dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
953

camper
just visiting this planet
Premium Member
join:2010-03-21
Bethel, CT

12 recommendations

camper

Premium Member

New Windows 7 'security-only' update installs telemetry/snooping

 

»www.computerworld.com/ar ··· ure.html


....As @PKCano explains:

Microsoft included the KB2952664 functionality (known as the “Compatibility Appraiser”) in the Security Quality Monthly Rollups for Windows 7 back in September 2018. The move was announced by Microsoft ahead of time.

With the July 2019-07 Security Only Quality Update KB4507456, Microsoft has slipped this functionality into a security-only patch without any warning, thus adding the “Compatibility Appraiser” and its scheduled tasks (telemetry) to the update. The package details for KB4507456 say it replaces KB2952664 (among other updates).

Come on Microsoft. This is not a security-only update. How do you justify this sneaky behavior? Where is the transparency now....


ZeroMAS
join:2018-12-05

4 recommendations

ZeroMAS

Member

I'm sure the answer will be: We Be Micasof N Shit We Do What We Wanna.

camper
just visiting this planet
Premium Member
join:2010-03-21
Bethel, CT

4 recommendations

camper

Premium Member

 

I'm thinking that Microsoft has a plan to reduce the gulf of "telemetry" collecting that exists between Windows 7 and Windows 10, and then argue ... why not move to Windows 10, the difference is so small now...

Of course, these type of dull-headed, hidden Windows update tricks are not making it any easier for me to decide to move to Windows 10.
ZeroMAS
join:2018-12-05

1 recommendation

ZeroMAS

Member

Yeah, they own the software we use and they have been far more anti-consumer since Windows XP, in my opinion. Soon enough every business in the world will run out of data to collect, but I know it will auto-update data lol
InternetJeff
I'm your huckleberry.
join:2001-09-25
.

3 recommendations

InternetJeff to camper

Member

to camper
Just another "update" to put on the blacklist.
tlbepson
Premium Member
join:2002-02-09
dc metro

9 recommendations

tlbepson

Premium Member


internet jeff:
>>Just another "update" to put on the blacklist.

No need to bother if one has already turned off Windows Update...'-}}


Frodo
join:2006-05-05

6 recommendations

Frodo to camper

Member

to camper
One thing I think can be summarily dismissed is the notion that Microsoft included this telemetry in the Security-Only update in order to understand various hardware configurations, because the statistics of sampling indicate that Microsoft already has the hardware configurations of all the hardware employing windows 7 under the sun.

A pollster can determine the voting outcome of an election with a sample of very few likely voters. Microsoft likely has more people that have telemetry turned on then off, so statistics says they have all the hardware information.

So, knowing what it isn't leaves us to guess what it is. I think it's reasonable to suspect that it is spying on the user, since Microsoft used deceit (Security only update that is more than just security) to deploy the telemetry.

And that leads to the underlying root cause - a government that is receptive to predatory capitalism, a capitalism that employs unfair and deceptive practices. I'm not saying that the telemetry is bad, but I am saying the lack of disclosure is. And I think the only thing that is going to stop it is throwing some people in jail. I'm not saying 20 years, but I am saying 9 months.

AB57
Premium Member
join:2006-04-04
equatorial

1 edit

2 recommendations

AB57 to camper

Premium Member

to camper
said by camper:

 

»www.computerworld.com/ar ··· ure.html


....As @PKCano explains:

Microsoft included the KB2952664 functionality (known as the “Compatibility Appraiser”) in the Security Quality Monthly Rollups for Windows 7 back in September 2018. The move was announced by Microsoft ahead of time.

With the July 2019-07 Security Only Quality Update KB4507456, Microsoft has slipped this functionality into a security-only patch without any warning, thus adding the “Compatibility Appraiser” and its scheduled tasks (telemetry) to the update. The package details for KB4507456 say it replaces KB2952664 (among other updates).

Well, seems they slipped it into the Malicious Software Removal Tool and/or the .NET rollup, too.

I read this thread. Didn't know about that previous KB in September, so I had it on my machine. I apparently successfully uninstalled it. Then went to Windows Update (which I have set to manually update), unchecked the security rollup (KB4507456), downloaded and installed the two remaining 'important' updates (.NET and MSRT), then restarted the computer as instructed.

Logged back into my admin. account, went to 'view installed updates', and viewed them. I viewed 'KB2952664, installed on 7/13/19'.

Well... Okay, so now I'll go back and uninstall that one, too.

*edit- Went back to uninstall KB2952664, seemed to uninstall successfully, restarted the computer, and it was still there, still installed 7/13/19. An uninstallable update?

