Windows 8 Tells Microsoft About Everything You Install

Summer-Time-Fun

Well-Known Member
Apr 1, 2007
529
271
Just thought I would shed some light on this.
I'll just add the titles and leave my own comment out, other then to say it's another good reason to brush up on my Linux skills.

Windows 8 Tells Microsoft About Everything You Install:
Code:
http://gizmodo.com/5937649/windows-8-tells-microsoft-about-everything-you-install-not-very-securely

Windows 8 Is Not Good For Gamers:
Code:
http://kotaku.com/5936535/windows-8-is-not-good-for-gamers

Newell, head of Valve, has infamously stated that Windows 8 is "a catastrophe" for games development. Plenty of others have echoed the concerns, if in less strong language, including Blizzard, Stardock, and Markus "Notch" Persson of Minecraft fame. Valve, as a result, is hedging their bets for the future by trying to expand into Linux, and bringing more gaming there.
 

Wokkonno

Wokkonno XP
Jul 15, 2011
82
1
The trouble with the Windows 8 is that the squares or
rectangles comprising its new interface called METRO need
to be connected to the Internet whenever to work.

Anything that is done in this operating system Microsoft Windows
8 the owners, will know at all times that make each user.

This is a violation of the privacy of Internet users and users of this OS.

They've said there, that Windows 8 will be a total failure, when
people are put to use this operating system, realize that is always sending
data every time it is used, many people will slow, when using this Windows 8.

The interface of Windows 8 is for use with touch screens. It is quite ridiculous
to use that METRO interface using the mouse cursor.


Microsoft will force all users, buy new touch monitors 21 or 22 inches, to use
the windows 8 and enjoy all its qualities.

By using the mouse cursor in Windows 8 may get bored, and overwhelm much as it
always remains the same, and can not move the squares or rectangles on the
screen using the mouse.​

........
 

Senior Idol

Active Member
May 29, 2008
286
50
Thanks for this warning. The whole world should know about this outrage from Microsoft. I think a major class action law suit will inevitably occur, over invasion of privacy.

Senior Idol

:furious:
 

Summer-Time-Fun

Well-Known Member
Apr 1, 2007
529
271
It pisses me off when companies make track-n-snitch-ware.This is why I don't use Google chrome.
It's total bull $hit is right. Or take Yahoo For example, I just installed Yahoo messenger on a friends computer, specifically doing a custom install and unchecking all the tool bars. The installer ended up putting the tool bar on anyway, both in IE and Firefox. And I did NOT forget to uncheck it. I later found a page from Yahoo explaining how to remove it and they said that Messenger (v11 .. in my case file version 2012.05.30.01) gets installed in The "typical install" ..regardless of the fact that I had unchecked it. Well then why do they bother to put the check in? And shouldn't they be more informative when they're adding extensions into a users brower. Easily fixed but it's the point.

Also, if you use Windows, ..say XP for example. After a clean install of XP run TCPview, take a look at some of the background services that connect to remote sites that gather statistics. Windows is not open source so who knows what they're really sending.




...The whole world should know about this outrage from Microsoft. I think a major class action law suit will inevitably occur, over invasion of privacy.
:furious:

Yes, the world should know about it. Heck, look and Valve-the game service provider; they're in the process of porting their services to linux full force. That right there says something. I was on the phone with Microsoft asking them why they don't maintain backwards compatibility for people who really like their older games, and why did they remove direct draw drivers, or direct3d can't remember, but it really killed Unreal games that used it? They simply don't care.
Microsoft outsources their phone support jobs when they're a US based company. That alone makes them bad.

ah... F..k it
May you Linux developers be blessed with good things. You're all great!
 

chrisfallout

Member
Jul 8, 2008
286
16
here more info on this issue

http://www.neowin.net/news/windows-8-tells-microsoft-about-everything-you-install

Known computer security researcher Nadim Kobeissi has posted up some interesting information on the behavior of Windows 8 whenever you install an application. According to some quick researching he did, the Windows SmartScreen feature reports every application a user installs to Microsoft, and does so in a way that could be intercepted by malicious hackers.

The Windows SmartScreen feature is enabled by default and is designed to tell end users whether the application they have downloaded from the internet is safe to install on their machine. It does this by gathering some info upon opening the installer, sending it to Microsoft and then waiting for a response to see if said installer has a valid certificate. As Kobeissi mentions, this means information about every single application downloaded and installed is sent to Microsoft.

He dug further to discover the information sent could potentially be intercepted by a malicious hacker, as Microsoft uses an "outdated and insecure" method of HTTPS encrypted communications. If a hacker did manage to steal all the information on a user's application installation habits, they could make a profile of the user and use that to find other exploitable weaknesses.

