July 31, 2015

Windows 10's New Feature Steals Your Internet Bandwidth

A couple of days ago I discussed a number of privacy and other concerns with Microsoft's new Windows 10, made available as a free upgrade for many existing MS users:

Windows 10: A Potential Privacy Mess, and Worse:

The situation has only been getting worse since then. For example, it's been noted that the Win10 setup sequence is rigged to try fool users into switching to an MS browser, irrespective of their browser settings before they started the upgrade:

Mozilla isnít happy with Microsoft for changing how users change the default web browser in Windows 10:

Pretty bad. But we have even lower to go, as we've seen that by default, Windows 10 actually steals bandwidth from your ISP connection so that Microsoft can use your computer, and your connection, to send MS updates to their other customers.

Huh? Say what?

Yep. It's a devious little feature called Windows Update Delivery Optimization. It's enabled by default. For Enterprise and Education users, it operates over the local LAN. For ordinary Home type users, Microsoft can send their data update goodies to potentially any PC on the global Internet -- from your PC, over your Internet connection. On your dime.

We could get into the pros and cons of local updates being staged between local machines on a LAN as opposed to the outside Internet.

But as soon as MS decided that it's A-OK for them to use my Internet connection to cut down on their bandwidth costs serving their other customers -- without asking me for my specific permission first -- the situation blows into the red zone immediately.

Microsoft makes the predictable excuses about this high-tech thievery.

There's a way you can turn it off. Yeah, buried down deep in the settings, assuming you even know about it in the first place. MS claims they only use your connection when it's "idle" by their definitions. Thanks a bunch.

Oh yes, and (how generous of them!) Microsoft notes that they won't steal bandwidth this way from "metered" connections.

But here's the catch -- in many common configurations you have to manually indicate that a connection shouldn't be used for MS' update delivery scheme, otherwise Microsoft would have no way to know if (for example) you're paying by the gigabyte or have a low bandwidth cap.

Above all, the sheer arrogance of Microsoft to enable this bandwidth theft by default is stunning.

I don't care if they want to move 1K or 1gig to their other happy users, I want to damn well be asked permission first!

Obviously, this general category of peer-to-peer data transfer is used on the Net in other contexts, such as torrents for example -- but that's something you do voluntarily, of your own volition. Comcast uses the bandwidth of many Comcast users to turn modems in people's homes into public Wi-Fi access points. This has been highly controversial, but at least Comcast is typically doing it over modems they supplied, and has claimed that they over-provision the connection speeds to take this into account -- and don't apply that public usage against home users' bandwidth caps.

But Microsoft didn't even bother with such rationalizations. They simply said in essence: "Hey, you've got bandwidth, so we're gonna use it however we please unless you tell us differently. Suckers!"

If you're running Windows 10, you may want to terminate this travesty.

The settings you need are buried down in:

START->Settings->Update & Security->Windows Update->Advanced options, under: Choose how updates are delivered.

It's worth noting at this point that if Google had tried a stupid stunt like this, there would likely already be EU commissioners running through the streets of Brussels hoisting pitchforks and flaming torches, all yelling for Google's blood.

For a while there, it was starting to look like there indeed was a new kind of Microsoft coming into view, one that had evolved beyond the hubris that had so long been Microsoft's single most defining characteristic.

As we can see, any such hopes are now ... Gone with the Win10.

I have consulted to Google, but I am not currently doing so.
All opinions expressed here are mine alone.

Posted by Lauren at 02:27 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein

July 29, 2015

Windows 10: A Potential Privacy Mess, and Worse

Blog Update (31 July 2015): Windows 10's New Feature Steals Your Internet Bandwidth

I had originally been considering accepting Microsoft's offer of a free upgrade from Windows 7 to Windows 10. After all, reports have suggested that it's a much more usable system than Windows 8/8.1 -- but of course in keeping with the "every other MS release of Windows is a dog" history, that's a pretty low bar.

However, it appears that MS has significantly botched their deployment of Windows 10. I suppose we shouldn't be surprised, even though hope springs eternal.

Since there are so many issues involved, and MS is very aggressively pushing this upgrade, I'm going to run through key points here quickly, and reference other sites' pages that can give you more information right now.

But here's my executive summary: You may want to think twice, or three times, or many more times, about whether or not you wish to accept the Windows 10 free upgrade on your existing Windows 7 or 8/8.1 system.

Microsoft is thrusting out this update via a little white Windows icon that you will probably see soon (if you haven't already) on your task bar. There are some users in some situations who will not receive this notification, but most of us will. This icon leads to MS' colorful spiel for why you want to install the free Win10 upgrade.

