Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Apart from the reason of ”if they spy on this, who knows what else” and ”I don’t want to waste resources on telemetry” what is the reason to not allow a vendor to see which settings page you visit?

Obviously if you opt out (or rather, didn’t opt in) you shouldn’t be sending telemetry. But the line between a necessary network call and an optional one is often blurry.




As to other reasons apart from the violation of privacy: Every network call adds additional latency and slows down interactions with the OS. Every data gathering feature adds additional complexity to the implementation, takes attention away from other implementation work that could be done instead, and increases the risk of adding further mistakes to the implementation. Personally, I would like OS and application vendors to work on improving security and correctness of their programs and reducing latency instead of adding data gathering features.

> But the line between a necessary network call and an optional one is often blurry.

What would be an example of a necessary network call that an ideal OS (i.e., one that cannot be easily compromised and does not require updates around the clock to correct programming mistakes) has to perform on its own?

If a company is interested in how users use their applications and desperately need our data for it, they may be interested in funding dedicated studies and appropriately compensating users that send their data, if it is so valuable for the company.


> What would be an example of a necessary network call that an ideal OS [...] has to perform on its own?

Syncing the clock with NTP?


> Syncing the clock with NTP?

So every app, instead of querrying the OS, shall make a network call, to get the time from an NTP server ?


I don't understand how you got that. The question was about network calls that an OS would perform on its own.


Have you developed large applications with/without anonymous usage data?

You need a good volume of data and you aren’t going to want to pay for it for one simple reason: you can get it for free and only a tiny group of users are going to be upset enough by this.

Not sure what the reference to “ideal OS” is about. I thought this was about windows in particular.

Necessary network calls would be related to updates, licensing etc. But the thing is: they would be going “home” to the exact same servers as telemetry AND they would easily contain the same payload.


> You need a good volume of data

it is called testing. _Testing_. But of course, testing sucks and it's expensive.


Testing?

You can’t say how your users use your software through testing. Not by surveys/panels/interviews either.

But yes: alternatives are also morr expensive (which means it’s expensive for the end user). Users pay one way or another.


No, sorry. Testing answers “does the feature work?”. Usage telemetry answers questions like “was the feature a good idea?” and “are enough users successfully using the feature to justify the cost of creating/maintaining it?”.

Those are not questions for which pre-release testing can provide answers.

I’m not weighing in on opt-in vs opt-out, or on anonymization. Just saying that testing doesn’t cover this niche.

(Separately, I think you’re largely wrong about testing as well: crash dump collection is about finding issues that pre-release testing wouldn’t find at any price. For things like OSes especially, the permutation space of hardware * software * user behavior is too large. While I’m sure a few companies use crash reporting as a crutch to support anemic QA programs, I do not think that many do.)


> Usage telemetry answers questions like “was the feature a good idea?”

You mean you implement something even if nobody asked for it ? Wow.

The project really has some spare budget.


That people ask for it doesn’t make it a good idea. Even if it’s a good idea and people asked for it that doesn’t mean people used it because they might not know about it. Is the feature prominent or intuitive enough? Should it be described in some newsletter or documentation?

You will never know without actually asking enough users (which is a large sample). And there is a simple way of ”asking” this.



> What would be an example of a necessary network call that an ideal OS

DHCP


Not strictly necessary though.

I grew up sans DHCP with static IP assignments per device .. and still practice that on modern home networks and production networks.

The only DHCP calls here are made by foreign devices wanting an assigned address, which gets them on a narrow range on a side net.


In that case sure maybe not. However, most systems aren't run by deep experts but by regular users which expect a device to be plugged into a network and then have the capability to use the internet without user interference. That more or less necessitates DHCP.


> However, most systems aren't run by deep experts ...

Luckily static IP addresses can be set up by the majority of teenagers that just want to play Doom, etc.

At least that was the case decades ago .. is this now "deep knowledge" that necessitates that OS's have to use DHCP with no other option ?

Perhaps we have different understandings of the words "necessary" and "sufficient", etc.


This and also it's pretty obvious that the main goal of both Microsoft and Google is NOT to make the OS better for its users.

So the claim that telemetry is used to improve products is simply a lie IMO.

The fact that telemetry is sent at all for no apparent reason and deliberately without clear consent is an ironic example of this. The fact that it's been happening more and more over the past decades as the OS'es evolved is another confirmation of it.


I generally agree, though for system settings specifically, I wonder what kind of ad targeting would you get out of that?

Still think it shouldn't be there by default - it reduces privacy and is a lame excuse not to do (paid) user studies.


> for system settings specifically, I wonder what kind of ad targeting would you get out of that?

You get sensitive data out of system settings, such as for instance health data: Does the user have a vision or hearing impairment, use assistive technologies etc.?


> (paid) user studies

Would it count as a paid user study if enabling telemetry for Windows knocked $10 off of the price of your computer?

I can’t decide if that’s a neat idea or dystopic. Which, historically, probably means it’s dystopic and that plenty of people are already doing it.

I think “traditional” paid user studies often suffer from the same sampling problems that make political polls and behavioral paid medical studies less useful (you’re not surveying the average voter; you’re surveying the average voter who likes to answer polls). But maybe the “$10 off” idea would capture a broad enough demographic as to be more useful.


