In privacy communities, its usually assumed that non-libre OSes have the *capability* of spying on *everything* you do. But, what do they *actually* monitor *in practice*?
-
cross-posted from: https://sh.itjust.works/post/41641719
Keystrokes? Screen recordings? Camera and microphone spying? Assuming an average person who's not actively targeted by an intelligence agency.
-
cross-posted from: https://sh.itjust.works/post/41641719
Keystrokes? Screen recordings? Camera and microphone spying? Assuming an average person who's not actively targeted by an intelligence agency.
thats the thing you dont know what there actually monitorong so you assume the worst
-
cross-posted from: https://sh.itjust.works/post/41641719
Keystrokes? Screen recordings? Camera and microphone spying? Assuming an average person who's not actively targeted by an intelligence agency.
Aside from the Ars Technica article in the xpost, there's a lot of "it depends."
It depends on not just the OS, but if it's a custom image built for Dell or HP or Asus etc. computers, what settings are on, what settings were on by default, what bloatware is pre-installed, etc.
Typically, all MS or Apple really want are to know what apps you have installed, zip code, email address, IP address, crash reports, and possibly keywords they can associate with advertising. That's their baseline wish list, which is all advertising fodder, and depending on your settings, that can quickly expand to "anonymized" (it's not) cookie use, tracking of websites visited, etc.
If you have a custom image (i.e. a Dell specific version of Windows) the laptop manufacturer will look for access to roughly the same data.
With the whole Copilot fiasco, recording things like keystrokes and screenshots really are potentially in play now. But, again, only if you have foolishly installed Copilot and turned that stuff on. And that only after huge public outcry. So there's always a non-zero risk of that, but do your due diligence to know you settings.
Can you strip out bloatware and tighten down Windows to a reasonable degree? Sure. But because MS can and does change system settings without your consent, you might find in 6 months an article about a setting you turned off, that they turned back on and you had no idea.
-
cross-posted from: https://sh.itjust.works/post/41641719
Keystrokes? Screen recordings? Camera and microphone spying? Assuming an average person who's not actively targeted by an intelligence agency.
wrote last edited by [email protected]Since they are closed source, we can't know. We can find out that messages are being sent at certain moments, but not what data is being contained in the messages, communications carrying this sort of data are always encrypted (for obvious reasons).
For legal reasons they often include some vague allusion in the terms of service about collecting information.. but they are never very clear on what data exactly they take when and how, so it's left up to interpretation.
-
Aside from the Ars Technica article in the xpost, there's a lot of "it depends."
It depends on not just the OS, but if it's a custom image built for Dell or HP or Asus etc. computers, what settings are on, what settings were on by default, what bloatware is pre-installed, etc.
Typically, all MS or Apple really want are to know what apps you have installed, zip code, email address, IP address, crash reports, and possibly keywords they can associate with advertising. That's their baseline wish list, which is all advertising fodder, and depending on your settings, that can quickly expand to "anonymized" (it's not) cookie use, tracking of websites visited, etc.
If you have a custom image (i.e. a Dell specific version of Windows) the laptop manufacturer will look for access to roughly the same data.
With the whole Copilot fiasco, recording things like keystrokes and screenshots really are potentially in play now. But, again, only if you have foolishly installed Copilot and turned that stuff on. And that only after huge public outcry. So there's always a non-zero risk of that, but do your due diligence to know you settings.
Can you strip out bloatware and tighten down Windows to a reasonable degree? Sure. But because MS can and does change system settings without your consent, you might find in 6 months an article about a setting you turned off, that they turned back on and you had no idea.
Even if you turn off the setting and it stays off in subsequent updates, how can you know that the setting actually does anything at all? That is to say how can you trust Microsoft does not ignore the setting and just gathers the data always.
-
Since they are closed source, we can't know. We can find out that messages are being sent at certain moments, but not what data is being contained in the messages, communications carrying this sort of data are always encrypted (for obvious reasons).
For legal reasons they often include some vague allusion in the terms of service about collecting information.. but they are never very clear on what data exactly they take when and how, so it's left up to interpretation.
They ban us from proving.
-
thats the thing you dont know what there actually monitorong so you assume the worst
Worse, they ban us from proving. They don't want us to know.
-
cross-posted from: https://sh.itjust.works/post/41641719
Keystrokes? Screen recordings? Camera and microphone spying? Assuming an average person who's not actively targeted by an intelligence agency.
There is so so so much, and they do get caught, and when they do we keep a peek into how invasive they are. As someone who has had to worry about being targeted by intelligence agencies and nation-states, I was completely blindsided by corporate/capitalist surveillance.
for example, look at this action by Meta, where they broke out of security sandboxes and exploited protocols in order to tie your browsing history (even private browsing) back to your identify saved in their databases back in meta land
https://www.theregister.com/2025/06/03/meta_pauses_android_tracking_tech/
the amount of data that is being harvested and sold, and resold, is absurd, and the greater threat is not just that they are exploiting you, its that they dont care who the data gets sold to. Bad actors (criminals, etc) can and will purchase information they can use against you.
So, consider the unintentional ramifications of all that info being harvested and available in addition to the intentional ramifications of hyper greed, and couple that with the amount of available compute and you will see that you do not need to be a person of interest, everyone is a data point that can be and will be exploited.
I would encourage everyone to take their privacy seriously.
-
cross-posted from: https://sh.itjust.works/post/41641719
Keystrokes? Screen recordings? Camera and microphone spying? Assuming an average person who's not actively targeted by an intelligence agency.
Check this out, its a pretty good view into good practice, beginner, intermediate, and advanced, with recommendations.
https://digital-defense.io/ -
Even if you turn off the setting and it stays off in subsequent updates, how can you know that the setting actually does anything at all? That is to say how can you trust Microsoft does not ignore the setting and just gathers the data always.
It might be not sending any extra data - which can be verified via packet sniffing like Wireshark - but how do you confirm they are not saving the legit requests you do and collect it silently at the backend? It cannot be proven (beyond reasonable doubt).
-
cross-posted from: https://sh.itjust.works/post/41641719
Keystrokes? Screen recordings? Camera and microphone spying? Assuming an average person who's not actively targeted by an intelligence agency.
not sure about win/mac, but for android yes they do keep record of stuff like what apps are being launched and upload/sync to google account. it's not hidden though.. it is(was) literally available on google account history or something (was about 7 years ago)
regarding keystrokes there was a case of a famous chinese keyboard app doing dubious stuff. not sure if i can say it's on a os level but i'm pretty sure more than a few chinese phones ship with that. https://citizenlab.ca/2023/08/vulnerabilities-in-sogou-keyboard-encryption/
-
Worse, they ban us from proving. They don't want us to know.
thats y intel ME is so under wraps if people knew what it did thr entire tech space would colapse in
-
cross-posted from: https://sh.itjust.works/post/41641719
Keystrokes? Screen recordings? Camera and microphone spying? Assuming an average person who's not actively targeted by an intelligence agency.
-
cross-posted from: https://sh.itjust.works/post/41641719
Keystrokes? Screen recordings? Camera and microphone spying? Assuming an average person who's not actively targeted by an intelligence agency.
The problem is its closed source and often difficult for the average user to tell what is going out. All you can do is Do Not Trust.
-
There is so so so much, and they do get caught, and when they do we keep a peek into how invasive they are. As someone who has had to worry about being targeted by intelligence agencies and nation-states, I was completely blindsided by corporate/capitalist surveillance.
for example, look at this action by Meta, where they broke out of security sandboxes and exploited protocols in order to tie your browsing history (even private browsing) back to your identify saved in their databases back in meta land
https://www.theregister.com/2025/06/03/meta_pauses_android_tracking_tech/
the amount of data that is being harvested and sold, and resold, is absurd, and the greater threat is not just that they are exploiting you, its that they dont care who the data gets sold to. Bad actors (criminals, etc) can and will purchase information they can use against you.
So, consider the unintentional ramifications of all that info being harvested and available in addition to the intentional ramifications of hyper greed, and couple that with the amount of available compute and you will see that you do not need to be a person of interest, everyone is a data point that can be and will be exploited.
I would encourage everyone to take their privacy seriously.
I swear meta is just built different in terms on spying on people compared to everyone else.
It's like they have a team of ex non ethical elite hackers to find security vulnerabilities in everything and exploit everything as much as possible. -
I swear meta is just built different in terms on spying on people compared to everyone else.
It's like they have a team of ex non ethical elite hackers to find security vulnerabilities in everything and exploit everything as much as possible.Reptillian ceo desparately trying to learn how to properly drink water
