What info is sent to MS from bug reporting and feedback?

[AMDX2]

In Vista on the desktop is the feedback link and there's also a feedback
tool like program I guess you can use. The same goes for bug reporting which
I guess is slightly different then using that feedback link? With bug
reporting you also get to use a bug report tool. What info is sent to MS
other then the information you put in yourself? Does it send your Vista Key
or hardware ID like from Activation or the specs of your pc etc?

 

[Sean Thompson]

That information no one can answer only the team that implemented that part
of the program.
No matter what anyone says, you will never know. It might be the information
you send, and/or all the information about your pc.

 

[Zack Whittaker]

All that goes, is application data regarding the operating system, the
product ID (to see whether it's a genuine copy or not, but they can't do
anything really with that - just know that theres a non-genuine copy around
and about), as well as data about crashes such as if the Control Panel
crashes, it'll try and get the crash data from that.

They get sent whatever you attach as well (screenshots etc.), and the data
that you fill out from the main bug report window. They also record the IP
from which the report has come from - this will either be a unique IP from
your computer or from the ISP itself. But they do have a strong privacy
policy regarding it.

They don't actually collect personal data really - they just want the bug
report )

--
Zack Whittaker
» ZackNET Enterprises: www.zacknet.co.uk
» MSBlog on ResDev: www.msblog.org
» Vista Knowledge Base: www.vistabase.co.uk
» This mailing is provided "as is" with no warranties, and confers no
rights. All opinions expressed are those of myself unless stated so, and not
of my employer, best friend, Ghandi, my mother or my cat. Glad we cleared
that up!

--: Original message follows :--

 

[AMDX2]

That is too much personal data already, your ip, your product ID etc. I
would think all they'd collect is the relevant info to what you are posting
and also the system hardware specs like what you have, but nothing to
identify you or your connection or whatever.

 

[Andre Da Costa [Extended64]]

Hardware information, program data, no personal information, so don't expect
things like your IE Cache to be sent.
--
--
Andre
Windows Connected | http://www.windowsconnected.com
Extended64 | http://www.extended64.com
Blog | http://www.extended64.com/blogs/andre
http://spaces.msn.com/members/adacosta

 

[Sean Thompson]

That is the difference between Microsoft and OpenSource (eg, Linux)
products.

The truth is no one knows. Sure you will get everyone's opinions, but no one
knows.

Assume they take all information with the exception of your personal
documents. (eg, Word documents, Excel etc, etc).

But no one can answer that question for you here, because no body knows.

 

[Homer J. Simpson]

That is the difference between Microsoft and OpenSource (eg, Linux)

products. [...]
Assume they take all information with the exception of your personal
documents.

Between Microsoft taking all my information and Open Source Product X taking
all my information, I'd rather trust Microsoft.

If I know both are taking my information, what does having the source
provide me with?

 

[Bill Marriott]

The relative certainty that you know what information is being
recorded/transmitted. I guess there is a benefit in "trusting" Microsoft
because should something go awry you would actually have an entity to sue.

 

[Sean Thompson]

Homer.

The point that I was trying to make, is with the open source products, you
and I are able to determine what information is been sent.
Just look at the source code. (We might not approve of what information is
been sent but we CAN answer the original question)
With Microsoft products, No one person here can answer the "Original
question" which was "What info is sent to MS from bug reporting and
feedback?".

That is the difference between Microsoft and OpenSource (eg, Linux)
products. [...]
Assume they take all information with the exception of your personal
documents.

Between Microsoft taking all my information and Open Source Product X
taking all my information, I'd rather trust Microsoft.

If I know both are taking my information, what does having the source
provide me with?

 

[Homer J. Simpson]

Homer.

The point that I was trying to make, is with the open source products, you
and I are able to determine what information is been sent.
Just look at the source code. (We might not approve of what information is
been sent but we CAN answer the original question)
With Microsoft products, No one person here can answer the "Original
question" which was "What info is sent to MS from bug reporting and
feedback?".

(IMNSHO) I think it's safe to assume that even with an open source project,
if your crash reporting infrastructure is designed to upload a raw dump of a
chunk of memory, the odds are not zero that at some point or another you'll
be (maybe inadvertantly) transmitting bits and pieces of data that you might
prefer not to see being sent. That being said, I'd rather have Microsoft
getting that data and going out of its way to keep that data private than
some rinky-dink open source project with little to no resources to spend on
securing its infrastructure.

It's all about accountability. To that end, providing me with the source
still does not assure me in any way that personal information is not
inadvertantly shared.

 

[Sean Thompson]

So we still cant answer the original question then!

 

[Homer J. Simpson]

So we still cant answer the original question then!

That's pretty much the idea. I'm sure the code is *designed* to only pick
up what's essential to figure out the reasons for a crash, but there's no
way anybody can guarantee *exactly* what bits of information end up in a
crash dump--even when you do have the source.

My whole point was that if it's possible at all that personally identifiable
data gets sent to anyone, I'd feel much safer knowing it's someone with
Microsoft's resources that's responsible for securing that data and not
share it with third parties.

And let's give Microsoft credit here...given their history and current
competition, it's in their best interest to take security and privacy
seriously nowadays. There's no doubt in my mind that the code isn't
designed to pick up any personal data just "because they can"--conspiracy
believers be damned.

 

[Gaoler]

Homer.

The point that I was trying to make, is with the open source products, you
and I are able to determine what information is been sent.
Just look at the source code. (We might not approve of what information is
been sent but we CAN answer the original question)
With Microsoft products, No one person here can answer the "Original
question" which was "What info is sent to MS from bug reporting and
feedback?".

That is the difference between Microsoft and OpenSource (eg, Linux)
products. [...]
Assume they take all information with the exception of your personal
documents.

Between Microsoft taking all my information and Open Source Product X
taking all my information, I'd rather trust Microsoft.

If I know both are taking my information, what does having the source
provide me with?

I think that if MS is going to send information from your computer to
their servers, that the user at least is entitled to full disclosure of
what the exact information being sent is. I would agree that the
product key and IP are personal pieces of information that should not be
sent with out the user's knowledge and permission.

http://www.xp-antispy.org/index.php?option=content&task=view&id=12&Itemid=40

If the FOSS gives the user full disclosure, then I would tend to trust
it more. Think for yourselves people, don't let big, rich greedy
corporations do your thinking for you about what information they get on
you from YOUR computer!