The Market Ticker
Commentary on The Capital Markets- Category [Company Specific]

I really dislike lazy journalists -- like this one.

By default, when signing into Windows with a Microsoft account, Windows syncs some of your settings and data with Microsoft servers, for example “web browser history, favorites, and websites you have open” as well as “saved app, website, mobile hotspot, and Wi-Fi network names and passwords”. Users can however deactivate this transfer to the Microsoft servers by changing their settings.

More problematic from a data protection perspective is however the fact that Windows generates a unique advertising ID for each user on a device. This advertising ID can be used by third parties, such as app developers and advertising networks for profiling purposes.

Let's demolish this one at a time, because I just got done upgrading two machines here.

First, you do not need to sign into a Microsoft Account to use Windows 10.  In fact I was not even asked when I did my upgrades, but then again I had not previously used Windows "Live" services (nor will I be in the future!)

If you want cross-device sharing of things like your favorites list then how can this be done without that data going to Microsoft's servers?  It can't -- but yes, if you do allow that free service to be provided to you then Microsoft will by default share that data for advertising purposes.

Once again, if you take the Express button during the setup you're going to turn on a lot of data uploading to Microsoft and you have to assume they will use it for advertising purposes.  This is the new model of Windows -- you're not buying the software, but nothing is "free"; Microsoft assumes most people will take "Express" and with it allow them to advertise.

But you don't have to.  When the  "Express" button comes up to the lower left of the screen is a clickable link that takes you through two full screens of clickable "switches" for data that can be sent (or not) off your machine.  Yes, IMHO most of those should be off, and yes, they all default on.  So don't do that.

If you already screwed up left click the Start button and select "Settings" then "Privacy."  Turn off the things you don't want on.  That doesn't erase what is already sent, but it does stop future transmissions.

Also, when device encryption is on, Windows automatically encrypts the drive Windows is installed on and generates a recovery key. The BitLocker recovery key for the user’s device is automatically backed up online in the Microsoft OneDrive account.

Again, false.  Bitlocker asks where the recovery key is to be stored.  Your can upload it to OneDrive, but while it's damn convenient it's also not very secure!  The other two options are to save it locally (E.g. to a thumb drive) or to print it (to a physical piece of paper.)

The recovery key is your only way back into that drive if the primary key is lost.

Incidentally, for those of you with a TPM in your computer (laptops, primarily) using a TPM only to secure Bitlocker isn't very secure.  While in theory TPM modules are secure they can be tricked into divulging the key.  The primary value in a TPM is that if someone simply removes your hard disk they're hosed as the TPM won't unlock the key if it detects that -- but if the machine is willing to "believe" you are the person with it (e.g. via your fingerprint, BIOS password or even simply turning it on!) the TPM will be happy to release the key and unlock the disk, at which point your data is available.

Far better is to use both TPM and a password; to enable this use "gpedit" (as an Adminstrator.)  You only need to do this if you have a TPM in your computer, and you must do it before enabling Bitlocker, as by default if there is no TPM you will be asked for a password when you set up encryption.  The options are here:

Then select "Operating System Drives" and set the appropriate options as shown below

Now when you set up Bitlocker you will be given the option of using a password along with your TPM.  That combination is extremely secure; you need both the undoctored TPM and the password.

Oh, and don't upload that recovery key to OneDrive.  No, no, no and no.

As for Cortana, all host-based speech recognition engines have this issue.  Siri anyone?  Google's (or for that matter BlackBerry's) "Assistant"?  Same deal; your voice is uploaded to their servers and analyzed and you give them permission to do that as an inherent part of the computing power they give you without charging you for it directly.  If you're uncomfortable with this then do what I do -- don't use those infernal things.  Cortana is trivially easy to turn off, incidentally.

Yes, Microsoft gives you the ability to shoot yourself in the head, along with giving them access to all sorts of data they can and will use to advertise to you.  But they don't appear to require it, and if you pay attention to what you're doing there does not appear to be more going on in Windows 10 in this regard than there was with other, previous Microsoft OS releases.

PS: I'm no particular fan of Microsoft, but if you're going to take a shot at them do it over something they have actually done or are doing!

View this entry with comments (registration required to post)

You gotta be kidding me....

Starting today, Microsoft is offering most Windows 7 and Windows 8 users a free upgrade to the software giant’s latest operating system — Windows 10. But there’s a very important security caveat that users should know about before transitioning to the new OS: Unless you opt out, Windows 10 will by default share your Wi-Fi network password with any contacts you may have listed in Outlook and Skype — and, with an opt-in, your Facebook friends.