But this post is just to say that that happened, and so now what? Every month from now on we have to play games in order to simply update the machine in the manner in which we see fit? Or did I miss something here in my process, do something wrong?

Cartel
Intel inside Your sensitive data outside
Premium Member
join:2006-09-13
Chilliwack, BC

Cartel to camper

Premium Member

to camper
Click for full size
M$ can get bent.
This kinda stuff just makes me glad I stopped in 2016 and never installed anything with the snooping telemetry.
I wouldn't attempt that with an Intel CPU though.

camper
just visiting this planet
Premium Member
join:2010-03-21
Bethel, CT

camper

Premium Member

said by Cartel:

M$ can get bent.

 

The part of this I have trouble understanding is that it really portrays Microsoft in a bad light, adding more reasons not to downgrade to Windows 10 from Windows 7.

If Microsoft is doing this to customers that Microsoft is trying to keep in their fold, what will Microsoft then do to those customers who move to Windows 10 and have no recourse?


OldNavyGuy
join:2018-07-24
Newberg, OR

OldNavyGuy to camper

Member

to camper
Seems to be overblown.

The Compatibility Appraiser has been a part of Windows 7 since 2015.

»www.zdnet.com/article/mi ··· -update/

camper
just visiting this planet
Premium Member
join:2010-03-21
Bethel, CT

camper

Premium Member

 

Yes, it was part of the infamous KB2952664 that many admins have tried to avoid. Back in 2015 there was the option to not have it installed.

Not sure about overblown. The original article said it was included without being explicitly mentioned, and a lot of the concerns I saw centered on Microsoft hiding that it was included with no option not to install it.

Bott's 'Microsoft's reaction seems to be, "Well ... tough."' says a lot of how he thinks Microsoft feels about its users....

tlbepson
Premium Member
join:2002-02-09
dc metro

2 edits

tlbepson to Cartel

Premium Member

to Cartel
cartel:
>>I wouldn't attempt that with an Intel CPU though.

Why?


My current desktop system is Intel (1st Intel system as all my previous custom built systems (always have had my systems custom built) have been AMD). Win7/Pro/64bit...

I turned off Windows Updates (along with setting Windows Updates Service to "disabled") in late 2015/early 2016 and not had any issues--particularly those caused by Microsoft's "updates"...'-}}--and, I have never installed "KB2952664" (in any of its guises) on my system and certainly none of Microsoft's "rollup" crap...


Frodo
join:2006-05-05

Frodo

Member

said by tlbepson:

I turned off Windows Updates (along with setting Windows Updates Service to "disabled") in late 2015/early 2016 and not had any issues

I'll turn off the telemetry. I've always thought that if I don't keep windows patched, especially from a security perspective, I haven't upheld my end insofar as my dealings with financial institutions are concerned.

Well, looking at my email today, from Schwab, I see this:
quote:
That's why we offer you this simple guarantee: Schwab will cover 100% of any losses in any of your Schwab accounts due to unauthorized activity. ....
Ensure your computer systems, online browsers, and mobile devices are updated with the most recent data security and intrusion software protections.

And that actually goes without saying. I've always thought if I'm running an unpatched system, it gives these kinds of entities that make these kinds of guarantees an out. Well, not from me.

camper
just visiting this planet
Premium Member
join:2010-03-21
Bethel, CT

camper

Premium Member

said by Frodo:

Well, looking at my email today, from Schwab

 

I got that email.

I read it as the Schwab lawyers looking for an out.

"...the most recent data security and intrusion software protections...." how is that even specified?

It is so ambiguous. What if you have software on your PC that is no longer supported. Is that updated to the level that Schwab wants? I have updated that software to the latest security updates for it.

I looked at that email as Schwab throwing their lawyers at a problem, and then the Schwab marketing team putting it all in nice words.

tlbepson
Premium Member
join:2002-02-09
dc metro

tlbepson to Frodo

Premium Member

to Frodo
frodo:
>> I've always thought that if I don't keep windows patched, especially from a security perspective, I haven't upheld my end insofar as my dealings with financial institutions are concerned.

Use the approach that works for you...'-}}


What I was curious about was Cartel's statement about Intel systems since I have an Intel system and have not had issues with turning off Windows Upates...



OldNavyGuy
join:2018-07-24
Newberg, OR

OldNavyGuy to Frodo

Member

to Frodo
said by Frodo:

Schwab will cover 100% of any losses in any of your Schwab accounts due to unauthorized activity

The Schwab Security Guarantee spells it out...

