> All of the reports I’ve seen so far emphasize the point that HP (or Microsoft?) has installed this "telemetry" program without advising customers or requesting permission to install.
It is now well established that if you choose to run Windows you're going to be playing this game of cat and mouse until the end of time. You simply are not in full control of the OS.
Yep. I don't know why people fail to understand this. As one comparison, Debian supports their user base; Microsoft supports their business model[1].
I also don't understand why anyone who cares about these issues would buy HP - they're establishing a great track record as a company that really wants to spy on their customers[2]. Almost worse than that is how incompetent they've been about it - a couple years ago it was FinFisher, and I believe they somewhat recently shipped a key logger in a driver by apparent accident.
For my part, my machines save one run OSes that expose full control of the machine[3]. OSes that don't, like other untrusted software, run in VMs so that I can still control them. Windows instances don't get network access anymore. I only use it for a couple apps that do what they need to do, so the bottled demon doesn't need updates until underlying needs change. It makes life much easier when a whole class of problems can't happen.
[1] Which is as it is 'supposed to be', as the rules are currently written.
[2] Not to mention board members...
[3] Yes, cellphones; not a novel observation. That's a different discussion that I've had several times here.
HP is abundant in the world of cheap enterprise laptops for employees. I would never buy one, but I don't care much about what the business I work for wants to buy its newcomers.
After about a year, I made it clear to my boss that I was much more valuable to the company running in a Linux system. They 'found' some extra budget and made it happen, and I'm very pleased with that, but I don't disagree with their first decision to just get a simple HP.
Everyone is our company is issued a HP hunk of garbage. Mine sits on top of a set of drawers buried under some manuals. Almost everyone in our team has a Mac, a custom built PC or some other nice machine.
I boot the HP probably once a year to blindly click through the flash based corporate training that one of us draws the short straw to write down the answers for.
I'd argue I have way less control on my OS on an iphone or an ipad than on a Windows machine. Not that I think it's ok to lock us out of our own hardware, but Windows is not the worst offender, by a huge margin.
While that's true, the vertically integrated nature of Apple products means you either trust Apple or you don't.
With a Windows PC you're having to trust Microsoft, the OEM, the ODM, the BIOS manufacturer, the driver author for each and ever piece of hardware in your system.
There are some benefits on both sides. Here is the ability to choose the manufacturer of the hardware. Depends on what you need. The problem (for me at least) is when I'm stuck with one of them because of work, entertainment, etc. All of them are greedy bastards. Sometimes I want to wipe everything, install ubuntu and quit my job, but my wife disagrees.
I make it a habit to wipe and install from scratch any PC that I setup. Occasionally I need to download a network driver but the default system images usually have one that works.
I like the Signature Edition program where Microsoft vets that the machine just has a clean Windows install and minimal drivers out-of-the-box. I recommend that to a lot of people. The easiest way to buy a Signature Edition PC is from the Microsoft Store, but some of the OEMs and some Best Buys and Staples will offer them if you ask nicely. It saves a bit of time from wiping it yourself.
Actually you can choose not to install the latest iOS. When Flappy Bird shut down they didn’t delete the app from phones . I’m pretty sure that android has the same thing.But Android can have preinstalled apps that can’t be installed unless you flash a new rom.
There is some merit, however, to the argument that iThings have always been locked down (or intended to be, at least), whereas the Windows changes are a regression.
Given the success of Apple, that sounds like Windows is attempting to meet customer expectations. In any case, It seemed to me that the OP was arguing for a pro-lockeddown position, which is why I asked what the merits are.
I think gp’s position is that customer expectations of apple and windows platforms are different- that locked-down-ness was something that, when people could deal with it and preferred it, already were not the core windows customers.
Of course, but this is just moving the goalposts. I think Apple bears a lot of responsibility for making an entire new product category so anti-user, but within desktop computing, the standards are different (thank god), and Windows is the worst offender there.
2) When I see some app, system that connect to network which I think it should not. I just block their network connections with Windows Firewall or uninstall those app.
There is a "netsh advfirewall firewall" command that can do this from command line.
3) BTW this works very well with Windows' own service too. I block svchost.exe, Edge, SerchIndex, etc from accessing internet. svchost.exe is allowed to access local subnet for file, print sharing. When I feel like upgrade to to latest version windows 10. I turn off the firewall rules for a few hours to allow the update to go thru.
4) Only Firefox and Chrome in my windows system are allowed to connect to internet full time. The CPU usage is normally < 15% and most of the time < 10% even when playing youtube @ 1080 resolution.
The latest Firefox Quantum has less CPU usage and faster also. I love it.
5) The WSL (Windows Subsystem for Linux) is getting better - X, xfce4-termnial now working good enough for me. I like accessing the Ubuntu shell in windows environment without the overhead of Virtualbox.
I have a beloved 2015 MBP that I'm trying to keep alive, but it's becoming a little underpowered and it's not upgradeable. New MBPs are a non-starter with the port and keyboard situation and my coworkers all hate them. Then I have a maxed out XPS 13 which is a very nice and capable machine that suits me completely, except that it has a malicious OS that I have to constantly fight. And Linux doesn't support a lot of the tools I need.
