With the release of Windows 10, Microsoft took a lot of heat for particularly permissive default privacy settings, as well as being unclear about exactly what information is sent back to Microsoft, and under what conditions.
While they’ve addressed some of those issues in the months since, it all serves to highlight an important concept that many people all too readily overlook: the operating system on your machine has a tremendous capability to protect – or violate – your privacy.
Do you trust it?
The OS sees all and knows all
The operating system on your computer is the interface between all of your software and hardware and the rest of the world.
When an application wants to read from the disk, it does so via the operating system. If an application wants to communicate on the network or internet, it uses the operating system. Even when an application just wants to display something to ask you a question, it’s the operating system that displays the message and collects your response.
This puts the operating system in a unique position to see everything you do, because it’s instrumental in making anything you do happen at all.
It’s something we rarely think about, at least until things like the furor over Windows 10. Then things change, a little or a lot; but in the long run, the issue blows over, because we need to get on with our work. The fundamental power of the operating system, and that it’s in such a unique position to examine what we do, is something that fades to the background again.
It’s not just Windows
I use the Windows 10 release as an example, because it made a lot of news at the time, and because so many people use Microsoft Windows.
But before you start pointing fingers, it’s critical to realize that every operating system has this level of access to what you’re doing. Be it Mac OS, iOS, Linux, Android, or something else completely, by the nature of what they do, all operating systems are in position to examine, record, and report back anything they care to.
It’s not that they do; it’s that they can. It’s not something malicious or even surprising. A fundamental side effect of giving an OS the power to do its job also gives it the power to examine what’s going on.
How do you know it’s not sharing that information with others? Well, as an average computer user, you really can’t.
It all boils down to trust.
If you don’t trust it, why are you using it?
One of the more frustrating aspects of my job is hearing people rail against some large entity like Microsoft, Apple, or Google, all the while using the software and/or services provided by – you guessed it – Microsoft, Apple, or Google.
It might sound a little brutal, but the bottom line is simple: if you really don’t trust Microsoft Windows1, for example, then don’t use it. That could be as extreme as never, ever using it, or it could be more strategic, choosing to avoid it for certain types of activities you consider particularly sensitive. Either way, “fixing” the operating system is not an option, so the only true options you have are:
- Live with it
- Avoid it for specific areas of concern
- Avoid it completely
And again, while Microsoft Windows is my example, these statements apply equally to any software vendor whose products you choose to use.
Alternatives to consider
Whenever we talk about alternatives to operating systems, we’re really asking the question, “Who do you trust?” As I’ve said repeatedly, using any operating system means placing some degree of trust in a product.
When it comes to desktop and laptop PCs, this typically means either:
- Windows: you’re trusting Microsoft
- Mac: you’re trusting Apple
- Linux: you’re trusting an army of independent developers (as well as the sponsor of the particular distribution you’re using)
When it comes to tablets and mobile devices, the choices are:
- Android and Chrome OS: you’re trusting Google, and to some degree Linux
- iOS: you’re trusting Apple
Oh, and in almost all cases, if your device come pre-loaded with the operating system, as many do these days, you’re also trusting the vendor of the device, since they can and do add things.
As I said, the question really does boil down to: of those alternatives, who do you trust?
Or, perhaps, who do you distrust the least?
The pragmatic reality
Operating systems and the privacy implications they bring are truly much too complex for the average consumer to completely understand. We shouldn’t have to get that deep an understanding, or we’d never have time to actually move on to whatever it is we’re trying to accomplish!
In many ways, some privacy exposure is part of the cost of using today’s complex systems. For any system you use, information is likely being shared “upstream” for a variety of reasons, ranging from beneficial and benign (such as information used to make the software better) to malicious and invasive (such as truly tracking what you as an individual are doing).2
Unfortunately, we might also find ourselves faced with constraints – software we rely on that only runs on an OS we don’t trust, or cross-platform compatibility issues with people we work with on a regular basis, for example – that might force us to rely on an OS we’d prefer to avoid.
In situations like this, it’s important to understand what’s possible, and take whatever steps you feel are appropriate.
As for me, I run almost all the operating systems I’ve mentioned here (except iOS, for no reason other than time) and honestly have few concerns. I trust that any information these operating systems transmit “home” is either inconsequential, appropriately anonymized, or appropriately protected, and serves to make the software and my experience using it better.
I also know not everyone agrees with my approach.