Stop the Windows Vista Features and Services Harvesting User Data for Microsoft

There is a constant flow of communication between Windows Vista and Microsoft. A collection of features and services across Microsoft's latest desktop operating system exchange data with locations on the Internet, including those belonging to the Redmond company.

Even though end user privacy is yet to have an internationally standardized model built to benefit the consumer, with Windows Vista, Microsoft has striven for a certain degree of transparency. The company did publish an extensive list of all the features associated with the data collection and use practices of Windows Vista, and additional Microsoft services involved in transmitting and serving the information collected from end users to Redmond. The full and printable version of the Windows Vista Privacy Statement, including the supplementary information related to specific items on the platform is available for download here.

However, Microsoft is as transparent as it is translucent, and the list only "focuses on features that communicate with the Internet and is not intended to be an exhaustive list. It does not apply to other online or offline Microsoft sites, products or services." One important aspect to keep in mind is that end users do have a choice in the matter; although Microsoft's perspective is somewhat of a shift from such a scenario, while still having the end users' best interests at heart, of course. "To make Windows Vista work better with the Internet, some features that do not collect personal information are turned on by default. You can choose to disable these features," reads a fragment posted under Your Choices in the Windows Vista Privacy Notice Highlights. Yes, your choices... rather ironic... because since you do have a choice in the matter, the company went ahead and enabled a plethora of features in the operating system designed to support the flow of data between your copy of the operating system and Microsoft.

A couple of months ago, you have been able to read about all the Vista features and services harvesting user data for Microsoft from your machine. Now I am going to take it one step further and revisit the subject. This is nothing more than to provide a response to the feedback asking for methods to stop Vista from harvesting data for the Redmond company. But while doing so, you also have to consider the fact that the data flow between your copy of Vista and Microsoft is indeed beneficial, and that the automatic input that your operating system is providing is used to evolve the company's products and ultimately improve your users experience. "We use the information collected to enable the features you are using or provide the services you request. We also use it to improve our products and services," the company promises in the Vista privacy statement.

Controlling Vista's Communications with Microsoft

Ultimately, it all comes down to control. And Windows Vista brings to the table the means to limit and even isolate the operating system from Microsoft. Of course that taking your Vista machine offline is the best way to cut the operating system off from the Redmond company, but that is no option at all. In fact, there are very few viable scenarios of computers not connected to the Internet, mainly in corporate environments. And it is at the corporate level that Microsoft is providing the necessary resources to control the communication between Vista and the Internet via the options built into features or into the platform, or through server configuration management features. Essentially, Microsoft focuses on Windows Vista Business and Windows Vista Enterprise editions. This because some of the limitations involve making use of Group Policies and tasks not meant for the end user, but for administrators. However, while Windows Vista Starter, Home Basic, Home Premium, and even Ultimate are not specifically addressed, the methods of controlling Vista communications with Microsoft also extend to them.

Windows Vista Activation

Windows Vista Activation is mandatory. And there a single, legitimate way to bypass it. While of course there are documented methods for circumventing the Vista activation mechanism, they are also illegal, and that is not the scope of this article. But skipping the activation process entirely is possible only if you acquire a computer with the operating system preinstalled. In such cases, Vista is intimately connected with the machine's basic input/output system (BIOS). Activation is a general Microsoft anti-piracy measure set in place to bound a product key with the computer hardware running a copy of Vista, and as such cannot be disabled. A Vista copy on a computer not behind a modem will access via port 80 and using HTTP during the activation process. Through a modem, Vista will connect to making use of port 443 and HTTPS.

Microsoft revealed the information that is being transmitted by Vista during activation:

• Request information, that is, protocol information necessary for successfully establishing communication with the activation server.
• The product key and supporting validation data.
• A group of hardware hashes (non-unique numbers generated from the computer's hardware configuration). The hardware hashes do not represent any personal information or anything about the software. They are based on the SHA-1 message-digest hash algorithm, and they consist of a combination of partial SHA-1 hash values of various computer components. The hardware hashes cannot be used to determine the make or model of the computer, nor can they be backward-calculated to determine the raw computer information.
• Along with the hashes, information about the algorithm used for the hashes is sent.
• An XrML license that uses public key encryption.
• The operating system being activated and the version number of the activation software.

With the exception of preinstalled OEM Vista, all other copies of the operating system, be them retail or volume license, have to be activated. For end users, the process is straight forward and completely automated. In corporate environments, the options are activation through Key Management Service (KMS) servers (reactivation required twice a year) or Multiple Activation Key (MAK) through Microsoft activation servers or using a MAK Proxy Activation (each MAK has assigned a limit of activations).

Device Manager and Hardware Wizards

The Device Manager and the hardware wizards in Windows Vista communicate to Microsoft, volunteering your system configuration and the adjacent devices integrated with the operating system. With Vista, Microsoft is offering device drivers through its Windows Update infrastructure. Device Manager is a system management tool providing an overview on the hardware installation and configuration across a system, but also on the interactions between the hardware and the software deployed, as well as a centralized location for handling settings, updates and troubleshooting. In contrast, hardware wizards streamline the process of installing a driver associated with a certain device. In this context, the Found New Hardware Wizard will search the Windows Update Web site, and download and install the necessary drivers if available, but only with the consent of the user. Of course that, if the Automatic Updating feature is installed, Vista will perform the tasks associated with device driver search, download and installation alone, taking the user out of the equation.