The issue with SmartScreen is currently only prevalent in Windows 8 as it's the first time Microsoft has integrated SmartScreen at an OS level (Windows 7 only features SmartScreen in applications like Internet Explorer). You can disable SmartScreen so you are no longer reporting your installation habits to Microsoft, but this is apparently not easy to do and results in periodic nags to re-enable it.

Chances are Microsoft will not do anything about their implementation of SmartScreen, so as it stands now it could be a privacy and security risk.
 

chrisfallout

Member
Jul 8, 2008
286
16
here more info on this topic

http://log.nadim.cc/?p=78


Update: According to Microsoft, SmartScreen sends a hash of the app installer and its digital signature, if any. A combination of the hash and the user’s IP address is still enough to identify that IP address x attempted to install software y.

Update 2: Another researcher has discovered that a filename of the app you’re trying to install is indeed sent to Microsoft. This severely strengthens privacy concerns.

Update 3: Approximately 14 hours after this article was published, another scan of Microsoft’s SmartScreen servers reveals that they have been reconfigured to no longer support SSLv2. The servers now only support SSLv3 connections.

I’ve recently been using the final, Released to Manufacturing version of Windows 8 on one of my computers, to much delight. I’ve been very impressed by how fast, well-designed, functional and capable this latest iteration of Windows is. However, my tinkering around from a security/privacy perspective has left me concerned.

Windows 8 has a new featured called Windows SmartScreen, which is turned on by default. Windows SmartScreen’s purpose is to “screen” every single application you try to install from the Internet in order to inform you whether it’s safe to proceed with installing it or not. Here’s how SmartScreen works:

You download any application from the Internet. Say, the Tor Browser Bundle.
You open the installer. Windows SmartScreen gathers some identifying information about your application, and sends the data to Microsoft.
If Microsoft replies saying that the application is not signed with a proper certificate, the user gets an error that looks something like this.

There are a few serious problems here. The big problem is that Windows 8 is configured to immediately tell Microsoft about every app you download and install. This is a very serious privacy problem, specifically because Microsoft is the central point of authority and data collection/retention here and therefore becomes vulnerable to being served judicial subpoenas or National Security Letters intended to monitor targeted users. This situation is exacerbated when Windows 8 is deployed in countries experiencing political turmoil or repressive political situations.

This problem can however get even more serious: It may be possible to intercept SmartScreen’s communications to Microsoft and thus learn about every single application downloaded and installed by a target. Here is my analysis:

A quick packet capture showed the following activity happening immediately when I tried to install the Tor Browser Bundle:



SmartScreen appeared to connect over HTTPS to a server in Redmond (apprep.smartscreen.microsoft.com, 65.55.184.60, run by Microsoft) in order to communicate information about the application I was trying to install.

After running some tests on this Microsoft server, I discovered that it ran Microsoft IIS 7.5 to handle its HTTPS connections. The Microsoft server is configured to support SSLv2 which is known to be insecure and susceptible to interception. The SSL Certificate Authority chain goes down from “GTE CyberTrust Global Root” to “Microsoft Secure Server Authority.” The Certificate Authority model is itself susceptible to some serious problems.

I haven’t checked whether Windows SmartScreen does in fact use SSLv2, but the fact that the Microsoft servers support it is concerning. Furthermore, SmartScreen is not easy to disable, and Windows will periodically warn users to re-enable it should they attempt to disable it.

To recap, here are the concerns posed by SmartScreen in Windows 8:

Windows 8 will, by default, inform Microsoft of every app downloaded and installed by every user. This puts Microsoft in a compromising, omniscient situation where they are capable of retaining information on the application usage of all Windows 8 users, thus posing a serious privacy concern. The user is not informed of this while installing and setting up Windows 8, even though they are given the option to disable SmartScreen (which is enabled by default.)
Windows 8 appears to send this information to Microsoft to a server that relies on Certificate Authorities for authentication and supports an outdated and insecure method of encrypted communication. It is possible that these insecurities could allow a malicious third party to target a Windows 8 user and learn which applications they are using. This allows them to profile the user and decide how to best exploit their personal selection of applications and their computing habits.

I find Microsoft’s decision to design SmartScreen in such a privacy-free fashion to be a very bad choice, and I really hope that these concerns regarding SmartScreen will be addressed in near-future updates.
 

Summer-Time-Fun

Well-Known Member
Apr 1, 2007
529
271
Whats more scarey is UEFI (Unified Extensible Firmware Interface)
This deal with Microsoft really sucks, but it gets worse.
Get ready for some real fun in the new world.

