Visual Studio 2015 Secretly Inserts Telemetry Code Into C++ Binaries

[Exterminator]

Content source

http://news.softpedia.com/news/visual-studio-2015-secretly-inserts-telemetry-code-into-c-plus-plus-binaries-505113.shtml

Internet users have pulled out the pitchforks and are once again at odds with Microsoft regarding telemetry data, but this time around it's because the company updated Visual Studio 2015, which is now adding secret telemetry code in the C++ binaries compiled by every developer.

The issue surfaced in May on Reddit, when a user noticed a function named "telemetry_main_invoke_trigger" added to every binary he compiled for his private projects.

The user tested and discovered this happening with Debug and Release-level binary builds, on both Windows 7 and Windows 10.

Microsoft failed to document the Visual Studio telemetry codes
What worried Reddit users was that there was no documentation for these calls, not online, and neither in the software's built-in documentation package.

Telemetry data is a sensitive subject with Microsoft users, and in the beginning, most people considered this to be another method through which Microsoft adds telemetry calls to spy on users and the way they use their software on Windows.

Steve Carroll, one of the high-ranking managers for the Visual Studio team, was kind enough to answer's everyone's questions regarding this undocumented feature.

“ Our intent was benign – our desire was to build a framework that will help investigate performance problems and improve the quality of our optimizer should we get any reports of slowdowns or endemic perf problems in the field. We apologize for raising the suspicion levels even further by not including the CRT source, this was just an oversight on our part. ”

So "telemetry" wasn't meant in the general term used in Windows 10, to gather data about users, but as an alternative debug system, meant for developers only. Carroll also explained:

“ Despite that, some of you already investigated how this mechanism works in nice detail. As you have already called out, what the code does is trigger an ETW event which, when it’s turned on, will emit timestamps and module loads events. The event data can only be interpreted if a customer gives us symbol information (i.e. PDBs) so this data is only applicable to customers that are actively seeking help from us and are willing to share these PDBs as part of their investigation. We haven’t actually gone through this full exercise with any customers to date though, and we are so far relying on our established approaches to investigate and address potential problems instead. ”

This debug feature was added in Visual Studio 2015 Update 1, and also exists in Update 2, but Carroll says its team plans to remove it in Update 3 after this intense backlash.

Visual Studio 2015 users can remove these telemetry calls
Carroll also said that to remove any telemetry calls added automatically to any compiled C++ binaries, developers should add the notelemetry.obj to their linker command line.

Previously to being talked on Reddit, Russian developers also had a run-in with the telemetry call and had discussions about it on Habrahabr.

 

[_CyberGhosT_]

Telemetry is crippled on my system, but this comes as no surprise.
This is a very underhanded step by MS, they make it hard, even for those of us who
want to adopt and like their OS.
Awesome share Exterminator
PeAcE

 

[DardiM]

Great Share

I only use Visual Studio 2015 for C#, I hope they have not added secret telemetry code in it, too

 

[Ink]

Microsoft are really killing it, and by it, I mean Windows 10's future.

...at least include it in the documentation.

 

[Noxx]

^ This. I'm not opposed to certain forms of telemetry, but it's just shady how they're so covert about it. Same goes with the forced Windows 10 upgrades... harming the reputation of an otherwise exceptional OS.

 

[marzametal]

Ahhhhh, the good ol' uni days where software was just friggin' software. Such a wonderful time it was.

^ This. I'm not opposed to certain forms of telemetry, but it's just shady how they're so covert about it. Same goes with the forced Windows 10 upgrades... harming the reputation of an otherwise exceptional OS.

I was wondering if anyone here has come across somebody in "real life" that has turned their PC on and the next day, woken up to find W10 on their system... so far, all I've seen is pages on websites that speak of this stuff.

 

[Quassar]

Any tip for kill most of telemetry on Windows 7 ?!

 

[DardiM]

Any tip for kill most of telemetry on Windows 7 ?!

I found this link

 

[Quassar]

I use this but is a bit old
GitHub - WindowsLies/BlockWindows: Stop Windows 10 Nagging and Spying. Works with Win7-10

 

[jamescv7]

So what are they going to do? Make a program powered by telemetry? Of course in that case go to the alternatives instead.

Learning approach of programming will not be wasted at all + depends on the industry requirements.

 

[frogboy]

Ahhhhh, the good ol' uni days where software was just friggin' software. Such a wonderful time it was.


I was wondering if anyone here has come across somebody in "real life" that has turned their PC on and the next day, woken up to find W10 on their system... so far, all I've seen is pages on websites that speak of this stuff.

That is what i keep wondering if it is real or a hoax type thing.

 

[Deleted member 178]

I was wondering if anyone here has come across somebody in "real life" that has turned their PC on and the next day, woken up to find W10 on their system... so far, all I've seen is pages on websites that speak of this stuff.

Never saw any too ; i guess those "victims" are sleepwalkers who press the Upgrade button