> "Then I have a maxed out XPS 13 which is a very nice and capable machine that suits me completely, except that it has a malicious OS that I have to constantly fight. And Linux doesn't support a lot of the tools I need.
So..... what's the solution here?"
The solution is sitting in your hands. That XPS 13 can run Ubuntu (and probably Debian, Arch/Antergos, or any other major distro) flawlessly since Dell ships a version with Ubuntu preinstalled. Set it up to dual boot with Windows, and use VirtualBox's raw hard disk access feature to set up a Windows guest under Linux using the Windows partition as the VM's boot drive.
That way, you can slowly wean yourself off of Windows; use the VM for your Windows-only tasks with the option of booting natively into Windows for anything strictly hardware dependent, until you have replaced your Windows workflow with Linux. Even if you find you can't 100% escape Windows, at least you're not living in it so you're not being spied on all day.
> set up a Windows guest under Linux using the Windows partition as the VM's boot drive.
> with the option of booting natively into Windows for anything strictly hardware dependent
IIRC, years ago, when Windows 7 was the latest Windows, this couldn't be done. Windows used to take offense if the hardware it was running on changed significantly from boot to boot. Has that changed with Windows 10?
It's gotten better both with changes in Windows itself and with improvements in virtualization. VirtualBox allows you to use different hypervisors so you can get closer to native hardware access in a VM. It works best when the guest is Linux but it also works well with Windows and recently, macOS. You can even do GPU passthrough for better Windows gaming on a Linux host.
Well, yes, if you want to do any significant amount of gaming on a computer, you'd want a dedicated GPU. If integrated GPUs meet your demands for gaming, you're better of with native Linux games and Wine for Windows casual games.
> "I've recently moved to Mint with Win7 in a vm and its lack of GPU and DirectX support is not really workable."
It sounds like you're better served by dual-booting then. Running a VM isn't a solution for everyone, just another option for some.
use linux for everything that you can use it for and then just run windows in a vm when you need it for certain software.
I started off in a dual boot situation, and i can't even remember the last time i went into my windows partition. It has to be less than 5 times in the past 3 years.
I think utilizing a firewall at the router level would be one way to deal with the problem, but it will take time to determine and implement the appropriate rules (a popular choice on HN is the EdgeRouter Lite3 from Ubiquiti).
There may be Linux equivalents of the tools you use, but it would be difficult to say without you naming these tools specifically.
Xamarin, Adobe stuff. And I've found a Windows VM in a Linux host to be passable, though suboptimal. Especially because you only run it sporadically, so even though it's a VM you still have to deal with its compulsive and compulsory updating, restarting, and whatever else it does that keeps it busy for 20 minutes when it hasn't been started in a month.
Also Linux multi-screen/multi-DPI support is still bad.
My 3 monitors (which have different DPIs than the monitor that comes with my linux laptop). Trying to do this with the tools Ubuntu provides doesn't work. Ubuntu's GUI doesn't scale well, and I can't find a setup that does.
I just want this to work, but it doesn't. This was a Dell laptop that came preinstalled with Ubuntu, too.
Running MacOS on virtualbox on top of Windows works ok. There are a lots of tutorials on the web that shows you how to do that. It does violate Apple's SW license.
It is very fun to play with a full screen MacOS on a touch screen enable Laptop.
Not really. If you can live with the same OS X you installed first, allowing only fix updates, you can be totally fine on XPS 13/15 (given you have Broadcom WiFi). Everything else works like on real MacBook. The same holds for most Zenbooks (those without NVidia).
I would run "msfw log --tail" to watch for blocked connections. If I wanted to allow the connection, I then added it as a rule.
It was alot of work to setup initially, and I even found some scenarios where adding a rule was not sufficient to allow the connection. I never understood why.
I use a Dell XPS with Ubuntu. I didn't have to deal with any of the bullshit.
Why do people continue to purchase products from companies that blatantly want to spy on them? Vote with your wallet and never go through a bizarre multi-step anti-spyware setup again.
That sound interesting but you have really to be proactive and deploy significant a technical knowledge to block the software from abusing you.
Still you count as a happy Windows user and will reinforce the Microsoft position. This way they will be able to abuse 99% of their users, those that don't have the same competencies and time to spend on these countermeasures.
As for the WSL I stopped using it. This is an honey trap to let people use Windows as their primary OS by just giving them the developer goodies they like. I may consider it again if you can use it to develop a full-fledged Windows application that can access the windowing system and can be redistributed. You may have noticed that with WSL you cannot and the applications you may do remains nicely restricted to the linux subsystem.
> As for the WSL I stopped using it. This is an honey trap to let people use Windows as their primary OS by just giving them the developer goodies they like. I may consider it again if you can use it to develop a full-fledged Windows application that can access the windowing system and can be redistributed.
A honey pot? I don't think that means what you think it means. If you are interested in developing full-fledged Windows applications, why in the world would you want to use WSL? You are not the kind of developer that WSL is designed for.
WSL is Linux. It is not Windows. Microsoft "managed" to make it possible to run Linux binaries on Windows, in a pseudo-virtual Linux environment. The distro you choose to run in WSL is not built by Microsoft.
If you want to develop to a Windows target, then configure your WSL environment to do cross-compiling. That's up to you. If you can cross-compile in Ubuntu, then you can cross-compile in WSL. Just don't expect WSL to be anything but Linux.
My solution with Windows is easier. I run it in a VM and block all network traffic. Problem solved.
And regarding (5)... well, the same thing I used to tell people about WINE applies, just in reverse. Unless you're butting up against a corporate policy or something, why pick the inferior, broken imitation when the real thing is right there?
Same here, been using Windows since 3.11 and MacOS the past 6 years. But when i installed Ubuntu 17.04 on my new HP laptop, i was really impressed and haven't needed to switch yet.
When the recovery partition got corrupted on my teenage niece's nonfunctional Win10 laptop, I fixed her computer by installing Ubuntu Mate. She's been using it for over a year now and loves it.
If a teen girl likes her Linux desktop, then things are doing pretty well.
I did a fresh install of Ubuntu desktop the other day and there are Amazon icons on the sidebar by default. I didn't opt in unless it was maliciously bundled with another option.
There is a conflation of issues here. There's two separate Amazon things: (1) The launcher on the dock by default -- annoying but not subversive -- and (2) search integration, where your local searches would also query Amazon, which used to be enabled by default -- a privacy issue which caused some controversy a few years back. Great grandparent was talking about (2), specifically, so in that context I understood the grandparent to mean only it. However, the wording was certainly unclear if you weren't familiar with the controversy.
And not just downvoted but flagged... Anyways yeah, I tried Ubuntu out and the Amazon icon is there and isn't easily removed. Plus Unbuntu has auto-on telemetry or crash reporting as far as I understand.
Can I recompile Windows without any telemetry? Can I build my own Windows OS from scratch or install a pre-built one from a person or organization I trust?
You are correct, that pre-built machines are almost never trustworthy. That is not really important though, in that the very nature of GPLed Linux makes a huge difference to the user in terms of control of their machine.
> Let's not pretend that if Linux ever got to the desktop in any meaningful way that these boxes wouldn't ship with everything including kernel modules to do "value added" nonsense.
Windows and Android are able to do these these things because of the lock-in they have on application developers. Apps made for Ubuntu run fine on other Linux distros so Canonical doesn't have the kind of control and lock-in which MS/Google/Apple. This equivalence is therefore dubious.
If Ubuntu started shipping on a lot of devices, the HP and other OEMs would start shipping value-adds from third parties as well. The title of this thread is "HP installs system-slowing spyware on its PCs". This by no means would be Windows-specific if HP shipped any serious quantity of consumer Ubuntu boxes.
Please don't spread FUD. I'm not a huge fan of Ubuntu but be honest, its so-called telemetry drama from several years ago never required the command line to turn off, it was a switch in Unity's graphical settings app. Since that controversy it has always shipped opt-in, and non-Unity versions of Ubuntu never had the issue to start with. There are no Amazon "ads" apart from a link on the dock that is removed with a right-click, again no command line wizardry required.
This is incorrect. Every time I click the Unity button, the first icon is Amazon. No way to remove it that I can see. Just Launch. Please step me through clicking the top right Unity button to see all apps, then removing Amazon via the UI only.
It's a .desktop file just like any other icon in Unity. It's at /usr/share/applications/ubuntu-amazon-default.desktop; right click, delete, just like you would any other .desktop file.
Back in the 1990s, people would claim that if Linux were used by anyone at all, it would be as buggy and insecure as Windows 95 was. Because bugs magically pop up due to use.
Now it's claiming telemetry magically pops up due to use. Plus ça change, I suppose.
No. I know what a Linux distro look like. I'm just saying that the only Linux that could have conquered the world, through HP, Compaq or Dell pre-installing Linux on the Desktop, would have looked more like Android than Debian.
Actually, it would have been worse, since at least Google is mandating some kind of inter-operability between OEMs together.
Any closed-source, non-free software - drivers, productivity tools, games - all pose the same danger.
And it's not just software - binary firmware blobs (including ones found in most ARM-based SBC, such as Raspberry Pi) should be seen as potentially dangerous. Not to mention Intel's Management Engine and such.
They all pose the same danger the same way any car on the road can veer into your lane and kill you. It doesn't mean that's likely or even probable. Yes, by definition closed source software can be changed to do something you don't like without telling you.
But specifically Windows has the track record that it will do this, and when you attempt to stop it, it will attempt to go around you and keep doing it. Random drivers and Raspberry Pi firmware do not have this track record, and so saying they "all pose the same danger" is technically accurate, it's disingenuous to the point of being borderline untrue.
It's not the same danger in the same way, until car steering, et al, have a dependency on proprietary firmware that we can't inspect and understand. In the meantime, the mechanical components can be cut open, their operation understood. What's more likely than uncommanded veering, is you lose power steering, and can't easily steer.
Modern cars have a lot of electronics involved in things like steering, and some researchers already demonstrated that they can take over the steering of a car from remote by exploiting vulnerabilities in those electronics.
