Look - I'm not really a Windows fan (almost exclusively on linux these days) but they ARE providing advertised features.
Like - honestly - the machine is a fresh install of Windows, what exactly is the data you think is being exfiltrated? In most cases... there's just nothing there.
At best, someone now knows that ip x.x.x.x is running windows version y.y.y.y, and possibly that the user account is z. And honestly - all of those pieces of information are actually reasonable to send when providing advertised features (such as weather data in widgets, or local news).
There's literally just nothing else on the device to grab yet... There's no browsing data, there's no app usage data, there's no documents generated.
It's a blank fucking OS outside of the MS account you signed on with.
So again - without talking about the actual data in the requests (and not just a dns record...) this isn't really a helpful conversation to have.
> the machine is a fresh install of Windows, what exactly is the data you think is being exfiltrated? In most cases... there's just nothing there.
Then there shouldn't be any requests.
> At best, someone now knows that ip x.x.x.x is running windows version y.y.y.y, and possibly that the user account is z.
Is this something you have inside information about? How many requests does this take? Your sentence seems far longer than the single serialized string that would have to be sent.
edit: and to be more direct, how is it all right for you to speculate about things you don't know but not all right for the OP? Is it only legitimate to make up excuses for suspicious behavior, and illegitimate to be suspicious of it?
> So again - without talking about the actual data in the requests (and not just a dns record...) this isn't really a helpful conversation to have.
I'm not fucking speculating. I'm saying DNS records are a trash excuse for actually looking at the data. If they want to make spurious claims - the burden of proof lies firmly with them.
In the mean time:
> Then there shouldn't be any requests.
I literally just told you why they're making these requests... they're fetching data to display on widgets related to local news and weather, and they're tracking their install numbers.
You can bitch and moan about that - but they're very clear that they're doing it at install time, and most times you can opt out.
> There's literally just nothing else on the device to grab yet... There's no browsing data, there's no app usage data, there's no documents generated.
Well, there's your internal and external IP addresses, your MAC addresses, your Processor ID, your Mainboard serial #s, Hard Drive serial #s, along with your OS ID (I don't know if the Edge browser has a unique ID per install), all of which can be used to identify you/your machine uniquely. This data is now going to all these "Data Research" companies.
I wonder why they need to collect this information.
Also potentially the IDs of any Bluetooth and wireless devices nearby, MAC addresses and information about other equipment on the network. It’s a lot of data and it’s useful and valuable otherwise they wouldn’t go to the effort of collecting it.
This video and article may be about a fresh OS but this activity doesn’t stop once you start using the device either.
Over the years this has fully turned me off Microsoft products.
> Also potentially the IDs of any Bluetooth and wireless devices nearby, MAC addresses and information about other equipment on the network.
Might as well suspect every single Linux device you have sending an ARP request then, who knows where it's going? Maybe they're exfiltrating it to Canonical.
Why is it that every Microsoft thread on HN with a hint of the word "Windows" generates the most overblown theories and accusations? I'm honestly expecting someone to soon say "what if Windows 11 takes a picture with your webcam and sends it back to Redmond?".
> Might as well suspect every single Linux device you have sending an ARP request then, who knows where it's going? Maybe they're exfiltrating it to Canonical.
That's a good question. So I looked into Ubuntu, since you mentioned Canonical. As it turns out, Ubuntu the OS (22.04 LTS) does NOT send ANY data to 3rd parties of its own volition, at all. And it doesn't even send data to Canonical, of its own volition. [1][2]
Maybe I should switch to Ubuntu. You should think about it too.
> Why is it that every Microsoft thread on HN with a hint of the word "Windows" generates the most overblown theories and accusations? I'm honestly expecting someone to soon say "what if Windows 11 takes a picture with your webcam and sends it back to Redmond?".
Given what happened with Roomba, and Amazon & Google smart devices, this would not surprise me in the least.
Ah, so you looked at their privacy statement. But you can do that for Microsoft too, so why suspect that they're gathering your local devices if they say they don't? If you don't believe that, you better check all processes sending ARPs on Linux as well.
Sure - maybe. Except the article above doesn't have any compelling proof of that at all.
This entire conversation is "How dare they make requests to 3rd parties" with fuck all else as evidence of what's getting sent.
Show me where they're doing things like sending my HDD serial, or my bluetooth devices, or nearby wifi devices, and sure - we can have a good conversation about whether that's intrusive. Until then.... this is literally a useless conversation. You're making claims without any evidence (a DNS query is piss poor fucking evidence for any data collection...)
---
Also - if they want to fingerprint the device, they really don't need any of the information at all. Most folks happily leave the default settings which just generates an ID at OS install to be used for personalized content (and again - they've told you they're doing this... it's not a surprise).
That's exactly right. It's a "Personal Computer". There is no reason (that is in the best interest of the PC's "Owner") for it to connect to "Data Research" 3rd parties with a fresh install of Windows.
Because I can think of a fuck load of valid reasons my computer is making requests to these companies, and I'm not trying very hard.
Tracking is genuinely useful when providing services - gauging interest and user preference is HARDLY new to tech. Do you think your grocery store isn't tracking what their best selling items are and making decisions about shelf space? Why do you expect your digital store to not do the same?
In this case - they're also providing weather and news data. That data needs to be local to me for it to matter (I don't need the weather from 3 states away...). That data is often coming from applications that 3rd parties create (widgets) and they can and do opt into using 3rd parties other than microsoft for tracking.
Finally...
If you don't like it... fucking switch. I use Arch as my daily driver basically everywhere except work (where I'm stuck on macOS, and boy if you think Windows is bad... I've got news for you about Apple... they track the time and location of every damn app I open on their crapboxes - for your own security of course /s)
Or... just turn it off. Which most orgs already do with easily controlled GPO settings, and you can do with a couple of clicks at install time when you really should read the damn fine print that they're showing you.
---
If you want to talk about malicious tracking - I want to start with my fucking bank and credit card company. I don't give a fuck about MS.
Like others said, it's news widgets. In an iframe. With zero identifying data about you. It doesn't even use your location automatically without asking. The worst they have is geoip for weather & news region.
There's no hardware-available "processor ID" since ~2004. The serial on the box isn't stored anywhere.
> your Mainboard serial #s,
Which you already associated with your MS account. If you used a local account, it isn't queried.
> Hard Drive serial #s, along with your OS ID [...] This data is now going to all these "Data Research" companies.
How are you so sure? You see a single DNS query and assume that company gets everything on your hard drive? Why? Do you have any single concrete example of your hard drive's serial number being sent to Joe's Analytics Co. out of the blue?
Sure, MS is pushing data to all these tracking and marketing companies who are collecting and storing it all from literally billions of users, but that isn't a problem because obviously that data is clearly worthless and so it doesn't matter at all to anyone. Companies just love collecting, exchanging, and keeping massive amounts of useless information. Nothing to see here!
Like - honestly - the machine is a fresh install of Windows, what exactly is the data you think is being exfiltrated? In most cases... there's just nothing there.
At best, someone now knows that ip x.x.x.x is running windows version y.y.y.y, and possibly that the user account is z. And honestly - all of those pieces of information are actually reasonable to send when providing advertised features (such as weather data in widgets, or local news).
There's literally just nothing else on the device to grab yet... There's no browsing data, there's no app usage data, there's no documents generated.
It's a blank fucking OS outside of the MS account you signed on with.
So again - without talking about the actual data in the requests (and not just a dns record...) this isn't really a helpful conversation to have.