Author Topic: Is Windows 10 a trojan? (Read 38251 times)

xtabber · « **on:** August 15, 2015, 12:21 PM »

I’ve been highly critical of the many ways Windows 10 compromises users’ privacy, but this article by Steven Auerbach in Slate is an eye opener as to just how awful the situation really is.

It is bad enough that Microsoft sees fit to capture every bit of data about you that it can. It is something else for them to turn your computer into a node in a peer-to-peer system for distributing Microsoft products. But that is exactly what they are doing with Windows Update Delivery Optimization (WUDO), if you do not find and turn off the obscure option to get updates from and send updates to other PCs.

At the very least, this is theft of bandwidth. But it also appears that by default, Windows 10 effectively turns users' computers into nodes in a Microsoft botnet.

Curt · « **Reply #1 on:** August 15, 2015, 05:01 PM »

^thanks!

How do I turn Delivery Optimization off?

Here’s how:

1 Go to Start Start button icon, then Settings > Update & security > Windows Update , and then select Advanced options.

2 On the Advanced options page, select Choose how updates are delivered, and then use the toggle to turn Delivery Optimization off. When turned off, you'll still get updates and apps from Windows Update and from the Windows Store.

If you’d just like to stop downloading updates and apps from PCs on the Internet, select PCs on my local network.

40hz · « **Reply #2 on:** August 15, 2015, 05:25 PM »

Two words: Linux Mint. (Sorry. I couldn't resist.)

wraith808 · « **Reply #3 on:** August 15, 2015, 05:48 PM »

That topic title is a bit ... hyperbolic.

19 - fk2fQOx.jpg

Stoic Joker · « **Reply #4 on:** August 15, 2015, 10:23 PM »

Most of the people freaking out about Delivery Optimization have apparently never had to deal with hundreds of devices trying to download updates at the same time on a corporate network. Especially when you compound that by/with the increasing popularity of - zero control possible - BYOD.

Ironically, these same people also think torrents are the cats meow..

Personally I think it's a brilliant idea, because it allows updates to be downloaded from the fastest source possible...instead of forcing everyone to try ripping it fresh through the same tiny hole.

mwb1100 · « **Reply #5 on:** August 16, 2015, 12:30 AM »

That may be true, but Delivery Optimization probably should be opt-in (like torrents are). For a corporate network, some sort of group policy should allow it to be easily configured.

Actually, most of the things Auerbach discussed should have been opt-in.

I haven't paid much attention to the Windows 10 release - is there anything compelling in Win 10 that might make me want to move off of Win7?

wraith808 · « **Reply #6 on:** August 16, 2015, 12:44 AM »

That may be true, but Delivery Optimization probably should be opt-in (like torrents are). For a corporate network, some sort of group policy should allow it to be easily configured.

Actually, most of the things Auerbach discussed should have been opt-in.

I haven't paid much attention to the Windows 10 release - is there anything compelling in Win 10 that might make me want to move off of Win7?
-mwb1100 (August 16, 2015, 12:30 AM)

World of Warcraft is... using Bittorrent. And it's not opt in. Facebook and Twitter use bittorrent... and it's not opt-in. There are a whole lot of other uses for bittorrent and p2p that are not opt-in that are in use all over. And they're so not opt in, that there is no indication that it is being utilized.

Ironically, these same people also think torrents are the cats meow..

Personally I think it's a brilliant idea, because it allows updates to be downloaded from the fastest source possible...instead of forcing everyone to try ripping it fresh through the same tiny hole.
-Stoic Joker (August 15, 2015, 10:23 PM)

Exactly. Is it the use? Or is it who is using it? It seems to be who is using it that is the largest objection.

Stoic Joker · « **Reply #7 on:** August 16, 2015, 08:00 AM »

That may be true, but Delivery Optimization probably should be opt-in (like torrents are). For a corporate network, some sort of group policy should allow it to be easily configured.
-mwb1100 (August 16, 2015, 12:30 AM)

BITS wasn't opt-in, and it was an earlier attempt at (trickling the transfer) the same objective. DO is simply a more advanced attempt at the target objective of getting updates to people without tying up the available bandwidth on the lower speed internet connection. With torrents you control what you download...however you have zero control of where it comes from..

...As each piece of the sum total transfer is acquired in a least effort opportunistic fashion -(e.g. fastest option wins)- from all sources found to be available.

Are their real privacy concerns with Windows 10, Hell Yes. But DO isn't one of them, it's just getting guilted by association because it's new.

x16wda · « **Reply #8 on:** August 16, 2015, 08:17 AM »

it's just getting guilted by association because it's new.
-Stoic Joker (August 16, 2015, 08:00 AM)

New name, anyway. This is Branchcache which has been around since 2009. Anyone who has had to deal with plants shutting down because their piddly T1 circuits have been preempted by Windows updates appreciates the concept.

Innuendo · « **Reply #9 on:** August 16, 2015, 10:36 AM »

I agree with Stoic Joker that Delivery Optimization is an awesome tool to have available & while on the surface it seems weird that these same people don't have issue with torrents, but do with Delivery Optimization, the key difference is consent. When a person runs torrenting software they are making a conscious decision to do so. Delivery Optimization, on the other hand, is on and running with no notice given to the user.