True - but I'd argue that the dangers aren't equal, and they are also not constant. Windows 7 wasn't nearly as invasive as Windows 10, for example.
While the argument often seen from the FSF - that all non-free software is dangerous - is technically true, it's about the same level of true as "all software is dangerous if you can't read the source code," in which case, all software is dangerous to everyone who isn't a software engineer.
Even though all non-free software has this issue, we should still be vigilant about fighting and curtailing it where we can. Proprietary software isn't going away, and the harm is real, so we need to encourage its lessening.
> all software is dangerous to everyone who isn't a software engineer
And even everyone who is, unless that engineer understands every language and hardware component in play, and is able to spot subtle vulnerabilities at a glance.
You have to have some level of trust. That trust should have a pretty high barrier, though.
FOR ME, one of the biggest things I look at is motivation. This often means looking at business models. We've seen where the race to the bottom for laptop prices gets us. I'd rather buy a laptop from a company that makes money off of selling the hardware, itself.
Honestly, I don't see how open/free software can fix it. For example google analytics is commonly used through web, source code of the tracker is available as raw text in javascript, and where is the promise of open/free software? Sure one can install tracking blocker (like ghostery), but just because the track itself is open source (most pages source code is accessible as raw text) - tracking hasn't been magically fixed for web, and people still play cat-mouse with track blockers. Given this example I don't see how making something open source or free software suddenly fixes that. Indeed, yes, it does makes it easier to audit software, but that's about it. One might say that one can personally audit all the source code, but there is practical limit to how much we can do it - a common system might run 20k+ packages with million lines of source code, and even if we trust all major dependencies, tracking can always sneak-in through 3rdparty libs, downloadable code (aka js), etc.
In my opinion a better tool would be a legal framework to limit companies what they can and can't do. For example EU GDPR is much stronger factor in limiting what companies can do with personal data, and it forces companies to provide opt-out option (and proper opt-out, not like "we use cookies, if you don't like - please leave"). The reason why EU GDPR is not a joke are fees - 4% of global revenue (or 20 million EUR, what is bigger), so companies are forced to comply. I would love to see a proper legal framework for opting-out from tracking, but looks like it will take another 10-20 years to develop it :(
>Honestly, I don't see how open/free software can fix it. For example google analytics is commonly used through web, source code of the tracker is available as raw text in javascript, and where is the promise of open/free software? Sure one can install tracking blocker (like ghostery), but just because the track itself is open source (most pages source code is accessible as raw text) - tracking hasn't been magically fixed for web, and people still play cat-mouse with track blockers.
A much better example is the new telemetry in OS Chromium, OS .NET core, and OS VSCode.
It's not really the same game. Having something hidden in a firmware blob vs. installing crapware on a running OS. Thankfully there are cheap SoCs that can run blobless, like Allwinner H5, which runs the Xfce/firefox reasonably fast, and hopefully, this year it will get FLOSS video decoding support, and I'll be happy as a mouse. Mali free software drivers are also being actively worked on, but that's much less interesting.
Finaly a computer I fully control. :) Next, I'd like a tablet I fully control, without all the complexity of Android or traditional Linux desktop environments. Nice small userspace with small tablet GUI apps + HW access server, written in C. All snapping fast without a crazy-bloated SDK. Something that can start in 3-4 seconds including linux boot.
And what closed source has to do with it is this: if you try to do this stuff in free software, people can simply remove it and distribute the clean version.
Realistically speaking, how much control do people have regardless of the OS that they are using? We are talking about incredibly complex pieces of software here that relatively few people have the ability to monitor and very few people have the skills to correct.
Open source is not really a remedy here for the same reasons. We have seen how developers incorporate telemetry into projects, especially projects with mass appeal. Sometimes there is some pushback (e.g. Ubuntu). Other times it is mostly seen as a fact of life (e.g. Firefox).
The only time that you have a reasonable degree of protection is when you're far enough into the fringes that you're a part of a collective that is working proactively to protect a common interest.
1. Even if you cannot constantly vet every single piece of software, no matter how tiny, that is no excuse to simply let some software vendor do as they please, and to tolerate them as their abuses become more and more egregious.
2. Even in the case of Firefox, there was pushback. It may or may not have been sufficient, but there was. Ultimately, the disabling of that telemetry, whether by toggling a setting or by forking the browser, is still doable. The same cannot be said of some closed source software, particularly of the OS-level spyware that Microsoft has been peddling.
Automatic updates aren't always a bad thing. Sometimes they can be very beneficial.
I just finished reading a book [0] about the Conficker worm, which infected people's computers by causing a buffer overflow in an unprotected port.
Windows published the security patch to prevent the buffer overflow as soon as they found it, but they couldn't force users to update. As a result, the Conficker worm continued to spread, despite the company fixing the problem, because people couldn't or wouldn't install the new patch.
While the botnet created by the worm never did anything too malicious, it had the potential to be catastrophic [1]. Experts even talked about it potentially creating enough traffic to shutdown the root servers of the internet.
All that to say, automatic updates aren't always a bad thing. I, too, hate having updates forced down my throat.
Security updates, however, are in a bit of a gray area when it comes to that, IMO.
[0]: Worm: The First Digital World War - Mark Bowden, 2011
Microsoft itself does it, too, possibly more than OEMs do. Even if you block some of the telemetry with your firewall, they now seem to be opening new channels to send the data to Microsoft's servers. Their behavior is quite malware-like.
And this is one of the things that worries me the most. The careless people that embrace confidently their lack of privacy, such group can quickly become the majority of a given population and follow a trend that can lead to social disaster in an Orwellian-Huxleyian way, without appearing as such in the surface.
You're sidestepping the argument. To stay consistent, you'd have to run a local mailbox service, DNS service, redundant data backup/storage service, audit your browser code, etc. Not exactly "most people".
In any case, IMHO the stronger argument is that just because webapps spy on you doesn't give Windows any right to do the same. Unfortunately, a lot of web companies have shown that people will throw money at you if you attract enough users, and sell their eyeballs or habits.
This theory only works if you consider that there is only a single distribution of Linux, which there is not. If Canonical start this stuff with Ubuntu then somebody else can (and will) set up an alternative.
The problem with Windows is that Microsoft control it totally. There is no way out.
Although Google control android, they only do so with the permission of the userbase. I run LineageOS on my phone (no gapps) and although Google are the gatekeepers of what goes into AOSP if they become problematic then the opportunity is there for somebody to take what we already have and carry on in a different direction.
It wouldn't be Canonical adding this, it would be whoever is selling you the actual computer adding telemetry. There's nothing stopping HP from adding telemetry any Linux distro if they were selling it.
I agree. If a company prevents users from having control over their hardware, then it can be trivial for such company to control whatever software the user chooses to install on the computer.
I think Apple opts you into the choice. You can easily reset your iphone settings and go see what is checked by default under location services/system services. Why do you think its "completely wrong"?
A Google update to Android a while back (couple years ago) removed the separate email app, which I needed for work (Exchange), without asking and without a replacement. Despite a new Exchange interface being added much later, I lost a lot of faith in Google that day.
Apple's constant update nags make older iOS devices borderline unusable, but acquiescing to the update makes the device completely unusable due to massive lag.
I use one. Features and programs are very rarely added, unless through OS updates, which usually are very conspicuous.
While Google has deprecated and removed features in major updates, I don't remember a single instance of something that generated a measurable extra workload on my phone was pushed automatically by Google.
No, I'm still stalling on the update as a few friends had some problems with it. Every other week or so it reminds me of the update but I simply ignore that.
Is it? I've got High Sierra available for my machine and i've been ignoring it because Iv'e got stuff to finish. I'll upgrade when I'm ready in a few days or so.
It's an issue with proprietary software in general, not just Windows. If they do that with Windows, I wouldn't trust them with a pre-installed version of Linux either: who knows what they would hide in a proprietary device driver.
On a laptop, ofc. All the secure stuff happens on external hardware, and the laptop at least allows using it.
Most banks in Germany allow HBCI, so you get an external chip reader, any HBCI-compliant software – be it StarMoney, or GnuCash/KMyMoney with the HBCI plugin – configure your account, and authorize API accesses via the card and PIN on an external keypad (which shows what you’re authorizing on its own display).
This is the average way a consumer does online banking, and it’s much more secure than on iOS.
While it is possible, I don't think the average consumer has a dedicated card reader and HBCI software. I just checked a few random banks and none of them even advertise that on their homepage. Most people use browser-based banking plus a way to generate transaction tokens (e.g. via SMS, smartphone apps, or a small token generator that takes input).
Unless I am missing anything, Commerzbank has a small text on some of the sites "Using HBCI? This is how to activate". That's hardly advertising, nobody how doesn't already knows what this is about will click on that. All their interactions on the site seem to steer people to mobile or photo TAN.
To me it looks like nobody actually uses the Personalausweis online. Just recently, companies have switched off their support (e.g. HUK or DKB). And the majority of the readers around are just RFID readers without any dedicated keys or display (which obviously is not a secure way) which can't be used for HBCI.
The idea is to get a dedicated device[0] which uses your bank card to sign the transaction and shows transaction details on its own display. That's probably even harder to infect than iOS.
While German banks support that almost universally, hardly anybody uses it.
Yeah, and then the banks site will just tell the user to approve the "test transaction" on their devices screen. Or that they need to approve it or all of their funds will be frozen, or whatever.
I disagree. There's NO situation where this kind of update is good for users. Being unable to accidentally brick your machine is good, but no user benefits from having adware and spyware installed.
Sure, if you trust the OS. But what if the OS itself forces spyware and adware into your machine without your permission and it is not removable, like Windows 10 does...
The ability to control your machine is always good for users in the long run, though you're right it's important to make stupid changes very difficult for less sophisticated users.
Perhaps your bank should control your money so that you don't spend it unwisely? Users are stupid, after all.
I hate Win10 with passion, but I agree. Don't know why you get downvoted.
One of my father's laptops runs Xubuntu. It's totally fine too. He doesn't even know what root permissions are and he never needs them. But still, sometimes he has to install something and I have to help. The point is, I never get asked to help with W10 neither from friends or family, which is actually amazing.
This kind of thing is hardly new. PC makers have been preloading software for a fee at least since the 90s. It should come as no surprise that such software doesn't always align with the user's best interests.
It's common with phones too. My new Sony phone came with several Sony apps as well as Facebook installed as non-removable system apps. None of these are necessary for proper function, as it can run a third-party build of Android that doesn't include any of them.
Facebook in particular is an odd one. I can understand preloading it since it's very popular, but why the hell is it a system app?
I just switched to Android after being an iOS user since the iPhone 4. Honestly the fact that I have this stupid "Bixby" button on the side of the Note 8, almost perfectly in the middle, that I hit by accident maybe every third time I pick the phone up, is infuriating. No way to uninstall it, no way to turn it off, just a ~30% chance of launching some stupid app I don't want to use every time I pick the phone up.
I'm sure it will get better over time but I don't want to have to change the way I pick up my phone to avoid Samsung's garbageware.
Is it? I'm not up to date on the latest models, but in the past when I've compared Samsung's flagships to others, there wasn't a really obvious winner. I always found it a little weird that Samsung got such a large share of the market.
For me there's a ~four-way set of compromises: Stock (or near-stock) Android, Headphone Jack, Excellent Battery Capacity, Quality components.
Unfortunately there's nothing that meets all four of those requirements.
The Google Pixel 2 is probably as close as it gets, but has no headphone jack - which is a deal breaker for me.
After that, it's down to either the Samsung Galaxy range (S8, S8+, Note8) which all have the Bixby button, or LG V30/V30+.
Both of these are unfortunately running heavily modded versions of Android that are well out of date, and the LG V30/V30+ have had issues with screen quality and general availability.
So, I have a Galaxy S8+ - not my first choice, and I'm not really happy with it (too much Samsung crapware on it), but it's better than the alternatives.
The Galaxy Note series is, to my knowledge, the only smartphone on the market that comes with a stylus. Some of us really like that (Galaxy Note 4 owner here).
I really wish Apple would ship a phone with a stylus, but we know it's against their religion. His Steveness spake thus: thou shalt not use a stylus with a phone! And it was so in all Appledom.
> The Galaxy Note series is, to my knowledge, the only smartphone on the market that comes with a stylus.
Not quite, but I think it's the only flagship with an integrated stylus.
It's also the only one with it's monstrously large screen, and it's aspect ratio, which is a nice combo because it gives you a lot of visible screen content while using the on-screen keyboard.
Not the best for everyone's preferences, but there's no obvious substitute for someone who wants Note 8’s distinct features other than Bixby.
Is there something special about that particular stylus? Does anything prevent you from getting a third-party one for a different phone? Or does the phone also have a nifty slot for it?
It's got a full digitiser integrated into the display. The pen can detect 4096 or some such levels of pressure. It can detect hover. The pen and screen work flawlessly underwater. There is literally no other phone with these capability.
Yes, the phone has a nifty slot, and the phone detects when the stylus is removed and turns the screen on, a nice touch. Also, I think the touchscreen response might have been tuned for the stylus -- I'm not sure it will work as well with other phones (an Android music player I have doesn't detect the stylus at all).
There are other features, like a button on the stylus that the phone can detect a press of, and a small cursor that appears on the screen when the stylus is near but not touching it, but these are less important. Still, I think it's fair to say that the stylus is more useful when integrated into the design.
I have absolutely no idea if the actual phone in question is objectively the best one, but it might be the best one for pc86 - except for the Bixby button, which might be the price they're willing to pay for everything else.
> The weird part about people complaining about the Bixby button is the fact they bought it.
Because there's a phone identical to the Note 8 but for the button? Just because the Android ecosystem is more diverse than iOS doesn't mean that there is unlimited variation available in the market. I don't want Bixby, really dislike the button placement (too easy to accidentally activate even if I wanted Bixby), but that's not enough to prefer another phone to the Note 8.
It makes the button do nothing, which is kind of annoying in its own way, since you can't remap it to something useful but at least you don't have to suffer Clippy 2.0.
Correct. My (mostly rhetorical) question is why is Facebook installed in this way? It certainly doesn't need to be. It runs just fine on phone/roms that don't preload it, installed as a user app.
My phone is rooted, and I've uninstalled it properly using Titanium Backup. There were also hidden Facebook "app installer" and "app manager" apps, which I removed.
My understanding is that "system app" just means it's baked into the ROM. So it's not actually possible to uninstall it without flashing. Disabling removes it from all the application lists except the one in settings where you can re-enable it. [0] My guess is that the rooted uninstall is removing it from all system lists. But the binary is still there in your ROM, unless you've flashed a new ROM that removes it.
[0] This is also why the disable button dialog discusses uninstalling the updates to an application. Because updates are obviously not written into the ROM; they're in normal application storage.
ROM might imply that it's a different hardware storage device or some such. That's not normally the case; it's just a different partition mounted at /system. User apps are in /data/app while system apps are in /system/app.
/system shouldn't normally be writable at runtime on non-rooted devices, so updates get installed to /data/app like user apps. A proper uninstall with root, e.g. using Titanium Backup does remove the app from /system/app.
This was annoying to me when I had an older phone with less available memory. Many of the system apps were useless to me and just served to take up space. The system partition had to take up enough space to accommodate these apps whether I used them or not which resulted in less available space for what I did use. Pretty annoying.
Fun fact: On Nexus devices, the Google app can not ever be disabled, nor can Google Now Launcher – not even if you don’t use them for anything, and have alternatives set as default for everything.
Fun fact: disabling Chrome on my phone (flagship Google) causes every single app to crash on every interaction, including third-party apps like Signal.
Because it's part of the factory install, and should be available after a factory reset.
Much easier to do it that way than to either add a first-boot process to install it as a non-system app (thereby taking twice the space) or have the factory flash include it in the user partition, which means that a factory reset doesn't actually return the device to the state in which it left the factory.
At least in the case of things like "Google Sheets" and "Google Docs" the preinstalled apps are only like 1kb, and are basically just placeholders telling google to go to the play store and download the current version of the app once the phone is started (unless you disable and uninstall updates, at which point it's back to the 1kb placeholder)
Lenovo only got fined 3.5M? Cheap, not counting the reputation hit anyway.
If anyone knows how to slow down systems with their software, it's definitely HP. Haven't used one in awhile, but you could get a boost similar to going from a mechanical hard drive to an SSD by reloading the OS without all their bloatware. I wonder, has any security researchers ever thought about going back to circa-2005 printer software to see what it was up to?
It wasn't just the malware, they also got tagged for root certificates and then there was a third thing I forget now. It's a pattern of abuse.
Either way, that fine is just a minor expense compared to their $300B revenue. It won't even show up on a summary report. Punishments are supposed to hurt if you want behavior to change.
Microsoft makes it much easier these days to download an install image of Windows 10 that's devoid of non-Microsoft crapware. They're also kept up to date, so if you download Windows 10 ISO today, you will get version 1709 (fall creator's update).
And during an update [1] it seems smart enough to get most of the model specific drivers installed. The things that remain for one off download and install from the manufacturer web site are firmware updates.
The next time I do a clean install, I won't install HP's Support Assistant. It's OK UI/Ux, a bit laggy to discover what updates to apply, but more importantly it regularly fails to inform of and install firmware updates, even though they appear on that model's support page.
[1] Windows Update times are incredibly shitty. On a system fully updated as of 2017-09-25, and then not used at all (Fedora is my main OS) until last weekend, it took 7 hours and 6 reboots to get it updated. That includes one update with "Getting Windows Ready Don't turn off your computer" for 4+ hours. I have never had macOS or any Linux distro take more than 10 minutes for a minor update, or more than an hour (slow embedded spinning rust system) for a major version update. It's obscene and any wonder why people prefer to opt out and end up with riskier systems as a result.
A technical analysis of what the service is doing would be nice. Right now the article is basically just a collection of user complaints from the HP forum. And to be clear, I don't doubt that it's happening, but some actual analysis would be nice. Even if it's just a screenshot of the system resources monitor.
Unfortunately the last thing we're going to get from an Engadget article is anything resembling technical analysis. The author refers to the software as a "driver" twice.
I'm with you. Engadget took some HP forum complaints, slapped the word spyware on it and got their page views. Is this really spyware? What is it recording and how is it installed? Would love to know that.
I quite like how the title says its instead of e.g customers.
Lenovo has only just settled a massive $3.5 million fine for preinstalling adware on laptops without users' consent, and now it seems HP is getting in on the stealth installation action, too.
How is that a massive fine? Instead of deterring anyone, it looks more like a bargain.
Threads like this are always littered with advice to reinstall the OS of any computer you buy, and it troubles me. The vast majority of people have never heard this advice, and would have trouble following it even if they had.
Are we saying that only people technically competent enough to install an OS (plus a few close friends and relatives) can have fast, safe computers? Do we think that what we don't accept should be good enough for the rest of them? Or have we already given up any hope of solving it more than individually?
I don't have an answer here, but I'd like to see the discussion go beyond 'no probs, reinstall the OS' now and then.
I recommend to all my friends and family Microsoft's Signature Edition program that vets OEMs for clean Windows installs with minimal drivers (it's easiest to buy a Signature Edition at a Microsoft Store, but some OEMs, Best Buys, and Staples can all offer it if you ask nicely).
So far that seems to be pretty sustainable advice for non-technical friends and family expecting to use Windows.
Well I agree in general, but to get there you would have to change how vendors operate with customers and between each other, and that doesn't seem to be happening despite all the spyware and other craptastic after effects. If congress wasn't so corrupt I would say regulation might help, but as it stands Kstreet would likely make it worse...
Another point of view is I don't like this assumption users can't or won't learn. I don't complain that a TIG welder is only for experts because I can't operate it with no training, because its a tool that requires training, and so is a computer. This is why I think one of the main problems is that schools should not be teaching proprietary systems. (Once again a thing RMS was right about)
I used to be this way but eventually I got to the point where I'm willing to run macos just to have things like working suspend/resume and WiFi/Bluetooth that won't require periodic fiddling when some jerk decides to embrace systemd.
