The amount of trust you place in an operating system is substantial.
When Microsoft released Windows 10, they took a lot of heat for particularly permissive default privacy settings, as well as a lack of clarity about what information is sent back to Microsoft and under what conditions.
While they’ve addressed some of those issues, it all serves to highlight an important concept that many people all too readily overlook: the operating system on your machine has a tremendous capability to protect — or violate — your privacy.
Do you trust it?
Become a Patron of Ask Leo! and go ad-free!
Privacy and the operating system
Operating systems have the potential to violate your privacy by collecting data about your activities. You can reduce this risk by only using operating systems from companies you trust and by carefully managing your privacy settings.
The OS sees all and knows all
The operating system on your computer is the interface between all of your software and hardware and the rest of the world.
When an application wants to read from the disk, it does so via the operating system. If an application wants to communicate on the network or internet, it uses the operating system. Even when an application just wants to display something to ask you a question, it’s the operating system displaying the message and collecting your response.
This puts the operating system in a unique position to see absolutely everything you do because it’s instrumental in making anything you do happen at all.
It’s something we rarely think about, at least until things like the furor over Windows 10. Then things change a little or a lot; but in the long run, the issue blows over because we need to get on with our work. The fundamental power of the operating system, and that it’s in such a unique position to examine what we do, is something that fades to the background.
It’s not just Windows
I use the Windows 10 release as an example because it made a lot of news at the time and because so many people use Windows.
But before you start pointing fingers, it’s critical to realize that every operating system has this level of access to what you’re doing. Be it Mac OS, iOS, Linux, Android, or something else completely, by the nature of what they do, all operating systems are in a position to examine, record, and report back anything they care to.
It’s not that they do; it’s that they can. It’s not malicious or even surprising. Giving an OS the power to do its job also gives it the power to examine what’s happening when it’s used.
How do you know it’s not sharing that information with others? Well, as an average computer user, you can’t.
It all boils down to trust.
If you don’t trust it, why are you using it?
One of the extremely frustrating aspects of my job is hearing people rail against some large entity like Microsoft, Apple, or Google, all the while using the software and/or services provided by — you guessed it — Microsoft, Apple, or Google.
It might sound brutal, but the bottom line is simple: if you don’t trust them1, then don’t use their software. That could be as extreme as never, ever using it, or it could be more strategic, choosing to avoid it for certain types of activities you consider particularly sensitive. Either way, “fixing” the operating system is not an option in your control, so the only true options you have are:
- Live with it
- Avoid it for specific areas of concern
- Avoid it completely
And again, while Microsoft Windows is a common example, these statements apply equally to any software vendor whose products you choose to use.
Alternatives to consider
Whenever we talk about alternatives to operating systems, we’re really asking the question, “Who do you trust?”
When it comes to desktop and laptop PCs, this typically means one of three things.
- Windows: you’re trusting Microsoft
- Mac: you’re trusting Apple
- Linux: you’re trusting an army of independent developers (as well as the sponsor of the particular distribution you’re using)
When it comes to tablets and mobile devices, the choices are a bit more limited:
- Android and Chrome OS: you’re trusting Google and to some degree Linux
- iOS: you’re trusting Apple
In almost all cases, if your device comes pre-loaded with the operating system and other software, as many do these days, you’re also trusting the vendor of the device, since they can and do add things.
As I said, the question really does boil down to: of those alternatives, who do you trust?
Or, perhaps, who do you distrust the least?
The pragmatic reality
Operating systems and the privacy implications they bring are truly too complex for the average consumer to completely understand. We shouldn’t have to get that deep an understanding, or we’d never have time to move on to whatever it is we’re trying to accomplish!
In many ways, some privacy exposure is part of the cost of using today’s complex systems.2 For any system you use, information is likely being shared “upstream” for a variety of reasons, ranging from beneficial and benign (such as information used to make the software better) to malicious and invasive (such as truly tracking what you as an individual are doing).3
Unfortunately, we might also find ourselves faced with constraints — software we rely on that only runs on an OS we don’t trust, or cross-platform compatibility issues with people we work with on a regular basis, for example — perhaps forcing us to rely on an OS we’d prefer to avoid.
In situations like this, it’s important to understand what’s possible and take whatever steps you feel are appropriate.
As for me, I run almost all the operating systems I’ve mentioned here, and I honestly have few concerns. I trust that any information these operating systems transmit “home” is either inconsequential, appropriately anonymized, or appropriately protected, and serves to make the software and my experience using it better.
I know not everyone agrees with my approach.
Regardless of who you trust or who you don’t trust, understand what is and is not possible. Make appropriate decisions to protect your privacy to the degree you feel you can.
When available, review and configure the privacy settings offered by the operating systems and other software you use (though realize you’re also trusting that your preferences will be honored).
Subscribe to Confident Computing! Each week, I share items like this to give you more confidence with solutions, answers, and tips in your inbox.
Footnotes & References
1: For any reason. If you don’t trust their privacy protections, security, or overall capability, then avoiding their product would be the thing to do. Even if that’s all OK to you, perhaps you don’t trust that they won’t change something out from underneath you in a future version. Either way, it all comes back to trust.
2: And I haven’t even touched on online services like social media.
3: My stance remains: you and I simply aren’t interesting enough for this level of detailed, personal tracking. But it’s important to understand that the possibility exists.