First things first. It's obvious from my email today that this icon and MS pitch alone are confusing many users. They've never seen anything like this appear before and many think it's a virus or that their system has been otherwise compromised.

In fact, this notification is triggered by a Windows Update that MS slipped into their update stream some time ago, which the vast majority of users probably accepted without realizing what it was.

If you decide you do not wish to upgrade to Win10 now, you may want to get rid of that notification. MS doesn't tell you how (surprise!) and the procedure can range from relatively simple to "a real mess" depending on your situation, but a good discussion of the procedures and provisos is at:


Many users -- especially on somewhat under-powered systems -- may find Win10 to be a painfully slow experience compared with Win7, irrespective of MS' claims.

Worse, some functionalities important to many users are missing. If you use Windows Media Center -- that's gone from Win10. DVD playback is currently problematic.

And here's a biggy. If you don't want Microsoft installing updates automatically -- if you're a user who has chosen to take control of this process up to now -- you probably will hate Win10.

Users with Home versions of Win10 will be required to accept automatic updates, including drivers.

In some environments, this is unacceptable from a support and security standpoint, and reports are already coming in regarding driver related issues.

It's fair to say that in the general case, automatic updates are usually a win from a security and reliability standpoint. But Windows is significantly unique. Because Windows runs on such an enormously wide range of hardware and configurations (compared for example to Chrome OS on Chromebooks) the ways for automatic updates to cause problems for Windows users are dramatically numerous as well. Definitely an important issue to consider.

You may have heard concerns about the sharing of Wi-Fi passwords by Win10. This is largely not a problem in practice, given the details of the implementation.

But Win10 still looks like it could be a privacy quagmire.

The details are buried down in the new Win10 privacy policy/user agreement, but the bottom line is that by default Win10 will be sending a lot of your data from your computer to Microsoft that they never had access to before.

You can read an analysis of this here:


As is the case with automatic updates, there is nothing inherently wrong with cloud data syncing, and it can bring significant service and reliability enhancements to users (keeping in mind how infrequently most people properly backup their systems).

But if you're going to avail yourself of such cloud data services, you really need to trust the firm you're dealing with, across the scope of possible data-related aspects.

And to be completely honest about this, I personally simply do not trust Microsoft to the degree that would seem necessary to use the default data sharing settings that Microsoft really, really, really wants you to use -- and of course that the vast majority of users will blithely accept. To put it another way, in this context I trust Microsoft about as far as I could throw a heavy old steel-cased 1980s PC.

Being careful with your data isn't just a Microsoft thing. My views of Microsoft and Google are pretty much diametrically opposed -- I have enormous faith in Google and Googlers doing the right thing with respect to protecting the data I share with them, but even in the case of Google -- with whom I share a great deal of data -- I'm selective about what I do share.

That's just common sense no matter whom you're dealing with, whether individuals, corporations, or other organizations.

The upshot of all this is that while we can all agree that "free" is often good, there's a lot to think about before accepting Microsoft's heavily promoted upgrade to Windows 10, and we all need to approach this decision with our eyes very wide open, indeed.

Be seeing you.

I have consulted to Google, but I am not currently doing so.
All opinions expressed here are mine alone.

Blog Update (31 July 2015): Windows 10's New Feature Steals Your Internet Bandwidth

Posted by Lauren at 01:59 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein

July 27, 2015

What Google's New Changes to Google+ and YouTube REALLY Mean

In a pair of blog posts today, Google announced major changes in the operations of their Google+ (G+) and YouTube services:



There are a number of changes noted, but my executive summary would be that Google is ending the enforced connection of Google+ user profiles to other Google services, notably YouTube.

The popular clickbait analysis appearing on many sites today is that this is the death knell of Google+, proof that it cannot compete with Facebook.

This is incorrect.

Taking the longer view -- and my experience with networked social media reaches back to the dawn of the ARPANET and the earliest email lists -- my own analysis is that the changes are great both for YouTube AND for Google+.

In fact, I believe that these changes indicate Google is actually ahead of the curve regarding the future of social networking, and has already learned lessons that other social media sites -- notably Facebook -- have yet to fully understand, likely to their own long-term peril.

The linkage of G+ profiles to other Google services came during a time when a particular theory -- taken to extremes by Facebook -- was in ascendancy.

Simply put, this premise -- part of a general anti-anonymity concept at the time -- was that forcing users to only post under their ostensibly true identities would result in higher quality posts, with less trolling or other posting abuses.

Experience quickly demonstrated that this was far too simplistic an idea, tangled with immense potential for collateral damage.