I've been using Linux and Windows for years. When Windows 7 came out, I moved any Linux installs to VMs simply because it still cannot get the things you mentioned working, even on Thinkpads and Dell Precisions, which are far better than most laptops. It was good enough for most development.
Work provided me a MBP about 2 years ago, and while it's not perfect, it's good enough. I will not be buying another Windows computer anytime in the future.
I can’t believe HP is popular as a desktop and laptop hardware vendor. Their products are absolute shit and the prices aren’t low enough to make up for it.
They remind me of the ultra cheap office pens that I bought once. I was new and my boss sent me out to get a box. When I got back he used one and said “these are too cheap, we use these every day”. He was right.
If you are buying a laptop get a Thinkpad or a Mac. If you are want a desktop and don’t play games get a Dell.
In the valley and some big US cities you have choices but in the rest of the world, HP is highly valued not because their quality but for their support, even with the basic one they will send a representative in less than 72 hours with the spare part. Lenovo, Dell, Samsung, Asus et al would take weeks if not months for the shipment part to arrive (most of the times without a representative to install it) or ask to send back the laptop just to get it back with the same issue a couple of months later.
On point: HP and Apple are the worst companies to buy a laptop, expensive as hell but they usually have local support staff in your city.
Also Thinkpad suck, they feel super cheap for the price they ask and install even worst spyware preloaded.
I've been in a different country, with a broken dell laptop keyboard, and the dell guy arrived the next day. When I pointed out I needed a US keyboard not a UK keyboard, he went out to his van and got one. The next day, onsite is ~$300. Its worth it.
Build it yourself. Prebuilt gaming machines tend to have highly inflated prices. Alienware is the worst at this.
But also the customization is very valuable. Being able to move budget around to get a top-end GPU at the cost of SSD storage doesn't tend to be possible when you buy pre-built. You might want a GeForce GTX 1080 Ti, but every prebuilt gaming machine that includes one might also include a 1 TB SSD, i7 GPU, and and 32 gig of RAM, inflating the price. By building yourself, you can budget for the god-tier GPU by sacrificing the large SSD for a smaller one, going for the i5 CPU which will still be enough power for gaming, and 16 gig of RAM because you don't plan on multitasking while gaming.
I definitely recommend looking into building your own. (Whether you do or don't game, but the customizability can be especially beneficial for gamers.)
Well what's the issue ? just suffer 6 months and then spend 600$ on a new machine with, finally, the latest intel cpu, octocore, capable of making even hard computing tasks like idleing fast !
</snark>
I think we oughta make a common repo + windows service to remove crapware.
But as someone above already noted, it really is a cat & mouse game with MS. Things that worked yesterday will not work today, after MS silently installs new updates.
It wouldn't surprise me to learn that MS has full-time staff dedicated to fixing any issues the most popular of these tools modify.
This is why after over a decade of supporting their crap as a sysadmin, I've gone completely gnu+Linux. Windows 8/10 were simply the last straw, plus I realized RMS was right the whole time.
windows, aptly named for the thing you should be chucking it out of :D as for vendors installing vendor software... whats new? really people are mad about this? what about their smart phones... they must have blood pressure issues throwing a fit over this nonsense. if you want a good running laptop where you are in control of the software chose linux, or if you prefer windows, atleast install and manage it yourself... don't need to have all this vendor nonsense if you dont want it. just re-install it clean!
> One complaint on the HP support site says: "It's been making my computer work so hard I can hear it like cranking away and the light in the back of my computer is flashing rapidly in-tune with the cranking. In Task Manager I can see it starting and stopping numerous applications."
How can an app be so poorly implemented? This had to have been noticed in QA and yet some exec prioritized gathering user analytics of user experience. How pathetic!
I'm told national labs won't touch Lenovo PCs since superfish (despite the fact that from what I can tell business models were not affected). Is HP next?
So why did HP do this? Their customers, which are mostly big companies, don't like it. Were they pressured to do so by a government agency? Did their in-house "analytics" people get out of control? Why won't HP say anything?
HP Enterprise is a different thing. Those big companies are customers HP actually cares about and they don't push things like this on them. They also honor warranties for them and respond to support calls.
The HP that sells laptops in department stores is consumer-hostile and sees the purchasers of their computers as cash cows to be farmed out to third parties and upsold remote support plans when the computer has a problem. And problems will inevitably occur since the machines are built with such poor quality control.
It's sad to see a brand new computer be slower than one that is 10 years old but can't be used because it has the wrong operating system.
First step when you buy an HP laptop: format and install an official copy of windows from Microsoft. The hardware is usually good. The software is usually crap.
Install a program like Fiddler and watch the call-homes roll in. It's truly amazing how many request are made while the computer is ostensibly doing nothing.
I bought my kids a couple of HP laptops back in the day. First step was always a reformat. But back then I had an MSDN account and the wherewithal to set the machines up the way I wanted, which many people do not. For myself I have not bought an OEM system for many years. I always build my own and if I need windows I buy an OEM disk. There's not much money in computers anymore so the manufacturers try to monetize them essentially the way news sites try to monetize stories.
It is now well established that if you choose to run Windows you're going to be playing this game of cat and mouse until the end of time. You simply are not in full control of the OS.