You got to be kidding me; oh yeah, Microsoft claims this is "securely done" but that is not the point.  Many machines are connected to confidential WiFi networks such as corporate ones, even if they're personal computers, and not all corporate networks are 802.1x secured either.

Sending those credentials to your "friends" by default is an outrage.

Where did Microsoft get the idea that they had the right to steal the data (in this case, an encryption key) from your computer and give it to other people?

View this entry with comments (registration required to post)

You have to love this crap.

Attempting to grab the ISO (or to a USB stick) update, which has been available for the last day and change, and you get this....

Well, some people get this.  I'm getting this from a number of different machines, all Windows-licensed at present.

I have give Microsoft credit for the "wonderful" error message.

No, in fact, something did not happen.  That's the entire problem; something was supposed to happen, but it did not.


Update: I got it to download -- finally -- off yet another machine.  But, it scrambled my laptop when installed and while it appeared at first blush to work you couldn't do anything (literally) so it's back to Win 7 for now..... fortunately yes, I first made a full backup!

View this entry with comments (registration required to post)

Some of you remember my articles a while back on Sprint; I was convinced the company was a good buy and stuck my neck out when everyone else thought they were swirling the bowl.

I proved to be right, but then a disrupting force came in through M&A -- and I got out.  I was asked at the time what I thought about the combination and my answer was simple: I lack enough information to analyze the situation post-merger, and I have no reasonable expectation of being able to regain that analytical capacity -- therefore, I'm out.

The stock continued to rise for a bit, but now it is in an all-on collapse, hitting $3.11 today down from over $8 a year ago.

So what do you do now?

You stay away for the same reason I argue you wanted out before.

I don't like the internals, I don't like the technicals, I really don't like the firm's debt position against it's free cash or its debt:equity ratio (which is in the stratosphere) and I question the book value.  Oh, and that negative levered free cash flow bothers me too.

It would have been an interesting short if you could get visibility into the combination at the time of the acquisition but there was no good way to do that, and at this price shorting it is folly.  But buying it here is basically buying a long-dated option on the company being taken out, and that's already happened -- which means that it's more-likely to find itself as a written-off piece of the acquirer, much like Nokia's spin-and-sell to Microsoft was.  If you're tempted then buy some cheap CALLs instead, but do it with money you'd otherwise spend on booze and call it a purchase intended to be "for your health" (because it kept you out of the bar.)

Short form: Stay away.

View this entry with comments (registration required to post)

Now this is rich...

Citing “security reasons,” the Pakistani government plans to prevent its citizens from accessing BlackBerry’s suite of secure messaging services by December 1, according to a report fromReuters.

“[The Pakistan Telecommunication Authority] has issued directions to local mobile phone operators to close BlackBerry Enterprise Services from Nov. 30 on security reasons,” said an unnamed Pakistani official to the publication.

Uh huh.

The truth is, as BlackBerry explains, that Pakistan demanded a back door into the firm's BES services -- and BlackBerry refused.

Pakistan wouldn't have asked if they could have broken in without BlackBerry's help, by the way.

In light of this admission and public position, backed up by acts instead of rhetoric, which company would you like to buy your phone and mobile management service from?  Psst... don't read this article... smiley

View this entry with comments (registration required to post)

Main Navigation
MUST-READ Selection:
Why I Find It Hard To Give A F**k

Full-Text Search & Archives
Archive Access
Legal Disclaimer

The content on this site is provided without any warranty, express or implied. All opinions expressed on this site are those of the author and may contain errors or omissions.


The author may have a position in any company or security mentioned herein. Actions you undertake as a consequence of any analysis, opinion or advertisement on this site are your sole responsibility.

Market charts, when present, used with permission of TD Ameritrade/ThinkOrSwim Inc. Neither TD Ameritrade or ThinkOrSwim have reviewed, approved or disapproved any content herein.

The Market Ticker content may be reproduced or excerpted online for non-commercial purposes provided full attribution is given and the original article source is linked to. Please contact Karl Denninger for reprint permission in other media or for commercial use.

Submissions or tips on matters of economic or political interest may be sent "over the transom" to The Editor at any time. To be considered for publication your submission must include full and correct contact information and be related to an economic or political matter of the day. All submissions become the property of The Market Ticker.