What info is sent to MS from bug reporting and feedback?

So we still cant answer the original question then!


"Homer J. Simpson" <root@127.0.0.1> wrote in message
news:%...
>> Homer.
>>
>> The point that I was trying to make, is with the open source products,
>> you and I are able to determine what information is been sent.
>> Just look at the source code. (We might not approve of what information
>> is been sent but we CAN answer the original question)
>> With Microsoft products, No one person here can answer the "Original
>> question" which was "What info is sent to MS from bug reporting and
>> feedback?".
>
> (IMNSHO) I think it's safe to assume that even with an open source
> project, if your crash reporting infrastructure is designed to upload a
> raw dump of a chunk of memory, the odds are not zero that at some point or
> another you'll be (maybe inadvertantly) transmitting bits and pieces of
> data that you might prefer not to see being sent. That being said, I'd
> rather have Microsoft getting that data and going out of its way to keep
> that data private than some rinky-dink open source project with little to
> no resources to spend on securing its infrastructure.
>
> It's all about accountability. To that end, providing me with the source
> still does not assure me in any way that personal information is not
> inadvertantly shared.
>
>

> So we still cant answer the original question then!

That's pretty much the idea. I'm sure the code is *designed* to only pick
up what's essential to figure out the reasons for a crash, but there's no
way anybody can guarantee *exactly* what bits of information end up in a
crash dump--even when you do have the source.

My whole point was that if it's possible at all that personally identifiable
data gets sent to anyone, I'd feel much safer knowing it's someone with
Microsoft's resources that's responsible for securing that data and not
share it with third parties.

And let's give Microsoft credit here...given their history and current
competition, it's in their best interest to take security and privacy
seriously nowadays. There's no doubt in my mind that the code isn't
designed to pick up any personal data just "because they can"--conspiracy
believers be damned.

Sean Thompson wrote:
> Homer.
>
> The point that I was trying to make, is with the open source products, you
> and I are able to determine what information is been sent.
> Just look at the source code. (We might not approve of what information is
> been sent but we CAN answer the original question)
> With Microsoft products, No one person here can answer the "Original
> question" which was "What info is sent to MS from bug reporting and
> feedback?".
>
>
>
>
>
> "Homer J. Simpson" <root@127.0.0.1> wrote in message
> news:...
>>> That is the difference between Microsoft and OpenSource (eg, Linux)
>>> products.
>> [...]
>>> Assume they take all information with the exception of your personal
>>> documents.
>> Between Microsoft taking all my information and Open Source Product X
>> taking all my information, I'd rather trust Microsoft.
>>
>> If I know both are taking my information, what does having the source
>> provide me with?
>>
>>
>
>

I think that if MS is going to send information from your computer to
their servers, that the user at least is entitled to full disclosure of
what the exact information being sent is. I would agree that the
product key and IP are personal pieces of information that should not be
sent with out the user's knowledge and permission.

http://www.xp-antispy.org/index.php?...d=12&Itemid=40

If the FOSS gives the user full disclosure, then I would tend to trust
it more. Think for yourselves people, don't let big, rich greedy
corporations do your thinking for you about what information they get on
you from YOUR computer!


--
One who fart in church sit in own pew.