Many abusive posters and commenters by and large seem happy to spew their venom under their actual names -- a twisted badge of honor, perhaps.

At the same time, real-name linkage requirements caused all manner of problems for many innocent parties.

There are all sorts of reasons why posting with your own name can be immensely problematic in various cases -- in some situations even dangerous. This is especially true when discussing controversial issues, medical conditions, and all manner of other issues that reflect one way or another on your personal life.

The underlying reasons for this dilemma relate in large part to life contexts.

For example, when you're posting or commenting about highly controversial political matters, you're operating in a very different context than when you're trying to give advice about a problem someone is having with their child.

Similarly, there are no logical reasons why your discussions regarding technical matters must be intertwined with your posts regarding alternative lifestyles or other personal concerns -- unless you voluntarily choose to connect them in this way.

Contextual issues play a major role in the YouTube/Google+ arena as well.

YouTube-side commenters tend to gather around particular YouTube videos and YouTube uploaders/channels of interest. Google+ users who happen to share specific YouTube videos are much more often speaking to an audience that has no continuing interest in those particular videos, but rather are following the varied postings of an individual or other profile on G+ over time.

As someone with nearly 400K G+ followers, I can tell you from experience that the conflation of YouTube and G+ comments wasn't only confusing to many users, but could trigger some nasty situations as well, when YouTube uploaders viewed a G+ share as an "intrusion" into the comments on their channel. I quickly learned to avoid sharing YouTube videos relating to any controversial topics on G+ (especially with my own preamble text that might be critical of a particular video). Otherwise, I could end up spending hours afterwards cleaning up the mass of troll comments -- and on some occasions even threats -- that spewed in from the YouTube side.

But YouTube users' complaints about this were not entirely without merit, since the commenting contexts were intrinsically entirely different. in a perfect world we might hope that this would be a recipe for expanded points of view and teachable moments, but in reality it tended to trigger trolling and conflicts -- and as I noted above, confusion as well.

Confusion is indeed another key point. I love Google+, but it became increasingly difficult for me to convince existing Google users -- or new potential Google users -- to create G+ profiles. Often they were convinced -- based on inaccurate stories they'd heard -- that activating G+ would cause their Gmail accounts to suddenly be exposed, searchable, and tied to their real names. This was never true, but the perception was widespread, likely helped along by various of Google's adversaries.

I'm not a fan of Facebook for a whole bunch of reasons. One of these is that Facebook so often seems to be a place where users feel obligated to be because their friends and families are there -- rather than somewhere they really want to be.

On the other hand, I love Google+. I'm constantly meeting new people from all walks of life around the planet, and am able to engage in a range of discussions with them across a wide scope of topics. Are there some trolls mixed in there as well? Sure. But overall the scope of intelligent and fascinating G+ users utterly swamps the relatively small number of trolls who are comparatively easily dealt with on G+.

I'm convinced that the changes Google announced today will not only make YouTube users happy, but will be great for the organic growth of G+ and other Google services. These changes reduce confusion and bring clarity to these offerings, and that's good for users and good for Google.

Kudos to the Google teams involved!

I have consulted to Google, but I am not currently doing so.
All opinions expressed here are mine alone.

Posted by Lauren at 06:36 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein

July 16, 2015

Meeting Donald Trump

I suddenly realized why I feel like I've met Donald Trump. Turns out that I once knew someone almost exactly like him in every important detail.

I'd forgotten about him until recently. He was very wealthy and constantly bragging about it. He didn't care at all for anyone else's feelings. He constantly made inane assertions without backing them up or explaining them in any way. He had a consistent "my way or the highway" attitude.

He was massively bigoted and seemed not to even realize it. He made up fake facts to fit the moment, changed them with abandon, and endlessly declared that everyone else was stupid.

He was in fact the most obnoxious ten-year-old that my ten-year-old self had ever met.


Posted by Lauren at 09:13 AM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein

July 06, 2015

UI Fail: How Our User Interfaces Help to Ruin Lives

A couple of months ago, in Seeking Anecdotes Regarding "Older" Persons' Use of Web Services, I asked for stories and comments regarding experiences that older users have had with modern Web systems, with an emphasis on possible problems and frustrations.

I purposely did not define "older" -- with the result that responses arrived from users (or regarding users) self-identifying as ages ranging from their 30s to well into their 90s (suggesting that "older" is largely a point of view rather than an absolute).

Response rates were much higher than I had anticipated, driven significantly by the gracious endorsement of my survey by Leo Notenboom of ASK LEO!, who went out on a limb and assured his large readership that I was not some loony out to steal their personal information.