I think if MS would have just put a radio checkbox in the installer that said "Turn this on if you'd like to speed up your Windows updates by downloading from alternate sources and PCs connected to the internet. Otherwise Windows will only download updates from Microsoft which will result in potentially slower updates." then everyone would be fine with it. This doesn't strike me as being a technology or capability issue. It's an issue of transparency.

app103 · « **Reply #10 on:** August 16, 2015, 11:23 AM »

Those of you that have a lot of computers that will require updating and don't want to end up capped or throttled by your ISP while updating them all, should be thrilled that there is a way to configure Windows to get the updates from computers on your local network that have already received the updates, thereby saving you all that bandwidth.

How can this be theft of bandwidth when you have this great new option that you never had before, that can actually save you bandwidth?

Or would you like to go back to the old way and get throttled by your ISP for excessive bandwidth usage, for updating all those PCs?

JavaJones · « **Reply #11 on:** August 16, 2015, 03:22 PM »

I'd love an option to specify between "share downloaded update data between computers on my local network" and "share downloaded update data with the entire goddamn Internet". But I agree the option could/should have been in the installer, maybe even a time-based auto-selection (i.e. it defaults to "yes", but pops up on screen as a question for 30 seconds to a minute while other stuff is being done in the background, and if no answer is given it becomes yes, but you *can* choose no if you care to). With a time-based option they could avoid the problem of added complexity in choice in the installer to some degree.

Btw in this thread I'm really wishing for a "like" option for posts.

- Oshyan

wraith808 · « **Reply #12 on:** August 16, 2015, 06:39 PM »

I'd love an option to specify between "share downloaded update data between computers on my local network" and "share downloaded update data with the entire goddamn Internet". But I agree the option could/should have been in the installer, maybe even a time-based auto-selection (i.e. it defaults to "yes", but pops up on screen as a question for 30 seconds to a minute while other stuff is being done in the background, and if no answer is given it becomes yes, but you *can* choose no if you care to). With a time-based option they could avoid the problem of added complexity in choice in the installer to some degree.

Btw in this thread I'm really wishing for a "like" option for posts.

- Oshyan
-JavaJones (August 16, 2015, 03:22 PM)

That option does exist.

4wd · « **Reply #13 on:** August 16, 2015, 08:37 PM »

How can this be theft of bandwidth when you have this great new option that you never had before, that can actually save you bandwidth?
-app103 (August 16, 2015, 11:23 AM)

The majority of people would not even know that the option exists and since it defaults to sending/receiving across the internet it's no different from your neighbour using your internet bandwidth and not telling you about it - that's classed as theft.

It would be different if they had come right out at the start, stuck an option on the screen during installation, explained what it does and said you could apply it to PCs just on your LAN, or if they had made it default to just your LAN.

But they didn't.

As Innuendo said, this is an issue of transparency.

JavaJones · « **Reply #14 on:** August 16, 2015, 09:54 PM »

Oh, well there you go! I'm not yet on Win 10, so I'm not certain of the possibilities yet.

So yeah, for me that option being there is enough. Though again I think this should be one of the few option prompts during install (and defaulting to yes is OK IMO *if* people don't respond). Better yet, as 4wd said, default to "PCs on my LAN", although I get the benefit for MS in doing it across the Internet and how the feature is a lot less useful for them with LAN-only. I *do* feel it's reasonable to balance the needs of the company and the users, to some degree. The current approach is certainly imbalanced though.

- Oshyan

xtabber · « **Reply #15 on:** August 17, 2015, 06:35 AM »

A P2P protocol like BitTorrent saves bandwidth on servers distributing to many clients. It does not save anything on clients. Think about it: each client is still receiving the same amount of data - more, actually, because of the additional overhead involved in P2P.

So WUDO helps Microsoft save bandwidth, but it has little or no benefit for users if they leave the "PCs on the Internet" option checked. If WUDO limited to PCs on an internal network works as it should (you'd have to trust Microsoft on that one), it could be helpful, but remember that it bypasses any internal controls or checks.

P2P is inherently not very secure, even if the proprietary BitTorrent protocol has no known vulnerabilities . I don't know of any security conscious organization that allows BitTorrent or similar P2P systems to distribute internally anything that comes from outside sources directly.

The proper way to redistribute software internally - and the way any responsible administrator does it - is to download a redistributable to one system, check it, and then redistribute it. Microsoft provides this capability for nearly everything you can get from their site. Just look for the IT and tech support versions.

Stoic Joker · « **Reply #16 on:** August 17, 2015, 06:59 AM »

It helps the clients by letting them quickly share the segments amongst themselves on the faster LAN, instead of forcing everyone to DL a fresh copy through the small - and frequently heavily filtered - corporate pipe.

The proper way to redistribute software internally - and the way any responsible administrator does it - is to download a redistributable to one system, check it, and then redistribute it. Microsoft provides this capability for nearly everything you can get from their site. Just look for the IT and tech support versions.
-xtabber (August 17, 2015, 06:35 AM)

That was then ... BYOD is now. Hay, I'm not a fan in the slightest, I'm just rolling with the trendy new nightmare that's been dropped in the laps of SysAdmins everywhere..

wraith808 · « **Reply #17 on:** August 17, 2015, 09:58 AM »

The proper way to redistribute software internally - and the way any responsible administrator does it - is to download a redistributable to one system, check it, and then redistribute it. Microsoft provides this capability for nearly everything you can get from their site. Just look for the IT and tech support versions.
-xtabber (August 17, 2015, 06:35 AM)

There are enough PCs in my home, that its like a medium sized business. But I'm not looking for IT overhead, even though I know how to do do such things, it's a headache. So the more its built into existing infrastructure, the better it is for me.

Deozaan · « **Reply #18 on:** August 25, 2015, 12:32 AM »

IMO the default should be "share with my network" and opt-in to "share with the entire internet."

Hdxpx · « **Reply #19 on:** September 16, 2015, 02:21 AM »

As late as I am...
Microsoft aren`t stupid. Most people have no reason to actively turn the sharing on. And so - almost no-one will. A feature they spent money and time making will go to the trash.
Some others (the less... adventurous) don`t even go to windows settings and need such options to be turned on by default *cough* grandma *cough*. A wizard at first startup might be an alternate solution but that would likely just confuse those people.

Also, watch this (I originally found this video here on DC a while back. Courtesy of Mouser, I believe): http://www.ted.com/t...ecisions?language=en

The moment Microsoft set this option as the default, they assured it will be 90%~ active. People are like that.

x16wda · « **Reply #20 on:** September 16, 2015, 06:05 AM »

Most people have no reason to actively turn the sharing on. And so - almost no-one will.
-Hdxpx (September 16, 2015, 02:21 AM)

This.

And... how many PCs on the Internet will just allow other PCs on the Internet to connect up and download patch parts? Wouldn't most Win 10 boxes be forewalled, at least on the box itself? I don't have a problem getting a piece of something - that is checksummed and verified - from some pc out there that happens to have a copy, but I need to look at the mechanics of how you determine where. Maybe this is why MS sets up your wifi to connect to everything it possibly can automatically, so you can join their content distribution network!

f0dder · « **Reply #21 on:** September 16, 2015, 01:15 PM »

So WUDO helps Microsoft save bandwidth, but it has little or no benefit for users if they leave the "PCs on the Internet" option checked. If WUDO limited to PCs on an internal network works as it should (you'd have to trust Microsoft on that one), it could be helpful, but remember that it bypasses any internal controls or checks.
-xtabber (August 17, 2015, 06:35 AM)

It can be an advantage if you're in a region that has slow routes to the Microsoft content servers. And there might be ISPs that remove throttling on traffic between it's own customers, even though they're not technically on a LAN...

Deozaan · « **Reply #22 on:** September 17, 2015, 04:27 PM »

I don't have a problem getting a piece of something - that is checksummed and verified - from some pc out there that happens to have a copy, but I need to look at the mechanics of how you determine where. Maybe this is why MS sets up your wifi to connect to everything it possibly can automatically, so you can join their content distribution network!
-x16wda (September 16, 2015, 06:05 AM)

The problem with this is that many ISPs implement data caps. I don't want my PC uploading GBs of data to strangers and using up my data cap. Then being forced by my ISP to pay fines, "upgrade" to a higher package, or lose internet service altogether "due to abuse" of their services.

Renegade · « **Reply #23 on:** September 17, 2015, 10:10 PM »

The problem with this is that many ISPs implement data caps. I don't want my PC uploading GBs of data to strangers and using up my data cap. Then being forced by my ISP to pay fines, "upgrade" to a higher package, or lose internet service altogether "due to abuse" of their services.
-Deozaan (September 17, 2015, 04:27 PM)

I don't do "caps" (but throttling is ok). When we moved to Canada, the ISPs are mostly horrible, but I found a less horrible one and got an unlimited plan. The overage fees here are utterly insane and completely unaffordable.

I think back to where I used to live, and they have gigabit Internet for pennies... sigh...

Deozaan · « **Reply #24 on:** September 18, 2015, 04:43 PM »

The problem with this is that many ISPs implement data caps. I don't want my PC uploading GBs of data to strangers and using up my data cap. Then being forced by my ISP to pay fines, "upgrade" to a higher package, or lose internet service altogether "due to abuse" of their services.
-Deozaan (September 17, 2015, 04:27 PM)

I don't do "caps" (but throttling is ok). When we moved to Canada, the ISPs are mostly horrible, but I found a less horrible one and got an unlimited plan. The overage fees here are utterly insane and completely unaffordable.
-Renegade (September 17, 2015, 10:10 PM)

It's not always possible to get a plan without a data cap.

And even when it's an option, it's not always an affordable option.

Honestly, I could do with a much lower "top speed" if it came with a much larger (or unlimited) data cap.