UEFI is the 21st century replacement for your PC's basic input/output system (BIOS)
UEFI depends on how your chip vendor, PC OEM, and operating system vendors implement it (So they can lock out other OS's)
Code:
http://www.itworld.com/software/287946/there-will-be-no-easy-way-install-linux-windows-8-pcs

We should hope that manufactures will ship mother boards with the option to disable UEFI or else they're shooting themselves in the foot. (I will not buy a system that dictates to me) If that's all that is out there then I'll just buy a mac, or give up on computers all together. I've read if a few places that Microsoft computers will use proprietary chips. So you won't be able to install Linux or another OS on the same system. Between Metro and all the other issues Microsoft is trying to force on us with their new windows 8, they are not in a position they seem to think they are. If I wanted a desktop that worked like a phone I would buy a phone. If Microsoft was so creative, they would add to what they already had, and just charge for updates. If their updates were worthy then they would make money, if not they don't deserve it. But they'll keep forcing new designs on us because we keep buying their monopolies. ..still using XP here, works great. Windows is a tool to work by the way, and the applications we run are the cars we drive. If you're tools are rearranged every time you open your tool box to fix your car, it makes life very complicated. But we have all these dorks out there that have to have the latest greatest redundant features. If people actually did work on their computers they'd pay less attention to cosmetics. All these OS updates just make it more difficult for software developers

When businesses push this crap on us, Don't buy from them. Keep your laptop, or buy one as a backup now. Very simple. Getting the rest of the world to think like that is not.
Microsoft works for us, not the other way around. Most impotently, when you see things like UEFI, don't forget it's your money, not theirs. You're the boss
 

Gir633

Señor Member
Oct 28, 2008
556
172
If I wanted a desktop that worked like a phone I would buy a phone.
When businesses push this crap on us, Don't buy from them. Keep your laptop, or buy one as a backup now. Very simple. Getting the rest of the world to think like that is not.

The reporting home I didn't like, but when I heard about the way 8 works like a tablet/smartphone, that was the final thing that made me figured I didn't want it. I was getting close to the time for a new computer, so I went ahead and ordered one with 7 on it before they switched over. Whether that was the right thing to do or not I don't know. But I figured I'd rather stay with 7 for awhile then get a new 8 computer and not be happy with it.
 

Summer-Time-Fun

Well-Known Member
Apr 1, 2007
529
271
I agree Gir633. I guess I should wait to see what happens. But as far as the UEFI chip thing, I know there are good things about it, but the fact that it's like a mini computer system leaves open too many possibility's for proprietary implementations. That could be good and bad depending on how it is used. The negative aspect is that it can complicate things, like if you wanted to install a multiple operating systems. Will there be generic standards for example that all software developers can work with. At this point we should keep hardware manufactures in the spotlight. My feeling on this is that there are two considerations that should always be maintained:

Backward Compatibility: for software applications - Windows 7 failed even with their directory junctions in place. If an OS can't run older software or games, it's worthless in my opinion. Many might disagree with me, but I'm sticking to that.

Open ended Architecture: If that's the correct terminology?
By that I mean, what differentiated PC's from Mac's is the fact that you could customize, upgrade, or install any OS you wanted. It's ridiculous to buy a computer that can only run Windows, and then have to buy another one just for your Linux installs. I'm going to assume at this point that manufactures will approach this with an open mind to the needs and views of end users. But if they don't, May all hell come down on them. May the rocks fall on their own feet.
 

Yuri99

New Member
Oct 20, 2012
1
0
Every system since MS DOS has been labeled poor for gaming. Multi-tasking OS isn't good for games. Windows 8 will probably be good for triple A games. From what I heard it's a new shell over an optimized Windows 7. No gamer cares if Mineweeper and Solitaire are harder to find with a different app launcher. In the end the video card drivers are crucial for stability and performance. If unix systems drivers don't keep up, I don't see a switch coming. Also OpenGL is hardly a replacement for DirectX at the moment.

The calling home about program you are trying to install isn't worse than any call your box makes to Verisign on Windows 7. It's a sad consequence of your grand-ma using pc to read emails. The breach of privacy isn't much more intrusive than current schemes with third party signing authority.

The UEFI is also a necessary move forward. As long as it remains easy to disable or circumvent SecureBoot, it's a useful security feature.
 

japseye

Member
Oct 28, 2009
395
19
This all sounds like a load of hyped up scaremongering tactics crap from Linux lovers to me.

I don't agree with data being sent without permission but the reality is we're all sending out what many would classify as sensitive data (most of us not knowing it) to god knows who almost every time we use devices connected to the internet, no matter which operating system we use.
 

Kumi3

Flaccid Member
Feb 8, 2011
64
2
It's as bad as when I went outside this morning - "Where's my fucking car?!"
"It's gone into Ford - Firmware upgrade."
"But I don't want an upgrade. I just need to get my shopping done."
"Oh, you won't be able to do that."
"Why not?"
"You shop at Coles."
"So?"
"They don't have a valid 3rd-party certificate - you won't even get in the car park."
"But it's my car. I pay for the fuel! Don't I get any say in how my car is used?"
"No, you're just a consumer. Once you've paid for the goods, all focus now turns to how we can convince you to buy the next product."
...
:puzzled:
 

endless_blue_water

Active Member
Jan 19, 2011
107
196
"No, you're just a consumer. Once you've paid for the goods, all focus now turns to how we can convince you to buy the next product."...
:puzzled:
Nothing to be puzzled about, Then don't buy the next car, buy parts from a 3d-party parts shop (there are a millions) and keep the car you already own.
I'm sure when enough people do that for a few years, manufactures will get the message real quick as to what The People want, and they'll open their ears. but no one will. (This applies to software too)

Every system since MS DOS has been labeled poor for gaming. Multi-tasking OS isn't good for games. Windows 8 will probably be good for triple A games. From what I heard it's a new shell over an optimized Windows 7. No gamer cares if Mineweeper and Solitaire are harder to find with a different app launcher.

Comparing the attitudes of gamers who loved games like Unreal-v1 to something like Solitaire or mineweeper, is almost like an insult to the developers at Epic who set the stage for realistic 3d gaming. The now dated Unreal-v1 was and still is a masterpiece in more minds then you and I can count.
And it doesn't run on 7 because MS in all their wisdom removed an essential driver. Microsoft is the blame here, not you Yuri99. So please don't take my comments the wrong way.

This all sounds like a load of hyped up scaremongering tactics crap from Linux lovers to me.

While I respect your opinion, Thankfully we "still" live in a world where we can exercise them.
 

CoolKevin

Nutcase on the loose
Staff member
Super Moderator
Mar 30, 2007
9,994
3,594
Nothing to be puzzled about, Then don't buy the next car, buy parts from a 3d-party parts shop (there are a millions) and keep the car you already own.
I'm sure when enough people do that for a few years, manufactures will get the message real quick as to what The People want, and they'll open their ears. but no one will. (This applies to software too)

you are over looking one thing here, everybody that buys a pc, will have windows 8 installed, and the most that know about it will not have it, but there are a huge amount of more people who do not know, and a lot more that will not believe not, and will put it down to others being paranoid, so they will sell it and make more profit, and for the next trick, they will add more spyware

:sadomaso:
 

xeffects

Active Member
Jun 5, 2009
532
150
I'm staying with Windows 7. I purchased Windows 8 installed it and got rid of it quick and went back to the 7. Windows 8 is still lying and from the time I used it about 1 month, I realized that this operating is only good for mobile devices with touch screens ... it is not good for gaming and Microsoft has transitioned to an all internet operating system ... did you know Windows 8 periodically checks itself and requires "silent activation" meaning if you don't have the internet, expect to be on the phone with Microsoft every few months to re-activate it again.

Windows 7 actually has this feature and I got so annoyed with it that I personally searched the net and cracked my own legit copy of Windows, sometimes I may not always have access to the internet or a telephone so I got tired of the drama.
 

Summer-Time-Fun

Well-Known Member
Apr 1, 2007
529
271
I think if the "word" gets out to enough people with regard to the natives, although it won't stop sales, it will slow it down.
I build systems on the side and you would be amazed at how many people complain and tell me they want XP back. They hate 7, where is I think 7 is workable. I can almost guarantee that this same mentality of people will be reluctant to upgrade to a new system unless absolutely necessary. I've spoke with three IT admins at different company's in the last two weeks that my company supply's and all of them have said, "there is no way we will be using windows 8" And I think most surveys are saying the same thing. I guess time will tell.
The situation with the windows is one thing, but what worries me more than anything is when manufactures start making hard drives with firmware that dictates what the end user can do. Like what's already happening is, we're starting to see more and more portable hard drives with their own encryption built into the firmware chips. That's great if you want to use their encryption, but these types of drives won't let you use your own. Thankfully the internal drives are still just basic drives. But who knows if they will block you from installing your own OS down the road. I'm old school I guess..haha.