Device Manager is tied to the Update Driver Software Wizard, which in its turn is configured by default to search Windows Update. Plug and Play devices will launch the Found New Hardware Wizard. Windows Update device driver searching and prompts can be limited from the Control Panel. Just make your way via Start, Control Panel, System Maintenance, System, Advanced system settings, select the Hardware tab and then Windows Update Driver Settings. Here you can opt for one out of three options:

• Check for drivers automatically.
• Ask me each time I connect a new device before checking for drivers.
• Never check for drivers when I connect a device.

Of course that turning off the automated mechanism set in place in Windows Vista for device driver retrieval and installation could result in a depreciation of user experience and is not recommended, but make no mistake about it, Microsoft will get your hardware configuration in the process.

Dynamic Updates

Ever installed Windows Vista from Windows XP? Well if you did, you have undoubtedly noticed that the Setup for Windows Vista asks you for permission to check online for new Setup files, drivers and other files. Dynamic Update will automatically connect to Microsoft and use updated setup software, new drivers available and high-priority updates to features of the operating system, instead of the resources on the installation media. Dynamic Update sends to Microsoft the exact operating system version and information about network, video, audio, and mass storage hardware for the necessary drivers to be downloaded and deployed. In order to prevent Dynamic Updates from contacting Microsoft, just choose not to use the feature when prompted.

Event Viewer

Event Viewer is a system tool that keeps track of all the hardware and software issues and the security events on your machine, also permitting the users to manage and view event logs. The utility can be accessed by entering Event Viewer in the search box under the Start menu, and pressing Ctrl + Shift + Enter in order to launch it with elevated privileges. Event Viewer will only sent Microsoft information if the user clicks on the Event Log Online Help link that will access the site. "To access the relevant Help information provided by the link in the Event Properties dialog box, the user must send the information listed about the event. The data collected is limited to what is needed for retrieving more information about the event from the Event Log Online Help. User names, e-mail addresses, and names of files unrelated to the logged event are not collected," Microsoft informed.

The Redmond company will receive information related to the company name and software vendor, the date and time, the name and version of the product in the even log, and the ID, source and locale for the specific event. However, the user has to access the Event Log Online Help for Microsoft to receive the data.

File Association Web Service

The File Association Web Service in Windows Vista also whispers in Microsoft's ear. The service is designed to bridge the gap between files with specific name extensions and the default application or the operating system feature used to manage them. Windows Vista creates an automatic association between a file and a program, and stores it locally on the computer. If the operating system has to deal with a file that is not connected with a specific program to open it, Vista will send a query to a Microsoft website. "If you want to limit the flow of information from the file association Web service to the Internet, you can use your firewall to block access to any Web site that contains the following string:" Microsoft reveals.

Help and Support Features

Online Help, Help ratings and feedback and the Help Experience Improvement Program all constitute the support features that Windows Vista has to offer. All the examples enumerated above communicate with Microsoft when accessed by the end user. Windows Help and Support comes with the option to also search online for user queries, in addition to the data that is available on the local system. Via the Help ratings and feedback, users can choose to provide Microsoft with their input while the fully optional Help Experience Improvement Program will transmit to the company customer information related to Help search topics and navigation. Users can simply open Windows Help and Support by typing the words in the search box under the Start menu and from the menu in the upper right hand corner select Settings and then uncheck the "Include Windows Online Help and Support when you search for help" option. Additionally, also take care that the Join the Help Experience Improvement Program box is cleared.

Microsoft informed that in order to "help determine the correct Help topic to display, certain information is collected from the user’s computer and uploaded to a server at Microsoft that hosts the updated Help topics". Following is a list of the information collected:

• The search text string entered by the user (if the user is searching) or the unique identifier for the topic to be displayed (if the user has clicked on a topic link;
• The language/locale identifier, for example, en-us for English (United States)
• The version of the operating system installed, for example, Windows Vista Business
• A standard parameter that specifies that the topic should be downloaded in a compressed form (CAB file) if available, and uncompressed if not;

Plug and Play

According to Microsoft: "Plug and Play in Windows Vista provides the following functionality:

• Detects a Plug and Play device and determines its hardware resource requirements and device identification number (Plug and Play ID).
• Locates an appropriate device driver for newly installed devices.
• Allocates hardware resources.
• Dynamically loads, initializes, and unloads drivers.
• Notifies other drivers and applications when a new device is available.
• Handles stop and start processes for devices during hibernation, standby, and startup and shutdown operations (in conjunction with power management).
• Supports a wide range of device types."

In order to prevent the Plug and Play automatic wizard from accessing Microsoft with information related to the device you want to integrate with Windows Vista, make sure to enable the "Never check for drivers when I connect a device" option in Windows Update Driver Settings in Control Panel, under System Maintenance, Advanced system settings and Hardware.

Make sure to check back in next week for the second part of how to stop Windows Vista features and services from harvesting user data for Microsoft.


Related Posts by Categories

Widget by Hoctro

Enter your email address:

Delivered by FeedBurner


Source Code