»www.schwab.com/public/sc ··· tee.html

The third paragraph "Safeguard your account access information" has a footnote that states...

"Account access information" includes your login ID, password, or any other information used by Schwab to authenticate you; as well as payment devices such as credit cards, debit cards and checks. We may hold you responsible if we determine that you shared this information, or unauthorized activity was caused by your fraudulent conduct or gross negligence.

camper
just visiting this planet
Premium Member
join:2010-03-21
Bethel, CT

camper

Premium Member

said by OldNavyGuy:

... We may hold you responsible if we determine that you shared this information, or unauthorized activity was caused by your fraudulent conduct or gross negligence. ...

 

Given all of the QA problems with Microsoft of late, I could read Schwab's statement as saying "do not use Microsoft Windows because of the documented QA issues."


OldNavyGuy
join:2018-07-24
Newberg, OR

OldNavyGuy

Member

It could be any unpatched system (including a smartphone) that directly contributed to a hack that stole credentials.

The "100% guarantee" probably applies to events like breaches of their servers, or a customer debit/credit card that was hacked with a skimmer.

camper
just visiting this planet
Premium Member
join:2010-03-21
Bethel, CT

camper

Premium Member

said by OldNavyGuy:

It could be any unpatched system

 

Yup. It could be any unpatched system.

Or "gross negligence" could be interpreted as running a system, such as Windows 10, that has recurring QA issues.

If you knowingly run an OS that has known QA and quality issues, such as those documented nearly weekly with Windows, are you really maintaining the security of your system?

Is Microsoft going to pay for your legal costs to argue that position?

Or will you have to sustain those costs to justify Microsoft's QA issues?

OldNavyGuy
join:2018-07-24
Newberg, OR

OldNavyGuy

Member

said by camper:

Or "gross negligence" could be interpreted as running a system, such as Windows 10, that has recurring QA issues

All operating systems have issues.

Windows 10 would now include a large population of users, many of whom don't have the kinds of issues you see reported on user forums like DSLR.

I think you would have to argue successfully why not patching is "safe", when many people who do patch don't have issues.

Making a conscious choice to not patch a system with security vulnerabilities is a risk.

One that, in the Schwab case, could be huge.
Frodo
join:2006-05-05

Frodo to OldNavyGuy

Member

to OldNavyGuy
I don't trust my phone to my financial services. Only system I'm using is Win 8.1. My duties is to safeguard ID and password and report fraud if detected.

I have never had a problem. And on Win 8, one patch didn't install, and MS fixed it a week or so later. Other than that, no user problems.

I think my legal situation to enforce the guarantee is enhanced with keeping the system patched, especially with the never ending need to patch the kernel that enables privilege escalation to SYSTEM. And that consideration is, and has been a factor in my decision to keep the system patched.

Turning off some tasks and services takes care of the telemetry.

I also impliment method 4

camper
just visiting this planet
Premium Member
join:2010-03-21
Bethel, CT

camper to OldNavyGuy

Premium Member

to OldNavyGuy
said by OldNavyGuy:

All operating systems have issues.

 

Yup.

However, Microsoft, with the dominant desktop OS on this planet, seems to have more than its share of QA issues. i suspect that is why Schwab worded their email the way they did.

Indeed, when Microsoft laid of its QA team... well. all I can ask is... what in the world were they thinking?

 

... think you would have to argue successfully why not patching is "safe",...

Nah, I'd have to argue why using Windows is "safe." I suspect I'd lose, due to the public knowledge of Microsoft's abysmal quality record of late with regards to Windows.

Keep in mind Schwab has very good lawyers, much better than those I could afford.

sivran
Vive Vivaldi
Premium Member
join:2003-09-15
Irving, TX

3 recommendations

sivran to tlbepson

Premium Member

to tlbepson
Probably referring to updates for Spectre/Meltdown and similar CPU attacks, which Intel has so far suffered more severely from.

I also run an Intel CPU--ironically, my desktop is my first-ever Intel build--but I haven't applied the related patches. I decided that the risk of actually encountering a working exploit of this nature was low, particularly since browsers reduced the resolution on javascript timers in order to make it very difficult if not impossible to achieve remotely.
tlbepson
Premium Member
join:2002-02-09
dc metro

tlbepson

Premium Member


sivran:
>>Probably referring to updates for Spectre/Meltdown and similar CPU attacks, which Intel has so far suffered more severely from.

Ahhh!!! Ok...


>>I also run an Intel CPU--ironically, my desktop is my first-ever Intel build--but I haven't applied the related patches.

Twins! separated at birth...'-}}

I made the same decision with respect to risk...