>Every network call adds additional latency and slows down interactions with the OS.

...unless they're done asynchronously


The best way to think of it is the software must serve me, the owner of the computer, and nobody else.

Years ago when spyware was not the norm, there would be outrage if anyone caught some software sending as much as a single packet of data that was not legitimately initiated by the needs of the user/owner. We need to return to that mindset.


I think this is really simple: telemetry should be opt in, anonymous, and _in_ the interest of the user in the long term by the improvement of the software. Because it’s _not_ possible to get this information any other way through user studies etc.

If it’s hard to disable, contains any PII or sensitive info (urls, file names) then it’s not OK.


what is the reason to not allow a vendor to see which settings page you visit?

It's all about privacy; and by privacy, I don't mean the "privacy" that often gets thrown around by Big Tech to mean "only we can see what you do". What I do on my computer is none of their business.


Anonymous usage statistics means no one stores what _you_ do though. Obviously sending a url you visit or a file you open is way over the line. That’s about what you do. I think there is a difference between that and feature usage as counters only.


If it can be correlated (e.g. via TLS fingerprinting or other identifying information such as IP address), it's not anonymous.


Yes if it can be deanonymized then it’s not anonymous. Almost a tautology that.

You can’t send the telemetry over http without revealing an ip, but obviously that ip can’t be stored as part of the telemetry data. That’s PII and not anonymous at all.

Important: if I collect anonymous telemetry you better trust me that it’s anonymous when I say it is. Because if you don’t trust me on that then you can’t run the software at all (if it’s a piece of software that relies on web requests in some form at least). Otherwise why would you even trust that my opt in is respected? You have to trust software vendors of software that makes http requests. It’s as simple as that. You can use open source or try to inspect packets. Or firewall the software. But if it does (for example) one update check on startup which is common, then it’s almost impossible to tell whether it contains telemetry data. Because even the bare minimum request “this is FooApp 2.9.1 are there any updates” contains important usage stats: it’s +1 for the use counter and +1 for the v2.9 use counter!


I had written down many reasons but the onus should not be on people explaining why they don’t want to be tracked, in a society I’m happy to live in. Software is part of society.


But should developers not be allowed to have it in their software? So long as it has a label “this software sends usage stats, if you don’t like it don’t use it, or don’t opt in” should that be banned? Or is that acceptable?


> in their software?

I made mistake thinking it was user's software.


If the user develops something they can do it however they want. It’s not “theirs” because it’s installed on their machine. They can’t even control how it runs on their machine short of sandboxing it. They can choose to run it as the developer wanted or not at all.

You didn’t answer the question: should it be somehow banned?


> what is the reason to not allow a vendor to see which settings page you visit?

Because it's not their fucking computer!

Nothing about this is necessary.

Nothing here is "blurry".


The shitty thing isn’t phoning home, the shitty thing is doing what’s not described on the label.

If a piece of software says “this will do X if you run it” and then it does X then I don’t see the complaint (yes I realize lots of software uses dark patterns or doesn’t say what it does, especially windows, but _in principle_ I don’t think anonymous telemetry with good clear opt out/in is evil).


Hey, while you're not at home I'm actually using your house as a bachellor pad. Since you're not in, it doesn't affect you, so why complain about it?


I think I’m going to opt out


Sorry, we didn't give you those options. You get to choose "yes" or "maybe later", but we're 100% going to be using your property. Love, Microsoft, Google, and every other tech company who thinks this is the proper form of consent <3


For the sake of argument, the only interesting discussion about telemetry is about whether it’s ok when done right.

I don’t think anyone thinks it’s ok when it’s not done right (not anonymous, dark patterns for opt in/out, etc).

So it’s not a very interesting discussion to have since there is no one arguing for it.

Instead my argument is: when done right, anonymous telemetry isn’t “evil”. To be fair I don’t know if many argue it is either. There are a few absolutists that think not even opt-in telemetry is acceptable and that developers should do more expensive studies to find how their software is used. It’s really only those I disagree with.


'Done right' quickly becomes one of those no true scotsman arguments. Nothing in this world is fully done right.

Just from the top of my head: Telemetry means extra code, hence extra bugs and maintenance overhead. It costs you in extra ram/cpu/storage/network. The networking means NSA and friends have a beacon declaring a windows computer exists, and they probably can derive other facts from the message statistics. After Snowden, we should assume they have a backdoor and get the unencrypted data if they want.

All this assumes Microsoft has only the good of you as end user in mind, are not hackable, and can't be coerced by governements. All of this now and in the future.

'Done right' is not a good yardstick. There are tradeoffs needed, Microsoft decides which ones, and they decided the user has almost no voice in these tradeoffs, and doesn't even get to see te choices made. These tradeoffs are the interesting discussion.


Not having this info means you pay for unnecessary features, get bugs fixed slower, pay for expensive surveys or user studies etc. Sending it in and wasting some cpu/network may be the cheapest option. Because users are paying for it one way or another.


Windows was much leaner and more stable before it was infested with telemetry. Go figure.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: