Why do you say no way when I just literally pointed you out that they do get data and store them (we don't know the modalities, it's obscure). You took a big shortcut here, you don't consider all your life patterns being data? When your mom visit you at home and MS is aware via your own computer, for you this isn't data? Literally all devices AROUND you are sent and those are directly correlated with real-life identities.

Also, I said "and such" because MS have many mechanisms, for example, they are directly aware of what you download because of SmartScreen, this is data, isn't it?

One more thing, when you type something to search in the Start menu, this is also sent to Microsoft, so for example if you have the habit of searching `XXXFilename`, then this Filename is stored on their servers, this is data. You can disable that by registry sure, but let's be real, users don't disable it.

But keep in mind here we are talking about what's referenced in documentation, while there is so many things that are obscure about it.

You might want to read this article (even tho it's basic): https://www.eff.org/deeplinks/2016/08/windows-10-microsoft-b...

Windows 10 collects unprecedented data, including:

    Location data
    Text, voice, and touch input
    Web pages visited
    App usage (which programs, how long) (beware of CLI flags, they are leaked to MS:))
    Unique device IDs *(that can't be changed, which mean when you go to your friend, plug YOUR mouse to his Windows computer, then MS knows you 2 are besties)*

Also, VSCode by default give away all filepaths you open and more (you can check that yourself), which gives direct data about all projects you work on.

Another example, when you dev, you know that you might have a tendency to install tools, or even install your own output binaries right (let say you build an Electron app), then MS is aware of this, all programs installed are sent, this is data. So, does the MS employees filtering those data can see if you are actively using a Monero wallet? Yes they can. Are you a Tor user? They know immediately (regardless of VPN usage) and so on. This is real data.

Most people enable much more features from MS which then gives away so much more data, the list I gave is only if you disable most of it.

And lastly, about Visual Studio particularly: What's Collected:

- Extension list Every extension you have installed

- Project types What kind of projects you create (web, mobile, desktop, etc.)

- Feature usage Which VS features you use and how often

- Build data Build times, success/failure rates, errors

- Debugger usage Breakpoints hit, debug sessions, time spent debugging

- Search queries What you search for in VS (help, docs, IntelliSense)

- Crash/hang data When VS freezes or crashes, what you were doing

- Performance data Memory usage, responsiveness, load times

- Environment info OS version, hardware specs, screen resolution

- File paths Project folder paths (not file contents)

- Session duration How long you use VS

- Click/interaction events Which menus, buttons, toolbars you interact with

===

Then obviously there is MS Edge but that's a whole beast on its own with next level telemetry (whole history, including admin panels you connect to).

=== What's the definition of data?

So like I said earlier, thank you for confirming that MS employees have no way of stealing data off my computer outside of information sent either as part of diagnostic info or hashed samples sent to anti virus services. There is no one at Microsoft who can just say "copy gambiting's entire documents folder and send it to us" (afaik). So no, MS employees can't just steal the data off my computer. If you want to be technically anal about this yes, what I type into my start menu is "data" too, sure, you are 100% correct. I don't consider that to be Microsoft employees stealing data off my PC. And that's not even me trying to excuse it - I'm just saying it's not what you initially presented it as.

Going back to your original comment about not using Windows for "serious" work - none of the above stands in the way of serious work, especially given that every above behaviour is disabled by enterprise policy. I will agree with you that personal installations are different, but then we need to agree on the definition of serious work again.

Thanks for debating in good faith, I give you that sure, file content might not be by default (except in multiple scenarios) sent to MS.

For serious work, my philosophy is really regarding the attack surface, I'm mostly working in cybersec/privacy for the last decade and any data that leaves the machine is always a concern, a theoretical one and a practical one, especially if it's obfuscated. Anything that requires human trust to me is a concern (see for example lately the vulnerabilities steaming from npm dependencies, all about human). Privacy is important to me, I don't want anyone to know what I do with my devices (that includes my phones, which has no SIM inside to reduce correlation factor), this is by principle. I have 2 "realms" of work, one where I do accept (example with prompts to commercial LLM providers such as OpenAI...) that privacy and security is compromised, and the other realm where it's non-negotiable.

But I get your point and without being too extreme about it, I can agree that some of my takes are far fetch although they are valid, can I ask why you actually prefer to develop on Windows vs Linux (or MacOS), is it because of habits?