regardless of which Windows version you use. Microsoft sure as shit aren't going to.

Selection bias in action: Windows 10's data collection policies really haven't been as positively received as they'd like you to think.

From Wikipedia:

Selection bias is the bias introduced by the selection of individuals, groups or data for analysis in such a way that proper randomization is not achieved, thereby ensuring that the sample obtained is not representative of the population intended to be analyzed.^[1] It is sometimes referred to as the selection effect. The phrase "selection bias" most often refers to the distortion of a statistical analysis, resulting from the method of collecting samples. If the selection bias is not taken into account, then some conclusions of the study may not be accurate.

Keep this definition in mind when reading ZDNet's latest reportage on Microsoft's Windows 10 privacy officer's latest press release (and, OMG, did that ever become a bear of a sentence):

After being pummeled by critics and regulators for Windows 10's overzealous personalization efforts, Microsoft says it's received "positive" feedback about privacy-enhancing changes it introduced in the Windows 10 Creators Update.

Those changes, which Microsoft rolled out in Windows 10 in recent months, include an online privacy dashboard and finer controls for location, speech recognition, diagnostics, tips and recommendations, and relevant ads.

It made those changes under the watch of European data-protection authorities, amid the French National Data Protection Commission's (CNIL) year-long probe over Windows 10's "excessive data collection" and tracking browser data without user consent.

CNIL in June lifted its formal notice on Microsoft, noting it had halved the volume of telemetry data collected under the Basic Diagnostic setting, and now provided "clear and precise information" about web tracking for personalizing ads.

With that episode in the rearview, Microsoft is now highlighting signs that customers do trust it with their data and that its responsiveness to customer feedback -- rather than just legal threats from watchdogs -- is driving Windows privacy improvements.

"Feedback we've received about the Creators Update has been positive. This is great news to us because what we hear from you directly impacts the improvements we make," says Marisa Rogers, Microsoft privacy officer for the Windows Devices Group.

Despite the basic Diagnostics setting collecting far less data than before, Rogers points out that 71 percent of customers select the Full option, which sends browser data, app and feature usage, and inking and typing data to Microsoft.

The setting is on Full by default, but can be toggled to Basic.

So, where's the selection bias here? you're probably asking by now.

Let's start with the fact that a significant number of the Windows users most likely to have objected to Microsoft's Windows 10 privacy regime are still using Windows 7. They never switched to Windows 10, precisely because of Microsoft's broken data collection and privacy policies, and that has not changed, even after the changes which Microsoft made while under threat of regulatory action by the Article 29 Working Party.

We'll continue with the fact that "Full" data collection is still the default, and that leaving it on may not represent approval so much as apathy on the part of those who have done so. The 71% of customers who are still set to "Full" data collection didn't select it; they just didn't care enough to change the setting. How many times have you clicked through an annoying pop-up screen to get to whatever you'd turned on your PC to do, intending to go back and look at it later... only to forget to go back later? Yeah, me, too.

And, about that positive feedback? All I can say is, "Duh."

Windows 10 Enterprise ignores user privacy settings

From Windowsreport:

According to Mark Burnett, an independent IT security analyst, the OS lets users enable their preferred privacy settings only to ignore them after the fact [...] Despite having telemetry and the tracking-related services disabled, the system still connects to these services. Adding a few extra reg hacks doesn’t help blocking telemetry services. [...] With every possible setting to block connections to Microsoft disabled (except updates), a bunch of advertising-related connections are still visible. [...] Ultimately, Microsoft doesn’t honor it’s own Group Policy settings. For more details about this strange Windows 10 Enterprise behavior, you can check out Mark Burnett Twitter page. You’ll also find screenshots for all the privacy issues listed above as well.

The actual Windowsreport article isn't much longer than the except I've blogged here (and which I've rather savagely cut down, to avoid simply quoting their entire article), although it mentions some more technical issues like the system still connecting out to perform IPV6 Teredo tests, even with both IPV6 and Teredo diabled; the system still connecting to SmartScreen, even with SmartScreen diabled; and so on. The basic point seems pretty clear, though: Microsoft is still ignoring user privacy settings to harvest data to which those users have explicitly denied them, and they're doing it so that they can advertise to these users... and these are Enterprise users, remember, not just people making personal use the PCs in question.

I'll admit it: I'm a little surprised to learn that even Windows 10's Enterprise edition has these issues. To find this sort of Microsoft bullshittery in the Home edition, or even the Pro edition, wouldn't have surprised me at all, but Enterprise is the really expensive purchase plan, the one that Microsoft is pushing to larger corporations. I'm not a larger corporation, but if I were, this is the kind of thing that would turn me off Windows 10. Almost two years later, and Microsoft are still screwing up on basic privacy. GG, Microsoft! Well done.

It will be interesting to see what happens with Windows 10 adoption rates over the month...

UPDATE:
Mark Burnett ran some more thorough tests on a clean install of Win10 Enterprise, and posted about the results here. His summarized assessment of the situation boils down to these points:

• I made mistakes on my original testing and therefore saw more connections than I should have, including some to Google ads.

• You can cut back even more using the Windows Restricted Traffic Limited Functionality Baseline but break many things.

• Settings can be set wrong if you aren’t paying attention. Also, settings are not consistent and can be confusing to beginners.

• You are opted-in to just about everything by default and have to set hundreds of settings to opt out, even on an Enterprise Windows system. Sometimes multiple settings for the same feature. Most Microsoft documentation discourages opting out and warns of a less optimal experience. It’s almost like they don’t want you to opt-out.

• But you can’t completely opt-out. Windows still tracks too much.

• Home and Professional users are much worse off due to limitations of some settings and lack of an IT staff. I’m not going to bother with captures from those systems, this has already been shared by many others. Spoiler: it’s bad.

• I’m not saying ditch Windows. I’m saying let’s fix this. If we can’t fix it, then we ditch Windows.

Microsoft to finally start giving users what they want

With Windows 10 stagnant, Windows 7 users digging in deeper while growing in numbers, and even PC gamers apparently abandoning the new OS for the eight-year-old one, it seems that Microsoft have finally decided to acknowledge the obvious, and start giving consumers what they want. Kinda.

From Gordon Kelly at Forbes:

In a new official blog post Microsoft has admitted Windows 10 needs to improve in these areas and that significant changes are on the way:

“Prior to the Creators Update, Windows 10 made most of the decisions for you regarding when updates would be installed and didn’t provide ways to tailor the timing to your specific needs,” explained John Cable, Microsoft Director of Program Management within the Windows Servicing and Delivery (WSD) team. “What we heard back most explicitly was that you want more control over when Windows 10 installs updates. We also heard that unexpected reboots are disruptive if they happen at the wrong time.”

[...]

Cable’s solution? With the Windows 10 Creators Update (coming next month) users will get far more options:

“For example, you can specify exactly when you want an update to occur (including the ability to reschedule an update if your original choice ends up being less convenient than expected), or ‘hit the snooze button.’ The ‘snooze’ capability allows you to pause the update process completely for three days when you need uninterrupted time on your device. In addition, we are widening the ‘Active Hours’ time so Windows doesn’t install an update at times when you want your device to be ready to use.”

[...]

But the Microsoft confessions don’t stop there. In the same blog post Michael Fortin, CVP of Windows and Devices Group Core Quality, also stressed that “new privacy-centric features [are] coming in the Creators Update. This new functionality will make it easier to choose the privacy and diagnostic data collection settings that are best for you.”

Was it just yesterday that I was asking when Microsoft would start correcting course on their Windows 10 bullshit? Apparently these changes will be available to Home users, too, which is another change: previously, this sort of control, however limited, was limited to users with Pro and higher licences.

Kelly notes, and I agree, that this is really just a good first step, and that Microsoft still need to do a lot more, on both fronts, if they want to lure users from Windows 7 to Windows 10. He also asks the obvious question: why now?

Again it’s commendable but this sort of control really should have been in from the start. And what motivated all these about-turns? Cynics will point to the stagnation of Windows 10 adoption since Microsoft began charging for upgrades, but those more forgiving will at least be pleased to see the platform slowly heading in the right direction.

Yes, the high cost of moving to Windows 10 just got a little lower…

Yes, the cost of moving to Windows 10 is ever so slightly lower now. Is it low enough to convince deeply dug in Windows 7 users to make the switch? 

Somehow, I doubt it. 

More than a year and half after launch, over six months after the official end of Windows 10's free giveaway period (although unofficially you can still get Windows 10 for free, if you want to), and after at least a year of unrelentingly bad PR resulting from their own anti-consumer bullshit, I suspect that Microsoft will need to do a lot more than these half-measure to repair the damage done to the relationship with their long-time customers.

So, what do Microsoft need to do?

1. Telemetry needs to be something users can opt out of, completely. After a year and a half of harvesting users' metadata and sharing it with third parties, and without telling us what data they were collecting, why they were collecting that data, specifically, where they were sending it, or who they were sharing it with, there is zero trust on this issue. Ideally, telemetry would be opt-in, and turned off by default, even for Home users.
2. Updates must revert from the current "roll-up" bullshit to the itemized list they used to be, complete with descriptive Knowledge Base articles on each included update item, so that users know what Microsoft is installing on their systems and why. Updates also need to stop reinstalling Microsoft's own bloatware that users had uninstalled, and they need to stop resetting users' privacy and security settings without users' knowledge and explicit consent. Any changes that Microsoft want to make to users' settings as part of an update need to be explained. 
• Also, stop adding the "compatibility" updates (KB 2952664, KB 2976978, KB 2977759, etc.) to Windows 7's update queue. Windows 7 users are using Windows 7 because they do not want to switch to Windows 10, and given how aggressive the GWX campaign was, it's taken no small amount of effort to avoid being switched over. These users aren't just procrastinating, they're actively saying "no!" Take a fucking hint, already, and stop pushing.
3. Cortana must revert to something that users can turn off, if they don't want to use the service. I don't care that Microsoft think this is the big marquee feature of Windows 10. The numbers don't lie; Cortana is not enough to sell Windows 10, and its big-brotherly omnipresence may be keeping users away. 
• Cortana also needs to be able to work with Google and Chrome, rather than being locked to Bing and Edge. Nobody likes Bing, and nobody uses Edge, and it's time to stop trying to make "fetch" happen.
4. Speaking of, which, Microsoft need to stop pushing Edge and Bing on users who have clearly expressed a preference for a competing product, and to stop pushing the Windows Store and the Universal Windows Platform. No more scare-mongering from the start menu or tool bar, and no more pushing Microsoft-branded extensions and add-ons for Chrome from the start menu or tool bar, either.
• It would also help if Microsoft fixed their fucking browser, but that's a secondary issue; more than anything else, Microsoft need to start respecting users' choices, here.
5. The same applies with the Windows 10 Store. Does anybody really believe that Microsoft wanting to lock out Win32 apps and restrict users to the Windows Store is about bloatware? Build a better store, advertise it outside of the OS itself, and maybe the customers will come. But stop trying to push us to your broken storefront. The market has clearly spoken, on this one. Seriously, stop trying to make "fetch" happen.

That's really what all of these points boil down to: respect for Windows' users, respect for their clearly and repeatedly expressed choices and preferences, respect for the fact that PC users clearly intend to go on owning their own machines, and controlling what gets installed on them (and when, from where, and by whom).

Microsoft have been desperate to change the paradigm of Windows from an open, user-controlled one, into a walled garden: a closed ecosystem where control resides exclusively with Microsoft, where the entire PC software marketplace is transmuted into an iPhone-style App Store, and where users will do what Microsoft say, how they say, when they say it. Windows 8 was based around this walled garden approach, and PC users avoided it like the plague. Windows 10 softened the messaging a bit, but its central design philosophy was identical to Windows 8's, and users have clearly rejected it again. 

Microsoft need to recognize that simple reality, and turn Windows 10 into the user-controlled experience that PC users are clearly demanding, and on which they're clearly unwilling to compromise. This latest move looks to be a promising baby step in the right direction, but that's only meaningful if they follow it up with more steps. If this is the only step they're planning to take, if they're just trying to figure out what the absolute minimum is that they can get away with doing, then it's not going to be enough.