Visual Studio 2015 C++ Compiler Secretly Inserts Telemetry Code Into Binaries

[owsf2000]

Found via slashdot. Essentially a guy compiled a barebones empty program with Microsoft's C++ compiler. just an empty main() function. Yet the compiled binary contained calls for "telemetry_main_invoke_trigger and telemetry_main_return_trigger". This is undocumented, naturally.

Microsoft -confirmed- afterwards that telemetry calls are added, and for "Users who have a copy of VS2015 Update 2 and wish to turn off the telemetry functionality currently being compiled into their code should add notelemetry.obj to their linker command line." Microsoft claims they will be removing this in a future build (The including of telemetry to begin with.) but the cynic realist in me is convinced that this is just so they can hide it better.

1. Remember that the telemetry inclusion was completely UNDOCUMENTED.
2. Removing it requires knowledge of the undocumented "notelemetry.obj" file.
3. Microsoft kept it hidden until someone proved it existed and brought it up.

As one slashdotter commented, this is akin to a compiler inserting a backdoor.

The potential that telemetry is inside the games you purchased, if they were compiled by Visual Studio C++ by the developers I guess is very real. After all, this -was- undocumented until today, so I doubt devs would have been able to add "notelemetry.obj" to their sources.

And why the hell do you need to ADD code to REMOVE functionality.

More and more I find myself thinking if I DO try to write games on the computer, I'll be doing it on Linux only.

Comments

[kane-magus.livejournal.com]

The shills/rep management drones/idiot fanboys are out in force in the comments yet again, it seems. (Also, bizarrely, racist shitbags calling people "niggers" and what not. What even the fuck? o_O)

At this point, between this and all the Windows 10 bullshit, I'm not even sure that Hanlon's razor (https://en.wikipedia.org/wiki/Hanlon%27s_razor) can be applied to Micro$hit anymore (if it ever could to begin with). There is surely no way that even they are so fucking stupid and incompetent that all of this stuff truly is "unintentional" or "accidental" or whatever that they keep trying to claim. This sort of disgraceful, deceitful bullshit can't not have been done intentionally and maliciously.

Anyway, I just uninstalled my copy of Visual Studio Community which I'd installed a while back but, thankfully, hadn't used for anything at all as of yet. Yeah, sure, it probably wasn't infected with this kind of shit, but you can never be too careful, I suppose. So... good job, Micro$hit, I guess? Thanks for convincing me not to use your product?

[kane-magus.livejournal.com]

You know, honestly, all this shit even lends some tiny amount of credence to what the crazy conspiracy theorists were saying about how the Kinect was going to be used to spy on you and such, back when the Kinect was still a thing. At the time, even though I certainly hated the X-bone (and the Kinect) for other reasons, that whole bit about the Kinect being used for spying just seemed like too much ridiculous tinfoil hattery for me. But now, given all the other bullshit Micro$hit has been doing lately to try to spy on people, either via this shit with VS or the Windows 10 shit or whatever, it honestly wouldn't surprise me to learn that the Kinect thing was indeed actually a real, valid concern, and that the tinfoil hats were actually right about something for once.

The only difference is that people were saying that it would be the NSA spying on you via Micro$hit via the Kinect. If there was any truth to it at all, then it would more likely just be that it was Micro$hit itself spying on you via the Kinect, for its own purposes, rather than the government. Then again, the reason Micro$hit is pulling all of this bullshit with Windows 10 and Visual Studio and such could also very well be due to covert government shit. Hell if I know. *shrug*

In any case, it seems like pretty much anything related to Micro$hit is just a bunch of dodgy bullshit nowadays. Hell, for all I know, they may have some kind of spycraft embedded in Minecraft now that nobody knows about, given that they own it now and all. ¬_¬

[owsf2000.livejournal.com]

Well, regarding Minecraft, they've had the "snooper settings" added to it a long time ago (Can't remember if it was pre or post microsoft though honestly). The snooper settings are turned on by default.

You have to trust mojang/microsoft that when you turn it off that it's truly off though, and that the list of variables it shows you as what it's reporting are truly the only things it's reporting. For now I am, but I wouldn't doubt it if someone managed to prove it's not doing what it says it's doing. I'll make the call to uninstall minecraft at that point. Probably giving mojang too much faith with this, but I'll let them burn their own boat.

The question is if microsoft would risk burning down the 2 billion dollar game they bought with bad karma before it's able to pay itself back. I'm sure after they've pulled in 2 billion dollars of profit off the game in sales (which is going to take a while) they might be more willing to burn it alongside their OS and developer karma.