Before I began the survey I had some preconceived notions of how the results would appear. Some of these were proven correct, but overall the responses also contained many surprises, often both depressing and tragic in scope.

I had not anticipated the amount of details -- and in particular of highly personal details -- that would arrive in these surveys.

It was immediately obvious that many of these respondents were long frustrated by these issues, and viewed the survey as finally an opportunity to get these concerns off their chests. Much of what they described was heartbreaking.

What was perhaps most surprising was that a deep data dive was not necessary to see the common themes -- they stuck out like a sore thumb from the very first responses onward.

And many of the problems cited are solely our faults, our responsibilities, our shame.

Responses poured in both as first-person reports and as testimonials by family, friends, caregivers, and other persons acting as "tech support" (often remote tech support) for older users.

Any stereotypes about "older" users were quickly quashed.

While some of the users had indeed never had much computer experience, a vast number of responses involved highly skilled, technologically-savvy individuals -- often engineers themselves -- who had helped build the information age but now felt themselves being left behind by Web designers who simply don't seem to care about them at all.

While issues of privacy and security were frequently mentioned in responses, as were matters relating to fundamental service capabilities, issues and problems relating to user interfaces themselves were by far the dominant theme.

Some of these were obvious.

There is enormous, widespread frustration with the trend toward low-contrast interfaces and fonts, gray fonts on gray backgrounds and all the rest. Pretty, but unreadable to many with aging eyes (and keep in mind, visual acuity usually begins to drop by the time we've started our 20s).

Many respondents noted that screen magnifiers can't help in such situations -- they just end up with a big low-contrast blob rather than a small low-contrast blob.

But then we really get into the deeper nitty-gritty of UI concerns. It's a long and painful list.

Hidden menus. Obscure interface elements (e.g., tiny upside-down arrows). Interface and menu elements that only appear if you've moused over a particular location on the display. Interface elements that are so small or ephemeral that they can be a challenge to click even if you still have the motor skills of youth. The list goes on and on.

And beyond this, there is even more frustration with what's viewed as undocumented and unnecessary changes in interfaces.

For a user with fading memory (another attribute that begins to surface relatively early in life) the sudden change of an icon from a wrench to a gear, or a change in a commonly used icon's position, can trigger such frustration that users who could most benefit from these systems -- especially for basic communications -- become embarrassed and, not wanting to ask for help, give up and withdraw back into deadly isolation.

These were by far the most repeated themes in responses -- concerns regarding the rapid and seemingly arbitrary changes of hard to find, see, and click UI elements and associated menu/command functionalities.

The frustration of caregivers in these contexts was palpable.

They'd teach an older user how to use a key service like Web-based mail to communicate with their loved ones, only to discover that a sudden UI change caused them to give up in frustration and not want to try again. When the caregiver isn't local the situation is even worse. While remote access software has proven a great boon in such situations, they're often too complex for the user to set up or fix by themselves when something goes wrong, remaining cut off until the caregiver is back in their physical presence.

I could go on, but you get the idea. With subtle variations in details, I was seeing the same sad stories over and over again as I poured through the survey responses.

We have failed a user population that not only needs our services but for whom our communication services -- including social media -- can make sometimes critical improvements in their lives, especially in helping them not withdraw into isolated oblivion.

We could argue about the motivations, history, and policies that brought us to this current state of affairs, but I'm much more interested in solutions.

So I have a modest suggestion.

I would like to see major Web services commit themselves to the proposition of providing optional and easily enabled "basic interfaces" to their main services, alongside the existing "primary" interfaces.

We're not talking "dumbed-down" interfaces here. We're talking about UIs that feature clear menus, obvious and easy to click icons, and most importantly, that would be supported for important functionalities for significantly longer periods of time than the rapidly evolving primary interfaces themselves.

This is most assuredly not a question of halting innovation, but rather of respecting the differing needs of different users at various stages of their lives.

And frankly, I suspect that "basic" interfaces as described would be widely welcomed by significant numbers of users irrespective of their ages.

I have some detailed thoughts on how such basic interfaces might be structured and deployed vis-a-vis primary interfaces, but I won't bore you with that here.

What's important right now is that we commit ourselves to the proposition that we need to better serve all users, and that our current largely one-size-fits-all user interface methodologies are actively working against this crucial concept.

Thankfully, accomplishing this doesn't require any artificial intelligence breakthroughs or rocket science. It requires only that we agree that these users are important and that we allocate reasonable resources toward these solutions.

As an industry, we seem to be great at coming up with high-end services to better serve the young and elite.

It's time that we put the same efforts into better serving everyone else as well.


Posted by Lauren at 11:23 AM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein